Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/cbbe76-6b6f-43dc-a71a-591b7281d01a/1/RIMkdH5_CPz_8fGjvjswSI98PVQ.roa
File: RIMkdH5_CPz_8fGjvjswSI98PVQ.roa (raw, json)
Hash identifier: Wvjy2qBGxnmegaUwP2+sDpHOjteyV1tiwqaUyTVwqaE=
Subject key identifier: 44:83:24:74:7E:7F:08:FC:FF:F1:F1:A3:BE:3B:30:48:8F:7C:3D:54
Certificate issuer: /CN=d83e2be6a99276e70d340c6580d75f613cd9b9ab
Certificate serial: AA8693
Authority key identifier: D8:3E:2B:E6:A9:92:76:E7:0D:34:0C:65:80:D7:5F:61:3C:D9:B9:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2D4r5qmSducNNAxlgNdfYTzZuas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/cbbe76-6b6f-43dc-a71a-591b7281d01a/1/RIMkdH5_CPz_8fGjvjswSI98PVQ.roa
Signing time: Sat 01 Jan 2022 02:51:57 +0000
ROA not before: Sat 01 Jan 2022 02:51:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48031
IP address blocks: 91.247.165.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11175571 (0xaa8693)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d83e2be6a99276e70d340c6580d75f613cd9b9ab
Validity
Not Before: Jan 1 02:51:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=448324747e7f08fcfff1f1a3be3b30488f7c3d54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:46:ed:b1:f7:2f:00:15:52:5f:27:d9:5f:33:
ec:86:6c:65:ba:83:da:a4:e1:51:60:f2:8e:3b:2f:
78:b3:2f:52:92:a1:89:c9:fd:cb:2b:0b:f2:bb:c8:
4b:43:4e:01:d4:fb:12:01:11:ad:69:50:50:28:5e:
95:90:35:eb:d9:e4:fd:f8:0b:c3:80:32:a2:c0:63:
b6:7b:9f:cb:52:8e:fa:68:d4:5f:0b:c0:77:23:f6:
23:27:4c:fc:a4:38:c6:c1:1d:6f:34:f1:5d:91:02:
53:f9:6e:14:68:d9:68:4a:86:69:6a:08:be:72:f4:
28:c2:f4:31:a5:36:96:d3:85:7d:da:f4:2a:75:57:
d4:da:31:74:a4:b4:2d:80:5c:99:74:35:bc:c3:e6:
f1:4d:3c:9d:84:0d:db:d2:0c:1d:c7:c0:1f:71:de:
16:02:5f:e0:0c:42:f3:23:d3:67:01:0a:04:37:9a:
66:52:14:13:84:99:33:12:48:8e:7c:09:54:4a:7c:
fe:65:b8:8d:f2:d3:9f:89:85:f5:03:0c:04:2f:4d:
f8:1d:03:9e:75:26:a8:5c:49:31:0e:12:d3:84:d9:
f9:20:b0:f2:14:2c:1a:64:1c:d9:6e:b4:2f:ea:bd:
1f:1f:f7:40:4d:aa:22:95:9a:b7:3c:03:54:d4:4a:
08:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:83:24:74:7E:7F:08:FC:FF:F1:F1:A3:BE:3B:30:48:8F:7C:3D:54
X509v3 Authority Key Identifier:
keyid:D8:3E:2B:E6:A9:92:76:E7:0D:34:0C:65:80:D7:5F:61:3C:D9:B9:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2D4r5qmSducNNAxlgNdfYTzZuas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/cbbe76-6b6f-43dc-a71a-591b7281d01a/1/RIMkdH5_CPz_8fGjvjswSI98PVQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/cbbe76-6b6f-43dc-a71a-591b7281d01a/1/2D4r5qmSducNNAxlgNdfYTzZuas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.247.165.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:a7:61:26:5d:a8:e2:b6:83:a7:3f:fc:25:33:46:03:17:0f:
7d:f3:be:80:cf:4b:ec:37:59:7c:dc:0b:9a:96:02:6d:fb:c3:
cf:92:a6:79:3e:9b:7f:bf:0f:8b:c6:c5:69:d0:d0:49:b6:8b:
10:59:5f:26:70:9c:8f:69:fd:54:1c:53:40:b8:b9:2e:ce:5a:
d7:d5:14:7a:f5:65:a3:b8:d3:b3:b7:b7:8e:ef:23:37:fc:8a:
c2:a1:3a:cc:fe:65:fb:b3:af:c8:4a:b1:a8:c8:44:24:64:bb:
77:4a:4c:38:91:13:79:1e:a0:e9:61:53:70:e8:a6:2f:bb:a6:
d2:b0:cb:9d:bc:f4:3d:0b:7a:68:21:22:39:17:e1:c8:2e:99:
c3:ac:76:dd:82:19:95:0c:18:65:3b:78:a6:16:cf:34:9e:e5:
3a:24:7b:4c:3d:6a:37:58:63:20:00:00:0a:79:a8:1b:de:e8:
0b:90:94:3d:13:92:6d:9d:3e:30:46:a6:33:5a:68:01:71:7e:
a8:6b:ff:a1:eb:53:94:53:a4:a3:21:4d:fd:76:63:d8:78:df:
97:c7:6a:7f:c0:91:ad:01:cd:8c:a9:3b:5f:f1:92:64:0e:59:
04:4d:ce:7f:d6:81:e3:31:66:47:d8:e4:1f:48:e6:a2:bb:da:
86:be:f5:f1
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAKqGkzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ODNlMmJlNmE5OTI3NmU3MGQzNDBjNjU4MGQ3NWY2MTNjZDliOWFiMB4XDTIyMDEw
MTAyNTE1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDQ4MzI0NzQ3ZTdm
MDhmY2ZmZjFmMWEzYmUzYjMwNDg4ZjdjM2Q1NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALNG7bH3LwAVUl8n2V8z7IZsZbqD2qThUWDyjjsveLMvUpKh
icn9yysL8rvIS0NOAdT7EgERrWlQUChelZA169nk/fgLw4AyosBjtnufy1KO+mjU
XwvAdyP2IydM/KQ4xsEdbzTxXZECU/luFGjZaEqGaWoIvnL0KML0MaU2ltOFfdr0
KnVX1NoxdKS0LYBcmXQ1vMPm8U08nYQN29IMHcfAH3HeFgJf4AxC8yPTZwEKBDea
ZlIUE4SZMxJIjnwJVEp8/mW4jfLTn4mF9QMMBC9N+B0DnnUmqFxJMQ4S04TZ+SCw
8hQsGmQc2W60L+q9Hx/3QE2qIpWatzwDVNRKCGsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBREgyR0fn8I/P/x8aO+OzBIj3w9VDAfBgNVHSMEGDAWgBTYPivmqZJ25w00
DGWA119hPNm5qzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJENHI1cW1TZHVjTk5BeGxnTmRmWVR6WnVhcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGQvY2JiZTc2LTZiNmYtNDNkYy1hNzFhLTU5MWI3MjgxZDAxYS8x
L1JJTWtkSDVfQ1B6XzhmR2p2anN3U0k5OFBWUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGQv
Y2JiZTc2LTZiNmYtNDNkYy1hNzFhLTU5MWI3MjgxZDAxYS8xLzJENHI1cW1TZHVj
Tk5BeGxnTmRmWVR6WnVhcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFv3pTANBgkqhkiG9w0BAQsFAAOC
AQEAp6dhJl2o4raDpz/8JTNGAxcPffO+gM9L7DdZfNwLmpYCbfvDz5KmeT6bf78P
i8bFadDQSbaLEFlfJnCcj2n9VBxTQLi5Ls5a19UUevVlo7jTs7e3ju8jN/yKwqE6
zP5l+7OvyEqxqMhEJGS7d0pMOJETeR6g6WFTcOimL7um0rDLnbz0PQt6aCEiORfh
yC6Zw6x23YIZlQwYZTt4phbPNJ7lOiR7TD1qN1hjIAAACnmoG97oC5CUPROSbZ0+
MEamM1poAXF+qGv/oetTlFOkoyFN/XZj2Hjfl8dqf8CRrQHNjKk7X/GSZA5ZBE3O
f9aB4zFmR9jkH0jmorvahr718Q==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:53 2023 by rpki-client on console-ams.rpki-client.org