Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/d455ba-7ec6-4f3e-acd6-11f95268ea74/1/Bl8vAvHxOk4UzUM34-APVmQkgks.roa
File: Bl8vAvHxOk4UzUM34-APVmQkgks.roa (raw, json)
Hash identifier: Srj9Ec2t9wd0untS8+AFVNmwgr58dg56WwQqJhJmJww=
Subject key identifier: 06:5F:2F:02:F1:F1:3A:4E:14:CD:43:37:E3:E0:0F:56:64:24:82:4B
Certificate issuer: /CN=ef1e225614c65ce2cf5275eb464334395c06f430
Certificate serial: 1020DF87
Authority key identifier: EF:1E:22:56:14:C6:5C:E2:CF:52:75:EB:46:43:34:39:5C:06:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7x4iVhTGXOLPUnXrRkM0OVwG9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/d455ba-7ec6-4f3e-acd6-11f95268ea74/1/Bl8vAvHxOk4UzUM34-APVmQkgks.roa
Signing time: Sat 01 Jan 2022 05:01:42 +0000
ROA not before: Sat 01 Jan 2022 05:01:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198704
IP address blocks: 91.238.145.0/25 maxlen: 25
91.238.145.128/25 maxlen: 25
91.238.145.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 270589831 (0x1020df87)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef1e225614c65ce2cf5275eb464334395c06f430
Validity
Not Before: Jan 1 05:01:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=065f2f02f1f13a4e14cd4337e3e00f566424824b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:4d:76:f1:c9:e6:0b:80:31:84:05:20:7c:86:
51:84:b6:ac:1b:5d:6a:2b:71:98:3f:14:95:82:9d:
e2:89:f2:6b:77:f2:58:2a:78:e8:ae:f1:f4:8b:a4:
ef:51:f2:d0:c5:a9:3d:de:4d:41:4e:1e:bd:d4:24:
1d:e3:f2:18:0b:4a:f9:af:1e:a6:2b:16:12:92:5d:
e1:fa:fb:a5:b4:3e:36:55:ed:88:66:f7:df:30:5f:
f9:59:56:2b:28:4d:2a:40:8c:30:6d:4a:c5:1f:65:
af:d2:75:45:7b:4a:f4:34:7b:69:8c:29:ef:1a:2b:
90:d9:13:a2:7b:c7:36:db:ed:6d:1f:5b:fb:50:db:
7d:ef:92:93:b4:da:ce:cb:ae:c3:6a:39:cf:27:73:
77:ae:6b:24:02:c8:eb:f9:e3:d2:8b:87:a0:06:5d:
41:78:b7:50:82:a3:7f:9a:51:27:8c:12:2a:c4:65:
e1:94:e9:55:90:42:b1:20:5b:30:95:cd:5e:7f:c9:
6d:3c:73:87:91:c9:4e:42:75:ea:b4:cc:5b:1e:cd:
52:b6:06:b5:32:ba:35:e6:31:11:6d:69:a0:a2:30:
2a:97:03:79:4a:ed:93:1d:1a:cd:2a:b6:91:aa:cc:
46:bb:2c:d7:b8:4e:53:a7:ff:6b:8b:65:90:6a:13:
51:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:5F:2F:02:F1:F1:3A:4E:14:CD:43:37:E3:E0:0F:56:64:24:82:4B
X509v3 Authority Key Identifier:
keyid:EF:1E:22:56:14:C6:5C:E2:CF:52:75:EB:46:43:34:39:5C:06:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7x4iVhTGXOLPUnXrRkM0OVwG9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/d455ba-7ec6-4f3e-acd6-11f95268ea74/1/Bl8vAvHxOk4UzUM34-APVmQkgks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/d455ba-7ec6-4f3e-acd6-11f95268ea74/1/7x4iVhTGXOLPUnXrRkM0OVwG9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.238.145.0/24
Signature Algorithm: sha256WithRSAEncryption
34:0d:0a:5f:ad:48:3f:9c:5a:b0:b0:22:03:6a:0e:25:5c:ab:
ec:f2:46:b4:42:a3:37:67:0f:27:6d:4f:ad:2a:c4:70:1b:d1:
b9:b6:2d:41:47:e4:05:d1:ec:d0:48:e7:e0:28:09:28:41:9f:
16:03:07:15:97:da:b9:18:c6:5d:ad:64:13:f0:ca:b5:33:ed:
31:a8:1c:cd:af:fe:00:b4:cb:6c:eb:e7:8f:24:28:81:10:5f:
d1:ea:7b:9f:f8:a4:26:23:9c:0a:e6:6a:a3:0c:fb:3f:69:16:
50:d4:52:4a:67:49:d6:00:98:08:4c:87:37:30:de:f6:c4:b5:
dc:22:06:55:ff:f3:dc:22:d2:65:a1:1c:6f:a8:bb:4b:6b:5c:
c9:bf:ae:c5:79:d9:0e:ab:89:2a:10:d2:6d:18:e5:32:a6:c4:
71:23:64:c0:ee:0e:f2:35:5c:32:cf:82:69:35:ae:ce:8b:f8:
be:b9:2d:a6:0b:7e:6c:82:6c:47:4a:92:eb:a0:eb:62:6d:8f:
02:c7:5c:ba:59:d2:ad:1d:bc:ed:e7:43:1c:71:83:2a:a0:b9:
1b:2e:5f:4c:40:1b:aa:7c:2c:12:d2:a4:79:d1:a5:e0:3b:02:
39:92:0d:cc:24:3e:fd:a8:d0:8f:10:e2:88:f9:20:b3:8d:b1:
42:8b:96:28
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEECDfhzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZjFlMjI1NjE0YzY1Y2UyY2Y1Mjc1ZWI0NjQzMzQzOTVjMDZmNDMwMB4XDTIyMDEw
MTA1MDE0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDY1ZjJmMDJmMWYx
M2E0ZTE0Y2Q0MzM3ZTNlMDBmNTY2NDI0ODI0YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJBNdvHJ5guAMYQFIHyGUYS2rBtdaitxmD8UlYKd4onya3fy
WCp46K7x9Iuk71Hy0MWpPd5NQU4evdQkHePyGAtK+a8episWEpJd4fr7pbQ+NlXt
iGb33zBf+VlWKyhNKkCMMG1KxR9lr9J1RXtK9DR7aYwp7xorkNkTonvHNtvtbR9b
+1Dbfe+Sk7Tazsuuw2o5zydzd65rJALI6/nj0ouHoAZdQXi3UIKjf5pRJ4wSKsRl
4ZTpVZBCsSBbMJXNXn/JbTxzh5HJTkJ16rTMWx7NUrYGtTK6NeYxEW1poKIwKpcD
eUrtkx0azSq2karMRrss17hOU6f/a4tlkGoTUYkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQGXy8C8fE6ThTNQzfj4A9WZCSCSzAfBgNVHSMEGDAWgBTvHiJWFMZc4s9S
detGQzQ5XAb0MDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
Lzd4NGlWaFRHWE9MUFVuWHJSa00wT1Z3RzlEQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGQvZDQ1NWJhLTdlYzYtNGYzZS1hY2Q2LTExZjk1MjY4ZWE3NC8x
L0JsOHZBdkh4T2s0VXpVTTM0LUFQVm1Ra2drcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGQv
ZDQ1NWJhLTdlYzYtNGYzZS1hY2Q2LTExZjk1MjY4ZWE3NC8xLzd4NGlWaFRHWE9M
UFVuWHJSa00wT1Z3RzlEQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvukTANBgkqhkiG9w0BAQsFAAOC
AQEANA0KX61IP5xasLAiA2oOJVyr7PJGtEKjN2cPJ21PrSrEcBvRubYtQUfkBdHs
0Ejn4CgJKEGfFgMHFZfauRjGXa1kE/DKtTPtMagcza/+ALTLbOvnjyQogRBf0ep7
n/ikJiOcCuZqowz7P2kWUNRSSmdJ1gCYCEyHNzDe9sS13CIGVf/z3CLSZaEcb6i7
S2tcyb+uxXnZDquJKhDSbRjlMqbEcSNkwO4O8jVcMs+CaTWuzov4vrktpgt+bIJs
R0qS66DrYm2PAsdculnSrR287edDHHGDKqC5Gy5fTEAbqnwsEtKkedGl4DsCOZIN
zCQ+/ajQjxDiiPkgs42xQouWKA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:32 2024 by rpki-client on console-fra.rpki-client.org