Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/60ccfa-0930-46b4-8317-f8ca9cb63317/1/jlBZDLwwfArgO0nUOM5ndxcIvy8.roa
File: jlBZDLwwfArgO0nUOM5ndxcIvy8.roa (raw, json)
Hash identifier: //B4ELtlAurfySYHqSXyE4LWItYdaGydd1EILlnS9Rw=
Subject key identifier: 8E:50:59:0C:BC:30:7C:0A:E0:3B:49:D4:38:CE:67:77:17:08:BF:2F
Certificate issuer: /CN=b4430ba11506741d676ea202e291ec7ec6191b17
Certificate serial: 0184337CD57C144D8D4D7724099942A0E6B0
Authority key identifier: B4:43:0B:A1:15:06:74:1D:67:6E:A2:02:E2:91:EC:7E:C6:19:1B:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tEMLoRUGdB1nbqIC4pHsfsYZGxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/60ccfa-0930-46b4-8317-f8ca9cb63317/1/jlBZDLwwfArgO0nUOM5ndxcIvy8.roa
Signing time: Tue 01 Nov 2022 13:58:49 +0000
ROA not before: Tue 01 Nov 2022 13:58:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51225
IP address blocks: 91.218.4.0/23 maxlen: 23
91.218.4.0/22 maxlen: 22
91.218.4.0/24 maxlen: 24
91.218.6.0/24 maxlen: 24
91.218.5.0/24 maxlen: 24
2001:7f8:94::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:33:7c:d5:7c:14:4d:8d:4d:77:24:09:99:42:a0:e6:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4430ba11506741d676ea202e291ec7ec6191b17
Validity
Not Before: Nov 1 13:58:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8e50590cbc307c0ae03b49d438ce67771708bf2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:95:47:f9:94:3c:a6:c7:ce:c4:cf:d2:b2:a9:
9d:d6:2f:a7:aa:7a:c3:32:06:3c:9e:98:3b:23:02:
30:58:aa:8f:91:a8:11:85:13:08:ee:2a:a4:76:c2:
30:f5:ac:8f:14:d8:f6:c1:16:70:23:05:c6:5a:15:
96:65:49:82:f8:06:a7:53:33:25:cc:39:ea:5c:a0:
ad:83:ac:ba:75:e7:79:f3:8b:9d:a0:ee:ed:3a:f1:
27:c6:9f:06:b0:6c:3d:01:37:de:cb:fc:ed:f8:3b:
eb:0c:64:34:88:64:1e:e0:cf:31:e5:ac:f3:4a:28:
9a:c9:79:73:ed:18:d0:ae:e3:ee:ad:c8:b3:3c:00:
71:61:a5:1f:76:53:0e:c3:02:72:c9:06:ff:31:05:
61:af:02:80:f9:10:16:5d:2d:a3:b1:5e:ef:70:37:
d3:67:72:1d:ac:07:ee:3c:1e:09:1c:3a:98:22:52:
e1:e4:73:76:1d:10:0f:86:1d:ce:f3:2d:5b:92:91:
4f:94:62:1e:69:77:a0:67:e2:a9:17:12:b3:bc:a8:
b2:ee:d6:a0:ab:0e:c2:ae:11:b0:3f:b0:3b:87:1a:
a2:dd:1c:ad:08:2b:7f:72:34:99:e0:79:8e:0f:d2:
17:26:34:7a:fd:1e:cb:6c:d0:a7:3b:56:80:f3:fc:
62:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:50:59:0C:BC:30:7C:0A:E0:3B:49:D4:38:CE:67:77:17:08:BF:2F
X509v3 Authority Key Identifier:
keyid:B4:43:0B:A1:15:06:74:1D:67:6E:A2:02:E2:91:EC:7E:C6:19:1B:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tEMLoRUGdB1nbqIC4pHsfsYZGxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/60ccfa-0930-46b4-8317-f8ca9cb63317/1/jlBZDLwwfArgO0nUOM5ndxcIvy8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/60ccfa-0930-46b4-8317-f8ca9cb63317/1/tEMLoRUGdB1nbqIC4pHsfsYZGxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.218.4.0/22
IPv6:
2001:7f8:94::/48
Signature Algorithm: sha256WithRSAEncryption
30:45:7f:06:3c:d2:2a:49:98:a7:64:d4:97:33:b7:b4:4a:e9:
d5:a7:94:39:d5:22:9a:a4:c9:3f:21:24:3d:b7:45:ee:30:a6:
e9:a6:1e:5e:36:61:30:3f:0b:73:3b:f5:e5:55:91:8b:1c:fb:
f8:75:41:b8:61:92:b6:48:06:cd:11:e7:2b:f8:57:38:8f:e4:
b4:ab:60:a4:1f:cc:45:df:3d:43:52:c9:49:94:3b:3c:e7:3d:
fa:2c:e1:5b:f4:80:c0:d4:90:aa:7d:e3:2d:29:21:11:27:d5:
1f:ca:c6:6e:e3:21:67:58:24:43:9d:08:37:30:63:43:8f:5a:
76:ec:3d:93:43:96:07:55:b1:a4:89:3e:e4:09:4c:a5:07:f1:
cf:eb:df:ba:e0:f6:89:80:0b:17:cf:a9:9e:e9:ae:07:b3:fd:
7e:43:63:fa:60:9b:63:9b:6d:bc:8f:1b:a8:f3:f1:84:ad:26:
ef:02:49:58:84:bb:39:d0:50:3a:f0:7e:37:67:04:b7:a5:3a:
cd:08:7a:c1:c9:0a:b3:0c:8f:95:54:71:12:94:60:67:93:a9:
54:b3:27:e2:63:83:6b:79:ed:bd:16:5b:16:c8:20:bd:7d:fd:
05:f7:c1:78:31:d6:b1:0e:e3:fa:0f:81:c2:b2:d3:66:0d:9f:
00:e7:91:40
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYQzfNV8FE2NTXckCZlCoOawMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NDMwYmExMTUwNjc0MWQ2NzZlYTIwMmUyOTFlYzdlYzYx
OTFiMTcwHhcNMjIxMTAxMTM1ODQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTUwNTkwY2JjMzA3YzBhZTAzYjQ5ZDQzOGNlNjc3NzE3MDhiZjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpVH+ZQ8psfOxM/Ssqmd1i+nqnrD
MgY8npg7IwIwWKqPkagRhRMI7iqkdsIw9ayPFNj2wRZwIwXGWhWWZUmC+AanUzMl
zDnqXKCtg6y6ded584udoO7tOvEnxp8GsGw9ATfey/zt+DvrDGQ0iGQe4M8x5azz
SiiayXlz7RjQruPurcizPABxYaUfdlMOwwJyyQb/MQVhrwKA+RAWXS2jsV7vcDfT
Z3IdrAfuPB4JHDqYIlLh5HN2HRAPhh3O8y1bkpFPlGIeaXegZ+KpFxKzvKiy7tag
qw7CrhGwP7A7hxqi3RytCCt/cjSZ4HmOD9IXJjR6/R7LbNCnO1aA8/xihQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFI5QWQy8MHwK4DtJ1DjOZ3cXCL8vMB8GA1UdIwQY
MBaAFLRDC6EVBnQdZ26iAuKR7H7GGRsXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEVNTG9SVUdkQjFuYnFJQzRwSHNmc1laR3hjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi82MGNjZmEtMDkzMC00NmI0LTgzMTct
ZjhjYTljYjYzMzE3LzEvamxCWkRMd3dmQXJnTzBuVU9NNW5keGNJdnk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi82MGNjZmEtMDkzMC00NmI0LTgzMTctZjhjYTljYjYzMzE3
LzEvdEVNTG9SVUdkQjFuYnFJQzRwSHNmc1laR3hjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCW9oEMA8E
AgACMAkDBwAgAQf4AJQwDQYJKoZIhvcNAQELBQADggEBADBFfwY80ipJmKdk1Jcz
t7RK6dWnlDnVIpqkyT8hJD23Re4wpummHl42YTA/C3M79eVVkYsc+/h1QbhhkrZI
Bs0R5yv4VziP5LSrYKQfzEXfPUNSyUmUOzznPfos4Vv0gMDUkKp94y0pIREn1R/K
xm7jIWdYJEOdCDcwY0OPWnbsPZNDlgdVsaSJPuQJTKUH8c/r37rg9omACxfPqZ7p
rgez/X5DY/pgm2ObbbyPG6jz8YStJu8CSViEuznQUDrwfjdnBLelOs0IesHJCrMM
j5VUcRKUYGeTqVSzJ+Jjg2t57b0WWxbIIL19/QX3wXgx1rEO4/oPgcKy02YNnwDn
kUA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:15 2024 by rpki-client on console-ams.rpki-client.org