Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/60ccfa-0930-46b4-8317-f8ca9cb63317/1/xGFMGaviKD_DPjyHSPA1UK42L4o.roa
File: xGFMGaviKD_DPjyHSPA1UK42L4o.roa (raw, json)
Hash identifier: 36hzelxHKweY1bnGNVk1U3b6bjNePn3WMUSkC3LzHrE=
Subject key identifier: C4:61:4C:19:AB:E2:28:3F:C3:3E:3C:87:48:F0:35:50:AE:36:2F:8A
Certificate issuer: /CN=b4430ba11506741d676ea202e291ec7ec6191b17
Certificate serial: 070DA6B8
Authority key identifier: B4:43:0B:A1:15:06:74:1D:67:6E:A2:02:E2:91:EC:7E:C6:19:1B:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tEMLoRUGdB1nbqIC4pHsfsYZGxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/60ccfa-0930-46b4-8317-f8ca9cb63317/1/xGFMGaviKD_DPjyHSPA1UK42L4o.roa
Signing time: Sat 01 Jan 2022 01:50:58 +0000
ROA not before: Sat 01 Jan 2022 01:50:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51225
IP address blocks: 91.218.4.0/23 maxlen: 23
91.218.4.0/22 maxlen: 22
91.218.4.0/24 maxlen: 24
91.218.6.0/24 maxlen: 24
91.218.5.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 118335160 (0x70da6b8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4430ba11506741d676ea202e291ec7ec6191b17
Validity
Not Before: Jan 1 01:50:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c4614c19abe2283fc33e3c8748f03550ae362f8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:07:9f:d8:fe:d5:e1:71:ef:de:58:de:55:a3:
d5:25:45:e5:39:b4:0a:c9:3f:65:97:43:93:97:ca:
58:46:7a:d4:aa:d3:cc:51:f8:43:81:20:37:88:0b:
4d:36:fc:7b:49:1a:96:07:64:03:4d:0f:20:c7:fb:
4f:96:94:51:02:ec:29:4d:df:1e:86:f5:9f:b5:ce:
4b:26:f8:57:ee:39:9e:a1:55:8d:94:5e:16:5d:fa:
60:ad:1b:f9:f8:d0:f1:b9:91:1d:42:d7:e5:5d:5e:
da:93:26:c3:dd:6b:7f:ca:fd:7b:07:3c:61:d5:23:
24:f1:b5:64:20:87:00:14:24:df:88:4b:53:f9:7a:
94:40:71:3e:fe:8f:f5:0b:38:90:d6:90:d2:20:c7:
88:fb:80:d3:42:96:c2:40:5a:ff:35:16:dd:64:77:
78:ce:a5:84:17:97:26:8f:7a:23:93:ec:bc:30:14:
1e:f1:fa:e0:9c:d5:95:e8:cf:66:d6:25:57:69:ed:
dc:b5:39:51:96:b7:31:f9:a4:c4:fa:ce:6c:1a:2d:
22:88:dd:de:2a:6f:45:d0:b5:6f:8d:71:60:55:a7:
7c:1e:15:04:9e:8d:ad:5f:df:38:55:46:33:48:4e:
63:5e:f3:de:36:06:c9:10:6b:38:b2:f7:e4:b5:ac:
97:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:61:4C:19:AB:E2:28:3F:C3:3E:3C:87:48:F0:35:50:AE:36:2F:8A
X509v3 Authority Key Identifier:
keyid:B4:43:0B:A1:15:06:74:1D:67:6E:A2:02:E2:91:EC:7E:C6:19:1B:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tEMLoRUGdB1nbqIC4pHsfsYZGxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/60ccfa-0930-46b4-8317-f8ca9cb63317/1/xGFMGaviKD_DPjyHSPA1UK42L4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/60ccfa-0930-46b4-8317-f8ca9cb63317/1/tEMLoRUGdB1nbqIC4pHsfsYZGxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.218.4.0/22
Signature Algorithm: sha256WithRSAEncryption
b7:8a:b4:c1:d3:6f:90:46:2f:14:22:2b:27:86:ae:7b:61:d8:
97:71:44:6e:5c:c8:c5:fd:a0:c7:8d:c5:0e:e7:bf:d2:3f:a5:
fe:c4:18:21:ab:fe:59:a4:e4:e6:51:73:7d:12:b8:a3:09:43:
0a:6e:e6:82:1d:b3:8f:f6:ef:f4:5c:10:25:ee:38:41:65:f9:
71:2e:d7:84:52:d1:2c:f8:c7:d0:22:fe:b1:42:ba:0d:0f:92:
36:23:ce:f7:d4:ff:aa:dc:59:15:eb:3b:84:23:aa:87:fe:40:
0d:ee:6a:e1:1e:54:94:d2:35:bd:11:b1:c7:97:15:ac:2c:ba:
b9:1c:8f:cd:9c:cd:01:ff:99:71:2f:08:9c:d7:f0:07:9e:95:
26:df:3f:3e:5d:c5:0e:ed:59:fa:de:42:e2:85:43:72:4a:d3:
f4:5d:55:59:6b:ce:cf:8f:2f:f4:2d:65:67:d2:e3:d0:02:aa:
b5:ea:81:f1:95:56:6d:f1:db:37:fd:0f:7c:26:14:c4:80:b9:
f8:f3:ad:0b:2b:48:c9:6e:39:1e:28:d3:89:e0:7a:7c:dd:d1:
1d:4b:66:9e:2f:da:9a:f3:fd:92:8e:c6:c1:24:5e:9e:08:e5:
74:0c:a8:22:82:0d:5d:d9:0b:32:e7:fa:68:ed:ae:1d:90:3a:
f5:f5:f7:54
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBw2muDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NDQzMGJhMTE1MDY3NDFkNjc2ZWEyMDJlMjkxZWM3ZWM2MTkxYjE3MB4XDTIyMDEw
MTAxNTA1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzQ2MTRjMTlhYmUy
MjgzZmMzM2UzYzg3NDhmMDM1NTBhZTM2MmY4YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALMHn9j+1eFx795Y3lWj1SVF5Tm0Csk/ZZdDk5fKWEZ61KrT
zFH4Q4EgN4gLTTb8e0kalgdkA00PIMf7T5aUUQLsKU3fHob1n7XOSyb4V+45nqFV
jZReFl36YK0b+fjQ8bmRHULX5V1e2pMmw91rf8r9ewc8YdUjJPG1ZCCHABQk34hL
U/l6lEBxPv6P9Qs4kNaQ0iDHiPuA00KWwkBa/zUW3WR3eM6lhBeXJo96I5PsvDAU
HvH64JzVlejPZtYlV2nt3LU5UZa3MfmkxPrObBotIojd3ipvRdC1b41xYFWnfB4V
BJ6NrV/fOFVGM0hOY17z3jYGyRBrOLL35LWsl+cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTEYUwZq+IoP8M+PIdI8DVQrjYvijAfBgNVHSMEGDAWgBS0QwuhFQZ0HWdu
ogLikex+xhkbFzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RFTUxvUlVHZEIxbmJxSUM0cEhzZnNZWkd4Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGYvNjBjY2ZhLTA5MzAtNDZiNC04MzE3LWY4Y2E5Y2I2MzMxNy8x
L3hHRk1HYXZpS0RfRFBqeUhTUEExVUs0Mkw0by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGYv
NjBjY2ZhLTA5MzAtNDZiNC04MzE3LWY4Y2E5Y2I2MzMxNy8xL3RFTUxvUlVHZEIx
bmJxSUM0cEhzZnNZWkd4Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlvaBDANBgkqhkiG9w0BAQsFAAOC
AQEAt4q0wdNvkEYvFCIrJ4aue2HYl3FEblzIxf2gx43FDue/0j+l/sQYIav+WaTk
5lFzfRK4owlDCm7mgh2zj/bv9FwQJe44QWX5cS7XhFLRLPjH0CL+sUK6DQ+SNiPO
99T/qtxZFes7hCOqh/5ADe5q4R5UlNI1vRGxx5cVrCy6uRyPzZzNAf+ZcS8InNfw
B56VJt8/Pl3FDu1Z+t5C4oVDckrT9F1VWWvOz48v9C1lZ9Lj0AKqteqB8ZVWbfHb
N/0PfCYUxIC5+POtCytIyW45HijTieB6fN3RHUtmni/amvP9ko7GwSRengjldAyo
IoINXdkLMuf6aO2uHZA69fX3VA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:07 2023 by rpki-client on console-fra.rpki-client.org