Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/4-ObVu3i8gXxEjTIirsrAvYA6Xg.roa
File: 4-ObVu3i8gXxEjTIirsrAvYA6Xg.roa (raw, json)
Hash identifier: +pomwwO1vx0O5+77pzZ3NpQitzHmQg1jEyXZhZseV7M=
Subject key identifier: E3:E3:9B:56:ED:E2:F2:05:F1:12:34:C8:8A:BB:2B:02:F6:00:E9:78
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 0182648042091B2F0CAE23F49A40E8E96C48
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/4-ObVu3i8gXxEjTIirsrAvYA6Xg.roa
Signing time: Wed 03 Aug 2022 16:18:23 +0000
ROA not before: Wed 03 Aug 2022 16:18:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211936
IP address blocks: 91.92.34.0/24 maxlen: 24
93.152.207.0/24 maxlen: 24
93.152.219.0/24 maxlen: 24
93.152.223.0/24 maxlen: 24
93.152.220.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:64:80:42:09:1b:2f:0c:ae:23:f4:9a:40:e8:e9:6c:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Aug 3 16:18:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e3e39b56ede2f205f11234c88abb2b02f600e978
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:69:6f:c7:8b:26:3d:13:7f:88:16:8c:60:23:
b3:11:6b:64:3a:aa:dd:71:93:99:0a:06:12:77:98:
31:52:7b:59:c7:cc:ea:cf:8f:55:4c:30:4a:8f:9a:
68:41:8f:bf:d6:f8:e6:94:1e:2b:e8:70:49:cb:06:
e0:ec:34:7f:87:50:1e:73:57:6d:dc:66:56:71:49:
40:ce:87:8e:ab:b6:4c:c5:93:11:7d:5f:60:05:7e:
65:98:70:12:ca:fb:46:ab:b8:9e:2f:58:f9:79:27:
fa:bf:58:0c:51:03:41:92:7f:2d:04:bc:25:1d:28:
19:79:b9:7b:aa:d2:f6:fe:a7:77:71:24:bf:37:46:
d8:1b:2d:0e:20:8c:6a:a7:a6:96:65:c0:36:c9:e9:
56:78:a2:14:0d:42:12:6d:f4:26:87:7d:aa:2f:fd:
02:bd:ed:77:45:91:53:5f:f9:11:72:75:9b:ee:44:
d1:d2:f2:8b:36:1c:bd:81:a4:13:9b:60:18:d6:54:
27:fb:f0:3c:5d:97:04:8d:f8:9f:7b:c1:98:6e:20:
5a:71:7b:98:5a:7a:64:10:aa:8d:f3:70:7e:37:01:
4e:f7:c8:6f:01:63:64:44:c5:e5:9b:fa:c9:ca:61:
53:1b:41:b9:e6:03:15:bf:bc:78:3b:5b:f3:a2:77:
a0:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:E3:9B:56:ED:E2:F2:05:F1:12:34:C8:8A:BB:2B:02:F6:00:E9:78
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/4-ObVu3i8gXxEjTIirsrAvYA6Xg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.92.34.0/24
93.152.207.0/24
93.152.219.0-93.152.220.255
93.152.223.0/24
Signature Algorithm: sha256WithRSAEncryption
30:93:2c:ff:55:af:65:3a:c5:29:9b:cf:a0:72:3d:a4:ee:17:
5c:c9:40:a4:03:1d:95:1d:57:cd:6c:90:7a:f3:92:29:05:6a:
ba:ae:70:46:3d:26:c6:cb:0a:70:87:6e:05:d7:80:61:ad:ce:
d4:c5:de:88:7e:8f:f8:90:8b:d4:64:06:31:4f:d2:e2:66:a4:
b8:08:f3:17:80:15:0d:d1:1a:b4:19:75:70:56:68:ab:6e:23:
8b:a6:aa:d2:f1:6d:41:0b:48:13:07:1d:07:8d:5d:fc:2e:13:
e6:e7:2c:3b:d2:54:3e:81:9f:71:4f:08:85:0f:83:3d:8e:93:
eb:3a:7b:19:1d:d5:da:14:07:f5:4f:23:5e:ac:88:7b:0d:61:
1b:aa:59:77:21:82:a0:ac:34:63:19:3f:97:0d:51:da:e9:95:
24:e8:5a:1e:cc:ee:01:37:be:1d:ad:c4:62:3f:a9:2b:8f:dc:
1b:c9:df:03:d6:0b:dd:10:8e:1b:27:e8:92:36:52:b9:6d:af:
6d:82:97:7a:e4:04:71:e7:ac:a6:4b:e1:7f:9d:32:5c:c7:64:
2f:42:32:2b:d0:d5:86:1e:44:36:02:55:9e:4b:8e:90:59:2a:
11:89:76:11:2c:d8:80:3f:84:c2:44:9a:d8:4f:8e:4c:20:2c:
0d:1b:a7:c1
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYJkgEIJGy8MriP0mkDo6WxIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjIwODAzMTYxODIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2UzOWI1NmVkZTJmMjA1ZjExMjM0Yzg4YWJiMmIwMmY2MDBlOTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWlvx4smPRN/iBaMYCOzEWtkOqrd
cZOZCgYSd5gxUntZx8zqz49VTDBKj5poQY+/1vjmlB4r6HBJywbg7DR/h1Aec1dt
3GZWcUlAzoeOq7ZMxZMRfV9gBX5lmHASyvtGq7ieL1j5eSf6v1gMUQNBkn8tBLwl
HSgZebl7qtL2/qd3cSS/N0bYGy0OIIxqp6aWZcA2yelWeKIUDUISbfQmh32qL/0C
ve13RZFTX/kRcnWb7kTR0vKLNhy9gaQTm2AY1lQn+/A8XZcEjfife8GYbiBacXuY
WnpkEKqN83B+NwFO98hvAWNkRMXlm/rJymFTG0G55gMVv7x4O1vzoneguQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFOPjm1bt4vIF8RI0yIq7KwL2AOl4MB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvNC1PYlZ1M2k4Z1h4RWpUSWlyc3JBdllBNlhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAW1wiAwQA
XZjPMAwDBABdmNsDBABdmNwDBABdmN8wDQYJKoZIhvcNAQELBQADggEBADCTLP9V
r2U6xSmbz6ByPaTuF1zJQKQDHZUdV81skHrzkikFarqucEY9JsbLCnCHbgXXgGGt
ztTF3oh+j/iQi9RkBjFP0uJmpLgI8xeAFQ3RGrQZdXBWaKtuI4umqtLxbUELSBMH
HQeNXfwuE+bnLDvSVD6Bn3FPCIUPgz2Ok+s6exkd1doUB/VPI16siHsNYRuqWXch
gqCsNGMZP5cNUdrplSToWh7M7gE3vh2txGI/qSuP3BvJ3wPWC90Qjhsn6JI2Urlt
r22Cl3rkBHHnrKZL4X+dMlzHZC9CMivQ1YYeRDYCVZ5LjpBZKhGJdhEs2IA/hMJE
mthPjkwgLA0bp8E=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:07 2023 by rpki-client on console-fra.rpki-client.org