Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/BrNefVkd2dqLaHgClKPZQTh-Bz0.roa
File: BrNefVkd2dqLaHgClKPZQTh-Bz0.roa (raw, json)
Hash identifier: doS0GqYwL9MNFrOot6fTeIpjb8LV78XhdYA/FpwWkDc=
Subject key identifier: 06:B3:5E:7D:59:1D:D9:DA:8B:68:78:02:94:A3:D9:41:38:7E:07:3D
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 054D59CC
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/BrNefVkd2dqLaHgClKPZQTh-Bz0.roa
Signing time: Mon 10 Jan 2022 16:25:13 +0000
ROA not before: Mon 10 Jan 2022 16:25:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29582
IP address blocks: 91.92.48.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88955340 (0x54d59cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Jan 10 16:25:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=06b35e7d591dd9da8b68780294a3d941387e073d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:dc:ed:4c:47:a7:c1:bc:c1:af:e4:4b:78:a8:
bd:38:8a:73:fe:35:b4:d1:f1:10:f2:d6:6d:91:bf:
ef:9f:47:72:ae:02:81:bb:59:1d:e4:9e:4a:f3:17:
e7:40:e6:ff:66:a6:3d:cd:d4:5a:cb:df:2d:c0:24:
af:67:9e:e8:dc:4a:99:95:ee:02:ad:cd:5c:12:98:
de:0f:d7:95:48:a9:13:1b:78:35:ba:df:52:b9:1a:
30:ff:27:fc:e0:bc:01:98:97:59:b3:57:06:75:f3:
b9:45:6e:6b:00:bd:fa:87:a2:01:02:43:c0:cd:3a:
a1:92:c5:d1:0a:e6:60:5f:32:bb:01:23:c5:09:81:
d2:48:3a:97:f4:7d:3d:99:82:58:ff:f0:01:83:25:
4c:36:7d:e5:7f:6c:53:16:d6:2f:99:11:f8:3c:a8:
e1:50:2e:d4:63:9e:de:d1:62:44:f3:a1:88:97:69:
f7:c5:26:67:b0:54:51:63:7e:ad:e3:0b:30:94:d4:
fe:97:85:34:a6:33:b7:b3:08:fa:0b:96:ca:c6:54:
6f:c7:b5:d2:eb:c8:d3:b9:2a:bb:8f:60:e9:3f:26:
e6:9c:52:f9:41:5d:01:4f:ca:a4:07:ca:cd:cf:ba:
2c:30:b6:63:b2:cf:6f:98:e1:1e:ac:90:56:20:ea:
5b:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:B3:5E:7D:59:1D:D9:DA:8B:68:78:02:94:A3:D9:41:38:7E:07:3D
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/BrNefVkd2dqLaHgClKPZQTh-Bz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.92.48.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:92:a8:8b:79:17:d3:dc:68:9f:32:9d:cb:12:31:6d:56:c4:
d7:97:74:3c:cd:96:dd:ba:e6:bf:fc:33:d8:77:c2:2f:32:9d:
60:18:dd:a2:bd:1e:d5:c2:52:e3:8d:ae:24:96:f2:24:6e:74:
5b:c6:9b:d9:87:9d:81:77:e2:d5:73:f7:15:cd:6f:99:a2:e3:
8c:c6:82:29:3f:c3:b2:b7:49:25:09:96:83:40:7b:42:46:f2:
ce:75:93:74:b0:38:2e:9f:79:2e:6e:24:ff:b1:f6:c6:21:6c:
ab:30:83:92:d6:7d:1f:40:ea:81:e9:c6:ca:97:07:a0:5b:92:
b2:40:a3:4b:56:1c:c4:c1:32:d1:59:53:c8:7f:ce:03:a0:e6:
0f:c7:9b:dd:d2:2e:0b:67:8c:ab:04:d2:64:86:38:3a:c7:9f:
e3:35:8c:84:5b:fd:09:f4:12:02:27:8e:4e:32:38:c1:64:c3:
14:dc:b2:e0:72:bb:da:58:2c:83:87:a4:c7:3a:b9:93:08:44:
48:b9:8a:d2:4c:92:01:93:04:73:04:c6:ba:9b:07:5c:05:9f:
12:e3:1d:c2:a2:33:5e:ee:d7:c6:9a:57:b3:7c:f7:f6:cb:71:
8e:e7:22:43:fc:63:18:3c:e0:1b:0e:38:a8:b1:1f:41:12:4c:
9b:7f:f9:00
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBU1ZzDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZDFjYWE2OTM1OGY4Yzk4ZjdhNzE5ZjI1OTdkNWRhZGRiZDAwMThjMB4XDTIyMDEx
MDE2MjUxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDZiMzVlN2Q1OTFk
ZDlkYThiNjg3ODAyOTRhM2Q5NDEzODdlMDczZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKnc7UxHp8G8wa/kS3iovTiKc/41tNHxEPLWbZG/759Hcq4C
gbtZHeSeSvMX50Dm/2amPc3UWsvfLcAkr2ee6NxKmZXuAq3NXBKY3g/XlUipExt4
NbrfUrkaMP8n/OC8AZiXWbNXBnXzuUVuawC9+oeiAQJDwM06oZLF0QrmYF8yuwEj
xQmB0kg6l/R9PZmCWP/wAYMlTDZ95X9sUxbWL5kR+Dyo4VAu1GOe3tFiRPOhiJdp
98UmZ7BUUWN+reMLMJTU/peFNKYzt7MI+guWysZUb8e10uvI07kqu49g6T8m5pxS
+UFdAU/KpAfKzc+6LDC2Y7LPb5jhHqyQViDqW8MCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQGs159WR3Z2otoeAKUo9lBOH4HPTAfBgNVHSMEGDAWgBQtHKppNY+MmPen
GfJZfV2t29ABjDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xSeXFhVFdQakpqM3B4bnlXWDFkcmR2UUFZdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGYvYTkzNjk5LTE4OGItNDcwYS05NmI3LTI5YjA4NWRkMjNhZC8x
L0JyTmVmVmtkMmRxTGFIZ0NsS1BaUVRoLUJ6MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGYv
YTkzNjk5LTE4OGItNDcwYS05NmI3LTI5YjA4NWRkMjNhZC8xL0xSeXFhVFdQakpq
M3B4bnlXWDFkcmR2UUFZdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFtcMDANBgkqhkiG9w0BAQsFAAOC
AQEAb5Koi3kX09xonzKdyxIxbVbE15d0PM2W3brmv/wz2HfCLzKdYBjdor0e1cJS
442uJJbyJG50W8ab2YedgXfi1XP3Fc1vmaLjjMaCKT/DsrdJJQmWg0B7QkbyznWT
dLA4Lp95Lm4k/7H2xiFsqzCDktZ9H0DqgenGypcHoFuSskCjS1YcxMEy0VlTyH/O
A6DmD8eb3dIuC2eMqwTSZIY4Osef4zWMhFv9CfQSAieOTjI4wWTDFNyy4HK72lgs
g4ekxzq5kwhESLmK0kySAZMEcwTGupsHXAWfEuMdwqIzXu7XxppXs3z39stxjuci
Q/xjGDzgGw44qLEfQRJMm3/5AA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:42 2024 by rpki-client on console-fra.rpki-client.org