Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/fna-HjI-mggOhT5LeRZ8abvBvoo.roa
File: fna-HjI-mggOhT5LeRZ8abvBvoo.roa (raw, json)
Hash identifier: YHb9NDl6fayc/vUavRU2JN7ZKqLc8HdVOH5U2xaQvCw=
Subject key identifier: 7E:76:BE:1E:32:3E:9A:08:0E:85:3E:4B:79:16:7C:69:BB:C1:BE:8A
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 01826457C81B4D818ABBBE6A52FC35A63473
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/fna-HjI-mggOhT5LeRZ8abvBvoo.roa
Signing time: Wed 03 Aug 2022 15:34:10 +0000
ROA not before: Wed 03 Aug 2022 15:34:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 91.92.44.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:64:57:c8:1b:4d:81:8a:bb:be:6a:52:fc:35:a6:34:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Aug 3 15:34:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7e76be1e323e9a080e853e4b79167c69bbc1be8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:38:f9:b4:cc:ed:e6:a5:96:ea:6c:b8:f1:3a:
56:5b:ad:04:4a:5b:b4:f9:75:57:93:29:c4:3e:26:
1e:e5:46:52:e4:e6:29:27:cf:32:83:7f:f1:c1:d3:
6a:96:89:56:7d:6d:fb:b3:9e:79:91:f2:00:e1:33:
c1:09:6b:f1:64:4e:96:b8:a6:54:62:cc:15:39:8e:
98:d1:da:b4:35:db:1f:36:6c:b2:9c:c0:ff:9c:37:
c0:41:1a:d3:fb:b9:13:6c:b3:a2:f8:a9:b1:72:3f:
d4:cf:5c:0d:4b:11:b6:1c:1b:ee:22:69:9c:b4:57:
0f:a1:4d:b7:46:c8:e3:97:52:ed:cd:f9:4c:5f:c9:
e1:51:3d:37:e2:ad:28:51:c2:e6:f9:72:2b:ce:2e:
b2:5e:54:37:7f:8f:bc:95:f0:54:71:52:a2:4e:2d:
ae:a8:a1:fb:c0:d1:f6:36:27:84:fa:f3:8c:41:53:
da:fd:bc:53:44:4a:fb:15:93:54:97:06:83:a6:05:
3c:51:08:77:a3:47:a6:8d:7e:84:8e:62:b8:a6:06:
a4:b0:9e:35:25:1e:73:a7:01:8d:08:ff:f8:e1:62:
be:40:f7:c1:d4:e4:cb:82:6d:8b:d2:b0:4e:49:61:
89:e7:12:12:a1:14:3e:c7:54:a0:f4:e8:74:98:f8:
16:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:76:BE:1E:32:3E:9A:08:0E:85:3E:4B:79:16:7C:69:BB:C1:BE:8A
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/fna-HjI-mggOhT5LeRZ8abvBvoo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.92.44.0/22
Signature Algorithm: sha256WithRSAEncryption
b3:c3:a2:19:6d:cf:88:69:54:8c:1a:d2:27:36:91:9d:c1:fa:
fd:52:ec:ee:fc:3f:b9:6f:9d:5f:c0:03:d1:0b:45:f8:a5:35:
21:4c:67:b0:f6:3b:79:e2:45:3d:20:c5:26:31:59:23:b5:61:
5b:0e:d1:50:2e:fb:96:b8:f3:51:d4:95:f8:f9:81:27:5d:df:
57:1c:99:d8:13:70:74:1f:06:f8:f6:03:c7:4b:79:f5:52:7a:
32:0c:ae:af:b0:f1:92:4c:5e:3c:28:5e:13:4a:72:d1:ee:09:
1e:fd:3c:d2:2d:2c:96:51:71:64:df:b3:29:fc:4a:d2:5f:68:
30:17:8d:e3:d9:f0:1e:3d:31:c2:19:8a:be:69:17:ad:df:81:
44:28:30:b6:68:c8:32:03:91:1c:8c:4a:9d:b3:8e:14:b0:0c:
a5:e5:85:58:21:08:90:6b:30:3a:bb:4e:52:13:2f:09:35:a6:
2d:0d:5d:1c:fd:13:5e:7b:f7:af:3c:0a:a6:30:21:00:28:2d:
c0:de:31:c9:65:7f:c5:9f:d6:b0:a6:76:19:eb:07:2a:a0:f4:
3b:a2:f2:90:bd:e4:fe:14:ed:17:9e:2b:2d:ae:90:f9:06:48:
74:d2:ed:a3:6f:55:b2:ed:21:79:ae:0e:ce:7a:10:5c:d4:51:
42:13:6c:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJkV8gbTYGKu75qUvw1pjRzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjIwODAzMTUzNDEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTc2YmUxZTMyM2U5YTA4MGU4NTNlNGI3OTE2N2M2OWJiYzFiZThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjj5tMzt5qWW6my48TpWW60ESlu0
+XVXkynEPiYe5UZS5OYpJ88yg3/xwdNqlolWfW37s555kfIA4TPBCWvxZE6WuKZU
YswVOY6Y0dq0NdsfNmyynMD/nDfAQRrT+7kTbLOi+Kmxcj/Uz1wNSxG2HBvuImmc
tFcPoU23Rsjjl1LtzflMX8nhUT034q0oUcLm+XIrzi6yXlQ3f4+8lfBUcVKiTi2u
qKH7wNH2NieE+vOMQVPa/bxTREr7FZNUlwaDpgU8UQh3o0emjX6EjmK4pgaksJ41
JR5zpwGNCP/44WK+QPfB1OTLgm2L0rBOSWGJ5xISoRQ+x1Sg9Oh0mPgW9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH52vh4yPpoIDoU+S3kWfGm7wb6KMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvZm5hLUhqSS1tZ2dPaFQ1TGVSWjhhYnZCdm9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW1wsMA0G
CSqGSIb3DQEBCwUAA4IBAQCzw6IZbc+IaVSMGtInNpGdwfr9Uuzu/D+5b51fwAPR
C0X4pTUhTGew9jt54kU9IMUmMVkjtWFbDtFQLvuWuPNR1JX4+YEnXd9XHJnYE3B0
Hwb49gPHS3n1UnoyDK6vsPGSTF48KF4TSnLR7gke/TzSLSyWUXFk37Mp/ErSX2gw
F43j2fAePTHCGYq+aRet34FEKDC2aMgyA5EcjEqds44UsAyl5YVYIQiQazA6u05S
Ey8JNaYtDV0c/RNee/evPAqmMCEAKC3A3jHJZX/Fn9awpnYZ6wcqoPQ7ovKQveT+
FO0XnistrpD5Bkh00u2jb1Wy7SF5rg7OehBc1FFCE2x4
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:07 2023 by rpki-client on console-fra.rpki-client.org