Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/t4eAQaH1VNeGu31TUoyx1LGbVp8.roa
File: t4eAQaH1VNeGu31TUoyx1LGbVp8.roa (raw, json)
Hash identifier: uU1V1XD18jXSFWG/nVUOq4x+9YR3F5xz2mtsvl5sYzo=
Subject key identifier: B7:87:80:41:A1:F5:54:D7:86:BB:7D:53:52:8C:B1:D4:B1:9B:56:9F
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 0613936A
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/t4eAQaH1VNeGu31TUoyx1LGbVp8.roa
Signing time: Fri 25 Feb 2022 15:23:16 +0000
ROA not before: Fri 25 Feb 2022 15:23:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204197
IP address blocks: 91.92.35.0/24 maxlen: 24
93.152.212.0/24 maxlen: 24
93.152.209.0/24 maxlen: 24
93.152.215.0/24 maxlen: 24
93.152.224.0/24 maxlen: 24
93.152.221.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101946218 (0x613936a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Feb 25 15:23:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b7878041a1f554d786bb7d53528cb1d4b19b569f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:83:2e:00:25:e2:5e:61:c1:a3:f6:63:1a:73:
c7:dd:a5:cf:a3:d9:10:92:85:8e:e1:58:78:43:a8:
bf:f2:77:64:a2:63:0c:f7:13:b8:28:a9:f9:7e:0d:
45:b3:70:cc:88:9a:d4:18:15:6e:1e:7d:11:56:80:
9b:fb:26:35:0f:ab:0b:81:fe:62:0f:68:09:65:8e:
37:7f:70:c1:9e:3b:e1:8e:74:a5:3a:39:78:6c:bc:
f0:08:0d:a2:7c:bd:25:c2:40:39:8f:1d:c4:38:82:
c6:72:90:1a:ca:b1:a9:08:0f:47:1d:be:90:c8:60:
83:26:b8:c1:b6:55:2d:7e:a0:14:c5:78:4b:6d:9b:
ab:e3:0f:51:ed:e5:19:36:1b:50:46:d2:a5:69:52:
04:47:96:0d:c3:16:b0:76:cd:98:18:d1:0c:12:f7:
11:9b:07:5d:e8:4e:5e:f5:fd:00:02:6b:ee:87:31:
69:54:bd:55:22:16:7a:9b:ce:5c:c1:2d:04:52:4c:
04:3e:82:77:a1:96:90:45:21:1a:49:84:7d:b6:0d:
6d:fb:a3:11:79:93:43:85:ed:48:fc:52:9b:d0:a8:
4f:02:99:39:30:90:9b:cb:76:05:09:5c:97:7a:87:
62:96:ba:25:8b:8b:7b:61:29:c9:e4:0a:00:e7:a7:
33:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:87:80:41:A1:F5:54:D7:86:BB:7D:53:52:8C:B1:D4:B1:9B:56:9F
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/t4eAQaH1VNeGu31TUoyx1LGbVp8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.92.35.0/24
93.152.209.0/24
93.152.212.0/24
93.152.215.0/24
93.152.221.0/24
93.152.224.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:7d:b2:25:70:a9:70:2f:c5:41:e9:e6:76:da:9b:06:7c:11:
d7:31:31:9e:3f:cf:ab:b8:9d:03:36:5d:ef:7b:8a:73:2c:b9:
b6:a9:15:83:fe:57:6a:b4:85:8b:79:cc:81:ca:f1:c3:f6:1b:
44:53:ea:2a:66:65:45:3d:6e:46:ba:96:5a:d8:95:fd:c0:f6:
ab:4d:ee:c2:58:83:57:da:02:9d:f6:a3:67:79:e4:2b:19:ee:
1a:d0:e7:04:9d:15:57:03:f8:42:c1:bd:5b:0a:bf:20:44:97:
3e:8a:b8:19:4e:c5:1b:4f:19:93:25:5e:c4:37:b5:07:83:80:
b4:77:d3:e1:f1:3f:00:b7:db:65:74:5b:53:d1:86:1f:32:26:
0c:33:8a:9d:68:62:dc:83:58:21:0c:8b:8a:f1:81:9b:ea:99:
0a:98:93:8e:62:e0:e4:a9:cf:c8:2d:b8:d8:d7:13:de:2b:8a:
58:f8:ea:87:84:ca:b9:94:3d:7e:43:6a:5f:d5:76:8d:53:e0:
2c:03:53:55:d7:25:c4:ab:2c:1f:38:98:1b:40:00:f0:3c:3d:
f7:6d:fe:80:e3:97:df:b3:6e:07:b3:56:00:cf:fe:ed:47:8a:
b3:a3:d8:ff:20:9d:6c:c1:17:08:0e:11:c9:1d:31:9f:a3:d9:
ba:38:33:e5
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEBhOTajANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZDFjYWE2OTM1OGY4Yzk4ZjdhNzE5ZjI1OTdkNWRhZGRiZDAwMThjMB4XDTIyMDIy
NTE1MjMxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjc4NzgwNDFhMWY1
NTRkNzg2YmI3ZDUzNTI4Y2IxZDRiMTliNTY5ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMqDLgAl4l5hwaP2Yxpzx92lz6PZEJKFjuFYeEOov/J3ZKJj
DPcTuCip+X4NRbNwzIia1BgVbh59EVaAm/smNQ+rC4H+Yg9oCWWON39wwZ474Y50
pTo5eGy88AgNony9JcJAOY8dxDiCxnKQGsqxqQgPRx2+kMhggya4wbZVLX6gFMV4
S22bq+MPUe3lGTYbUEbSpWlSBEeWDcMWsHbNmBjRDBL3EZsHXehOXvX9AAJr7ocx
aVS9VSIWepvOXMEtBFJMBD6Cd6GWkEUhGkmEfbYNbfujEXmTQ4XtSPxSm9CoTwKZ
OTCQm8t2BQlcl3qHYpa6JYuLe2EpyeQKAOenM/kCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBS3h4BBofVU14a7fVNSjLHUsZtWnzAfBgNVHSMEGDAWgBQtHKppNY+MmPen
GfJZfV2t29ABjDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xSeXFhVFdQakpqM3B4bnlXWDFkcmR2UUFZdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGYvYTkzNjk5LTE4OGItNDcwYS05NmI3LTI5YjA4NWRkMjNhZC8x
L3Q0ZUFRYUgxVk5lR3UzMVRVb3l4MUxHYlZwOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGYv
YTkzNjk5LTE4OGItNDcwYS05NmI3LTI5YjA4NWRkMjNhZC8xL0xSeXFhVFdQakpq
M3B4bnlXWDFkcmR2UUFZdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAFtcIwMEAF2Y0QMEAF2Y1AMEAF2Y
1wMEAF2Y3QMEAF2Y4DANBgkqhkiG9w0BAQsFAAOCAQEAK32yJXCpcC/FQenmdtqb
BnwR1zExnj/Pq7idAzZd73uKcyy5tqkVg/5XarSFi3nMgcrxw/YbRFPqKmZlRT1u
RrqWWtiV/cD2q03uwliDV9oCnfajZ3nkKxnuGtDnBJ0VVwP4QsG9Wwq/IESXPoq4
GU7FG08ZkyVexDe1B4OAtHfT4fE/ALfbZXRbU9GGHzImDDOKnWhi3INYIQyLivGB
m+qZCpiTjmLg5KnPyC242NcT3iuKWPjqh4TKuZQ9fkNqX9V2jVPgLANTVdclxKss
HziYG0AA8Dw9923+gOOX37NuB7NWAM/+7UeKs6PY/yCdbMEXCA4RyR0xn6PZujgz
5Q==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:07 2023 by rpki-client on console-fra.rpki-client.org