Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/b8d2a8-53a9-42c0-b7c9-dd862774a092/1/jhKQBTV7nOtkr0Jwb2Ez8lWm8Fg.roa
File: jhKQBTV7nOtkr0Jwb2Ez8lWm8Fg.roa (raw, json)
Hash identifier: QzDvrLH4bHV6BL+TTt63yx6GTsn0Xh0cCO4qz6F6X+k=
Subject key identifier: 8E:12:90:05:35:7B:9C:EB:64:AF:42:70:6F:61:33:F2:55:A6:F0:58
Certificate issuer: /CN=571cb51cba68eb7ef9867a75d17ab28018196aa1
Certificate serial: 0184E980C18CB11078A712C870575D9EAD07
Authority key identifier: 57:1C:B5:1C:BA:68:EB:7E:F9:86:7A:75:D1:7A:B2:80:18:19:6A:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vxy1HLpo6375hnp10XqygBgZaqE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/b8d2a8-53a9-42c0-b7c9-dd862774a092/1/jhKQBTV7nOtkr0Jwb2Ez8lWm8Fg.roa
Signing time: Tue 06 Dec 2022 22:14:00 +0000
ROA not before: Tue 06 Dec 2022 22:14:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57844
IP address blocks: 91.210.120.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e9:80:c1:8c:b1:10:78:a7:12:c8:70:57:5d:9e:ad:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=571cb51cba68eb7ef9867a75d17ab28018196aa1
Validity
Not Before: Dec 6 22:14:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8e129005357b9ceb64af42706f6133f255a6f058
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:46:ef:39:59:b5:0c:86:8f:e4:a7:0a:ee:48:
e6:3a:82:1c:89:ef:33:c6:d3:1d:11:af:30:43:28:
70:ae:c9:24:77:81:ab:c0:48:2a:d3:a4:b2:d1:f9:
cb:17:fc:f3:c8:13:53:1d:7a:db:d2:39:f9:2d:14:
ba:aa:5b:ef:6d:bb:53:5b:06:49:a4:da:65:4f:0b:
26:1e:bc:8b:fa:0f:91:fe:2e:d9:fe:b6:ca:f7:87:
a3:29:d1:80:40:cb:62:a0:47:40:48:55:cf:74:63:
5a:00:13:95:e3:4b:0b:c2:d7:91:c0:63:e7:e0:9e:
3c:02:48:99:62:55:2a:0c:73:54:ae:20:33:80:19:
51:0b:cc:fa:0e:25:2e:01:df:d3:aa:67:5d:c2:3e:
5b:d6:8e:f4:0e:a8:df:ba:11:ad:cb:ca:5b:54:e2:
a7:63:23:09:43:24:4f:b5:2b:42:54:aa:32:ae:b2:
79:f5:a5:8f:5a:3d:84:20:49:0d:60:39:4d:5a:d3:
02:de:a4:4a:ea:5e:0a:04:d6:94:e1:f6:92:81:0d:
7c:4c:59:93:32:01:30:a8:7f:c6:a9:5d:cb:3b:6b:
c5:88:56:0e:ef:b5:a8:92:2d:c6:30:e1:be:b4:95:
a7:dd:a0:e0:91:5a:b3:01:91:f1:c5:a4:ac:da:6d:
f3:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:12:90:05:35:7B:9C:EB:64:AF:42:70:6F:61:33:F2:55:A6:F0:58
X509v3 Authority Key Identifier:
keyid:57:1C:B5:1C:BA:68:EB:7E:F9:86:7A:75:D1:7A:B2:80:18:19:6A:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vxy1HLpo6375hnp10XqygBgZaqE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/b8d2a8-53a9-42c0-b7c9-dd862774a092/1/jhKQBTV7nOtkr0Jwb2Ez8lWm8Fg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/b8d2a8-53a9-42c0-b7c9-dd862774a092/1/Vxy1HLpo6375hnp10XqygBgZaqE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.210.120.0/22
Signature Algorithm: sha256WithRSAEncryption
36:75:77:88:01:f5:82:a4:7c:91:6f:4b:a9:3b:1e:10:4b:c1:
03:4c:ea:cf:d9:55:01:9a:d9:53:ad:b4:cd:5c:e3:87:5b:a4:
37:76:f2:8c:72:11:cf:9b:51:9e:75:f4:28:12:36:6f:e9:29:
4b:34:86:c0:53:b7:fb:2f:63:7d:85:51:1c:8d:fd:04:ed:6a:
92:64:18:c5:5b:72:56:33:78:50:a4:a7:9b:1c:19:49:e4:07:
d7:86:37:dd:2a:66:9d:98:70:71:3d:af:6c:50:16:a9:e1:2b:
c1:21:de:b7:a7:2f:bd:e4:14:48:e8:45:4b:36:d1:4a:b3:ca:
bd:42:64:af:d6:16:e8:02:09:0c:f0:86:16:5e:0a:c1:35:9b:
6c:b6:b9:f4:91:25:03:9b:ab:a0:02:18:80:c4:46:0a:ab:2f:
11:7f:bd:1c:c4:60:d1:fc:fa:fb:3d:67:61:f1:3f:bf:1a:9f:
01:0e:d2:8b:11:13:27:a5:32:d3:c7:55:65:68:9b:d6:b9:b4:
2b:b0:c2:e3:8d:45:b0:29:2b:49:e3:b1:9b:7f:a9:f3:8f:e0:
d8:bb:c3:10:bd:d4:6f:38:69:5e:9e:28:fe:08:1d:eb:db:81:
9d:da:72:c9:88:99:02:01:c9:fd:84:61:bb:2c:e7:87:91:d3:
75:ed:08:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTpgMGMsRB4pxLIcFddnq0HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MWNiNTFjYmE2OGViN2VmOTg2N2E3NWQxN2FiMjgwMTgx
OTZhYTEwHhcNMjIxMjA2MjIxNDAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTEyOTAwNTM1N2I5Y2ViNjRhZjQyNzA2ZjYxMzNmMjU1YTZmMDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArkbvOVm1DIaP5KcK7kjmOoIcie8z
xtMdEa8wQyhwrskkd4GrwEgq06Sy0fnLF/zzyBNTHXrb0jn5LRS6qlvvbbtTWwZJ
pNplTwsmHryL+g+R/i7Z/rbK94ejKdGAQMtioEdASFXPdGNaABOV40sLwteRwGPn
4J48AkiZYlUqDHNUriAzgBlRC8z6DiUuAd/Tqmddwj5b1o70DqjfuhGty8pbVOKn
YyMJQyRPtStCVKoyrrJ59aWPWj2EIEkNYDlNWtMC3qRK6l4KBNaU4faSgQ18TFmT
MgEwqH/GqV3LO2vFiFYO77Woki3GMOG+tJWn3aDgkVqzAZHxxaSs2m3z6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI4SkAU1e5zrZK9CcG9hM/JVpvBYMB8GA1UdIwQY
MBaAFFcctRy6aOt++YZ6ddF6soAYGWqhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnh5MUhMcG82Mzc1aG5wMTBYcXlnQmdaYXFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9iOGQyYTgtNTNhOS00MmMwLWI3Yzkt
ZGQ4NjI3NzRhMDkyLzEvamhLUUJUVjduT3RrcjBKd2IyRXo4bFdtOEZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9iOGQyYTgtNTNhOS00MmMwLWI3YzktZGQ4NjI3NzRhMDky
LzEvVnh5MUhMcG82Mzc1aG5wMTBYcXlnQmdaYXFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW9J4MA0G
CSqGSIb3DQEBCwUAA4IBAQA2dXeIAfWCpHyRb0upOx4QS8EDTOrP2VUBmtlTrbTN
XOOHW6Q3dvKMchHPm1GedfQoEjZv6SlLNIbAU7f7L2N9hVEcjf0E7WqSZBjFW3JW
M3hQpKebHBlJ5AfXhjfdKmadmHBxPa9sUBap4SvBId63py+95BRI6EVLNtFKs8q9
QmSv1hboAgkM8IYWXgrBNZtstrn0kSUDm6ugAhiAxEYKqy8Rf70cxGDR/Pr7PWdh
8T+/Gp8BDtKLERMnpTLTx1VlaJvWubQrsMLjjUWwKStJ47Gbf6nzj+DYu8MQvdRv
OGlenij+CB3r24Gd2nLJiJkCAcn9hGG7LOeHkdN17Qjm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:43 2024 by rpki-client on console-fra.rpki-client.org