Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/764b34-0d98-454c-85a2-306045efcd68/1/xAxInpmrEabw91yoaWDgfiFOxbw.roa
File: xAxInpmrEabw91yoaWDgfiFOxbw.roa (raw, json)
Hash identifier: MtVzxnSAPSN3iYk9nuOtcDl6ABY/b7y5fJskrLNijS0=
Subject key identifier: C4:0C:48:9E:99:AB:11:A6:F0:F7:5C:A8:69:60:E0:7E:21:4E:C5:BC
Certificate issuer: /CN=be43995289b6a5ca972c4b87b5e3149c32cb4430
Certificate serial: 044F5635
Authority key identifier: BE:43:99:52:89:B6:A5:CA:97:2C:4B:87:B5:E3:14:9C:32:CB:44:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vkOZUom2pcqXLEuHteMUnDLLRDA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/764b34-0d98-454c-85a2-306045efcd68/1/xAxInpmrEabw91yoaWDgfiFOxbw.roa
Signing time: Sat 01 Jan 2022 05:55:18 +0000
ROA not before: Sat 01 Jan 2022 05:55:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5607
IP address blocks: 94.119.8.0/21 maxlen: 21
91.103.34.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 72308277 (0x44f5635)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be43995289b6a5ca972c4b87b5e3149c32cb4430
Validity
Not Before: Jan 1 05:55:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c40c489e99ab11a6f0f75ca86960e07e214ec5bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:55:9f:8b:a2:60:24:9c:54:92:2c:1c:5f:30:
30:41:db:44:0d:f1:43:18:59:92:2c:be:d3:d4:80:
88:28:26:36:22:43:6b:71:21:14:0a:aa:bf:03:59:
29:2c:25:e9:46:fa:81:2c:e8:20:a3:5d:53:7e:3e:
70:61:af:f9:71:e5:52:2a:95:a9:14:e1:32:5a:50:
b5:28:29:eb:f2:2c:54:1b:e2:22:5b:e8:04:a3:c8:
c2:c6:a3:c3:cd:2e:6a:4d:cf:63:12:f9:ff:a9:da:
70:e4:26:12:8c:56:5b:35:30:74:67:eb:ef:f7:54:
c6:78:9c:31:a9:09:1c:0c:63:12:df:df:f7:1d:11:
42:97:b1:91:24:a5:74:ac:b9:40:de:00:68:d9:8f:
cf:7a:cb:96:f0:3f:7b:06:8d:50:eb:71:da:70:76:
af:31:7c:a8:a8:5e:32:75:82:49:a8:3c:cb:85:bb:
3a:e0:8d:39:f9:3a:eb:51:5d:9c:9c:90:b1:65:ac:
05:a0:13:67:65:d3:87:3a:44:60:14:52:91:ad:d4:
8e:cd:67:e3:0b:9a:d5:8d:ed:1c:07:99:a5:b1:f9:
e4:fd:69:18:50:9a:c6:72:86:90:84:67:11:fc:51:
b3:d2:9b:25:80:7d:7a:07:5b:47:38:26:a0:d9:14:
58:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:0C:48:9E:99:AB:11:A6:F0:F7:5C:A8:69:60:E0:7E:21:4E:C5:BC
X509v3 Authority Key Identifier:
keyid:BE:43:99:52:89:B6:A5:CA:97:2C:4B:87:B5:E3:14:9C:32:CB:44:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vkOZUom2pcqXLEuHteMUnDLLRDA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/764b34-0d98-454c-85a2-306045efcd68/1/xAxInpmrEabw91yoaWDgfiFOxbw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/764b34-0d98-454c-85a2-306045efcd68/1/vkOZUom2pcqXLEuHteMUnDLLRDA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.103.34.0/24
94.119.8.0/21
Signature Algorithm: sha256WithRSAEncryption
2a:c5:83:b1:61:d4:9f:b6:4d:b2:93:c8:91:68:66:7f:a7:4f:
d3:b9:59:61:e7:38:28:2e:80:00:f9:d2:46:4b:33:ae:1c:84:
4f:e8:3d:2e:ee:b7:6f:03:e7:14:05:8e:48:47:fb:75:4d:1c:
70:b1:07:eb:a0:05:ef:87:f4:fc:b2:76:cf:c1:b5:9c:af:26:
b4:8b:88:64:21:4b:6e:84:82:98:e6:4e:51:e9:ca:94:7b:54:
6a:cd:d2:82:af:c1:05:9d:4e:76:67:cf:bc:69:7d:87:96:5d:
44:22:9f:fe:58:07:35:40:6d:9a:08:de:94:fd:e3:20:27:67:
38:87:55:e6:d1:3e:a6:3c:0e:22:52:e6:48:3c:7b:75:41:4e:
e4:0f:d3:f2:5d:06:81:0f:77:98:74:e3:31:bf:d4:c9:2a:91:
9e:bd:2b:04:13:f3:98:fd:77:c8:e7:e6:00:e7:4a:0a:79:c5:
2e:ca:e7:37:54:27:11:43:45:db:a9:d6:51:97:af:89:1d:55:
bb:ad:2c:4d:a0:e2:c6:98:fb:6b:73:d8:28:6f:db:a2:af:5a:
3f:05:92:aa:6d:c8:fd:0b:59:1e:89:be:fd:ef:d4:d4:58:51:
26:ff:2b:33:da:57:5b:1c:1e:35:da:74:7c:a5:08:fc:92:4d:
1d:7c:e2:2b
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBE9WNTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZTQzOTk1Mjg5YjZhNWNhOTcyYzRiODdiNWUzMTQ5YzMyY2I0NDMwMB4XDTIyMDEw
MTA1NTUxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzQwYzQ4OWU5OWFi
MTFhNmYwZjc1Y2E4Njk2MGUwN2UyMTRlYzViYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKZVn4uiYCScVJIsHF8wMEHbRA3xQxhZkiy+09SAiCgmNiJD
a3EhFAqqvwNZKSwl6Ub6gSzoIKNdU34+cGGv+XHlUiqVqRThMlpQtSgp6/IsVBvi
IlvoBKPIwsajw80uak3PYxL5/6nacOQmEoxWWzUwdGfr7/dUxnicMakJHAxjEt/f
9x0RQpexkSSldKy5QN4AaNmPz3rLlvA/ewaNUOtx2nB2rzF8qKheMnWCSag8y4W7
OuCNOfk661FdnJyQsWWsBaATZ2XThzpEYBRSka3Ujs1n4wua1Y3tHAeZpbH55P1p
GFCaxnKGkIRnEfxRs9KbJYB9egdbRzgmoNkUWCMCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTEDEiemasRpvD3XKhpYOB+IU7FvDAfBgNVHSMEGDAWgBS+Q5lSibalypcs
S4e14xScMstEMDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZrT1pVb20ycGNxWExFdUh0ZU1VbkRMTFJEQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTUvNzY0YjM0LTBkOTgtNDU0Yy04NWEyLTMwNjA0NWVmY2Q2OC8x
L3hBeElucG1yRWFidzkxeW9hV0RnZmlGT3hidy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTUv
NzY0YjM0LTBkOTgtNDU0Yy04NWEyLTMwNjA0NWVmY2Q2OC8xL3ZrT1pVb20ycGNx
WExFdUh0ZU1VbkRMTFJEQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFtnIgMEA153CDANBgkqhkiG9w0B
AQsFAAOCAQEAKsWDsWHUn7ZNspPIkWhmf6dP07lZYec4KC6AAPnSRkszrhyET+g9
Lu63bwPnFAWOSEf7dU0ccLEH66AF74f0/LJ2z8G1nK8mtIuIZCFLboSCmOZOUenK
lHtUas3Sgq/BBZ1OdmfPvGl9h5ZdRCKf/lgHNUBtmgjelP3jICdnOIdV5tE+pjwO
IlLmSDx7dUFO5A/T8l0GgQ93mHTjMb/UySqRnr0rBBPzmP13yOfmAOdKCnnFLsrn
N1QnEUNF26nWUZeviR1Vu60sTaDixpj7a3PYKG/boq9aPwWSqm3I/QtZHom+/e/U
1FhRJv8rM9pXWxweNdp0fKUI/JJNHXziKw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:33 2023 by rpki-client on console-fra.rpki-client.org