Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/e6632b-1fbf-496f-b355-1536fc78385d/1/5goEkqsRx4vf8pDYMor0IOccXgQ.roa
File: 5goEkqsRx4vf8pDYMor0IOccXgQ.roa (raw, json)
Hash identifier: Dv6Et98qT8wAFWkZ81EsvsdefpXGVgfBR8Womb6vWTI=
Subject key identifier: E6:0A:04:92:AB:11:C7:8B:DF:F2:90:D8:32:8A:F4:20:E7:1C:5E:04
Certificate issuer: /CN=28cb5f3fb957251aad4ba09d0bab7352b74bb07d
Certificate serial: 0183EA43708180BE06D8946BFBE3402AF7EB
Authority key identifier: 28:CB:5F:3F:B9:57:25:1A:AD:4B:A0:9D:0B:AB:73:52:B7:4B:B0:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KMtfP7lXJRqtS6CdC6tzUrdLsH0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/e6632b-1fbf-496f-b355-1536fc78385d/1/5goEkqsRx4vf8pDYMor0IOccXgQ.roa
Signing time: Tue 18 Oct 2022 08:43:51 +0000
ROA not before: Tue 18 Oct 2022 08:43:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43911
IP address blocks: 91.195.220.0/23 maxlen: 23
2001:67c:220::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ea:43:70:81:80:be:06:d8:94:6b:fb:e3:40:2a:f7:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28cb5f3fb957251aad4ba09d0bab7352b74bb07d
Validity
Not Before: Oct 18 08:43:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e60a0492ab11c78bdff290d8328af420e71c5e04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:da:ed:4c:6f:47:28:a3:a1:f6:44:1d:f3:11:
f7:bd:4b:fb:8c:8f:24:7c:aa:be:55:9f:60:80:60:
48:a5:43:95:6e:77:27:b9:c3:ad:de:cd:90:81:b9:
85:88:49:2e:6c:b1:06:bb:f4:c9:2f:68:2b:6a:80:
dc:21:93:99:63:b6:af:0f:50:58:1c:d9:99:ba:b0:
87:8a:6b:66:5d:ea:cf:42:11:6f:4b:10:dd:cc:64:
ee:3a:4b:57:b8:b6:20:dc:a6:b9:f2:7c:33:ee:e7:
3d:67:25:28:a8:1d:d8:c1:18:53:80:8d:0b:dc:18:
0d:9f:bc:e1:12:82:cc:ff:eb:e1:10:cb:87:a7:09:
c2:11:9f:f0:bb:13:b6:24:a6:84:b0:f1:f8:bd:d2:
02:fc:ae:71:0d:ab:cb:32:a4:9c:80:29:f1:25:8b:
b9:e7:8f:5a:fc:9f:e8:c8:1e:b4:29:c1:44:62:38:
3b:ec:85:6c:e5:bb:c4:69:1c:43:c3:00:13:b8:52:
ff:7d:e6:7b:1f:75:f0:38:e4:34:a1:1b:0b:62:0a:
64:38:ff:be:64:ee:0e:75:93:1a:d6:00:8f:64:87:
d3:16:26:07:6d:0c:f7:d9:c5:55:d5:85:fe:54:3e:
c7:78:46:09:e1:f3:9b:e3:73:b7:2c:83:3c:cc:0b:
13:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:0A:04:92:AB:11:C7:8B:DF:F2:90:D8:32:8A:F4:20:E7:1C:5E:04
X509v3 Authority Key Identifier:
keyid:28:CB:5F:3F:B9:57:25:1A:AD:4B:A0:9D:0B:AB:73:52:B7:4B:B0:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KMtfP7lXJRqtS6CdC6tzUrdLsH0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/e6632b-1fbf-496f-b355-1536fc78385d/1/5goEkqsRx4vf8pDYMor0IOccXgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/e6632b-1fbf-496f-b355-1536fc78385d/1/KMtfP7lXJRqtS6CdC6tzUrdLsH0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.195.220.0/23
IPv6:
2001:67c:220::/48
Signature Algorithm: sha256WithRSAEncryption
4c:b5:8d:b7:ae:52:84:69:b0:26:ad:8d:69:39:ce:d1:5f:e8:
79:25:35:91:a7:aa:0b:d0:5a:09:e2:cf:78:d8:13:81:50:5c:
3d:2e:7f:2f:4c:c1:aa:51:c6:9c:e3:7f:47:25:b3:cd:a4:10:
8b:a5:7b:b2:01:06:09:a0:57:9a:bc:fd:38:a4:f3:00:75:f4:
12:ee:40:f0:6c:76:e1:59:c0:c3:db:93:53:b9:e0:27:a8:86:
bd:2b:9d:55:57:67:4b:4c:4a:2b:da:96:e2:12:31:31:3b:22:
cc:99:4c:1e:06:7a:79:d7:07:64:79:ff:b6:25:61:91:35:3e:
1d:1c:83:7d:bc:c5:f0:0f:a3:61:43:15:15:b3:a9:66:76:57:
79:4a:23:0f:87:4f:70:fa:b5:20:11:0f:74:b4:23:50:f9:5b:
9f:3f:0e:a5:57:bb:d1:70:48:68:41:f7:50:9b:03:be:a3:bd:
91:46:54:98:8f:aa:36:65:7e:95:94:16:fe:58:be:2f:7a:f7:
2b:43:e4:40:cc:c0:ff:7e:b2:33:f5:f3:7b:37:0b:0b:df:07:
83:d8:91:73:0c:21:d9:36:c8:a9:7e:6a:b2:53:66:56:44:90:
3d:9a:4e:f9:e7:a9:20:ef:4a:c9:45:03:0d:c2:d2:86:6d:78:
57:ff:ed:cb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYPqQ3CBgL4G2JRr++NAKvfrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4Y2I1ZjNmYjk1NzI1MWFhZDRiYTA5ZDBiYWI3MzUyYjc0
YmIwN2QwHhcNMjIxMDE4MDg0MzUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjBhMDQ5MmFiMTFjNzhiZGZmMjkwZDgzMjhhZjQyMGU3MWM1ZTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNrtTG9HKKOh9kQd8xH3vUv7jI8k
fKq+VZ9ggGBIpUOVbncnucOt3s2QgbmFiEkubLEGu/TJL2graoDcIZOZY7avD1BY
HNmZurCHimtmXerPQhFvSxDdzGTuOktXuLYg3Ka58nwz7uc9ZyUoqB3YwRhTgI0L
3BgNn7zhEoLM/+vhEMuHpwnCEZ/wuxO2JKaEsPH4vdIC/K5xDavLMqScgCnxJYu5
549a/J/oyB60KcFEYjg77IVs5bvEaRxDwwATuFL/feZ7H3XwOOQ0oRsLYgpkOP++
ZO4OdZMa1gCPZIfTFiYHbQz32cVV1YX+VD7HeEYJ4fOb43O3LIM8zAsTPQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOYKBJKrEceL3/KQ2DKK9CDnHF4EMB8GA1UdIwQY
MBaAFCjLXz+5VyUarUugnQurc1K3S7B9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS010ZlA3bFhKUnF0UzZDZEM2dHpVcmRMc0gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9lNjYzMmItMWZiZi00OTZmLWIzNTUt
MTUzNmZjNzgzODVkLzEvNWdvRWtxc1J4NHZmOHBEWU1vcjBJT2NjWGdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9lNjYzMmItMWZiZi00OTZmLWIzNTUtMTUzNmZjNzgzODVk
LzEvS010ZlA3bFhKUnF0UzZDZEM2dHpVcmRMc0gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBW8PcMA8E
AgACMAkDBwAgAQZ8AiAwDQYJKoZIhvcNAQELBQADggEBAEy1jbeuUoRpsCatjWk5
ztFf6HklNZGnqgvQWgniz3jYE4FQXD0ufy9MwapRxpzjf0cls82kEIule7IBBgmg
V5q8/Tik8wB19BLuQPBsduFZwMPbk1O54Ceohr0rnVVXZ0tMSivaluISMTE7IsyZ
TB4GennXB2R5/7YlYZE1Ph0cg328xfAPo2FDFRWzqWZ2V3lKIw+HT3D6tSARD3S0
I1D5W58/DqVXu9FwSGhB91CbA76jvZFGVJiPqjZlfpWUFv5Yvi969ytD5EDMwP9+
sjP183s3CwvfB4PYkXMMIdk2yKl+arJTZlZEkD2aTvnnqSDvSslFAw3C0oZteFf/
7cs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:55 2024 by rpki-client on console-fra.rpki-client.org