Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/9a6d83-5c2f-42be-8d76-b802052832cf/1/K7ZHPf38VDCT069N0E4pFXpzZNg.roa
File: K7ZHPf38VDCT069N0E4pFXpzZNg.roa (raw, json)
Hash identifier: 2FSpAq/Xs9GPcoApoyIH/9SAs4Wsba0dHb464Wws06Y=
Subject key identifier: 2B:B6:47:3D:FD:FC:54:30:93:D3:AF:4D:D0:4E:29:15:7A:73:64:D8
Certificate issuer: /CN=dc7d8ed98443de6c688d174f1f0055be4de182a1
Certificate serial: 028B594F
Authority key identifier: DC:7D:8E:D9:84:43:DE:6C:68:8D:17:4F:1F:00:55:BE:4D:E1:82:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3H2O2YRD3mxojRdPHwBVvk3hgqE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/9a6d83-5c2f-42be-8d76-b802052832cf/1/K7ZHPf38VDCT069N0E4pFXpzZNg.roa
Signing time: Sat 01 Jan 2022 12:03:52 +0000
ROA not before: Sat 01 Jan 2022 12:03:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197831
IP address blocks: 91.234.80.0/22 maxlen: 22
91.228.31.0/24 maxlen: 24
91.228.30.0/24 maxlen: 24
91.228.30.0/23 maxlen: 23
176.104.120.0/21 maxlen: 21
91.244.80.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 42686799 (0x28b594f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc7d8ed98443de6c688d174f1f0055be4de182a1
Validity
Not Before: Jan 1 12:03:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2bb6473dfdfc543093d3af4dd04e29157a7364d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:86:bf:74:49:98:d4:6a:21:78:5a:f7:c1:4c:
94:99:6c:5e:84:eb:10:cf:e3:86:0b:01:f9:32:41:
ee:98:99:e0:d1:90:43:67:8b:7f:1d:2c:eb:be:ec:
0f:e1:9d:f8:e4:df:6c:b4:d6:a2:0d:9c:cf:55:38:
58:f7:8f:d0:a2:5a:5e:8d:5a:3b:07:63:15:a0:ea:
99:88:44:b8:e2:59:f3:c4:4f:77:c1:73:28:4a:2a:
77:21:1e:5c:b2:78:c4:d4:eb:78:a1:5d:94:2a:b9:
cf:eb:f2:4a:0f:52:54:38:b3:a8:12:13:50:e2:4a:
15:a5:84:31:28:b0:79:df:93:f0:df:b4:19:d9:1e:
b2:5c:8a:2c:7c:36:c1:03:c8:27:97:00:4e:ae:33:
1a:c8:2d:3f:b1:dc:62:39:54:cf:97:7c:5e:d1:32:
88:f9:f9:ed:55:c0:5f:e0:ef:9e:e5:a7:ad:87:c4:
96:88:07:2c:e5:6d:bf:34:ff:36:45:ae:24:dd:2b:
58:60:b0:56:db:ec:96:57:08:7e:7e:9b:74:85:f5:
f1:24:5c:94:f4:47:49:8f:e2:a1:d2:dd:a3:c8:99:
d0:93:81:d2:48:2b:b0:36:6d:67:f2:a7:99:ab:cb:
04:df:1d:b9:dc:94:79:5e:92:e4:b7:8b:9c:82:e2:
44:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:B6:47:3D:FD:FC:54:30:93:D3:AF:4D:D0:4E:29:15:7A:73:64:D8
X509v3 Authority Key Identifier:
keyid:DC:7D:8E:D9:84:43:DE:6C:68:8D:17:4F:1F:00:55:BE:4D:E1:82:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3H2O2YRD3mxojRdPHwBVvk3hgqE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/9a6d83-5c2f-42be-8d76-b802052832cf/1/K7ZHPf38VDCT069N0E4pFXpzZNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/9a6d83-5c2f-42be-8d76-b802052832cf/1/3H2O2YRD3mxojRdPHwBVvk3hgqE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.30.0/23
91.234.80.0/22
91.244.80.0/20
176.104.120.0/21
Signature Algorithm: sha256WithRSAEncryption
52:f4:9e:b9:13:70:69:36:cd:8d:c2:57:be:6d:0d:c0:78:ad:
c3:47:85:b5:a3:2b:0d:6f:f0:d6:eb:a7:60:24:f5:3a:e2:c9:
c1:cd:0a:a9:70:1f:d8:08:6d:15:76:97:2e:e6:d6:d8:25:43:
24:1a:a7:19:b4:8b:8d:98:b7:36:f2:b0:da:8c:70:c8:8b:2d:
7c:89:ae:8a:b5:07:d4:95:e1:4c:6f:02:4f:5b:6a:7f:a4:06:
53:0e:2e:32:46:e0:9d:09:04:51:74:7f:bc:96:15:c6:1a:f4:
74:96:53:a6:f7:69:b7:8c:fb:6f:5a:58:fc:c2:ea:e2:3a:56:
dd:a1:59:fe:60:96:42:a5:0c:f6:54:b1:1f:d0:8f:e2:09:e7:
33:aa:6c:d8:27:6d:84:4a:dd:0e:0a:da:64:57:4b:e4:19:9c:
74:6d:62:d2:1e:33:0f:e6:0f:88:8f:0c:61:40:49:b0:b2:0d:
eb:fb:c5:c7:ab:88:9f:a9:15:f9:62:27:c6:19:5a:68:fa:6a:
d7:0c:fb:78:90:00:38:39:56:10:b8:f4:93:46:5d:64:13:df:
a7:63:0f:f1:6b:84:bd:51:11:6d:88:d8:c3:38:28:da:e9:d8:
8a:93:c5:97:5c:6b:ea:92:bc:e7:f1:13:9f:5d:f6:ae:88:57:
66:d4:9f:3a
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEAotZTzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YzdkOGVkOTg0NDNkZTZjNjg4ZDE3NGYxZjAwNTViZTRkZTE4MmExMB4XDTIyMDEw
MTEyMDM1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmJiNjQ3M2RmZGZj
NTQzMDkzZDNhZjRkZDA0ZTI5MTU3YTczNjRkODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALyGv3RJmNRqIXha98FMlJlsXoTrEM/jhgsB+TJB7piZ4NGQ
Q2eLfx0s677sD+Gd+OTfbLTWog2cz1U4WPeP0KJaXo1aOwdjFaDqmYhEuOJZ88RP
d8FzKEoqdyEeXLJ4xNTreKFdlCq5z+vySg9SVDizqBITUOJKFaWEMSiwed+T8N+0
GdkeslyKLHw2wQPIJ5cATq4zGsgtP7HcYjlUz5d8XtEyiPn57VXAX+DvnuWnrYfE
logHLOVtvzT/NkWuJN0rWGCwVtvsllcIfn6bdIX18SRclPRHSY/iodLdo8iZ0JOB
0kgrsDZtZ/KnmavLBN8dudyUeV6S5LeLnILiRE0CAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBQrtkc9/fxUMJPTr03QTikVenNk2DAfBgNVHSMEGDAWgBTcfY7ZhEPebGiN
F08fAFW+TeGCoTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNIMk8yWVJEM214b2pSZFBId0JWdmszaGdxRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTgvOWE2ZDgzLTVjMmYtNDJiZS04ZDc2LWI4MDIwNTI4MzJjZi8x
L0s3WkhQZjM4VkRDVDA2OU4wRTRwRlhwelpOZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTgv
OWE2ZDgzLTVjMmYtNDJiZS04ZDc2LWI4MDIwNTI4MzJjZi8xLzNIMk8yWVJEM214
b2pSZFBId0JWdmszaGdxRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAVvkHgMEAlvqUAMEBFv0UAMEA7Bo
eDANBgkqhkiG9w0BAQsFAAOCAQEAUvSeuRNwaTbNjcJXvm0NwHitw0eFtaMrDW/w
1uunYCT1OuLJwc0KqXAf2AhtFXaXLubW2CVDJBqnGbSLjZi3NvKw2oxwyIstfImu
irUH1JXhTG8CT1tqf6QGUw4uMkbgnQkEUXR/vJYVxhr0dJZTpvdpt4z7b1pY/MLq
4jpW3aFZ/mCWQqUM9lSxH9CP4gnnM6ps2CdthErdDgraZFdL5BmcdG1i0h4zD+YP
iI8MYUBJsLIN6/vFx6uIn6kV+WInxhlaaPpq1wz7eJAAODlWELj0k0ZdZBPfp2MP
8WuEvVERbYjYwzgo2unYipPFl1xr6pK85/ETn132rohXZtSfOg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:46 2023 by rpki-client on console-fra.rpki-client.org