Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/d7f2d8-46cd-41fd-8008-a4296ad98635/1/mlFCC8fNKGI1MxuN-s-cXIqVS78.roa
File: mlFCC8fNKGI1MxuN-s-cXIqVS78.roa (raw, json)
Hash identifier: DChHUpKb2Qsbj+oQJqSgeLrGe5kpc5yEs/i5nTnLoos=
Subject key identifier: 9A:51:42:0B:C7:CD:28:62:35:33:1B:8D:FA:CF:9C:5C:8A:95:4B:BF
Certificate issuer: /CN=13d8042a28015d27f35b1f1ab73611e8511b6923
Certificate serial: 02AA11
Authority key identifier: 13:D8:04:2A:28:01:5D:27:F3:5B:1F:1A:B7:36:11:E8:51:1B:69:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E9gEKigBXSfzWx8atzYR6FEbaSM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/d7f2d8-46cd-41fd-8008-a4296ad98635/1/mlFCC8fNKGI1MxuN-s-cXIqVS78.roa
Signing time: Tue 21 Jun 2022 15:08:44 +0000
ROA not before: Tue 21 Jun 2022 15:08:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 52074
IP address blocks: 91.221.219.0/24 maxlen: 24
91.221.218.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 174609 (0x2aa11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13d8042a28015d27f35b1f1ab73611e8511b6923
Validity
Not Before: Jun 21 15:08:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9a51420bc7cd286235331b8dfacf9c5c8a954bbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:0d:16:32:16:d8:43:21:ea:2e:ab:e6:7c:df:
25:fa:e7:1e:9b:26:cc:2c:d6:68:95:ec:0a:9d:32:
45:3a:bf:24:77:c6:a1:5c:01:0b:1c:03:b9:27:0f:
64:4d:e5:6a:e3:17:69:7b:2f:9b:b2:bb:8a:e9:8d:
dd:35:f3:df:5d:b4:fd:79:7d:1e:34:21:f0:00:e9:
00:2b:46:75:ab:ab:74:fb:cb:42:a0:cc:e5:ff:09:
f3:ac:f4:b5:53:4d:95:03:fd:c9:49:9a:39:91:98:
08:7a:ee:78:27:2c:1e:af:31:73:00:8e:7d:19:98:
f4:37:52:87:b9:55:3d:06:e8:7d:60:8d:82:ba:85:
d6:5c:0f:e6:19:43:4b:9a:64:2b:23:72:fe:ec:0e:
fe:5f:e7:f8:fd:70:33:b1:78:76:c8:fb:d2:bb:76:
21:06:6e:4b:ab:45:1d:8f:33:9b:89:66:a9:08:92:
60:c0:ab:9f:d2:87:c2:51:c9:3a:69:98:80:bb:d7:
ae:ba:92:46:64:9c:27:6d:9b:2a:82:2b:cb:f3:e4:
9f:18:5c:a4:56:01:e4:b3:9e:83:f6:75:c6:0f:d0:
0e:3b:b7:cd:c4:de:b8:81:62:10:f7:1f:7e:29:e4:
a6:47:09:aa:1e:75:d6:30:70:00:b6:c3:df:2d:b6:
47:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:51:42:0B:C7:CD:28:62:35:33:1B:8D:FA:CF:9C:5C:8A:95:4B:BF
X509v3 Authority Key Identifier:
keyid:13:D8:04:2A:28:01:5D:27:F3:5B:1F:1A:B7:36:11:E8:51:1B:69:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E9gEKigBXSfzWx8atzYR6FEbaSM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/d7f2d8-46cd-41fd-8008-a4296ad98635/1/mlFCC8fNKGI1MxuN-s-cXIqVS78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/d7f2d8-46cd-41fd-8008-a4296ad98635/1/E9gEKigBXSfzWx8atzYR6FEbaSM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.218.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:67:0b:8c:50:23:a5:03:6c:0a:b0:dc:e0:6a:af:50:66:24:
6f:71:1e:25:b3:f9:9f:2a:6a:0e:1c:7a:f8:77:82:09:7c:dd:
2c:dc:9d:36:21:d3:e9:63:a9:03:c3:a9:f7:57:51:a0:51:3e:
3e:d3:5e:5a:75:29:bc:d0:1b:ad:e4:15:ca:9a:17:bc:eb:e5:
93:d4:8d:19:e9:be:88:0b:d0:98:a6:82:89:2e:c2:1f:c1:9d:
4b:21:f4:5d:71:8b:df:ba:03:e1:bc:45:de:6e:b1:43:b0:b6:
92:e5:5a:08:97:76:d0:e4:06:98:b0:71:2e:f8:80:89:b5:47:
e8:63:7c:2d:7f:d3:61:0d:e2:fd:f6:70:dd:cb:e3:42:47:51:
6c:5b:d7:ba:db:b1:b1:4c:4b:81:49:45:b8:42:25:aa:06:2c:
6f:0e:9d:0e:42:1c:de:d0:3b:25:7a:5f:72:d6:42:4a:db:3f:
da:a1:43:db:7c:f9:96:71:ab:2f:b4:ab:63:66:fc:38:ec:e4:
d5:55:eb:60:69:05:95:b3:17:4a:33:3a:45:03:fb:75:ff:fb:
56:92:58:fd:72:d1:95:9a:4c:04:6e:e3:d8:10:76:06:d3:95:
9a:58:89:85:1b:03:63:72:98:3c:f4:36:da:aa:ad:17:c7:7c:
1f:db:d9:5b
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAqoRMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDEz
ZDgwNDJhMjgwMTVkMjdmMzViMWYxYWI3MzYxMWU4NTExYjY5MjMwHhcNMjIwNjIx
MTUwODQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg5YTUxNDIwYmM3Y2Qy
ODYyMzUzMzFiOGRmYWNmOWM1YzhhOTU0YmJmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAvA0WMhbYQyHqLqvmfN8l+ucemybMLNZolewKnTJFOr8kd8ah
XAELHAO5Jw9kTeVq4xdpey+bsruK6Y3dNfPfXbT9eX0eNCHwAOkAK0Z1q6t0+8tC
oMzl/wnzrPS1U02VA/3JSZo5kZgIeu54JywerzFzAI59GZj0N1KHuVU9Buh9YI2C
uoXWXA/mGUNLmmQrI3L+7A7+X+f4/XAzsXh2yPvSu3YhBm5Lq0UdjzObiWapCJJg
wKuf0ofCUck6aZiAu9euupJGZJwnbZsqgivL8+SfGFykVgHks56D9nXGD9AOO7fN
xN64gWIQ9x9+KeSmRwmqHnXWMHAAtsPfLbZHeQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFJpRQgvHzShiNTMbjfrPnFyKlUu/MB8GA1UdIwQYMBaAFBPYBCooAV0n81sf
Grc2EehRG2kjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
RTlnRUtpZ0JYU2Z6V3g4YXR6WVI2RkViYVNNLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9lOC9kN2YyZDgtNDZjZC00MWZkLTgwMDgtYTQyOTZhZDk4NjM1LzEv
bWxGQ0M4Zk5LR0kxTXh1Ti1zLWNYSXFWUzc4LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9k
N2YyZDgtNDZjZC00MWZkLTgwMDgtYTQyOTZhZDk4NjM1LzEvRTlnRUtpZ0JYU2Z6
V3g4YXR6WVI2RkViYVNNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW93aMA0GCSqGSIb3DQEBCwUAA4IB
AQAfZwuMUCOlA2wKsNzgaq9QZiRvcR4ls/mfKmoOHHr4d4IJfN0s3J02IdPpY6kD
w6n3V1GgUT4+015adSm80But5BXKmhe86+WT1I0Z6b6IC9CYpoKJLsIfwZ1LIfRd
cYvfugPhvEXebrFDsLaS5VoIl3bQ5AaYsHEu+ICJtUfoY3wtf9NhDeL99nDdy+NC
R1FsW9e627GxTEuBSUW4QiWqBixvDp0OQhze0Dslel9y1kJK2z/aoUPbfPmWcasv
tKtjZvw47OTVVetgaQWVsxdKMzpFA/t1//tWklj9ctGVmkwEbuPYEHYG05WaWImF
GwNjcpg89Dbaqq0Xx3wf29lb
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:47 2023 by rpki-client on console-fra.rpki-client.org