Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/c8bfb8-f47e-430e-ae3e-68a14ce42fa6/1/iU3qKZZgebdwt7BWwU5vicmDGDI.roa
File: iU3qKZZgebdwt7BWwU5vicmDGDI.roa (raw, json)
Hash identifier: 96JvG4DffduMrP4jXVHlMNfKlVbEu81u0FZVd8Y9vpo=
Subject key identifier: 89:4D:EA:29:96:60:79:B7:70:B7:B0:56:C1:4E:6F:89:C9:83:18:32
Certificate issuer: /CN=6299cfdfc01dae67fa6ee3179480770c452bac22
Certificate serial: 1885FF6F
Authority key identifier: 62:99:CF:DF:C0:1D:AE:67:FA:6E:E3:17:94:80:77:0C:45:2B:AC:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YpnP38Adrmf6buMXlIB3DEUrrCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/c8bfb8-f47e-430e-ae3e-68a14ce42fa6/1/iU3qKZZgebdwt7BWwU5vicmDGDI.roa
Signing time: Sat 01 Jan 2022 07:56:36 +0000
ROA not before: Sat 01 Jan 2022 07:56:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51459
IP address blocks: 91.217.172.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 411434863 (0x1885ff6f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6299cfdfc01dae67fa6ee3179480770c452bac22
Validity
Not Before: Jan 1 07:56:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=894dea29966079b770b7b056c14e6f89c9831832
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:6f:fd:e1:ee:09:a0:a2:ce:30:66:60:40:4d:
2d:1a:95:d7:90:9a:b8:04:85:1c:95:24:76:5b:4e:
b0:e5:4c:08:36:22:3a:9c:9d:c5:bb:f3:6c:8a:a9:
f9:e0:fc:82:41:d7:8d:1a:50:5f:ef:b5:62:19:b9:
9b:77:d0:18:3f:ba:97:f3:47:f0:92:8f:43:43:8e:
29:05:9e:2f:6b:f0:a7:ca:ac:25:5d:03:4f:1a:d2:
17:21:2c:b8:54:a8:2a:29:da:ec:29:fe:df:df:cc:
27:47:bb:50:81:21:6a:ae:1e:d9:c0:97:78:7d:fa:
e0:a2:92:85:f5:4c:63:4e:f9:c4:28:1c:8d:b7:ef:
aa:6b:39:67:76:00:f7:be:3c:3e:18:e0:ea:11:31:
f9:56:17:12:6c:cd:37:34:86:59:c4:2b:2e:95:89:
57:a0:1f:53:f6:b8:c7:80:d1:6a:89:7b:e3:c4:92:
1f:23:78:51:da:ba:9e:02:16:4a:15:d4:73:25:69:
d1:99:27:e3:b9:75:7d:d7:5a:fb:41:13:4c:74:98:
27:c1:a6:4d:ad:8f:f9:ea:51:55:6f:e2:b1:11:dc:
a4:1f:96:b8:d4:b2:43:a6:31:79:c5:31:7c:d7:85:
fc:84:96:ea:9e:91:c6:55:ea:b1:20:6b:9a:c7:22:
95:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:4D:EA:29:96:60:79:B7:70:B7:B0:56:C1:4E:6F:89:C9:83:18:32
X509v3 Authority Key Identifier:
keyid:62:99:CF:DF:C0:1D:AE:67:FA:6E:E3:17:94:80:77:0C:45:2B:AC:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YpnP38Adrmf6buMXlIB3DEUrrCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c8bfb8-f47e-430e-ae3e-68a14ce42fa6/1/iU3qKZZgebdwt7BWwU5vicmDGDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c8bfb8-f47e-430e-ae3e-68a14ce42fa6/1/YpnP38Adrmf6buMXlIB3DEUrrCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.172.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:41:eb:3c:f5:2e:dc:5c:0f:48:3a:2d:c9:c8:3a:2d:31:0e:
86:bc:f2:a7:1e:10:26:80:ee:8b:b5:4c:90:22:bc:f9:8d:2c:
9a:58:de:14:1d:ff:7c:26:75:a0:73:4c:30:91:ee:d8:35:6c:
3d:c2:26:a1:10:3b:e7:f0:32:bc:13:7d:f7:8f:9f:78:82:62:
c3:66:4e:49:5a:61:3b:44:71:d9:ab:16:b2:43:36:70:69:1a:
f5:c3:3a:2c:1b:d4:3e:59:38:d5:38:9f:bc:e9:70:be:65:15:
75:e1:64:0d:3e:4a:4e:cc:b5:2f:43:bd:7f:96:a8:3b:b5:09:
5c:c7:b9:13:20:0d:20:c6:ab:99:46:c4:ff:fa:45:e0:60:77:
28:d2:19:fa:74:df:85:67:c6:be:c6:0a:a7:17:c9:2a:70:5d:
46:93:b9:15:3b:b6:1f:4d:bf:7b:ce:24:b1:a6:c3:77:0a:9e:
b4:a4:51:06:9d:c0:0f:6c:cf:79:db:3d:ff:f8:44:56:24:de:
20:f9:bf:3b:62:ee:b4:92:92:ed:45:ad:a2:01:23:32:1f:ba:
f8:3e:1a:cc:12:f5:d5:e2:5a:71:69:b3:35:1e:a1:c4:a7:b6:
63:bd:16:37:33:ed:2b:5b:49:4c:50:d5:f5:64:f6:ea:2c:1e:
c9:6f:ab:e1
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGIX/bzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
Mjk5Y2ZkZmMwMWRhZTY3ZmE2ZWUzMTc5NDgwNzcwYzQ1MmJhYzIyMB4XDTIyMDEw
MTA3NTYzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODk0ZGVhMjk5NjYw
NzliNzcwYjdiMDU2YzE0ZTZmODljOTgzMTgzMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKxv/eHuCaCizjBmYEBNLRqV15CauASFHJUkdltOsOVMCDYi
OpydxbvzbIqp+eD8gkHXjRpQX++1Yhm5m3fQGD+6l/NH8JKPQ0OOKQWeL2vwp8qs
JV0DTxrSFyEsuFSoKina7Cn+39/MJ0e7UIEhaq4e2cCXeH364KKShfVMY075xCgc
jbfvqms5Z3YA9748Phjg6hEx+VYXEmzNNzSGWcQrLpWJV6AfU/a4x4DRaol748SS
HyN4Udq6ngIWShXUcyVp0Zkn47l1fdda+0ETTHSYJ8GmTa2P+epRVW/isRHcpB+W
uNSyQ6YxecUxfNeF/ISW6p6RxlXqsSBrmscilSECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSJTeoplmB5t3C3sFbBTm+JyYMYMjAfBgNVHSMEGDAWgBRimc/fwB2uZ/pu
4xeUgHcMRSusIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lwblAzOEFkcm1mNmJ1TVhsSUIzREVVcnJDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWEvYzhiZmI4LWY0N2UtNDMwZS1hZTNlLTY4YTE0Y2U0MmZhNi8x
L2lVM3FLWlpnZWJkd3Q3Qld3VTV2aWNtREdESS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWEv
YzhiZmI4LWY0N2UtNDMwZS1hZTNlLTY4YTE0Y2U0MmZhNi8xL1lwblAzOEFkcm1m
NmJ1TVhsSUIzREVVcnJDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvZrDANBgkqhkiG9w0BAQsFAAOC
AQEAb0HrPPUu3FwPSDotycg6LTEOhrzypx4QJoDui7VMkCK8+Y0smljeFB3/fCZ1
oHNMMJHu2DVsPcImoRA75/AyvBN994+feIJiw2ZOSVphO0Rx2asWskM2cGka9cM6
LBvUPlk41TifvOlwvmUVdeFkDT5KTsy1L0O9f5aoO7UJXMe5EyANIMarmUbE//pF
4GB3KNIZ+nTfhWfGvsYKpxfJKnBdRpO5FTu2H02/e84ksabDdwqetKRRBp3AD2zP
eds9//hEViTeIPm/O2LutJKS7UWtogEjMh+6+D4azBL11eJacWmzNR6hxKe2Y70W
NzPtK1tJTFDV9WT26iweyW+r4Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:47 2024 by rpki-client on console-ams.rpki-client.org