Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/df292d-959b-4ead-9348-29f09d893ae7/1/AvXdwc5_KbBYT_SbBa7keizNoQk.roa
File: AvXdwc5_KbBYT_SbBa7keizNoQk.roa (raw, json)
Hash identifier: yJ0OIjTK3GbwJmWUFUHmGZFdzUiUJRuNQNgpfQo2uzU=
Subject key identifier: 02:F5:DD:C1:CE:7F:29:B0:58:4F:F4:9B:05:AE:E4:7A:2C:CD:A1:09
Certificate issuer: /CN=1741bd7685138dc51d5a6b0cd3780f466b57fd13
Certificate serial: 06B00CE7
Authority key identifier: 17:41:BD:76:85:13:8D:C5:1D:5A:6B:0C:D3:78:0F:46:6B:57:FD:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F0G9doUTjcUdWmsM03gPRmtX_RM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/df292d-959b-4ead-9348-29f09d893ae7/1/AvXdwc5_KbBYT_SbBa7keizNoQk.roa
Signing time: Sat 01 Jan 2022 10:57:57 +0000
ROA not before: Sat 01 Jan 2022 10:57:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 13030
IP address blocks: 91.198.154.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112200935 (0x6b00ce7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1741bd7685138dc51d5a6b0cd3780f466b57fd13
Validity
Not Before: Jan 1 10:57:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=02f5ddc1ce7f29b0584ff49b05aee47a2ccda109
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:32:5a:1d:a5:db:cd:99:fa:92:f0:dd:eb:93:
fc:81:40:af:64:8d:12:a7:c4:7c:f2:2b:b6:2e:e0:
2f:53:55:a1:54:cc:12:54:8b:91:4a:fa:25:66:b9:
3d:33:29:59:46:6c:92:3a:f0:ed:a9:db:43:bf:30:
ed:cd:0f:3a:2e:a3:75:ca:ac:be:f4:81:b4:da:ee:
51:15:9d:86:4e:7d:8d:cb:00:1d:8a:cc:bc:dd:b2:
8b:19:7a:cb:2f:f5:b6:4f:52:37:15:13:87:e5:df:
43:78:88:ad:8d:8c:2f:9c:ef:dc:db:3a:4c:a3:69:
80:f1:cc:b5:24:51:c2:b1:63:da:23:fc:21:47:84:
0f:13:e7:54:70:f9:03:da:69:ee:42:8f:b7:c7:b8:
8b:b1:8d:2b:9a:df:19:3f:0c:00:73:b4:e4:26:48:
32:90:4b:23:7d:01:31:74:3a:42:f5:27:bd:0b:09:
4a:1e:30:2a:f1:cd:87:10:f4:53:4c:95:b5:e2:ba:
d6:12:c6:49:b6:37:8b:06:48:3d:09:f0:fa:8a:d6:
bd:f0:57:aa:9e:ea:65:90:09:e3:9f:41:2a:bc:2a:
37:6c:b6:9e:17:79:60:4a:f1:1b:4f:cb:0f:9d:4c:
68:62:0e:07:3b:85:39:6f:ed:27:f9:63:1e:c0:1b:
f2:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:F5:DD:C1:CE:7F:29:B0:58:4F:F4:9B:05:AE:E4:7A:2C:CD:A1:09
X509v3 Authority Key Identifier:
keyid:17:41:BD:76:85:13:8D:C5:1D:5A:6B:0C:D3:78:0F:46:6B:57:FD:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F0G9doUTjcUdWmsM03gPRmtX_RM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/df292d-959b-4ead-9348-29f09d893ae7/1/AvXdwc5_KbBYT_SbBa7keizNoQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/df292d-959b-4ead-9348-29f09d893ae7/1/F0G9doUTjcUdWmsM03gPRmtX_RM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.154.0/24
Signature Algorithm: sha256WithRSAEncryption
45:ed:65:89:e3:da:4f:79:be:e3:65:ff:10:a1:43:12:e0:d7:
8c:13:07:3e:7d:f9:aa:50:62:74:d1:6a:52:47:42:4d:e9:d2:
67:53:98:30:57:21:0e:57:25:3b:bf:ab:a1:f8:26:7e:f3:d5:
22:13:91:b4:a3:16:09:3e:33:a4:2a:18:0b:b1:5c:15:aa:be:
1c:cf:c5:46:3f:c5:c8:8c:34:4b:a9:9c:5b:2e:77:f8:44:cc:
43:56:06:02:d1:c5:68:a2:75:32:f6:01:c8:6d:38:a9:0a:b4:
29:0b:5e:ae:83:3b:71:e6:f0:7f:1c:39:a5:b3:80:24:74:87:
8b:5b:d9:3f:de:34:88:f3:66:fe:4c:35:a0:c4:03:b2:67:8c:
ac:cf:4a:79:fd:c3:47:ec:f2:a3:8d:0c:6a:a0:32:ec:a4:86:
d1:46:fe:45:49:1f:5a:f5:82:55:89:99:8d:1d:46:60:ac:66:
38:8b:d5:18:a1:32:8f:cd:ab:eb:53:c7:e1:d2:60:09:9d:8f:
cc:93:cd:8b:41:cd:74:64:1c:4d:7a:68:4a:c7:29:42:b4:40:
3b:f7:02:90:d1:8f:a2:c3:29:92:b5:60:14:50:3a:39:52:ea:
5a:0d:90:4b:02:92:38:28:f1:6d:87:f9:56:b8:4b:fb:df:0c:
0b:46:7a:8f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBrAM5zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NzQxYmQ3Njg1MTM4ZGM1MWQ1YTZiMGNkMzc4MGY0NjZiNTdmZDEzMB4XDTIyMDEw
MTEwNTc1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDJmNWRkYzFjZTdm
MjliMDU4NGZmNDliMDVhZWU0N2EyY2NkYTEwOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALAyWh2l282Z+pLw3euT/IFAr2SNEqfEfPIrti7gL1NVoVTM
ElSLkUr6JWa5PTMpWUZskjrw7anbQ78w7c0POi6jdcqsvvSBtNruURWdhk59jcsA
HYrMvN2yixl6yy/1tk9SNxUTh+XfQ3iIrY2ML5zv3Ns6TKNpgPHMtSRRwrFj2iP8
IUeEDxPnVHD5A9pp7kKPt8e4i7GNK5rfGT8MAHO05CZIMpBLI30BMXQ6QvUnvQsJ
Sh4wKvHNhxD0U0yVteK61hLGSbY3iwZIPQnw+orWvfBXqp7qZZAJ459BKrwqN2y2
nhd5YErxG0/LD51MaGIOBzuFOW/tJ/ljHsAb8qMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQC9d3Bzn8psFhP9JsFruR6LM2hCTAfBgNVHSMEGDAWgBQXQb12hRONxR1a
awzTeA9Ga1f9EzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0YwRzlkb1VUamNVZFdtc00wM2dQUm10WF9STS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWEvZGYyOTJkLTk1OWItNGVhZC05MzQ4LTI5ZjA5ZDg5M2FlNy8x
L0F2WGR3YzVfS2JCWVRfU2JCYTdrZWl6Tm9Ray5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWEv
ZGYyOTJkLTk1OWItNGVhZC05MzQ4LTI5ZjA5ZDg5M2FlNy8xL0YwRzlkb1VUamNV
ZFdtc00wM2dQUm10WF9STS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvGmjANBgkqhkiG9w0BAQsFAAOC
AQEARe1liePaT3m+42X/EKFDEuDXjBMHPn35qlBidNFqUkdCTenSZ1OYMFchDlcl
O7+rofgmfvPVIhORtKMWCT4zpCoYC7FcFaq+HM/FRj/FyIw0S6mcWy53+ETMQ1YG
AtHFaKJ1MvYByG04qQq0KQteroM7cebwfxw5pbOAJHSHi1vZP940iPNm/kw1oMQD
smeMrM9Kef3DR+zyo40MaqAy7KSG0Ub+RUkfWvWCVYmZjR1GYKxmOIvVGKEyj82r
61PH4dJgCZ2PzJPNi0HNdGQcTXpoSscpQrRAO/cCkNGPosMpkrVgFFA6OVLqWg2Q
SwKSOCjxbYf5VrhL+98MC0Z6jw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:54 2023 by rpki-client on console-fra.rpki-client.org