Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/be2236-c2ba-478a-abc3-b4cea51456b4/1/0Gr3IRVnDM31vjz_JYcaS9t49zw.roa
File: 0Gr3IRVnDM31vjz_JYcaS9t49zw.roa (raw, json)
Hash identifier: HiTIK3W9d0TcKfhURJ46Mv5C8RkMJy53Dec07lqv/iM=
Subject key identifier: D0:6A:F7:21:15:67:0C:CD:F5:BE:3C:FF:25:87:1A:4B:DB:78:F7:3C
Certificate issuer: /CN=dceb548762c7d4caccb616d819ce95cf627b2021
Certificate serial: 03123F61
Authority key identifier: DC:EB:54:87:62:C7:D4:CA:CC:B6:16:D8:19:CE:95:CF:62:7B:20:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3OtUh2LH1MrMthbYGc6Vz2J7ICE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/be2236-c2ba-478a-abc3-b4cea51456b4/1/0Gr3IRVnDM31vjz_JYcaS9t49zw.roa
Signing time: Sat 01 Jan 2022 05:55:42 +0000
ROA not before: Sat 01 Jan 2022 05:55:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212011
IP address blocks: 91.206.70.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 51527521 (0x3123f61)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dceb548762c7d4caccb616d819ce95cf627b2021
Validity
Not Before: Jan 1 05:55:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d06af72115670ccdf5be3cff25871a4bdb78f73c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:31:05:a9:48:57:74:a9:82:86:3e:1b:f9:88:
f2:1d:5f:bc:39:3b:10:6a:80:ed:c5:ac:f8:91:4e:
01:94:9b:52:c0:44:8c:69:16:90:de:27:9f:64:42:
1a:02:ee:f3:69:e3:cd:6e:f2:af:6f:8a:0c:ec:6a:
67:5d:bc:74:a6:f4:e7:ab:cc:ed:21:09:80:fb:0f:
6e:76:4e:34:0a:94:4e:48:c8:12:45:9c:33:41:df:
28:a4:b4:8e:44:04:62:38:9d:94:64:ec:2a:d1:02:
04:98:03:84:e1:80:ec:a2:4f:dd:4d:37:b5:a8:f8:
03:ea:19:b7:5f:53:56:ac:84:5f:b9:7b:3e:6d:e1:
57:1c:a6:29:86:35:9e:d5:e6:0d:c6:9a:a6:67:ec:
11:8c:17:2a:38:43:5f:b8:cc:8e:e8:98:c9:ff:a0:
63:86:d5:92:ed:6d:ac:4b:bb:2a:f2:d5:42:72:c9:
14:11:db:f6:32:d3:d4:ca:2a:93:2b:e3:a6:ec:a1:
9f:90:89:9e:67:f7:c9:54:90:2e:87:6b:7a:9a:f6:
c0:88:cb:ae:40:b0:fa:7e:c2:03:11:70:76:36:8f:
96:03:e7:b0:55:16:fe:c5:dd:10:69:d0:73:14:75:
7e:9b:8d:8b:2b:14:1c:3a:03:44:c7:14:e5:5c:0a:
14:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:6A:F7:21:15:67:0C:CD:F5:BE:3C:FF:25:87:1A:4B:DB:78:F7:3C
X509v3 Authority Key Identifier:
keyid:DC:EB:54:87:62:C7:D4:CA:CC:B6:16:D8:19:CE:95:CF:62:7B:20:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3OtUh2LH1MrMthbYGc6Vz2J7ICE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/be2236-c2ba-478a-abc3-b4cea51456b4/1/0Gr3IRVnDM31vjz_JYcaS9t49zw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/be2236-c2ba-478a-abc3-b4cea51456b4/1/3OtUh2LH1MrMthbYGc6Vz2J7ICE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.70.0/24
Signature Algorithm: sha256WithRSAEncryption
97:f0:51:5c:d8:9b:9f:b1:46:b2:62:eb:95:d5:1e:09:7c:ca:
32:24:e0:07:e0:4e:7c:18:4f:1d:e0:d4:da:1b:06:df:1f:36:
7c:47:12:ff:7b:e7:18:a5:13:56:94:55:71:f4:ed:55:46:59:
44:59:02:a9:b4:bc:30:49:39:3e:d1:83:ec:58:0c:dd:24:50:
6e:76:24:8a:4b:65:7e:6f:a1:bb:4c:95:c0:a1:db:58:ac:9f:
47:b0:84:6a:e5:54:9a:85:d0:cd:b1:76:3e:70:8d:86:92:d9:
72:aa:58:13:3e:ef:77:9e:de:98:ad:a7:c7:e2:59:3e:ea:04:
91:6d:3a:87:54:0c:c4:21:a7:fb:db:e0:e6:d2:b8:00:29:1a:
d2:07:e1:5d:c8:84:e3:8d:76:6b:3a:94:19:9e:e3:3a:d5:a8:
93:11:2a:5f:53:3c:82:d6:11:24:70:f1:57:6a:6d:6c:27:eb:
f7:18:d5:ed:7b:4e:be:28:6d:24:9c:50:4e:8d:c3:99:90:24:
6a:12:72:ad:19:17:f8:ee:15:50:a9:77:17:2a:82:9e:65:28:
db:9a:92:aa:82:9c:0d:29:ae:1e:e2:44:8c:95:2a:f0:64:36:
0c:eb:08:41:73:c4:b8:fd:ab:1a:4d:67:ec:a1:9b:d0:1f:cd:
11:a3:9b:d5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAxI/YTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
Y2ViNTQ4NzYyYzdkNGNhY2NiNjE2ZDgxOWNlOTVjZjYyN2IyMDIxMB4XDTIyMDEw
MTA1NTU0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDA2YWY3MjExNTY3
MGNjZGY1YmUzY2ZmMjU4NzFhNGJkYjc4ZjczYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALExBalIV3SpgoY+G/mI8h1fvDk7EGqA7cWs+JFOAZSbUsBE
jGkWkN4nn2RCGgLu82njzW7yr2+KDOxqZ128dKb056vM7SEJgPsPbnZONAqUTkjI
EkWcM0HfKKS0jkQEYjidlGTsKtECBJgDhOGA7KJP3U03taj4A+oZt19TVqyEX7l7
Pm3hVxymKYY1ntXmDcaapmfsEYwXKjhDX7jMjuiYyf+gY4bVku1trEu7KvLVQnLJ
FBHb9jLT1Moqkyvjpuyhn5CJnmf3yVSQLodrepr2wIjLrkCw+n7CAxFwdjaPlgPn
sFUW/sXdEGnQcxR1fpuNiysUHDoDRMcU5VwKFNMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTQavchFWcMzfW+PP8lhxpL23j3PDAfBgNVHSMEGDAWgBTc61SHYsfUysy2
FtgZzpXPYnsgITAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNPdFVoMkxIMU1yTXRoYllHYzZWejJKN0lDRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWIvYmUyMjM2LWMyYmEtNDc4YS1hYmMzLWI0Y2VhNTE0NTZiNC8x
LzBHcjNJUlZuRE0zMXZqel9KWWNhUzl0NDl6dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWIv
YmUyMjM2LWMyYmEtNDc4YS1hYmMzLWI0Y2VhNTE0NTZiNC8xLzNPdFVoMkxIMU1y
TXRoYllHYzZWejJKN0lDRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvORjANBgkqhkiG9w0BAQsFAAOC
AQEAl/BRXNibn7FGsmLrldUeCXzKMiTgB+BOfBhPHeDU2hsG3x82fEcS/3vnGKUT
VpRVcfTtVUZZRFkCqbS8MEk5PtGD7FgM3SRQbnYkiktlfm+hu0yVwKHbWKyfR7CE
auVUmoXQzbF2PnCNhpLZcqpYEz7vd57emK2nx+JZPuoEkW06h1QMxCGn+9vg5tK4
ACka0gfhXciE4412azqUGZ7jOtWokxEqX1M8gtYRJHDxV2ptbCfr9xjV7XtOviht
JJxQTo3DmZAkahJyrRkX+O4VUKl3FyqCnmUo25qSqoKcDSmuHuJEjJUq8GQ2DOsI
QXPEuP2rGk1n7KGb0B/NEaOb1Q==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:48 2023 by rpki-client on console-ams.rpki-client.org