Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/25237e-ce6a-4302-b6a4-b5405834f0c5/1/J2f0tZGKLsj46T7qphFWW_QcEPk.roa
File: J2f0tZGKLsj46T7qphFWW_QcEPk.roa (raw, json)
Hash identifier: HkQYPbDEgIweYHlDg623PkFhQDocra82/lBuE1yXAD8=
Subject key identifier: 27:67:F4:B5:91:8A:2E:C8:F8:E9:3E:EA:A6:11:56:5B:F4:1C:10:F9
Certificate issuer: /CN=01c2863a6438b3402752a4740e90ce42eb589129
Certificate serial: 010B888D
Authority key identifier: 01:C2:86:3A:64:38:B3:40:27:52:A4:74:0E:90:CE:42:EB:58:91:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AcKGOmQ4s0AnUqR0DpDOQutYkSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/25237e-ce6a-4302-b6a4-b5405834f0c5/1/J2f0tZGKLsj46T7qphFWW_QcEPk.roa
Signing time: Sat 01 Jan 2022 12:55:57 +0000
ROA not before: Sat 01 Jan 2022 12:55:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210628
IP address blocks: 91.209.175.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17533069 (0x10b888d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01c2863a6438b3402752a4740e90ce42eb589129
Validity
Not Before: Jan 1 12:55:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2767f4b5918a2ec8f8e93eeaa611565bf41c10f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:6a:f5:ba:cf:d0:a5:a6:aa:42:9b:2c:ab:3d:
36:2d:9f:bb:0c:cf:62:59:1d:70:1b:88:5e:df:a3:
50:5a:ff:3d:78:22:2f:6e:9d:85:29:30:50:a2:17:
35:0d:19:c5:17:3d:2f:95:a0:a8:f3:79:53:13:23:
ea:09:ba:dc:be:bf:95:c5:62:8c:80:a3:61:a9:44:
2b:40:80:66:c0:4d:92:e7:27:e1:e0:a0:ff:44:af:
b8:b9:c5:b9:c8:49:ee:26:2b:97:8a:e2:5d:fb:ba:
0e:ac:05:53:fe:87:24:b0:43:a0:88:bb:53:7c:ed:
76:ee:11:0d:06:75:a4:af:ff:8e:a4:0e:7a:ce:5c:
c7:ef:da:b6:ec:dc:70:f0:1d:58:17:36:88:80:19:
16:bf:e6:c4:c7:e5:02:73:31:13:1d:d3:d2:e7:a0:
9c:30:d1:3a:3c:3c:b0:8c:17:3b:b2:6d:f9:f2:b5:
27:b5:72:cf:0c:7f:d4:09:60:7a:14:d3:e6:b4:36:
09:52:14:cf:af:b9:b4:36:c7:6a:0d:47:d4:59:99:
f1:24:3c:20:f5:02:25:ca:d3:31:a1:a6:98:5f:fa:
b2:a8:77:30:84:25:d2:8d:7a:3b:86:64:4b:7f:02:
1e:29:73:d8:c4:68:9d:fe:4b:93:08:1c:be:8b:e8:
6a:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:67:F4:B5:91:8A:2E:C8:F8:E9:3E:EA:A6:11:56:5B:F4:1C:10:F9
X509v3 Authority Key Identifier:
keyid:01:C2:86:3A:64:38:B3:40:27:52:A4:74:0E:90:CE:42:EB:58:91:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AcKGOmQ4s0AnUqR0DpDOQutYkSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/25237e-ce6a-4302-b6a4-b5405834f0c5/1/J2f0tZGKLsj46T7qphFWW_QcEPk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/25237e-ce6a-4302-b6a4-b5405834f0c5/1/AcKGOmQ4s0AnUqR0DpDOQutYkSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.175.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:2f:24:f7:ba:11:9c:62:fe:11:91:80:67:9c:c1:9c:4a:f6:
75:9d:22:b9:97:49:b3:9c:f0:62:92:f4:a4:bd:8b:7f:e7:eb:
b6:e1:7a:88:84:5d:76:73:af:10:76:53:fc:c8:58:36:a0:b8:
ab:8f:93:e1:54:79:f2:f2:66:d5:c4:87:06:a3:01:63:78:9e:
f5:c2:df:50:ee:16:f2:63:ea:6d:1f:3b:c5:77:b2:d2:b9:e9:
86:87:b5:de:45:af:9c:90:6d:38:ad:23:2e:7d:b7:db:df:f7:
80:cb:5e:59:54:47:34:b2:6a:3b:2d:23:c3:a5:06:7c:7e:37:
e5:cf:9d:aa:8d:ea:1d:d8:29:86:55:da:14:a7:6c:54:4a:f8:
1e:8d:51:eb:47:85:c8:be:09:81:44:e8:c3:92:16:35:e5:d1:
e8:52:63:f1:b8:09:39:f6:ab:0e:8b:c3:03:e6:90:cd:25:c3:
93:8b:e8:bb:87:d0:d0:ef:ad:71:55:37:8f:85:42:79:e8:68:
51:8b:d7:b0:01:2d:5f:de:89:87:b9:65:94:e1:54:60:11:f5:
44:cb:7e:bb:ef:90:e9:23:7e:c1:b3:c2:03:84:41:3d:91:d6:
6d:89:2c:51:49:88:f6:29:95:80:75:25:5d:0a:0c:76:8a:03:
92:86:d8:7a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAQuIjTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MWMyODYzYTY0MzhiMzQwMjc1MmE0NzQwZTkwY2U0MmViNTg5MTI5MB4XDTIyMDEw
MTEyNTU1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjc2N2Y0YjU5MThh
MmVjOGY4ZTkzZWVhYTYxMTU2NWJmNDFjMTBmOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMpq9brP0KWmqkKbLKs9Ni2fuwzPYlkdcBuIXt+jUFr/PXgi
L26dhSkwUKIXNQ0ZxRc9L5WgqPN5UxMj6gm63L6/lcVijICjYalEK0CAZsBNkucn
4eCg/0SvuLnFuchJ7iYrl4riXfu6DqwFU/6HJLBDoIi7U3ztdu4RDQZ1pK//jqQO
es5cx+/atuzccPAdWBc2iIAZFr/mxMflAnMxEx3T0uegnDDROjw8sIwXO7Jt+fK1
J7Vyzwx/1AlgehTT5rQ2CVIUz6+5tDbHag1H1FmZ8SQ8IPUCJcrTMaGmmF/6sqh3
MIQl0o16O4ZkS38CHilz2MRonf5LkwgcvovoavECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQnZ/S1kYouyPjpPuqmEVZb9BwQ+TAfBgNVHSMEGDAWgBQBwoY6ZDizQCdS
pHQOkM5C61iRKTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FjS0dPbVE0czBBblVxUjBEcERPUXV0WWtTay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjEvMjUyMzdlLWNlNmEtNDMwMi1iNmE0LWI1NDA1ODM0ZjBjNS8x
L0oyZjB0WkdLTHNqNDZUN3FwaEZXV19RY0VQay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjEv
MjUyMzdlLWNlNmEtNDMwMi1iNmE0LWI1NDA1ODM0ZjBjNS8xL0FjS0dPbVE0czBB
blVxUjBEcERPUXV0WWtTay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvRrzANBgkqhkiG9w0BAQsFAAOC
AQEAmi8k97oRnGL+EZGAZ5zBnEr2dZ0iuZdJs5zwYpL0pL2Lf+frtuF6iIRddnOv
EHZT/MhYNqC4q4+T4VR58vJm1cSHBqMBY3ie9cLfUO4W8mPqbR87xXey0rnphoe1
3kWvnJBtOK0jLn2329/3gMteWVRHNLJqOy0jw6UGfH435c+dqo3qHdgphlXaFKds
VEr4Ho1R60eFyL4JgUTow5IWNeXR6FJj8bgJOfarDovDA+aQzSXDk4vou4fQ0O+t
cVU3j4VCeehoUYvXsAEtX96Jh7lllOFUYBH1RMt+u++Q6SN+wbPCA4RBPZHWbYks
UUmI9imVgHUlXQoMdooDkobYeg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:10 2023 by rpki-client on console-ams.rpki-client.org