Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/496232-d18b-4554-9a43-432f5c1f41f7/1/fDr4nSayyyW2jq8bbJeaEa8iu2k.roa
File: fDr4nSayyyW2jq8bbJeaEa8iu2k.roa (raw, json)
Hash identifier: l/9R4UvhKSjPFQYVMYrLr0Pnc8EkFjHomnUD20xEgEA=
Subject key identifier: 7C:3A:F8:9D:26:B2:CB:25:B6:8E:AF:1B:6C:97:9A:11:AF:22:BB:69
Certificate issuer: /CN=9dd504860a7c924e721cbfaea5f49a72c8296c35
Certificate serial: 03E6AE36
Authority key identifier: 9D:D5:04:86:0A:7C:92:4E:72:1C:BF:AE:A5:F4:9A:72:C8:29:6C:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ndUEhgp8kk5yHL-upfSacsgpbDU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/496232-d18b-4554-9a43-432f5c1f41f7/1/fDr4nSayyyW2jq8bbJeaEa8iu2k.roa
Signing time: Sat 01 Jan 2022 14:06:08 +0000
ROA not before: Sat 01 Jan 2022 14:06:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35319
IP address blocks: 91.204.121.0/24 maxlen: 24
91.204.122.0/24 maxlen: 24
193.19.240.0/24 maxlen: 24
193.19.242.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65449526 (0x3e6ae36)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9dd504860a7c924e721cbfaea5f49a72c8296c35
Validity
Not Before: Jan 1 14:06:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7c3af89d26b2cb25b68eaf1b6c979a11af22bb69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:1b:31:e4:61:de:45:eb:c0:4f:55:e4:f1:58:
c3:4f:95:27:2b:f9:c8:8a:8a:8f:2e:9d:b0:7d:44:
5e:69:26:19:cb:28:b3:a4:f2:ea:29:c1:71:13:ab:
f4:16:48:85:6f:c6:89:c5:df:e9:e4:2c:6a:ed:35:
5c:af:f4:bd:ff:1c:3f:51:1f:e5:ef:f1:93:3a:e0:
2c:95:30:c0:5e:6f:de:ca:89:4e:4b:ea:d5:34:47:
0f:8e:4a:b3:67:09:8b:ba:0c:22:d0:74:af:6c:5e:
1b:9a:5c:91:b0:53:6a:58:6e:8e:88:7a:cc:7d:17:
82:dc:60:66:8f:08:dd:03:46:62:32:60:22:31:63:
78:78:a0:38:a9:c0:df:fd:cd:9b:16:cd:e2:e9:d5:
25:ef:7e:67:3b:15:73:87:f9:16:84:a8:98:22:0e:
71:b9:5c:9a:39:b8:56:71:c8:3a:ea:6a:2e:4a:6e:
63:b1:25:96:40:c2:1f:65:63:10:f8:a9:d6:0c:88:
3a:ed:bd:bf:81:0b:fc:4f:5a:b8:9e:2d:8b:df:b6:
67:ec:aa:a8:89:1f:1d:28:2d:a8:f5:36:87:d4:0e:
df:1c:9f:9a:7a:c3:a0:a7:b7:f0:4c:09:50:cd:33:
fe:3c:7d:36:4e:dd:1c:5b:af:6c:8f:8c:c5:fc:fb:
6b:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:3A:F8:9D:26:B2:CB:25:B6:8E:AF:1B:6C:97:9A:11:AF:22:BB:69
X509v3 Authority Key Identifier:
keyid:9D:D5:04:86:0A:7C:92:4E:72:1C:BF:AE:A5:F4:9A:72:C8:29:6C:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ndUEhgp8kk5yHL-upfSacsgpbDU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/496232-d18b-4554-9a43-432f5c1f41f7/1/fDr4nSayyyW2jq8bbJeaEa8iu2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/496232-d18b-4554-9a43-432f5c1f41f7/1/ndUEhgp8kk5yHL-upfSacsgpbDU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.204.121.0-91.204.122.255
193.19.240.0/24
193.19.242.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:10:13:62:9d:7d:ee:4f:4c:24:ee:05:2c:4a:4b:4a:08:61:
c2:46:2f:5e:58:84:2f:2d:22:f2:9b:5e:31:b4:f7:27:d6:0a:
b4:fc:cf:22:53:ac:a5:c3:02:cf:58:84:17:0b:fb:af:c9:5e:
db:2b:2a:9d:c4:3c:4a:a3:f5:99:fd:19:a1:13:dc:b6:a8:c3:
d7:08:d7:36:c3:79:4c:69:ae:c5:46:25:85:c9:e1:55:37:98:
f3:f3:b2:95:4b:63:19:f8:b4:06:4c:55:10:71:80:d2:5e:30:
3d:02:a2:50:0e:c3:17:9d:78:f7:5c:de:6a:7e:27:1f:20:28:
f7:9f:61:74:a2:54:27:00:79:b4:dc:0f:7b:3a:d0:88:27:58:
4f:2a:70:a9:ee:40:1c:e3:7a:96:9e:31:18:e3:98:17:9e:61:
ce:af:f1:2e:88:46:51:a0:bc:d6:c2:b5:62:e0:a3:f7:ec:3b:
64:aa:b5:2f:4d:50:2e:8d:66:91:2a:27:2f:27:7b:f3:20:14:
bf:1b:eb:70:6d:0d:40:06:f1:0e:1a:3b:98:9e:14:9d:88:8c:
22:88:45:69:2c:81:b6:18:fe:e0:01:01:2c:fd:2c:d8:c5:68:
bf:8d:04:49:50:8e:71:a4:bc:e0:4d:fb:2b:d8:7f:7f:89:d6:
a8:7a:85:6d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEA+auNjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZGQ1MDQ4NjBhN2M5MjRlNzIxY2JmYWVhNWY0OWE3MmM4Mjk2YzM1MB4XDTIyMDEw
MTE0MDYwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2MzYWY4OWQyNmIy
Y2IyNWI2OGVhZjFiNmM5NzlhMTFhZjIyYmI2OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOkbMeRh3kXrwE9V5PFYw0+VJyv5yIqKjy6dsH1EXmkmGcso
s6Ty6inBcROr9BZIhW/GicXf6eQsau01XK/0vf8cP1Ef5e/xkzrgLJUwwF5v3sqJ
Tkvq1TRHD45Ks2cJi7oMItB0r2xeG5pckbBTalhujoh6zH0XgtxgZo8I3QNGYjJg
IjFjeHigOKnA3/3NmxbN4unVJe9+ZzsVc4f5FoSomCIOcblcmjm4VnHIOupqLkpu
Y7EllkDCH2VjEPip1gyIOu29v4EL/E9auJ4ti9+2Z+yqqIkfHSgtqPU2h9QO3xyf
mnrDoKe38EwJUM0z/jx9Nk7dHFuvbI+Mxfz7axUCAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBR8OvidJrLLJbaOrxtsl5oRryK7aTAfBgNVHSMEGDAWgBSd1QSGCnySTnIc
v66l9JpyyClsNTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25kVUVoZ3A4a2s1eUhMLXVwZlNhY3NncGJEVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjIvNDk2MjMyLWQxOGItNDU1NC05YTQzLTQzMmY1YzFmNDFmNy8x
L2ZEcjRuU2F5eXlXMmpxOGJiSmVhRWE4aXUyay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjIv
NDk2MjMyLWQxOGItNDU1NC05YTQzLTQzMmY1YzFmNDFmNy8xL25kVUVoZ3A4a2s1
eUhMLXVwZlNhY3NncGJEVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGjAMAwQAW8x5AwQAW8x6AwQAwRPwAwQA
wRPyMA0GCSqGSIb3DQEBCwUAA4IBAQA/EBNinX3uT0wk7gUsSktKCGHCRi9eWIQv
LSLym14xtPcn1gq0/M8iU6ylwwLPWIQXC/uvyV7bKyqdxDxKo/WZ/RmhE9y2qMPX
CNc2w3lMaa7FRiWFyeFVN5jz87KVS2MZ+LQGTFUQcYDSXjA9AqJQDsMXnXj3XN5q
ficfICj3n2F0olQnAHm03A97OtCIJ1hPKnCp7kAc43qWnjEY45gXnmHOr/EuiEZR
oLzWwrVi4KP37DtkqrUvTVAujWaRKicvJ3vzIBS/G+twbQ1ABvEOGjuYnhSdiIwi
iEVpLIG2GP7gAQEs/SzYxWi/jQRJUI5xpLzgTfsr2H9/idaoeoVt
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:19 2023 by rpki-client on console-fra.rpki-client.org