Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/ba9674-e571-4e35-ab20-e5d507a826bf/1/rsGzXCSlLaXK0z5RifmnbodDA7U.roa
File: rsGzXCSlLaXK0z5RifmnbodDA7U.roa (raw, json)
Hash identifier: 0EosBKOTRluI/JbhUzgJQ0t7TXc/pWZGCZovCEzjvBM=
Subject key identifier: AE:C1:B3:5C:24:A5:2D:A5:CA:D3:3E:51:89:F9:A7:6E:87:43:03:B5
Certificate issuer: /CN=99a2c2ecf58c44b35a0da2957ff4dca2e60b686a
Certificate serial: 0D5C77FB
Authority key identifier: 99:A2:C2:EC:F5:8C:44:B3:5A:0D:A2:95:7F:F4:DC:A2:E6:0B:68:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/maLC7PWMRLNaDaKVf_TcouYLaGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/ba9674-e571-4e35-ab20-e5d507a826bf/1/rsGzXCSlLaXK0z5RifmnbodDA7U.roa
Signing time: Sat 01 Jan 2022 02:54:02 +0000
ROA not before: Sat 01 Jan 2022 02:54:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34762
IP address blocks: 185.194.84.0/23 maxlen: 24
91.230.171.0/24 maxlen: 24
91.230.170.0/24 maxlen: 24
91.230.178.0/24 maxlen: 24
91.230.177.0/24 maxlen: 24
91.230.176.0/24 maxlen: 24
194.213.114.0/23 maxlen: 24
194.213.115.0/24 maxlen: 24
194.213.114.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 224163835 (0xd5c77fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99a2c2ecf58c44b35a0da2957ff4dca2e60b686a
Validity
Not Before: Jan 1 02:54:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aec1b35c24a52da5cad33e5189f9a76e874303b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:70:cc:4b:a0:6b:ea:56:af:44:0b:f1:13:8a:
43:58:a6:c3:84:34:f8:28:b9:97:fb:e0:f2:94:16:
c2:a2:90:f0:7a:28:e3:49:c9:66:11:b3:88:91:ff:
d1:16:be:47:73:b4:76:ae:70:52:6f:85:94:fe:2d:
96:66:dc:d7:c4:96:20:8d:8c:1b:86:de:b6:b3:e1:
5a:30:6f:20:e1:6f:5b:19:21:e6:3d:f3:07:89:51:
a1:a1:a0:b6:28:c9:7a:9b:ff:d8:e8:02:49:e6:f5:
12:f4:26:ad:10:1a:bc:14:fe:14:90:53:4d:78:08:
b5:3f:d6:dd:e9:74:4c:57:e7:5f:0b:1a:68:6f:14:
3f:ab:7a:88:02:14:b5:f2:70:d4:3f:38:20:7f:82:
00:50:1b:8d:89:dc:2c:5f:0d:48:e0:4d:da:b8:60:
86:84:fe:82:76:f4:63:9c:a7:8e:66:e3:1a:eb:a3:
94:98:da:88:10:82:01:51:36:cf:2a:d7:41:1a:de:
05:fc:35:89:db:ac:4a:58:da:38:57:3e:16:59:2f:
9b:14:b0:9e:a8:a5:3d:0e:85:df:65:df:b5:1b:55:
ff:15:fe:26:13:bd:df:3b:d4:05:5a:87:21:a1:69:
16:dd:36:db:2d:42:74:3b:91:93:9b:27:16:ec:25:
d2:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:C1:B3:5C:24:A5:2D:A5:CA:D3:3E:51:89:F9:A7:6E:87:43:03:B5
X509v3 Authority Key Identifier:
keyid:99:A2:C2:EC:F5:8C:44:B3:5A:0D:A2:95:7F:F4:DC:A2:E6:0B:68:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/maLC7PWMRLNaDaKVf_TcouYLaGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/ba9674-e571-4e35-ab20-e5d507a826bf/1/rsGzXCSlLaXK0z5RifmnbodDA7U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/ba9674-e571-4e35-ab20-e5d507a826bf/1/maLC7PWMRLNaDaKVf_TcouYLaGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.170.0/23
91.230.176.0-91.230.178.255
185.194.84.0/23
194.213.114.0/23
Signature Algorithm: sha256WithRSAEncryption
a8:f1:8f:6a:ba:6e:38:24:62:cc:10:8d:b7:fc:ba:69:b3:56:
85:3f:6d:9c:9c:78:77:de:f1:ea:c4:45:93:1d:c0:0c:a7:9b:
0d:c7:bf:66:9b:9c:1d:2d:00:c2:41:2e:bf:94:97:c7:61:29:
65:56:41:77:55:9f:0f:08:6c:e3:57:12:2a:71:8e:fb:8f:34:
af:c2:c4:f7:96:1d:f3:b9:7c:ed:17:19:17:fc:f7:61:3f:a9:
cf:4e:ba:c6:c5:b1:9b:b1:5b:84:f1:f2:c6:dd:bc:cd:1a:91:
5e:b3:ae:07:8f:be:03:75:63:01:29:1d:b7:7a:e1:d9:88:cb:
d1:2c:0a:92:54:55:ce:2b:37:e0:c6:7f:62:8c:57:9e:92:59:
1e:a7:5c:87:26:c6:d5:c5:9a:a0:e0:4a:ac:5a:6f:49:4c:00:
b0:0b:b1:ae:f3:82:52:61:13:15:4c:43:ac:ea:77:67:85:14:
80:d3:64:8e:8a:8f:0e:39:79:f7:28:33:ed:ff:11:78:6a:7e:
01:08:0a:d0:3e:92:50:69:e7:21:89:dc:2c:ac:ff:33:a3:e4:
62:da:19:37:2c:8c:cb:70:b4:9c:d1:a1:6f:b1:5f:3f:51:ef:
dd:85:95:fd:7b:84:9d:f3:82:21:fb:ed:6b:a6:ad:3c:3c:fa:
46:2e:92:55
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEDVx3+zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
OWEyYzJlY2Y1OGM0NGIzNWEwZGEyOTU3ZmY0ZGNhMmU2MGI2ODZhMB4XDTIyMDEw
MTAyNTQwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWVjMWIzNWMyNGE1
MmRhNWNhZDMzZTUxODlmOWE3NmU4NzQzMDNiNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPpwzEuga+pWr0QL8ROKQ1imw4Q0+Ci5l/vg8pQWwqKQ8Hoo
40nJZhGziJH/0Ra+R3O0dq5wUm+FlP4tlmbc18SWII2MG4betrPhWjBvIOFvWxkh
5j3zB4lRoaGgtijJepv/2OgCSeb1EvQmrRAavBT+FJBTTXgItT/W3el0TFfnXwsa
aG8UP6t6iAIUtfJw1D84IH+CAFAbjYncLF8NSOBN2rhghoT+gnb0Y5ynjmbjGuuj
lJjaiBCCAVE2zyrXQRreBfw1idusSljaOFc+FlkvmxSwnqilPQ6F32XftRtV/xX+
JhO93zvUBVqHIaFpFt022y1CdDuRk5snFuwl0vECAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBSuwbNcJKUtpcrTPlGJ+aduh0MDtTAfBgNVHSMEGDAWgBSZosLs9YxEs1oN
opV/9Nyi5gtoajAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21hTEM3UFdNUkxOYURhS1ZmX1Rjb3VZTGFHby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjYvYmE5Njc0LWU1NzEtNGUzNS1hYjIwLWU1ZDUwN2E4MjZiZi8x
L3JzR3pYQ1NsTGFYSzB6NVJpZm1uYm9kREE3VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYv
YmE5Njc0LWU1NzEtNGUzNS1hYjIwLWU1ZDUwN2E4MjZiZi8xL21hTEM3UFdNUkxO
YURhS1ZmX1Rjb3VZTGFHby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIAMEAVvmqjAMAwQEW+awAwQAW+ayAwQB
ucJUAwQBwtVyMA0GCSqGSIb3DQEBCwUAA4IBAQCo8Y9qum44JGLMEI23/Lpps1aF
P22cnHh33vHqxEWTHcAMp5sNx79mm5wdLQDCQS6/lJfHYSllVkF3VZ8PCGzjVxIq
cY77jzSvwsT3lh3zuXztFxkX/PdhP6nPTrrGxbGbsVuE8fLG3bzNGpFes64Hj74D
dWMBKR23euHZiMvRLAqSVFXOKzfgxn9ijFeeklkep1yHJsbVxZqg4EqsWm9JTACw
C7Gu84JSYRMVTEOs6ndnhRSA02SOio8OOXn3KDPt/xF4an4BCArQPpJQaechidws
rP8zo+Ri2hk3LIzLcLSc0aFvsV8/Ue/dhZX9e4Sd84Ih++1rpq08PPpGLpJV
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:00 2024 by rpki-client on console-fra.rpki-client.org