Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/99a2b1-1144-4f9c-8fdf-43e4d56d4043/1/SxNwAtVWTmQVSK-FR8ZKr4fTuY8.roa
File: SxNwAtVWTmQVSK-FR8ZKr4fTuY8.roa (raw, json)
Hash identifier: s1cGOV5rU4KdkNG4gIcOKHBWCJbIAZ/kqTAcCFzs4nI=
Subject key identifier: 4B:13:70:02:D5:56:4E:64:15:48:AF:85:47:C6:4A:AF:87:D3:B9:8F
Certificate issuer: /CN=0f90b80b3d4893c9c1ec7d01c29bf3b450bb851d
Certificate serial: 05224F4D
Authority key identifier: 0F:90:B8:0B:3D:48:93:C9:C1:EC:7D:01:C2:9B:F3:B4:50:BB:85:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D5C4Cz1Ik8nB7H0BwpvztFC7hR0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/99a2b1-1144-4f9c-8fdf-43e4d56d4043/1/SxNwAtVWTmQVSK-FR8ZKr4fTuY8.roa
Signing time: Sat 01 Jan 2022 13:56:29 +0000
ROA not before: Sat 01 Jan 2022 13:56:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213157
IP address blocks: 91.218.21.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86134605 (0x5224f4d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f90b80b3d4893c9c1ec7d01c29bf3b450bb851d
Validity
Not Before: Jan 1 13:56:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4b137002d5564e641548af8547c64aaf87d3b98f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:1a:19:a0:d1:f9:0d:c2:f6:5e:58:de:c4:3e:
63:84:d1:5d:d3:b8:4c:81:9a:4f:96:cd:79:4d:32:
9a:b7:f2:d0:01:db:a0:ef:f4:1e:44:8a:92:05:bb:
d0:c0:43:84:98:eb:d1:d7:f6:3e:fd:91:1e:21:58:
57:4f:90:84:7c:69:12:5c:35:6a:27:f9:0f:3b:b9:
85:fb:ac:8b:ac:43:ec:1f:99:50:a8:12:69:86:2b:
e3:e5:68:e3:7a:1f:be:eb:8c:d0:33:70:a0:25:8b:
10:00:90:03:da:f7:39:5e:aa:10:87:5b:b6:95:12:
d8:9d:96:66:88:77:4a:a8:bd:b1:c5:2f:25:36:42:
63:6d:36:be:c9:ac:ef:c5:23:21:c0:4d:dd:be:11:
e9:de:88:74:df:62:4a:20:97:38:fb:ec:40:96:52:
40:72:c8:1f:2f:d2:74:bb:d6:aa:25:b6:23:26:11:
97:6b:ef:d3:b3:1b:4f:43:2a:24:c2:8f:36:c9:ec:
1c:23:90:ea:26:aa:86:a5:51:fa:d9:85:6d:fc:43:
8e:e7:28:7d:29:56:2e:a3:2e:91:aa:e9:8a:3d:2f:
06:58:09:97:bf:d8:29:94:bb:ba:c6:75:5d:7e:ee:
29:41:bd:9f:1b:0a:82:a1:eb:4a:38:e8:8d:ad:06:
0a:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:13:70:02:D5:56:4E:64:15:48:AF:85:47:C6:4A:AF:87:D3:B9:8F
X509v3 Authority Key Identifier:
keyid:0F:90:B8:0B:3D:48:93:C9:C1:EC:7D:01:C2:9B:F3:B4:50:BB:85:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D5C4Cz1Ik8nB7H0BwpvztFC7hR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/99a2b1-1144-4f9c-8fdf-43e4d56d4043/1/SxNwAtVWTmQVSK-FR8ZKr4fTuY8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/99a2b1-1144-4f9c-8fdf-43e4d56d4043/1/D5C4Cz1Ik8nB7H0BwpvztFC7hR0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.218.21.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:a1:48:ec:a1:1e:18:1a:3d:91:18:25:01:13:3c:43:a9:19:
91:7c:d0:13:29:72:36:31:d7:69:87:f8:65:59:88:0a:9d:20:
ba:35:b0:ea:80:f0:a2:32:7c:5f:aa:c8:4c:ba:08:e4:f6:60:
21:74:ea:2e:30:e9:41:08:7d:3a:dc:07:a6:48:bc:ad:9f:7b:
7b:b9:68:09:88:a7:d9:fb:1d:0d:94:45:41:60:f0:bd:c7:35:
1b:d2:ea:da:4f:f8:4b:d9:9d:30:61:04:41:89:7d:22:e0:ce:
37:6d:98:25:a5:b6:1f:c0:02:bf:bc:07:35:70:07:ab:5c:9f:
00:1f:c4:70:e7:04:8c:60:55:ad:78:06:5c:49:3b:ea:8c:57:
71:40:4b:df:5d:e0:ec:be:e8:35:34:9b:bd:ee:27:94:6f:1d:
2b:f4:4f:0e:92:6b:11:23:1b:42:43:24:19:9d:3a:ea:e0:45:
7d:23:8f:ba:5e:4c:c3:aa:6b:68:4b:fc:66:a8:59:e3:ab:14:
ef:87:76:3d:f7:84:8e:02:de:ff:e3:7f:03:21:f7:52:1e:cb:
76:ef:7c:21:00:0d:41:db:ce:89:f5:8a:fc:fc:d4:24:5d:58:
df:a1:ec:9e:56:4a:40:31:18:9b:81:9e:dd:c8:1f:44:bf:7e:
94:64:fc:8b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBSJPTTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZjkwYjgwYjNkNDg5M2M5YzFlYzdkMDFjMjliZjNiNDUwYmI4NTFkMB4XDTIyMDEw
MTEzNTYyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGIxMzcwMDJkNTU2
NGU2NDE1NDhhZjg1NDdjNjRhYWY4N2QzYjk4ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALQaGaDR+Q3C9l5Y3sQ+Y4TRXdO4TIGaT5bNeU0ymrfy0AHb
oO/0HkSKkgW70MBDhJjr0df2Pv2RHiFYV0+QhHxpElw1aif5Dzu5hfusi6xD7B+Z
UKgSaYYr4+Vo43ofvuuM0DNwoCWLEACQA9r3OV6qEIdbtpUS2J2WZoh3Sqi9scUv
JTZCY202vsms78UjIcBN3b4R6d6IdN9iSiCXOPvsQJZSQHLIHy/SdLvWqiW2IyYR
l2vv07MbT0MqJMKPNsnsHCOQ6iaqhqVR+tmFbfxDjucofSlWLqMukarpij0vBlgJ
l7/YKZS7usZ1XX7uKUG9nxsKgqHrSjjoja0GCu0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRLE3AC1VZOZBVIr4VHxkqvh9O5jzAfBgNVHSMEGDAWgBQPkLgLPUiTycHs
fQHCm/O0ULuFHTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0Q1QzRDejFJazhuQjdIMEJ3cHZ6dEZDN2hSMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjcvOTlhMmIxLTExNDQtNGY5Yy04ZmRmLTQzZTRkNTZkNDA0My8x
L1N4TndBdFZXVG1RVlNLLUZSOFpLcjRmVHVZOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjcv
OTlhMmIxLTExNDQtNGY5Yy04ZmRmLTQzZTRkNTZkNDA0My8xL0Q1QzRDejFJazhu
QjdIMEJ3cHZ6dEZDN2hSMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvaFTANBgkqhkiG9w0BAQsFAAOC
AQEAWqFI7KEeGBo9kRglARM8Q6kZkXzQEylyNjHXaYf4ZVmICp0gujWw6oDwojJ8
X6rITLoI5PZgIXTqLjDpQQh9OtwHpki8rZ97e7loCYin2fsdDZRFQWDwvcc1G9Lq
2k/4S9mdMGEEQYl9IuDON22YJaW2H8ACv7wHNXAHq1yfAB/EcOcEjGBVrXgGXEk7
6oxXcUBL313g7L7oNTSbve4nlG8dK/RPDpJrESMbQkMkGZ066uBFfSOPul5Mw6pr
aEv8ZqhZ46sU74d2PfeEjgLe/+N/AyH3Uh7Ldu98IQANQdvOifWK/PzUJF1Y36Hs
nlZKQDEYm4Ge3cgfRL9+lGT8iw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:13 2024 by rpki-client on console-ams.rpki-client.org