Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/9825a0-1fdc-4162-8372-b9dbdc8b439c/1/ydtmRtFzqGdb_wdxGh2Xso2pu68.roa
File: ydtmRtFzqGdb_wdxGh2Xso2pu68.roa (raw, json)
Hash identifier: fAZy9O2SySEoSQhQ/iWDq/vGiOw9YAQxQNXE8mWDn/Y=
Subject key identifier: C9:DB:66:46:D1:73:A8:67:5B:FF:07:71:1A:1D:97:B2:8D:A9:BB:AF
Certificate issuer: /CN=16979d37da016abd13279270ba55d6b3c2960578
Certificate serial: 0503C796
Authority key identifier: 16:97:9D:37:DA:01:6A:BD:13:27:92:70:BA:55:D6:B3:C2:96:05:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FpedN9oBar0TJ5JwulXWs8KWBXg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/9825a0-1fdc-4162-8372-b9dbdc8b439c/1/ydtmRtFzqGdb_wdxGh2Xso2pu68.roa
Signing time: Sat 01 Jan 2022 02:00:58 +0000
ROA not before: Sat 01 Jan 2022 02:00:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15576
IP address blocks: 91.198.229.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84133782 (0x503c796)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16979d37da016abd13279270ba55d6b3c2960578
Validity
Not Before: Jan 1 02:00:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c9db6646d173a8675bff07711a1d97b28da9bbaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:c1:93:7e:a4:d8:48:3f:9e:e4:86:23:8e:9c:
a7:97:9b:27:02:c0:59:6e:93:ad:ff:68:d1:92:b3:
d1:83:a7:15:a1:6f:90:b0:cc:34:aa:56:8e:a7:b6:
cc:c3:e5:1e:eb:03:a6:bc:3a:34:18:de:a2:7e:3c:
33:9d:f1:01:eb:7e:01:b7:d0:9b:87:39:90:74:9a:
fb:e3:53:5d:8c:d8:2e:3f:d4:c6:f8:98:d4:9e:ce:
28:5a:d9:f8:4c:85:91:32:f5:77:cb:f9:6c:23:1d:
2a:7e:42:7e:89:46:57:34:43:92:3f:a2:43:bc:12:
49:e2:66:76:9e:74:e8:b5:13:a0:29:48:f6:66:3a:
df:5b:dd:ee:6a:cd:11:22:a5:f4:09:eb:46:6b:86:
9c:ec:77:35:7f:88:24:df:43:59:76:b2:d5:4a:e8:
1e:76:8f:94:cf:da:d3:ff:38:4c:be:2d:fc:c2:ca:
f0:1c:dc:6b:a8:41:23:f1:3c:d8:c8:aa:1f:1f:f9:
1b:c0:8e:da:ce:9f:9e:58:6c:2e:39:a1:93:8d:0c:
e0:aa:24:55:b5:f4:de:6a:9c:44:c8:5c:92:33:8e:
26:82:4a:1d:db:b7:2d:a2:f0:60:1f:bf:ab:cd:7b:
c3:8e:c0:cc:14:0c:8b:02:31:91:8f:5d:94:97:dc:
5b:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:DB:66:46:D1:73:A8:67:5B:FF:07:71:1A:1D:97:B2:8D:A9:BB:AF
X509v3 Authority Key Identifier:
keyid:16:97:9D:37:DA:01:6A:BD:13:27:92:70:BA:55:D6:B3:C2:96:05:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FpedN9oBar0TJ5JwulXWs8KWBXg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/9825a0-1fdc-4162-8372-b9dbdc8b439c/1/ydtmRtFzqGdb_wdxGh2Xso2pu68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/9825a0-1fdc-4162-8372-b9dbdc8b439c/1/FpedN9oBar0TJ5JwulXWs8KWBXg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.229.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:f2:34:4c:2b:f6:4f:86:18:3a:06:12:c1:98:63:0d:52:ed:
de:f6:a6:ac:58:57:58:d6:5e:d2:52:bb:fb:7c:72:7a:e0:e4:
e4:c3:fb:5a:08:ad:ad:ab:bf:bc:6e:89:35:ee:b3:45:64:98:
3a:9a:2b:7b:e9:51:e5:b1:2a:17:df:d2:26:6b:f3:20:66:d2:
7a:d4:ca:a3:fa:9a:ec:4e:65:27:ee:b5:f2:3b:85:58:d7:1b:
49:75:2c:2d:c0:8f:12:74:cd:ed:2f:32:f7:e7:57:a1:28:34:
73:48:a7:34:78:e7:06:13:44:cb:06:04:a9:bd:d3:ec:83:3b:
26:bf:ec:e0:69:7a:98:c3:e2:34:fb:59:1f:c0:a1:a5:fa:be:
60:56:2c:17:d7:56:94:2d:54:fa:be:24:98:39:44:9f:08:38:
99:e1:ea:d6:3f:ca:34:89:31:aa:86:9e:d1:d9:0a:69:f2:f3:
59:54:3b:28:86:e3:b5:1a:46:dc:35:48:fb:fd:fb:7a:fa:8e:
08:2c:ad:20:8a:b6:87:4c:7c:13:71:4f:8b:d9:de:02:91:82:
b5:6b:2f:a7:2b:35:65:4f:d3:57:8f:29:af:48:8d:cf:0e:60:
3e:1f:12:d8:61:dd:82:b3:97:f8:29:37:c6:06:f3:d7:b9:b7:
33:c0:0a:68
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBQPHljANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
Njk3OWQzN2RhMDE2YWJkMTMyNzkyNzBiYTU1ZDZiM2MyOTYwNTc4MB4XDTIyMDEw
MTAyMDA1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzlkYjY2NDZkMTcz
YTg2NzViZmYwNzcxMWExZDk3YjI4ZGE5YmJhZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJrBk36k2Eg/nuSGI46cp5ebJwLAWW6Trf9o0ZKz0YOnFaFv
kLDMNKpWjqe2zMPlHusDprw6NBjeon48M53xAet+AbfQm4c5kHSa++NTXYzYLj/U
xviY1J7OKFrZ+EyFkTL1d8v5bCMdKn5CfolGVzRDkj+iQ7wSSeJmdp506LUToClI
9mY631vd7mrNESKl9AnrRmuGnOx3NX+IJN9DWXay1UroHnaPlM/a0/84TL4t/MLK
8Bzca6hBI/E82MiqHx/5G8CO2s6fnlhsLjmhk40M4KokVbX03mqcRMhckjOOJoJK
Hdu3LaLwYB+/q817w47AzBQMiwIxkY9dlJfcW+cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTJ22ZG0XOoZ1v/B3EaHZeyjam7rzAfBgNVHSMEGDAWgBQWl5032gFqvRMn
knC6VdazwpYFeDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ZwZWROOW9CYXIwVEo1Snd1bFhXczhLV0JYZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjkvOTgyNWEwLTFmZGMtNDE2Mi04MzcyLWI5ZGJkYzhiNDM5Yy8x
L3lkdG1SdEZ6cUdkYl93ZHhHaDJYc28ycHU2OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjkv
OTgyNWEwLTFmZGMtNDE2Mi04MzcyLWI5ZGJkYzhiNDM5Yy8xL0ZwZWROOW9CYXIw
VEo1Snd1bFhXczhLV0JYZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvG5TANBgkqhkiG9w0BAQsFAAOC
AQEApfI0TCv2T4YYOgYSwZhjDVLt3vamrFhXWNZe0lK7+3xyeuDk5MP7Wgitrau/
vG6JNe6zRWSYOpore+lR5bEqF9/SJmvzIGbSetTKo/qa7E5lJ+618juFWNcbSXUs
LcCPEnTN7S8y9+dXoSg0c0inNHjnBhNEywYEqb3T7IM7Jr/s4Gl6mMPiNPtZH8Ch
pfq+YFYsF9dWlC1U+r4kmDlEnwg4meHq1j/KNIkxqoae0dkKafLzWVQ7KIbjtRpG
3DVI+/37evqOCCytIIq2h0x8E3FPi9neApGCtWsvpys1ZU/TV48pr0iNzw5gPh8S
2GHdgrOX+Ck3xgbz17m3M8AKaA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:35 2023 by rpki-client on console-ams.rpki-client.org