Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/f4dc76-dcd2-475b-9e68-c22395ce1be4/1/getSXqyOtbShc9DQ6UWM0e6yg80.roa
File: getSXqyOtbShc9DQ6UWM0e6yg80.roa (raw, json)
Hash identifier: ZdLPLpG2toWGVxTWUqZvXgjZVK2lV2Vx75Ub8FdGhb0=
Subject key identifier: 81:EB:52:5E:AC:8E:B5:B4:A1:73:D0:D0:E9:45:8C:D1:EE:B2:83:CD
Certificate issuer: /CN=38f746b81aec00e36b9bcb7a08642a64e913da5b
Certificate serial: 0181F29B4128B0EA15A12C0DDCC2DE16A408
Authority key identifier: 38:F7:46:B8:1A:EC:00:E3:6B:9B:CB:7A:08:64:2A:64:E9:13:DA:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OPdGuBrsAONrm8t6CGQqZOkT2ls.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/f4dc76-dcd2-475b-9e68-c22395ce1be4/1/getSXqyOtbShc9DQ6UWM0e6yg80.roa
Signing time: Tue 12 Jul 2022 13:31:09 +0000
ROA not before: Tue 12 Jul 2022 13:31:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199117
IP address blocks: 91.240.241.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:f2:9b:41:28:b0:ea:15:a1:2c:0d:dc:c2:de:16:a4:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38f746b81aec00e36b9bcb7a08642a64e913da5b
Validity
Not Before: Jul 12 13:31:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=81eb525eac8eb5b4a173d0d0e9458cd1eeb283cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:69:f2:73:c3:c1:e0:8c:a2:f3:e1:d0:bb:09:
53:88:8e:40:91:db:fe:85:31:ff:1f:c6:8f:74:fb:
27:14:e4:a7:0a:86:d6:20:c1:87:c6:fd:70:c6:15:
fa:86:f8:88:11:f1:4b:25:75:e5:1f:f3:15:ae:b0:
44:bf:57:7a:b9:95:a0:7d:06:be:b9:dd:6c:2d:09:
06:9c:67:b6:16:b7:61:3f:32:e1:84:27:e3:b0:32:
aa:0a:9b:86:7d:26:07:1d:81:ec:c1:25:e7:c9:d9:
73:65:37:b0:e1:3d:3d:65:af:01:a2:aa:ec:90:48:
7a:f5:94:8f:04:09:55:a4:9b:62:98:9d:e1:15:13:
90:fa:23:cf:97:a0:51:bc:9a:09:1e:62:42:2c:1f:
df:6f:07:58:1a:37:1d:26:39:df:a6:82:34:62:41:
d8:c0:e9:b6:e9:06:bf:90:bf:19:e9:f7:c1:53:5d:
ea:f3:f8:cd:5a:04:34:a4:ed:89:3e:57:82:c3:55:
de:12:e0:f4:a8:10:c1:e2:ef:ad:f0:a3:f7:6f:4e:
78:6c:c9:52:bd:b0:bc:75:3f:f8:cf:b5:0e:c7:b4:
bd:df:b8:82:63:fb:96:a6:ca:c7:ae:74:0d:a0:d0:
f8:44:3c:c3:9a:ef:cc:32:9f:8f:7d:05:13:44:a3:
12:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:EB:52:5E:AC:8E:B5:B4:A1:73:D0:D0:E9:45:8C:D1:EE:B2:83:CD
X509v3 Authority Key Identifier:
keyid:38:F7:46:B8:1A:EC:00:E3:6B:9B:CB:7A:08:64:2A:64:E9:13:DA:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OPdGuBrsAONrm8t6CGQqZOkT2ls.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/f4dc76-dcd2-475b-9e68-c22395ce1be4/1/getSXqyOtbShc9DQ6UWM0e6yg80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/f4dc76-dcd2-475b-9e68-c22395ce1be4/1/OPdGuBrsAONrm8t6CGQqZOkT2ls.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.241.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:0d:12:60:41:65:89:4d:4a:f8:03:13:aa:e9:e2:70:c1:e8:
3e:bc:db:a9:08:63:95:15:5c:ad:f5:ae:23:09:a4:b8:b2:fa:
da:9c:8a:03:51:d4:0d:f2:ef:c4:ba:36:c6:8a:32:36:67:2c:
c5:a7:5a:8b:70:43:ac:92:cd:44:06:ae:d7:47:07:67:81:57:
e7:2a:8f:67:2f:73:22:23:a9:7c:9e:c3:6d:47:68:42:40:35:
72:72:06:7d:05:7e:9b:41:24:20:2a:36:ba:42:14:31:85:21:
76:61:a1:d0:85:b7:71:2c:2b:06:4d:51:ae:16:56:b8:37:66:
35:ea:94:aa:6e:9d:ca:91:7c:b1:20:34:47:8e:d6:8f:e3:49:
01:7d:08:58:7e:f7:64:68:05:b7:20:c4:2c:ea:58:71:a7:61:
f2:a3:09:ad:35:35:c5:76:65:23:3a:df:36:2d:9d:eb:05:46:
6d:43:6e:10:55:45:f0:c8:3a:de:2f:a6:ee:a8:e9:b8:3d:4c:
c9:b3:db:f3:c1:a4:36:a9:53:63:ee:08:2f:bd:a4:5f:e1:aa:
da:fd:3a:50:9e:a7:e2:25:62:c4:c1:6b:9f:82:4b:c0:f3:50:
30:0c:76:34:d4:3e:c9:51:0f:9d:62:31:b9:b8:4a:bb:f4:e8:
7d:74:58:10
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYHym0EosOoVoSwN3MLeFqQIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4Zjc0NmI4MWFlYzAwZTM2YjliY2I3YTA4NjQyYTY0ZTkx
M2RhNWIwHhcNMjIwNzEyMTMzMTA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWViNTI1ZWFjOGViNWI0YTE3M2QwZDBlOTQ1OGNkMWVlYjI4M2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkWnyc8PB4Iyi8+HQuwlTiI5Akdv+
hTH/H8aPdPsnFOSnCobWIMGHxv1wxhX6hviIEfFLJXXlH/MVrrBEv1d6uZWgfQa+
ud1sLQkGnGe2FrdhPzLhhCfjsDKqCpuGfSYHHYHswSXnydlzZTew4T09Za8Boqrs
kEh69ZSPBAlVpJtimJ3hFROQ+iPPl6BRvJoJHmJCLB/fbwdYGjcdJjnfpoI0YkHY
wOm26Qa/kL8Z6ffBU13q8/jNWgQ0pO2JPleCw1XeEuD0qBDB4u+t8KP3b054bMlS
vbC8dT/4z7UOx7S937iCY/uWpsrHrnQNoND4RDzDmu/MMp+PfQUTRKMSnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIHrUl6sjrW0oXPQ0OlFjNHusoPNMB8GA1UdIwQY
MBaAFDj3Rrga7ADja5vLeghkKmTpE9pbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1BkR3VCcnNBT05ybTh0NkNHUXFaT2tUMmxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9mNGRjNzYtZGNkMi00NzViLTllNjgt
YzIyMzk1Y2UxYmU0LzEvZ2V0U1hxeU90YlNoYzlEUTZVV00wZTZ5ZzgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9mNGRjNzYtZGNkMi00NzViLTllNjgtYzIyMzk1Y2UxYmU0
LzEvT1BkR3VCcnNBT05ybTh0NkNHUXFaT2tUMmxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/DxMA0G
CSqGSIb3DQEBCwUAA4IBAQC6DRJgQWWJTUr4AxOq6eJwweg+vNupCGOVFVyt9a4j
CaS4svranIoDUdQN8u/EujbGijI2ZyzFp1qLcEOsks1EBq7XRwdngVfnKo9nL3Mi
I6l8nsNtR2hCQDVycgZ9BX6bQSQgKja6QhQxhSF2YaHQhbdxLCsGTVGuFla4N2Y1
6pSqbp3KkXyxIDRHjtaP40kBfQhYfvdkaAW3IMQs6lhxp2HyowmtNTXFdmUjOt82
LZ3rBUZtQ24QVUXwyDreL6buqOm4PUzJs9vzwaQ2qVNj7ggvvaRf4ara/TpQnqfi
JWLEwWufgkvA81AwDHY01D7JUQ+dYjG5uEq79Oh9dFgQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:55 2024 by rpki-client on console-ams.rpki-client.org