Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/5c3244-835d-472d-bf0e-0c7a87196c35/1/szu3H1USP0i-8MgSl9bkUkG8btk.roa
File: szu3H1USP0i-8MgSl9bkUkG8btk.roa (raw, json)
Hash identifier: HTgFUP/IjIkXm/ks5zCupzbS8rX/+WlLiS/lJNK9ql0=
Subject key identifier: B3:3B:B7:1F:55:12:3F:48:BE:F0:C8:12:97:D6:E4:52:41:BC:6E:D9
Certificate issuer: /CN=21506035b32cc33af0589c55be849775e92c4693
Certificate serial: 03BBDEA9
Authority key identifier: 21:50:60:35:B3:2C:C3:3A:F0:58:9C:55:BE:84:97:75:E9:2C:46:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IVBgNbMswzrwWJxVvoSXdeksRpM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/5c3244-835d-472d-bf0e-0c7a87196c35/1/szu3H1USP0i-8MgSl9bkUkG8btk.roa
Signing time: Sat 01 Jan 2022 05:01:54 +0000
ROA not before: Sat 01 Jan 2022 05:01:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44480
IP address blocks: 91.199.129.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62643881 (0x3bbdea9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21506035b32cc33af0589c55be849775e92c4693
Validity
Not Before: Jan 1 05:01:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b33bb71f55123f48bef0c81297d6e45241bc6ed9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:77:99:ae:eb:30:ab:ad:5b:bb:9a:31:d2:3a:
c5:2a:94:16:eb:3d:7b:4a:15:c7:2f:ab:a7:41:f5:
8e:dc:03:3d:c6:fa:c4:12:92:5a:96:1c:4c:8e:62:
0f:e9:eb:8a:d7:3c:28:2e:ca:a9:4a:65:2f:c0:f9:
ed:f3:60:4e:f6:78:f1:08:cd:27:58:0c:a5:94:d3:
dc:f8:1d:86:02:1d:46:1f:2e:1f:fc:03:ac:4b:93:
b2:ff:e4:1b:aa:88:c6:79:8f:a1:40:22:db:bc:cd:
f1:07:ca:91:35:a9:db:c6:6c:12:03:14:77:4e:8c:
6d:d6:89:3d:ca:c8:2e:b6:f7:54:77:c3:5f:31:78:
50:ee:1f:e8:cd:0f:c4:ae:65:12:9b:5d:75:fe:31:
d3:6f:3f:71:d3:93:de:c2:68:60:de:a2:0c:4a:f0:
b5:9a:82:b8:a9:d1:a7:48:dc:53:b7:f7:fc:48:d0:
7f:9f:91:dd:99:02:ae:00:9d:87:cd:19:fb:c0:33:
82:f4:41:76:79:36:da:2e:f7:6f:38:a4:cf:61:9d:
a6:b3:03:23:74:51:4e:c2:b5:c2:76:d8:68:f0:fb:
ac:c1:61:2c:9c:8a:11:31:03:80:e6:35:a6:55:e7:
d8:e1:37:79:3f:c4:10:73:a6:49:2f:fa:cf:8f:fd:
0a:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:3B:B7:1F:55:12:3F:48:BE:F0:C8:12:97:D6:E4:52:41:BC:6E:D9
X509v3 Authority Key Identifier:
keyid:21:50:60:35:B3:2C:C3:3A:F0:58:9C:55:BE:84:97:75:E9:2C:46:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IVBgNbMswzrwWJxVvoSXdeksRpM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/5c3244-835d-472d-bf0e-0c7a87196c35/1/szu3H1USP0i-8MgSl9bkUkG8btk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/5c3244-835d-472d-bf0e-0c7a87196c35/1/IVBgNbMswzrwWJxVvoSXdeksRpM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.129.0/24
Signature Algorithm: sha256WithRSAEncryption
71:5d:23:09:3e:87:13:20:ea:b2:f8:cc:05:5d:41:0d:0d:71:
2a:15:b5:04:e5:5a:ed:50:7e:14:23:02:53:33:50:24:70:55:
9a:62:d1:97:40:1e:01:9a:2f:6f:a9:ef:a3:ed:23:87:1c:62:
12:d2:8e:66:7e:4f:97:74:5b:3a:29:c8:f7:18:3b:86:cd:3b:
01:c6:44:f9:c2:86:79:cf:45:5e:b9:1c:fd:f6:be:7e:6b:9e:
db:1b:4e:78:9a:22:20:f7:ca:fe:8a:e2:74:95:c8:b2:93:c8:
b3:4b:63:95:7d:c7:e8:10:a7:7c:f0:62:da:68:87:28:0a:84:
0f:53:4a:4f:cc:dc:6c:c5:2f:26:cd:b9:54:b3:a6:d9:44:c7:
fd:b1:87:1b:ba:8c:76:d9:66:f6:63:f2:b5:27:40:45:09:0a:
47:51:d7:76:66:eb:e2:b8:2a:66:89:00:fb:36:4d:7b:51:c0:
5d:79:35:03:d3:14:ad:4a:10:a1:4f:d4:d6:11:16:02:05:65:
23:1b:9a:e9:fe:4e:b1:ab:e7:db:d3:1e:62:23:57:ed:25:80:
8e:62:63:36:a9:94:98:4b:36:ae:e1:56:c9:21:48:a6:04:99:
66:64:c0:ac:1b:69:dd:8b:c3:77:38:33:42:63:30:cc:b8:79:
2b:41:18:d6
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA7veqTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MTUwNjAzNWIzMmNjMzNhZjA1ODljNTViZTg0OTc3NWU5MmM0NjkzMB4XDTIyMDEw
MTA1MDE1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjMzYmI3MWY1NTEy
M2Y0OGJlZjBjODEyOTdkNmU0NTI0MWJjNmVkOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANZ3ma7rMKutW7uaMdI6xSqUFus9e0oVxy+rp0H1jtwDPcb6
xBKSWpYcTI5iD+nritc8KC7KqUplL8D57fNgTvZ48QjNJ1gMpZTT3PgdhgIdRh8u
H/wDrEuTsv/kG6qIxnmPoUAi27zN8QfKkTWp28ZsEgMUd06MbdaJPcrILrb3VHfD
XzF4UO4f6M0PxK5lEptddf4x028/cdOT3sJoYN6iDErwtZqCuKnRp0jcU7f3/EjQ
f5+R3ZkCrgCdh80Z+8AzgvRBdnk22i73bzikz2GdprMDI3RRTsK1wnbYaPD7rMFh
LJyKETEDgOY1plXn2OE3eT/EEHOmSS/6z4/9Ct0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSzO7cfVRI/SL7wyBKX1uRSQbxu2TAfBgNVHSMEGDAWgBQhUGA1syzDOvBY
nFW+hJd16SxGkzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lWQmdOYk1zd3pyd1dKeFZ2b1NYZGVrc1JwTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmIvNWMzMjQ0LTgzNWQtNDcyZC1iZjBlLTBjN2E4NzE5NmMzNS8x
L3N6dTNIMVVTUDBpLThNZ1NsOWJrVWtHOGJ0ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmIv
NWMzMjQ0LTgzNWQtNDcyZC1iZjBlLTBjN2E4NzE5NmMzNS8xL0lWQmdOYk1zd3py
d1dKeFZ2b1NYZGVrc1JwTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvHgTANBgkqhkiG9w0BAQsFAAOC
AQEAcV0jCT6HEyDqsvjMBV1BDQ1xKhW1BOVa7VB+FCMCUzNQJHBVmmLRl0AeAZov
b6nvo+0jhxxiEtKOZn5Pl3RbOinI9xg7hs07AcZE+cKGec9FXrkc/fa+fmue2xtO
eJoiIPfK/oridJXIspPIs0tjlX3H6BCnfPBi2miHKAqED1NKT8zcbMUvJs25VLOm
2UTH/bGHG7qMdtlm9mPytSdARQkKR1HXdmbr4rgqZokA+zZNe1HAXXk1A9MUrUoQ
oU/U1hEWAgVlIxua6f5Osavn29MeYiNX7SWAjmJjNqmUmEs2ruFWySFIpgSZZmTA
rBtp3YvDdzgzQmMwzLh5K0EY1g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:57 2024 by rpki-client on console-ams.rpki-client.org