Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/a8f471-c243-4cc6-970d-ff7dc04ba385/1/xNfH3KCiud67BSwShswopgNDbnE.roa
File: xNfH3KCiud67BSwShswopgNDbnE.roa (raw, json)
Hash identifier: jsMTRhgS5uP/Abw5XD+wxRKlkZFG1F8Kposi0DmmhiY=
Subject key identifier: C4:D7:C7:DC:A0:A2:B9:DE:BB:05:2C:12:86:CC:28:A6:03:43:6E:71
Certificate issuer: /CN=80e506fcf1d7cf649d388e975ca26252e219fc7c
Certificate serial: 029070FF
Authority key identifier: 80:E5:06:FC:F1:D7:CF:64:9D:38:8E:97:5C:A2:62:52:E2:19:FC:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gOUG_PHXz2SdOI6XXKJiUuIZ_Hw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/a8f471-c243-4cc6-970d-ff7dc04ba385/1/xNfH3KCiud67BSwShswopgNDbnE.roa
Signing time: Sat 01 Jan 2022 13:55:24 +0000
ROA not before: Sat 01 Jan 2022 13:55:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206766
IP address blocks: 91.198.208.0/24 maxlen: 24
91.198.210.0/24 maxlen: 24
91.198.215.0/24 maxlen: 24
91.198.218.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43020543 (0x29070ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80e506fcf1d7cf649d388e975ca26252e219fc7c
Validity
Not Before: Jan 1 13:55:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c4d7c7dca0a2b9debb052c1286cc28a603436e71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e8:be:90:0b:c1:82:f9:93:78:12:15:f6:20:
31:50:39:82:b0:b5:ba:3d:99:3b:36:8f:b4:9e:f1:
5b:36:e5:f9:1b:d1:37:39:12:9d:b2:bc:11:ee:b3:
55:48:1f:a9:20:2e:d1:f1:00:f6:31:95:93:e5:a4:
af:47:08:46:66:5c:f2:2f:bf:2c:6c:34:71:c5:b7:
34:1c:a8:a5:f0:0c:51:c6:4c:2a:af:58:a7:a1:82:
4a:49:03:9c:a9:16:32:9f:31:91:67:68:a7:76:aa:
1e:14:a6:d1:c0:b5:d6:da:68:ea:d4:04:a7:ae:7e:
c0:74:30:f0:1d:59:f0:ca:f4:a0:ca:f9:dd:e4:b5:
ff:f7:62:a9:db:5b:d6:18:95:b6:d8:1b:e6:0e:83:
18:a1:84:95:5f:1b:b4:39:20:5d:ed:8b:18:ac:96:
6d:72:1b:c7:b0:58:07:89:a5:b9:c6:18:36:ee:69:
61:00:2c:81:24:c3:24:87:75:99:d1:1c:ae:38:e7:
e7:ee:ec:e1:9d:92:2d:e1:d2:9d:ca:6f:76:0b:70:
e9:d9:d3:d6:75:b1:79:9e:e6:99:d1:c6:af:6e:d1:
dd:ee:fe:d9:2b:f0:fd:c3:63:64:4a:35:88:3d:01:
96:61:de:0c:af:b0:2a:ec:46:83:f3:8f:ed:58:f3:
f2:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:D7:C7:DC:A0:A2:B9:DE:BB:05:2C:12:86:CC:28:A6:03:43:6E:71
X509v3 Authority Key Identifier:
keyid:80:E5:06:FC:F1:D7:CF:64:9D:38:8E:97:5C:A2:62:52:E2:19:FC:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gOUG_PHXz2SdOI6XXKJiUuIZ_Hw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/a8f471-c243-4cc6-970d-ff7dc04ba385/1/xNfH3KCiud67BSwShswopgNDbnE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/a8f471-c243-4cc6-970d-ff7dc04ba385/1/gOUG_PHXz2SdOI6XXKJiUuIZ_Hw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.208.0/24
91.198.210.0/24
91.198.215.0/24
91.198.218.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:20:b3:a2:e4:b9:9e:35:0d:ee:27:6f:2d:90:06:a6:74:e3:
c9:23:f2:3d:f9:6c:16:72:77:10:b0:fd:3f:ed:df:4c:75:46:
d9:45:a2:5d:ff:ca:5d:42:a2:f1:69:89:f8:7f:da:cc:ad:0d:
2a:73:4f:df:cf:22:8d:55:b1:e9:d5:c2:f5:47:16:5e:b8:55:
5e:06:c7:2a:5a:0b:d5:3f:7d:87:88:ad:86:cf:78:8d:65:97:
c1:6c:d0:78:18:f1:01:70:93:4b:9d:d0:ed:8f:55:aa:97:00:
b5:02:19:82:d9:66:1d:20:48:02:9c:27:09:43:83:c9:a3:09:
c8:c8:42:a1:68:22:f7:3f:a4:ee:7a:4c:62:54:fd:39:5a:32:
18:f8:09:ff:56:9a:06:4d:4c:4e:c0:4a:7b:36:0c:4d:b7:64:
3d:1f:dd:72:ea:68:79:14:09:6a:60:b5:8e:d4:65:61:f4:37:
d6:a8:29:f1:74:09:ad:d7:f9:a7:bc:2b:10:d4:09:66:ba:25:
fe:c5:3b:26:18:54:74:5f:23:3e:36:0d:5b:59:2e:77:36:95:
87:11:91:4a:e7:96:ad:2a:a4:0a:c2:e0:ef:fc:e3:45:1f:bb:
05:a1:c9:6c:a1:b3:2f:bd:47:7b:0d:1b:c9:13:10:9c:9a:ef:
92:77:89:80
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEApBw/zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MGU1MDZmY2YxZDdjZjY0OWQzODhlOTc1Y2EyNjI1MmUyMTlmYzdjMB4XDTIyMDEw
MTEzNTUyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzRkN2M3ZGNhMGEy
YjlkZWJiMDUyYzEyODZjYzI4YTYwMzQzNmU3MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL3ovpALwYL5k3gSFfYgMVA5grC1uj2ZOzaPtJ7xWzbl+RvR
NzkSnbK8Ee6zVUgfqSAu0fEA9jGVk+Wkr0cIRmZc8i+/LGw0ccW3NByopfAMUcZM
Kq9Yp6GCSkkDnKkWMp8xkWdop3aqHhSm0cC11tpo6tQEp65+wHQw8B1Z8Mr0oMr5
3eS1//diqdtb1hiVttgb5g6DGKGElV8btDkgXe2LGKyWbXIbx7BYB4mlucYYNu5p
YQAsgSTDJId1mdEcrjjn5+7s4Z2SLeHSncpvdgtw6dnT1nWxeZ7mmdHGr27R3e7+
2Svw/cNjZEo1iD0BlmHeDK+wKuxGg/OP7Vjz8ncCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBTE18fcoKK53rsFLBKGzCimA0NucTAfBgNVHSMEGDAWgBSA5Qb88dfPZJ04
jpdcomJS4hn8fDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dPVUdfUEhYejJTZE9JNlhYS0ppVXVJWl9Idy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmMvYThmNDcxLWMyNDMtNGNjNi05NzBkLWZmN2RjMDRiYTM4NS8x
L3hOZkgzS0NpdWQ2N0JTd1Noc3dvcGdORGJuRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmMv
YThmNDcxLWMyNDMtNGNjNi05NzBkLWZmN2RjMDRiYTM4NS8xL2dPVUdfUEhYejJT
ZE9JNlhYS0ppVXVJWl9Idy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAFvG0AMEAFvG0gMEAFvG1wMEAFvG
2jANBgkqhkiG9w0BAQsFAAOCAQEAGiCzouS5njUN7idvLZAGpnTjySPyPflsFnJ3
ELD9P+3fTHVG2UWiXf/KXUKi8WmJ+H/azK0NKnNP388ijVWx6dXC9UcWXrhVXgbH
KloL1T99h4iths94jWWXwWzQeBjxAXCTS53Q7Y9VqpcAtQIZgtlmHSBIApwnCUOD
yaMJyMhCoWgi9z+k7npMYlT9OVoyGPgJ/1aaBk1MTsBKezYMTbdkPR/dcupoeRQJ
amC1jtRlYfQ31qgp8XQJrdf5p7wrENQJZrol/sU7JhhUdF8jPjYNW1kudzaVhxGR
SueWrSqkCsLg7/zjRR+7BaHJbKGzL71Hew0byRMQnJrvkneJgA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:13 2024 by rpki-client on console-ams.rpki-client.org