Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/e2c33a-2143-43ff-8fd6-e6f3ecbf6743/1/I5Dane4jpEGJmoV9xAXyqGhUIQ8.roa
File: I5Dane4jpEGJmoV9xAXyqGhUIQ8.roa (raw, json)
Hash identifier: Ypftc5EwGRSyRJyjpk2FcQXKiVwLFId84WRg8duZvxQ=
Subject key identifier: 23:90:DA:9D:EE:23:A4:41:89:9A:85:7D:C4:05:F2:A8:68:54:21:0F
Certificate issuer: /CN=620dd5186de65a646dda4b89dd48ed44873af149
Certificate serial: 018604
Authority key identifier: 62:0D:D5:18:6D:E6:5A:64:6D:DA:4B:89:DD:48:ED:44:87:3A:F1:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yg3VGG3mWmRt2kuJ3UjtRIc68Uk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/e2c33a-2143-43ff-8fd6-e6f3ecbf6743/1/I5Dane4jpEGJmoV9xAXyqGhUIQ8.roa
Signing time: Fri 06 May 2022 08:31:06 +0000
ROA not before: Fri 06 May 2022 08:31:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44664
IP address blocks: 91.247.226.0/24 maxlen: 24
91.247.224.0/24 maxlen: 24
91.247.224.0/22 maxlen: 22
91.247.225.0/24 maxlen: 24
91.247.227.0/24 maxlen: 24
91.225.56.0/24 maxlen: 24
91.225.56.0/22 maxlen: 22
91.225.58.0/24 maxlen: 24
91.225.57.0/24 maxlen: 24
91.225.59.0/24 maxlen: 24
91.202.144.0/22 maxlen: 22
91.202.144.0/24 maxlen: 24
91.202.145.0/24 maxlen: 24
91.202.147.0/24 maxlen: 24
91.202.146.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99844 (0x18604)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=620dd5186de65a646dda4b89dd48ed44873af149
Validity
Not Before: May 6 08:31:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2390da9dee23a441899a857dc405f2a86854210f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:9b:ec:8d:36:b7:c3:62:a4:94:16:4f:26:36:
0e:1f:f6:db:79:3f:72:e0:1b:28:07:a1:1a:55:0f:
3e:4c:ec:2c:18:74:94:42:85:44:4b:37:eb:4a:04:
c5:52:83:53:f7:75:1b:cb:d6:19:c1:63:95:72:8f:
31:aa:e3:d7:fb:0b:3b:22:1f:74:17:a6:27:a3:cc:
04:f2:41:05:9f:31:e9:7d:dc:e5:d6:b3:da:d6:77:
c1:36:0b:3d:d2:2f:34:00:cf:1d:fa:04:6c:70:d5:
f3:ff:8b:09:2a:be:9f:5c:08:23:b6:75:3f:3a:c6:
2c:32:96:0f:69:c9:da:b8:da:91:1b:9f:98:e5:8e:
fd:ae:59:b2:85:2b:d8:e2:2e:c1:06:26:7d:70:88:
7d:9a:a3:61:5d:6f:b2:ce:bb:aa:7c:b4:9e:80:09:
50:d1:af:4c:62:2f:4b:bd:27:44:e2:b8:7e:0a:46:
38:bd:a4:2c:45:fd:a6:a4:ab:e7:ef:c7:45:f8:3d:
c9:39:11:a2:d1:04:34:df:70:f5:66:8c:0d:cf:62:
0a:6c:c5:91:fd:17:a7:3e:b2:5e:ce:47:40:da:e1:
8e:6a:6b:6e:da:8b:02:3a:b0:19:1f:bd:41:f3:5f:
87:70:a4:1c:75:13:f6:71:c3:86:57:b5:69:e2:27:
db:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:90:DA:9D:EE:23:A4:41:89:9A:85:7D:C4:05:F2:A8:68:54:21:0F
X509v3 Authority Key Identifier:
keyid:62:0D:D5:18:6D:E6:5A:64:6D:DA:4B:89:DD:48:ED:44:87:3A:F1:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yg3VGG3mWmRt2kuJ3UjtRIc68Uk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/e2c33a-2143-43ff-8fd6-e6f3ecbf6743/1/I5Dane4jpEGJmoV9xAXyqGhUIQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/e2c33a-2143-43ff-8fd6-e6f3ecbf6743/1/Yg3VGG3mWmRt2kuJ3UjtRIc68Uk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.202.144.0/22
91.225.56.0/22
91.247.224.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:0d:24:f7:7d:44:2d:d3:2b:63:4c:3f:48:09:90:c8:18:84:
f3:8a:72:b2:ce:7d:10:4b:a0:f9:9c:0d:bb:d7:8f:99:f7:7e:
ee:4b:53:35:9b:01:a0:67:e9:ca:97:22:1e:40:14:ca:41:bf:
e1:70:8f:cb:4c:ab:3e:15:cd:81:09:b7:59:c0:11:ab:cb:bf:
fb:1a:d4:62:e0:ec:44:1c:49:a3:96:b6:55:09:25:c5:ef:85:
7a:b9:21:2e:f3:58:b6:db:35:b8:fc:48:84:b1:0f:83:e5:8b:
db:06:29:22:ec:38:e4:fe:6d:c1:61:04:aa:bc:2a:bb:03:05:
40:24:da:5a:2f:48:ed:8d:51:06:8f:f2:09:08:db:06:54:58:
e2:5f:1f:66:25:4f:c9:ae:f9:28:3d:c1:e7:a2:25:21:35:bb:
00:d9:4f:5b:e7:87:ee:d7:8b:0d:ed:b2:cb:9d:9a:e2:50:1a:
05:ad:e6:c9:8f:b4:57:dd:90:d7:56:48:83:25:45:92:44:5b:
af:b7:7c:47:be:ec:6b:39:8b:1d:92:97:9f:ac:ac:5e:09:d9:
a0:f1:7c:fd:f5:21:74:f4:04:c0:60:02:52:77:d1:24:dc:df:
68:ab:4b:06:69:da:31:00:f1:0c:01:a9:31:a7:cc:38:a3:77:
de:61:05:7b
-----BEGIN CERTIFICATE-----
MIIE+jCCA+KgAwIBAgIDAYYEMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDYy
MGRkNTE4NmRlNjVhNjQ2ZGRhNGI4OWRkNDhlZDQ0ODczYWYxNDkwHhcNMjIwNTA2
MDgzMTA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygyMzkwZGE5ZGVlMjNh
NDQxODk5YTg1N2RjNDA1ZjJhODY4NTQyMTBmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAxpvsjTa3w2KklBZPJjYOH/bbeT9y4BsoB6EaVQ8+TOwsGHSU
QoVESzfrSgTFUoNT93Uby9YZwWOVco8xquPX+ws7Ih90F6Yno8wE8kEFnzHpfdzl
1rPa1nfBNgs90i80AM8d+gRscNXz/4sJKr6fXAgjtnU/OsYsMpYPacnauNqRG5+Y
5Y79rlmyhSvY4i7BBiZ9cIh9mqNhXW+yzruqfLSegAlQ0a9MYi9LvSdE4rh+CkY4
vaQsRf2mpKvn78dF+D3JORGi0QQ033D1ZowNz2IKbMWR/RenPrJezkdA2uGOamtu
2osCOrAZH71B81+HcKQcdRP2ccOGV7Vp4ifbKwIDAQABo4ICFTCCAhEwHQYDVR0O
BBYEFCOQ2p3uI6RBiZqFfcQF8qhoVCEPMB8GA1UdIwQYMBaAFGIN1Rht5lpkbdpL
id1I7USHOvFJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
WWczVkdHM21XbVJ0Mmt1SjNVanRSSWM2OFVrLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9mZC9lMmMzM2EtMjE0My00M2ZmLThmZDYtZTZmM2VjYmY2NzQzLzEv
STVEYW5lNGpwRUdKbW9WOXhBWHlxR2hVSVE4LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9l
MmMzM2EtMjE0My00M2ZmLThmZDYtZTZmM2VjYmY2NzQzLzEvWWczVkdHM21XbVJ0
Mmt1SjNVanRSSWM2OFVrLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsG
CCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW8qQAwQCW+E4AwQCW/fgMA0GCSqG
SIb3DQEBCwUAA4IBAQCKDST3fUQt0ytjTD9ICZDIGITzinKyzn0QS6D5nA2714+Z
937uS1M1mwGgZ+nKlyIeQBTKQb/hcI/LTKs+Fc2BCbdZwBGry7/7GtRi4OxEHEmj
lrZVCSXF74V6uSEu81i22zW4/EiEsQ+D5YvbBiki7Djk/m3BYQSqvCq7AwVAJNpa
L0jtjVEGj/IJCNsGVFjiXx9mJU/JrvkoPcHnoiUhNbsA2U9b54fu14sN7bLLnZri
UBoFrebJj7RX3ZDXVkiDJUWSRFuvt3xHvuxrOYsdkpefrKxeCdmg8Xz99SF09ATA
YAJSd9Ek3N9oq0sGadoxAPEMAakxp8w4o3feYQV7
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:59 2024 by rpki-client on console-fra.rpki-client.org