Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/pGDI790m9oKr5oblRTmZ4eqGa70.roa
File: pGDI790m9oKr5oblRTmZ4eqGa70.roa (raw, json)
Hash identifier: e+O2jRKqVtBj5fympKsqjIOsi1NIjjxQEfcwm10qAZs=
Subject key identifier: A4:60:C8:EF:DD:26:F6:82:AB:E6:86:E5:45:39:99:E1:EA:86:6B:BD
Certificate issuer: /CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Certificate serial: 029E1675
Authority key identifier: 62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/pGDI790m9oKr5oblRTmZ4eqGa70.roa
Signing time: Sat 01 Jan 2022 14:08:43 +0000
ROA not before: Sat 01 Jan 2022 14:08:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62041
IP address blocks: 91.108.4.0/22 maxlen: 22
91.108.8.0/22 maxlen: 22
95.161.64.0/20 maxlen: 20
91.108.56.0/22 maxlen: 22
149.154.164.0/22 maxlen: 22
149.154.160.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43914869 (0x29e1675)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Validity
Not Before: Jan 1 14:08:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a460c8efdd26f682abe686e5453999e1ea866bbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:26:77:db:98:dc:64:06:69:71:41:12:e2:bb:
8b:45:39:b6:99:3d:2b:78:8b:9e:62:ca:88:2b:f7:
1a:fa:40:58:19:c9:d1:cc:75:e6:9d:d7:78:d4:1a:
f7:fa:a0:e4:df:f7:4e:4e:ea:3e:e7:57:55:be:55:
9c:06:c4:cd:43:1f:3d:8d:48:a9:f8:e0:3a:fe:0b:
95:ff:a7:e2:42:64:07:df:24:52:1f:1e:7a:38:92:
35:b4:e8:b7:4f:bc:77:fc:7d:fc:5b:5d:e8:34:7e:
63:31:93:52:0c:0a:3f:eb:6c:71:17:bc:a6:09:e4:
30:9a:ef:b5:43:f3:4c:4c:b9:28:08:38:9a:87:f1:
70:24:ce:27:25:ce:89:c5:98:ee:9b:e7:4d:09:3a:
87:92:0d:c8:8a:8c:f7:68:01:4a:ed:cd:f0:08:d3:
25:33:a7:d9:a6:4f:db:dc:b2:91:c8:23:2b:2b:aa:
fd:c5:5e:bf:0f:66:93:32:09:a7:39:84:0d:6f:98:
79:fb:d9:c2:43:a7:71:f0:ca:b4:58:8c:23:9d:6b:
39:98:f9:7d:e9:d2:02:41:a4:e7:e9:a0:95:a7:07:
81:47:86:d7:00:6d:61:89:99:b1:e5:ce:3e:36:f7:
dd:31:25:2a:a7:78:9a:a9:f3:5f:c8:44:c9:a0:04:
43:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:60:C8:EF:DD:26:F6:82:AB:E6:86:E5:45:39:99:E1:EA:86:6B:BD
X509v3 Authority Key Identifier:
keyid:62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/pGDI790m9oKr5oblRTmZ4eqGa70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.108.4.0-91.108.11.255
91.108.56.0/22
95.161.64.0/20
149.154.160.0/21
Signature Algorithm: sha256WithRSAEncryption
49:5d:84:fa:b3:d6:bd:17:26:df:3d:48:8d:1e:72:1a:27:e8:
3a:ca:c5:d8:81:b7:1b:ff:51:de:04:da:82:a8:ce:7f:e9:53:
0c:2d:f7:4e:a0:a9:40:f7:04:14:8c:79:bd:15:f3:41:f9:d5:
aa:17:c8:a8:2b:ed:10:fa:90:25:ed:7a:19:fc:21:f8:a2:f7:
a3:78:fd:1b:f0:e4:f3:ef:60:9f:55:66:13:34:1e:6f:27:3f:
3e:00:d0:6c:4a:6f:7f:01:91:0a:6b:29:9b:4c:5e:52:66:d6:
c0:20:d9:26:d0:42:79:63:0b:3c:b7:c9:af:dc:cf:2b:cd:78:
4d:bc:1f:5d:04:db:9b:f1:a4:db:ab:e7:eb:2c:03:78:16:3c:
6a:b6:9d:70:0c:8e:c9:23:10:0c:85:1b:6f:53:be:e8:02:4b:
ea:d5:97:24:6c:e9:0e:a8:b3:ac:1f:5e:80:50:a1:d9:92:f0:
46:36:7b:8a:51:1b:30:0c:7c:ff:d6:96:f9:d2:d0:c1:5d:63:
5f:13:e6:b4:4b:81:07:e5:80:e7:ea:11:5a:51:6f:20:1d:9f:
40:b1:43:99:e8:fb:97:ad:d0:0b:48:3f:8a:4b:62:d9:e2:b6:
9d:7d:09:d1:d4:11:41:5d:dd:17:3a:04:ea:1d:71:9e:f0:22:
42:4d:54:e4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEAp4WdTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MjI4ZTdlMDFmYWRhNDljMWE1MmZhMTNmMzYyNmM0MWI0MWE1MWI4MB4XDTIyMDEw
MTE0MDg0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTQ2MGM4ZWZkZDI2
ZjY4MmFiZTY4NmU1NDUzOTk5ZTFlYTg2NmJiZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALomd9uY3GQGaXFBEuK7i0U5tpk9K3iLnmLKiCv3GvpAWBnJ
0cx15p3XeNQa9/qg5N/3Tk7qPudXVb5VnAbEzUMfPY1IqfjgOv4Llf+n4kJkB98k
Uh8eejiSNbTot0+8d/x9/Ftd6DR+YzGTUgwKP+tscRe8pgnkMJrvtUPzTEy5KAg4
mofxcCTOJyXOicWY7pvnTQk6h5INyIqM92gBSu3N8AjTJTOn2aZP29yykcgjKyuq
/cVevw9mkzIJpzmEDW+YefvZwkOncfDKtFiMI51rOZj5fenSAkGk5+mglacHgUeG
1wBtYYmZseXOPjb33TElKqd4mqnzX8hEyaAEQ0cCAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBSkYMjv3Sb2gqvmhuVFOZnh6oZrvTAfBgNVHSMEGDAWgBRiKOfgH62knBpS
+hPzYmxBtBpRuDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lpam40Qi10cEp3YVV2b1Q4MkpzUWJRYVViZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGUvYmFhZmYzLWFlYjQtNDYxNi04ZmI1LTc2NzQxNjUyNTEwZC8x
L3BHREk3OTBtOW9LcjVvYmxSVG1aNGVxR2E3MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGUv
YmFhZmYzLWFlYjQtNDYxNi04ZmI1LTc2NzQxNjUyNTEwZC8xL1lpam40Qi10cEp3
YVV2b1Q4MkpzUWJRYVViZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIDAMAwQCW2wEAwQCW2wIAwQCW2w4AwQE
X6FAAwQDlZqgMA0GCSqGSIb3DQEBCwUAA4IBAQBJXYT6s9a9FybfPUiNHnIaJ+g6
ysXYgbcb/1HeBNqCqM5/6VMMLfdOoKlA9wQUjHm9FfNB+dWqF8ioK+0Q+pAl7XoZ
/CH4ovejeP0b8OTz72CfVWYTNB5vJz8+ANBsSm9/AZEKaymbTF5SZtbAINkm0EJ5
Yws8t8mv3M8rzXhNvB9dBNub8aTbq+frLAN4Fjxqtp1wDI7JIxAMhRtvU77oAkvq
1ZckbOkOqLOsH16AUKHZkvBGNnuKURswDHz/1pb50tDBXWNfE+a0S4EH5YDn6hFa
UW8gHZ9AsUOZ6PuXrdALSD+KS2LZ4radfQnR1BFBXd0XOgTqHXGe8CJCTVTk
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:41 2023 by rpki-client on console.sobornost.net