Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/66369c-02f9-4947-9cb4-84b725158347/1/8th9LHk0TFm2yTHE1XSre_AOz5w.roa
File: 8th9LHk0TFm2yTHE1XSre_AOz5w.roa (raw, json)
Hash identifier: Wnkev5/bQl7+NvZMvV4BRIbpQ5DBEWRbnT2rwdQq3MY=
Subject key identifier: F2:D8:7D:2C:79:34:4C:59:B6:C9:31:C4:D5:74:AB:7B:F0:0E:CF:9C
Certificate issuer: /CN=b6957ca483af0b67f973b085972ccc5c5ed03f7c
Certificate serial: 04748EB8
Authority key identifier: B6:95:7C:A4:83:AF:0B:67:F9:73:B0:85:97:2C:CC:5C:5E:D0:3F:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tpV8pIOvC2f5c7CFlyzMXF7QP3w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/66369c-02f9-4947-9cb4-84b725158347/1/8th9LHk0TFm2yTHE1XSre_AOz5w.roa
Signing time: Sat 01 Jan 2022 08:01:30 +0000
ROA not before: Sat 01 Jan 2022 08:01:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57089
IP address blocks: 91.230.160.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74747576 (0x4748eb8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6957ca483af0b67f973b085972ccc5c5ed03f7c
Validity
Not Before: Jan 1 08:01:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f2d87d2c79344c59b6c931c4d574ab7bf00ecf9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:7e:50:7e:9c:f7:df:e7:b5:11:40:8f:07:74:
ed:43:77:57:75:ef:53:b6:d2:af:34:aa:79:28:a0:
9f:9f:18:ab:1b:c0:c3:53:c9:0e:f3:ec:82:ce:d3:
d7:5c:27:bf:6d:b2:a4:f9:09:d1:c4:c8:11:78:91:
24:80:4b:f0:d2:b5:54:01:02:6d:15:b9:14:d0:62:
03:22:6d:a9:53:d8:75:90:42:13:5f:0d:67:6a:bc:
76:1e:6b:18:93:4b:2a:15:74:53:b1:c1:8c:ad:58:
67:6c:e9:05:7f:75:bc:02:80:d3:3b:42:21:c2:4d:
86:a3:34:55:27:99:6e:b6:5d:89:5e:c9:b8:53:7b:
13:10:23:a8:79:43:04:65:e2:da:04:e1:d9:8e:5a:
8b:8b:06:9f:8d:10:62:ce:b1:85:23:1f:bc:ee:d9:
d4:6b:87:f0:6b:e0:49:e0:e1:1a:df:54:c7:36:6f:
0e:4e:ba:c1:e6:d4:95:76:6d:0e:9e:9f:f4:43:7e:
27:5a:7b:8f:5d:36:09:60:08:58:b1:18:54:b2:63:
e6:57:c4:43:3e:09:4d:aa:93:9a:c5:00:77:0c:80:
d1:04:83:9e:11:24:7b:65:6a:81:9d:af:5b:dc:ba:
0d:6d:99:41:fe:f3:59:51:d3:19:4d:42:83:22:2a:
95:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:D8:7D:2C:79:34:4C:59:B6:C9:31:C4:D5:74:AB:7B:F0:0E:CF:9C
X509v3 Authority Key Identifier:
keyid:B6:95:7C:A4:83:AF:0B:67:F9:73:B0:85:97:2C:CC:5C:5E:D0:3F:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tpV8pIOvC2f5c7CFlyzMXF7QP3w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/66369c-02f9-4947-9cb4-84b725158347/1/8th9LHk0TFm2yTHE1XSre_AOz5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/66369c-02f9-4947-9cb4-84b725158347/1/tpV8pIOvC2f5c7CFlyzMXF7QP3w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.160.0/23
Signature Algorithm: sha256WithRSAEncryption
86:c2:4d:6c:9a:76:a6:54:ee:8f:4b:1b:aa:2b:e7:bc:7d:46:
3e:86:5a:92:b8:0e:f0:1d:ce:16:d3:3d:92:a3:74:5c:1d:d9:
bd:61:e3:96:bb:14:4a:2b:7f:ea:89:bd:2e:c0:d9:db:43:87:
96:01:72:89:ec:99:02:0e:30:3d:5b:d9:44:ba:ea:08:db:9b:
a1:41:ec:44:ad:1e:0d:00:6c:f3:32:c4:52:5a:9d:a2:96:31:
ba:45:19:f0:88:75:09:44:ea:c0:2a:8e:3b:c1:37:bd:3f:91:
a3:0b:da:0e:d6:0a:98:35:11:86:82:a6:7c:54:0f:56:fe:a9:
e0:54:ef:4a:76:50:31:a7:3a:84:cd:fd:04:ef:50:d8:51:5c:
bb:6d:0a:6c:65:e3:2b:07:b4:d2:fe:25:74:9b:71:15:96:93:
11:cc:b3:e7:f1:a5:72:68:4a:91:c8:f8:13:f0:91:fe:f3:79:
24:d0:18:fd:73:75:c1:d7:74:2d:4e:63:49:53:bf:76:97:25:
fc:4c:c6:51:73:6a:20:e0:95:e3:19:18:93:d5:3d:26:79:95:
f9:28:85:74:6f:9f:90:64:45:17:9d:81:7d:6c:9c:ef:4c:24:
aa:8a:3c:1c:90:ca:0e:24:60:ba:05:99:9c:19:c5:59:80:b9:
05:18:39:a8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBHSOuDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
Njk1N2NhNDgzYWYwYjY3Zjk3M2IwODU5NzJjY2M1YzVlZDAzZjdjMB4XDTIyMDEw
MTA4MDEzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjJkODdkMmM3OTM0
NGM1OWI2YzkzMWM0ZDU3NGFiN2JmMDBlY2Y5YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK5+UH6c99/ntRFAjwd07UN3V3XvU7bSrzSqeSign58YqxvA
w1PJDvPsgs7T11wnv22ypPkJ0cTIEXiRJIBL8NK1VAECbRW5FNBiAyJtqVPYdZBC
E18NZ2q8dh5rGJNLKhV0U7HBjK1YZ2zpBX91vAKA0ztCIcJNhqM0VSeZbrZdiV7J
uFN7ExAjqHlDBGXi2gTh2Y5ai4sGn40QYs6xhSMfvO7Z1GuH8GvgSeDhGt9UxzZv
Dk66webUlXZtDp6f9EN+J1p7j102CWAIWLEYVLJj5lfEQz4JTaqTmsUAdwyA0QSD
nhEke2VqgZ2vW9y6DW2ZQf7zWVHTGU1CgyIqlS8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTy2H0seTRMWbbJMcTVdKt78A7PnDAfBgNVHSMEGDAWgBS2lXykg68LZ/lz
sIWXLMxcXtA/fDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RwVjhwSU92QzJmNWM3Q0ZseXpNWEY3UVAzdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2MvNjYzNjljLTAyZjktNDk0Ny05Y2I0LTg0YjcyNTE1ODM0Ny8x
Lzh0aDlMSGswVEZtMnlUSEUxWFNyZV9BT3o1dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Mv
NjYzNjljLTAyZjktNDk0Ny05Y2I0LTg0YjcyNTE1ODM0Ny8xL3RwVjhwSU92QzJm
NWM3Q0ZseXpNWEY3UVAzdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVvmoDANBgkqhkiG9w0BAQsFAAOC
AQEAhsJNbJp2plTuj0sbqivnvH1GPoZakrgO8B3OFtM9kqN0XB3ZvWHjlrsUSit/
6om9LsDZ20OHlgFyieyZAg4wPVvZRLrqCNuboUHsRK0eDQBs8zLEUlqdopYxukUZ
8Ih1CUTqwCqOO8E3vT+RowvaDtYKmDURhoKmfFQPVv6p4FTvSnZQMac6hM39BO9Q
2FFcu20KbGXjKwe00v4ldJtxFZaTEcyz5/GlcmhKkcj4E/CR/vN5JNAY/XN1wdd0
LU5jSVO/dpcl/EzGUXNqIOCV4xkYk9U9JnmV+SiFdG+fkGRFF52BfWyc70wkqoo8
HJDKDiRgugWZnBnFWYC5BRg5qA==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:01 2023 by rpki-client on console.sobornost.net