Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/3f424e-262c-4077-8849-7418ac110c83/1/g9nkTMBD_30OOA414TEV6GPf3Hs.roa
File: g9nkTMBD_30OOA414TEV6GPf3Hs.roa (raw, json)
Hash identifier: pkffW2nF0FuNz7OAGba5+Juh8pdPjUrQ7H8lE0z5U3k=
Subject key identifier: 83:D9:E4:4C:C0:43:FF:7D:0E:38:0E:35:E1:31:15:E8:63:DF:DC:7B
Certificate issuer: /CN=5e8e581537e7aa66783c3403822a1181a3168d08
Certificate serial: 01852FD5E41FD6DCB65FF1C0FCD41B718C1E
Authority key identifier: 5E:8E:58:15:37:E7:AA:66:78:3C:34:03:82:2A:11:81:A3:16:8D:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xo5YFTfnqmZ4PDQDgioRgaMWjQg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/3f424e-262c-4077-8849-7418ac110c83/1/g9nkTMBD_30OOA414TEV6GPf3Hs.roa
Signing time: Tue 20 Dec 2022 14:00:24 +0000
ROA not before: Tue 20 Dec 2022 14:00:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197929
IP address blocks: 91.230.6.0/23 maxlen: 24
94.158.24.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2f:d5:e4:1f:d6:dc:b6:5f:f1:c0:fc:d4:1b:71:8c:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e8e581537e7aa66783c3403822a1181a3168d08
Validity
Not Before: Dec 20 14:00:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=83d9e44cc043ff7d0e380e35e13115e863dfdc7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:a2:3d:5f:74:6a:80:94:84:59:7f:93:32:47:
99:2a:0f:22:2c:24:21:37:38:8f:ed:cf:17:b1:39:
ee:2f:a7:3a:b1:ea:2f:7a:9a:55:57:11:78:7e:93:
1f:a6:0c:36:df:38:aa:d8:e0:4a:eb:21:9a:9c:86:
69:05:be:78:47:39:4f:1e:52:d0:bc:aa:ef:3d:22:
33:bf:bc:62:1c:9d:c6:48:0e:70:c4:35:ba:8a:ba:
e5:f0:9c:a1:61:51:4d:4c:76:47:18:99:3a:d6:d0:
41:3e:60:dd:d6:65:0d:9b:9e:a2:d9:66:d5:e3:23:
e8:5c:4e:d1:fe:6f:dd:b4:07:a7:a7:64:dc:5f:e7:
5b:ac:30:6f:04:c0:88:cf:01:bd:c4:be:15:f3:d2:
bf:c5:02:58:e3:9f:4b:51:6a:8a:4d:3a:69:51:31:
7d:7f:51:d1:6e:c6:e5:05:d7:ae:84:cb:03:3d:32:
a4:55:3c:e7:4b:e8:42:f9:d7:be:5d:ac:79:a4:ad:
4c:2b:c0:03:88:f1:db:e6:3b:ed:18:ad:39:f0:a9:
b7:d5:da:ec:90:73:e4:88:51:f0:60:af:00:c3:5e:
fb:69:ee:85:82:b9:59:a4:cf:70:b5:b0:1e:ae:04:
b2:1b:7e:da:e1:48:84:b7:ca:f9:b3:48:bf:83:34:
af:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:D9:E4:4C:C0:43:FF:7D:0E:38:0E:35:E1:31:15:E8:63:DF:DC:7B
X509v3 Authority Key Identifier:
keyid:5E:8E:58:15:37:E7:AA:66:78:3C:34:03:82:2A:11:81:A3:16:8D:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xo5YFTfnqmZ4PDQDgioRgaMWjQg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/3f424e-262c-4077-8849-7418ac110c83/1/g9nkTMBD_30OOA414TEV6GPf3Hs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/3f424e-262c-4077-8849-7418ac110c83/1/Xo5YFTfnqmZ4PDQDgioRgaMWjQg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.6.0/23
94.158.24.0/22
Signature Algorithm: sha256WithRSAEncryption
53:e0:b0:d1:e6:d0:b4:8f:6c:c7:3e:b2:24:d5:c1:2e:22:00:
bb:f8:9d:23:3f:ce:6c:ab:c8:e1:12:15:4d:9f:cf:7e:33:91:
c9:ab:ee:61:17:a2:29:d4:50:f1:dc:c0:57:c7:88:ce:e1:f4:
39:81:f5:fb:68:ec:05:ed:bf:84:86:dc:3c:79:f1:17:67:47:
99:46:03:d0:4a:57:0c:d1:6e:1e:65:4e:e6:15:93:88:44:cd:
17:96:03:7f:68:eb:fa:d8:94:f3:16:34:88:57:99:92:08:c0:
7a:58:5c:c4:f3:a9:3b:14:ed:01:d3:3a:f8:78:08:92:c0:c0:
d6:e2:9f:79:46:dc:21:28:c2:9c:44:d4:06:49:37:98:84:46:
e6:1b:09:30:ad:e6:5a:73:c5:c6:77:ae:89:6d:dd:40:4e:67:
4c:a2:18:18:a8:32:d2:04:8d:15:01:58:aa:f0:ca:f4:06:83:
25:27:3a:2d:40:20:a0:9a:c1:bf:7a:b6:20:ba:2f:a7:c7:83:
08:2c:9c:51:6a:6a:6b:08:3e:8b:97:5b:a7:5d:39:29:0e:8f:
e3:45:bb:24:51:d2:a4:34:c3:9b:5c:de:d0:ec:79:34:d7:f7:
cc:e7:e0:24:e5:e5:01:01:7e:69:b4:ce:38:8c:8a:f2:82:16:
dd:5c:36:8a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYUv1eQf1ty2X/HA/NQbcYweMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlOGU1ODE1MzdlN2FhNjY3ODNjMzQwMzgyMmExMTgxYTMx
NjhkMDgwHhcNMjIxMjIwMTQwMDI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2Q5ZTQ0Y2MwNDNmZjdkMGUzODBlMzVlMTMxMTVlODYzZGZkYzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy6I9X3RqgJSEWX+TMkeZKg8iLCQh
NziP7c8XsTnuL6c6seoveppVVxF4fpMfpgw23ziq2OBK6yGanIZpBb54RzlPHlLQ
vKrvPSIzv7xiHJ3GSA5wxDW6irrl8JyhYVFNTHZHGJk61tBBPmDd1mUNm56i2WbV
4yPoXE7R/m/dtAenp2TcX+dbrDBvBMCIzwG9xL4V89K/xQJY459LUWqKTTppUTF9
f1HRbsblBdeuhMsDPTKkVTznS+hC+de+Xax5pK1MK8ADiPHb5jvtGK058Km31drs
kHPkiFHwYK8Aw177ae6FgrlZpM9wtbAergSyG37a4UiEt8r5s0i/gzSvnwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIPZ5EzAQ/99DjgONeExFehj39x7MB8GA1UdIwQY
MBaAFF6OWBU356pmeDw0A4IqEYGjFo0IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWG81WUZUZm5xbVo0UERRRGdpb1JnYU1XalFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi8zZjQyNGUtMjYyYy00MDc3LTg4NDkt
NzQxOGFjMTEwYzgzLzEvZzlua1RNQkRfMzBPT0E0MTRURVY2R1BmM0hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi8zZjQyNGUtMjYyYy00MDc3LTg4NDktNzQxOGFjMTEwYzgz
LzEvWG81WUZUZm5xbVo0UERRRGdpb1JnYU1XalFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW+YGAwQC
Xp4YMA0GCSqGSIb3DQEBCwUAA4IBAQBT4LDR5tC0j2zHPrIk1cEuIgC7+J0jP85s
q8jhEhVNn89+M5HJq+5hF6Ip1FDx3MBXx4jO4fQ5gfX7aOwF7b+Ehtw8efEXZ0eZ
RgPQSlcM0W4eZU7mFZOIRM0XlgN/aOv62JTzFjSIV5mSCMB6WFzE86k7FO0B0zr4
eAiSwMDW4p95RtwhKMKcRNQGSTeYhEbmGwkwreZac8XGd66Jbd1ATmdMohgYqDLS
BI0VAViq8Mr0BoMlJzotQCCgmsG/erYgui+nx4MILJxRamprCD6Ll1unXTkpDo/j
RbskUdKkNMObXN7Q7Hk01/fM5+Ak5eUBAX5ptM44jIryghbdXDaK
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:56 2023 by rpki-client on console.sobornost.net