Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/e17644-93d4-4457-8e5e-9675068857f1/1/nTgYYxocVHkst7Dtjtx56dLGXkk.roa
File: nTgYYxocVHkst7Dtjtx56dLGXkk.roa (raw, json)
Hash identifier: JHJRnfoIHYY4GAdEfIbnCUHkONBBo83DHwIWDtglFgc=
Subject key identifier: 9D:38:18:63:1A:1C:54:79:2C:B7:B0:ED:8E:DC:79:E9:D2:C6:5E:49
Certificate issuer: /CN=c22d553b28c5d0ea5b1ef60c9bce33df50bcb493
Certificate serial: 9724FE
Authority key identifier: C2:2D:55:3B:28:C5:D0:EA:5B:1E:F6:0C:9B:CE:33:DF:50:BC:B4:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wi1VOyjF0OpbHvYMm84z31C8tJM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/e17644-93d4-4457-8e5e-9675068857f1/1/nTgYYxocVHkst7Dtjtx56dLGXkk.roa
Signing time: Sat 01 Jan 2022 01:55:45 +0000
ROA not before: Sat 01 Jan 2022 01:55:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25447
IP address blocks: 91.210.220.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9905406 (0x9724fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c22d553b28c5d0ea5b1ef60c9bce33df50bcb493
Validity
Not Before: Jan 1 01:55:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9d3818631a1c54792cb7b0ed8edc79e9d2c65e49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:94:3f:db:58:6e:65:9c:a4:bf:6c:9a:31:e6:
7c:6d:4d:aa:80:fa:ba:8f:9b:af:fd:37:f8:c1:3f:
41:cb:67:cd:53:31:9b:eb:a6:e6:a4:38:22:8c:7f:
81:ed:53:a4:19:34:52:4e:fe:e1:b2:35:96:9d:89:
ea:11:ca:0a:98:1d:52:01:e8:b9:86:2a:56:0b:21:
29:44:b7:0d:d0:95:af:02:e7:13:a7:d6:74:ee:18:
b9:d9:11:7b:68:cb:43:d2:3c:25:e0:57:c3:a9:5f:
39:09:74:74:63:2f:d1:a7:0e:08:17:42:2a:10:98:
a1:cf:4c:30:3a:97:f4:ef:fe:3e:b2:26:e9:5b:53:
9a:c5:d2:d8:d4:77:c6:51:96:f2:a9:ff:25:41:0d:
8d:d3:e5:77:98:0d:7d:df:c7:c3:44:36:72:3a:4c:
e8:1c:dc:e6:76:5a:bc:fa:ca:95:b7:dc:b6:99:22:
f2:23:74:af:de:95:cf:8c:65:6e:36:f3:bd:cf:d6:
87:7e:39:7d:f7:4b:26:17:e7:e2:9a:c9:36:fe:11:
38:09:44:24:d0:53:56:08:ea:25:9e:c1:2a:f4:2d:
c5:d4:99:46:0a:59:4b:39:78:c5:56:9f:7a:b5:84:
87:a2:15:01:a5:0b:1d:94:53:85:4f:a6:30:71:f1:
6f:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:38:18:63:1A:1C:54:79:2C:B7:B0:ED:8E:DC:79:E9:D2:C6:5E:49
X509v3 Authority Key Identifier:
keyid:C2:2D:55:3B:28:C5:D0:EA:5B:1E:F6:0C:9B:CE:33:DF:50:BC:B4:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wi1VOyjF0OpbHvYMm84z31C8tJM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/e17644-93d4-4457-8e5e-9675068857f1/1/nTgYYxocVHkst7Dtjtx56dLGXkk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/e17644-93d4-4457-8e5e-9675068857f1/1/wi1VOyjF0OpbHvYMm84z31C8tJM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.210.220.0/22
Signature Algorithm: sha256WithRSAEncryption
40:f8:e2:bb:cf:8f:df:92:1e:5b:64:3b:e4:6c:7c:3f:52:2c:
35:34:fe:f9:ab:ff:7e:cd:51:c3:2a:80:21:9c:ed:78:90:9d:
af:5c:ed:3f:64:9a:49:c0:2d:61:48:eb:1d:f5:d4:9e:08:d5:
0b:e6:90:79:c4:1d:46:01:1d:48:e2:1f:83:60:79:fa:05:4f:
13:7f:ef:d8:f1:13:cc:e7:9b:ee:e4:2c:08:fe:bf:89:08:ed:
c0:38:05:55:28:58:1e:da:e9:9c:8f:d3:2a:a4:de:b9:0a:f9:
17:97:ba:92:ab:94:75:68:4f:a2:14:7b:fb:b4:38:5e:10:48:
fd:e4:4f:17:0d:3f:0b:23:83:27:45:aa:09:bb:b9:87:78:5a:
9b:83:3d:12:fc:56:68:e1:17:d7:62:63:81:0f:9d:7f:2f:42:
19:35:a6:a0:fa:2f:11:48:fe:dc:e9:28:cc:1b:0e:db:eb:b9:
f0:54:f6:61:e7:36:03:89:39:95:f0:e0:04:bc:07:d7:33:92:
cb:df:f3:22:e1:f4:cf:de:c1:c6:44:11:86:17:20:a2:9b:a5:
36:67:78:e7:bf:b2:02:22:03:a0:5b:93:fb:14:10:29:4b:48:
50:ab:6b:b3:34:e0:41:e4:e2:2e:90:17:a6:a4:fc:28:bd:05:
38:5e:ac:3c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAJck/jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MjJkNTUzYjI4YzVkMGVhNWIxZWY2MGM5YmNlMzNkZjUwYmNiNDkzMB4XDTIyMDEw
MTAxNTU0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWQzODE4NjMxYTFj
NTQ3OTJjYjdiMGVkOGVkYzc5ZTlkMmM2NWU0OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALuUP9tYbmWcpL9smjHmfG1NqoD6uo+br/03+ME/QctnzVMx
m+um5qQ4Iox/ge1TpBk0Uk7+4bI1lp2J6hHKCpgdUgHouYYqVgshKUS3DdCVrwLn
E6fWdO4YudkRe2jLQ9I8JeBXw6lfOQl0dGMv0acOCBdCKhCYoc9MMDqX9O/+PrIm
6VtTmsXS2NR3xlGW8qn/JUENjdPld5gNfd/Hw0Q2cjpM6Bzc5nZavPrKlbfctpki
8iN0r96Vz4xlbjbzvc/Wh345ffdLJhfn4prJNv4ROAlEJNBTVgjqJZ7BKvQtxdSZ
RgpZSzl4xVaferWEh6IVAaULHZRThU+mMHHxb4UCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSdOBhjGhxUeSy3sO2O3Hnp0sZeSTAfBgNVHSMEGDAWgBTCLVU7KMXQ6lse
9gybzjPfULy0kzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3dpMVZPeWpGME9wYkh2WU1tODR6MzFDOHRKTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjUvZTE3NjQ0LTkzZDQtNDQ1Ny04ZTVlLTk2NzUwNjg4NTdmMS8x
L25UZ1lZeG9jVkhrc3Q3RHRqdHg1NmRMR1hray5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjUv
ZTE3NjQ0LTkzZDQtNDQ1Ny04ZTVlLTk2NzUwNjg4NTdmMS8xL3dpMVZPeWpGME9w
Ykh2WU1tODR6MzFDOHRKTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlvS3DANBgkqhkiG9w0BAQsFAAOC
AQEAQPjiu8+P35IeW2Q75Gx8P1IsNTT++av/fs1RwyqAIZzteJCdr1ztP2SaScAt
YUjrHfXUngjVC+aQecQdRgEdSOIfg2B5+gVPE3/v2PETzOeb7uQsCP6/iQjtwDgF
VShYHtrpnI/TKqTeuQr5F5e6kquUdWhPohR7+7Q4XhBI/eRPFw0/CyODJ0WqCbu5
h3ham4M9EvxWaOEX12JjgQ+dfy9CGTWmoPovEUj+3OkozBsO2+u58FT2Yec2A4k5
lfDgBLwH1zOSy9/zIuH0z97BxkQRhhcgopulNmd457+yAiIDoFuT+xQQKUtIUKtr
szTgQeTiLpAXpqT8KL0FOF6sPA==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:10 2023 by rpki-client on console.sobornost.net