Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/d07b15-2855-4388-bcb3-50e129c8a36c/1/YMeiDn_DiB5gp5WaKI1oLy8txlY.roa
File: YMeiDn_DiB5gp5WaKI1oLy8txlY.roa (raw, json)
Hash identifier: eK1vsfCNaqgca+3yW/gW0bFnVfEmIV/L0nbMoWW6kaQ=
Subject key identifier: 60:C7:A2:0E:7F:C3:88:1E:60:A7:95:9A:28:8D:68:2F:2F:2D:C6:56
Certificate issuer: /CN=262f7322fbe9743eb471383a090b35b5296a2a8a
Certificate serial: 01607D0D
Authority key identifier: 26:2F:73:22:FB:E9:74:3E:B4:71:38:3A:09:0B:35:B5:29:6A:2A:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ji9zIvvpdD60cTg6CQs1tSlqKoo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/d07b15-2855-4388-bcb3-50e129c8a36c/1/YMeiDn_DiB5gp5WaKI1oLy8txlY.roa
Signing time: Sat 01 Jan 2022 12:04:16 +0000
ROA not before: Sat 01 Jan 2022 12:04:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 28985
IP address blocks: 91.216.109.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23100685 (0x1607d0d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=262f7322fbe9743eb471383a090b35b5296a2a8a
Validity
Not Before: Jan 1 12:04:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=60c7a20e7fc3881e60a7959a288d682f2f2dc656
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:d9:7d:2e:c2:8c:6d:83:2b:a4:e6:05:af:84:
07:0d:53:5d:2f:61:6c:08:3c:d3:59:07:ab:28:14:
74:13:95:00:e1:36:d9:b8:07:f2:65:d3:81:ac:e4:
e5:88:1c:08:c8:18:29:7e:da:90:66:49:1b:ae:bf:
4d:5d:ae:af:3c:51:ae:9a:09:16:2f:fb:00:d7:02:
a5:f1:85:dd:f2:89:b9:4b:c9:98:06:0e:e1:18:f7:
9c:ae:da:0b:a7:c2:bc:b3:7d:b4:be:32:33:b6:d3:
3e:b0:29:76:47:c6:d4:f6:22:b4:2d:ab:a6:54:b1:
08:78:3a:21:41:6f:0b:ce:f6:41:ef:7a:a1:5e:5c:
72:3b:17:0b:e4:d5:a5:1b:92:73:6f:85:77:07:da:
e7:9e:62:a5:96:01:cc:ab:2c:9e:5c:76:f1:3c:1a:
0d:5d:70:67:88:60:bb:0e:dd:47:46:c4:aa:5b:6b:
a3:25:43:ab:49:ae:11:65:80:ac:b9:5c:4d:1f:2b:
5e:1f:26:99:8f:96:53:7c:d1:72:84:70:f5:09:58:
27:27:f2:13:7f:8d:0c:8f:2b:7a:ac:5e:93:2c:75:
5e:a5:2f:e9:19:5a:19:04:60:a4:1c:ac:6d:a7:2d:
7c:8c:d5:80:33:57:35:65:b6:54:f7:73:d9:2f:4c:
6f:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:C7:A2:0E:7F:C3:88:1E:60:A7:95:9A:28:8D:68:2F:2F:2D:C6:56
X509v3 Authority Key Identifier:
keyid:26:2F:73:22:FB:E9:74:3E:B4:71:38:3A:09:0B:35:B5:29:6A:2A:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ji9zIvvpdD60cTg6CQs1tSlqKoo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/d07b15-2855-4388-bcb3-50e129c8a36c/1/YMeiDn_DiB5gp5WaKI1oLy8txlY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/d07b15-2855-4388-bcb3-50e129c8a36c/1/Ji9zIvvpdD60cTg6CQs1tSlqKoo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.109.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:4b:aa:07:e7:6a:5e:8f:bc:9b:49:db:7d:6e:07:a2:04:c8:
ae:5f:08:d0:23:48:09:6b:e3:6f:63:19:a2:24:01:e2:b5:6d:
e5:a2:de:98:78:8b:73:2e:3e:9e:7e:fc:92:cc:1d:c9:7f:0e:
46:b8:34:10:6a:c2:e1:17:89:59:cf:4d:1e:c6:c8:cd:53:19:
68:cc:25:0d:ca:25:38:51:dd:98:4e:7a:2c:c5:0c:7d:eb:92:
08:92:ee:6a:d8:31:ee:44:c8:f8:16:2e:51:2e:24:1f:c1:21:
2d:fb:e8:5d:e7:93:5a:90:3e:30:5e:fa:88:70:56:72:df:bf:
77:0f:e2:af:9a:47:6b:87:33:ff:0f:24:20:83:19:1c:96:ed:
b6:49:87:06:a7:13:d6:d6:57:72:85:41:9c:07:73:0b:b0:31:
f2:82:3d:43:42:2f:27:02:13:86:01:4d:b6:2e:9e:0f:b0:03:
9d:54:2a:b3:9c:60:e2:0f:ca:61:90:42:82:f5:4a:41:61:58:
94:5d:9e:0e:62:35:2d:ad:4e:d7:cb:81:2f:87:74:b2:63:4e:
24:ee:12:8b:d2:8c:21:b4:b2:a2:b1:70:30:5c:48:ea:ed:ed:
80:a6:bc:e3:32:85:9d:52:af:f3:7b:8c:14:1f:33:6a:f7:f0:
d8:62:20:ea
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAWB9DTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NjJmNzMyMmZiZTk3NDNlYjQ3MTM4M2EwOTBiMzViNTI5NmEyYThhMB4XDTIyMDEw
MTEyMDQxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjBjN2EyMGU3ZmMz
ODgxZTYwYTc5NTlhMjg4ZDY4MmYyZjJkYzY1NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANjZfS7CjG2DK6TmBa+EBw1TXS9hbAg801kHqygUdBOVAOE2
2bgH8mXTgazk5YgcCMgYKX7akGZJG66/TV2urzxRrpoJFi/7ANcCpfGF3fKJuUvJ
mAYO4Rj3nK7aC6fCvLN9tL4yM7bTPrApdkfG1PYitC2rplSxCHg6IUFvC872Qe96
oV5ccjsXC+TVpRuSc2+Fdwfa555ipZYBzKssnlx28TwaDV1wZ4hguw7dR0bEqltr
oyVDq0muEWWArLlcTR8rXh8mmY+WU3zRcoRw9QlYJyfyE3+NDI8reqxekyx1XqUv
6RlaGQRgpBysbactfIzVgDNXNWW2VPdz2S9Mb4cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRgx6IOf8OIHmCnlZoojWgvLy3GVjAfBgNVHSMEGDAWgBQmL3Mi++l0PrRx
ODoJCzW1KWoqijAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ppOXpJdnZwZEQ2MGNUZzZDUXMxdFNscUtvby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmEvZDA3YjE1LTI4NTUtNDM4OC1iY2IzLTUwZTEyOWM4YTM2Yy8x
L1lNZWlEbl9EaUI1Z3A1V2FLSTFvTHk4dHhsWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmEv
ZDA3YjE1LTI4NTUtNDM4OC1iY2IzLTUwZTEyOWM4YTM2Yy8xL0ppOXpJdnZwZEQ2
MGNUZzZDUXMxdFNscUtvby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvYbTANBgkqhkiG9w0BAQsFAAOC
AQEACkuqB+dqXo+8m0nbfW4HogTIrl8I0CNICWvjb2MZoiQB4rVt5aLemHiLcy4+
nn78kswdyX8ORrg0EGrC4ReJWc9NHsbIzVMZaMwlDcolOFHdmE56LMUMfeuSCJLu
atgx7kTI+BYuUS4kH8EhLfvoXeeTWpA+MF76iHBWct+/dw/ir5pHa4cz/w8kIIMZ
HJbttkmHBqcT1tZXcoVBnAdzC7Ax8oI9Q0IvJwIThgFNti6eD7ADnVQqs5xg4g/K
YZBCgvVKQWFYlF2eDmI1La1O18uBL4d0smNOJO4Si9KMIbSyorFwMFxI6u3tgKa8
4zKFnVKv83uMFB8zavfw2GIg6g==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:40 2023 by rpki-client on console.sobornost.net