Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/61fa3b-4724-4014-8817-bd71effb9b39/1/rp_qMx5oykYFti3aq2x0ewkAO_Y.roa
File: rp_qMx5oykYFti3aq2x0ewkAO_Y.roa (raw, json)
Hash identifier: C/OQ12Bwh+T0Ij2P3ymA2ba29CfDYtjgBZMmey/0jB0=
Subject key identifier: AE:9F:EA:33:1E:68:CA:46:05:B6:2D:DA:AB:6C:74:7B:09:00:3B:F6
Certificate issuer: /CN=1ad6d2d40fb1d5b2cf95429bfb9319fc2b1cc24a
Certificate serial: 01852B32C69ACCE685F5A0C5BE8321FF6AEC
Authority key identifier: 1A:D6:D2:D4:0F:B1:D5:B2:CF:95:42:9B:FB:93:19:FC:2B:1C:C2:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GtbS1A-x1bLPlUKb-5MZ_Cscwko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/61fa3b-4724-4014-8817-bd71effb9b39/1/rp_qMx5oykYFti3aq2x0ewkAO_Y.roa
Signing time: Mon 19 Dec 2022 16:23:46 +0000
ROA not before: Mon 19 Dec 2022 16:23:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205307
IP address blocks: 91.236.19.0/24 maxlen: 29
2001:678:ae8::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2b:32:c6:9a:cc:e6:85:f5:a0:c5:be:83:21:ff:6a:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ad6d2d40fb1d5b2cf95429bfb9319fc2b1cc24a
Validity
Not Before: Dec 19 16:23:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ae9fea331e68ca4605b62ddaab6c747b09003bf6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:f3:d8:0e:ed:15:db:ea:93:ff:68:4b:80:17:
51:94:a3:89:22:4c:83:e8:0f:ba:42:4a:40:5d:c2:
26:94:7e:15:6d:fe:39:6b:e5:63:1e:02:40:f4:24:
e1:5c:31:64:f4:5d:4c:af:da:de:24:5d:a3:06:81:
61:aa:99:cb:0b:7c:a1:e1:31:06:7e:1e:5b:5d:d0:
66:c5:0e:a9:20:23:f4:62:2c:4b:bf:18:80:be:83:
7e:43:6d:5c:bd:1e:cf:cc:ce:29:5f:4e:e5:0d:bc:
cc:75:90:da:8c:64:8b:7b:4d:0d:37:3d:bb:28:2c:
87:07:87:e7:b0:eb:8d:5e:6d:b6:8c:53:c8:09:83:
e9:fe:2d:6d:fb:61:fd:6b:18:17:37:b3:b8:03:70:
12:4c:66:11:91:2b:60:67:28:00:21:97:d5:74:2c:
79:77:50:aa:5f:a9:39:18:0b:e9:0d:99:e1:aa:a1:
cb:0a:16:b0:5d:0b:ac:96:94:e8:34:d0:92:3b:6f:
70:58:92:ce:4a:0c:a0:6f:99:2e:5f:88:a0:94:95:
e9:a0:4a:0f:8a:af:96:9b:95:89:1d:bf:36:41:ad:
6e:6d:25:e3:5d:9f:1a:ff:ff:fa:7f:70:86:64:aa:
8a:20:15:57:4b:69:a4:53:96:9e:c1:91:8f:9f:c0:
f2:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:9F:EA:33:1E:68:CA:46:05:B6:2D:DA:AB:6C:74:7B:09:00:3B:F6
X509v3 Authority Key Identifier:
keyid:1A:D6:D2:D4:0F:B1:D5:B2:CF:95:42:9B:FB:93:19:FC:2B:1C:C2:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GtbS1A-x1bLPlUKb-5MZ_Cscwko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/61fa3b-4724-4014-8817-bd71effb9b39/1/rp_qMx5oykYFti3aq2x0ewkAO_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/61fa3b-4724-4014-8817-bd71effb9b39/1/GtbS1A-x1bLPlUKb-5MZ_Cscwko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.236.19.0/24
IPv6:
2001:678:ae8::/48
Signature Algorithm: sha256WithRSAEncryption
70:8a:75:2c:a1:22:63:39:66:4b:c5:9b:08:fd:be:83:9a:54:
b0:8c:5c:4c:98:39:c0:6e:44:2a:a7:a7:4e:c0:c4:c3:2e:66:
7c:b6:9f:d4:7a:b4:cb:a0:78:e0:4b:73:e6:12:a7:87:a6:91:
64:fd:d1:dc:9a:5a:a6:9f:03:c8:42:f5:d0:52:14:02:6e:62:
f4:72:b8:7d:21:83:ac:e5:f8:07:a5:d9:68:06:71:4b:2c:27:
8c:d2:f3:04:da:bd:ad:8c:a1:90:63:5a:66:75:9d:62:07:e8:
de:04:a9:8f:f5:60:31:60:dd:9d:f5:c1:61:52:e1:ab:81:46:
e6:f9:16:57:9f:04:a6:07:bd:a7:a8:db:ea:35:e0:20:eb:a3:
cc:46:3d:f4:4b:aa:d7:c3:32:13:42:39:75:ae:2f:7a:56:b1:
ab:3a:44:fc:58:c9:bb:06:4e:35:3c:5d:b7:f1:11:27:33:42:
c9:3e:5a:a5:95:47:fa:8e:3a:dc:52:96:73:c0:23:71:33:af:
f5:9f:48:c7:f2:3a:f6:48:30:20:42:a8:14:25:6a:00:87:b3:
ca:10:3b:cf:51:2a:6c:42:bc:26:1b:06:c7:8d:07:22:60:b9:
be:b3:20:d8:b6:df:49:98:0d:e9:e5:28:86:3b:d6:8d:5a:2d:
ce:e8:45:eb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUrMsaazOaF9aDFvoMh/2rsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhZDZkMmQ0MGZiMWQ1YjJjZjk1NDI5YmZiOTMxOWZjMmIx
Y2MyNGEwHhcNMjIxMjE5MTYyMzQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTlmZWEzMzFlNjhjYTQ2MDViNjJkZGFhYjZjNzQ3YjA5MDAzYmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjfPYDu0V2+qT/2hLgBdRlKOJIkyD
6A+6QkpAXcImlH4Vbf45a+VjHgJA9CThXDFk9F1Mr9reJF2jBoFhqpnLC3yh4TEG
fh5bXdBmxQ6pICP0YixLvxiAvoN+Q21cvR7PzM4pX07lDbzMdZDajGSLe00NNz27
KCyHB4fnsOuNXm22jFPICYPp/i1t+2H9axgXN7O4A3ASTGYRkStgZygAIZfVdCx5
d1CqX6k5GAvpDZnhqqHLChawXQuslpToNNCSO29wWJLOSgygb5kuX4iglJXpoEoP
iq+Wm5WJHb82Qa1ubSXjXZ8a///6f3CGZKqKIBVXS2mkU5aewZGPn8Dy8wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK6f6jMeaMpGBbYt2qtsdHsJADv2MB8GA1UdIwQY
MBaAFBrW0tQPsdWyz5VCm/uTGfwrHMJKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3RiUzFBLXgxYkxQbFVLYi01TVpfQ3Njd2tvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS82MWZhM2ItNDcyNC00MDE0LTg4MTct
YmQ3MWVmZmI5YjM5LzEvcnBfcU14NW95a1lGdGkzYXEyeDBld2tBT19ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS82MWZhM2ItNDcyNC00MDE0LTg4MTctYmQ3MWVmZmI5YjM5
LzEvR3RiUzFBLXgxYkxQbFVLYi01TVpfQ3Njd2tvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW+wTMA8E
AgACMAkDBwAgAQZ4CugwDQYJKoZIhvcNAQELBQADggEBAHCKdSyhImM5ZkvFmwj9
voOaVLCMXEyYOcBuRCqnp07AxMMuZny2n9R6tMugeOBLc+YSp4emkWT90dyaWqaf
A8hC9dBSFAJuYvRyuH0hg6zl+Ael2WgGcUssJ4zS8wTava2MoZBjWmZ1nWIH6N4E
qY/1YDFg3Z31wWFS4auBRub5FlefBKYHvaeo2+o14CDro8xGPfRLqtfDMhNCOXWu
L3pWsas6RPxYybsGTjU8XbfxESczQsk+WqWVR/qOOtxSlnPAI3Ezr/WfSMfyOvZI
MCBCqBQlagCHs8oQO89RKmxCvCYbBseNByJgub6zINi230mYDenlKIY71o1aLc7o
Res=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:21 2024 by rpki-client on console-fra.rpki-client.org