Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/011b5d-652e-452a-96c9-d8ec2cbcad26/1/qUalM7cieh747WCN5w4pCyGzlm0.roa
File: qUalM7cieh747WCN5w4pCyGzlm0.roa (raw, json)
Hash identifier: q8JiUBJswXhsUFZtlBmSRU3pfvqdVI+Yc8AI6BJM7GA=
Subject key identifier: A9:46:A5:33:B7:22:7A:1E:F8:ED:60:8D:E7:0E:29:0B:21:B3:96:6D
Certificate issuer: /CN=577c0cd5a4cfd83d491d627d8b0fccb670e81534
Certificate serial: 12D2EBA8
Authority key identifier: 57:7C:0C:D5:A4:CF:D8:3D:49:1D:62:7D:8B:0F:CC:B6:70:E8:15:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V3wM1aTP2D1JHWJ9iw_MtnDoFTQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/011b5d-652e-452a-96c9-d8ec2cbcad26/1/qUalM7cieh747WCN5w4pCyGzlm0.roa
Signing time: Sat 01 Jan 2022 03:01:40 +0000
ROA not before: Sat 01 Jan 2022 03:01:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43766
IP address blocks: 91.147.128.0/23 maxlen: 23
91.147.131.0/24 maxlen: 24
91.147.130.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 315812776 (0x12d2eba8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=577c0cd5a4cfd83d491d627d8b0fccb670e81534
Validity
Not Before: Jan 1 03:01:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a946a533b7227a1ef8ed608de70e290b21b3966d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:55:69:36:e8:1a:ab:9b:9f:39:0f:9a:ea:65:
51:ff:b7:fc:17:57:17:2c:3a:a8:e4:a8:5f:e7:b5:
16:eb:d1:45:eb:23:20:c8:33:27:81:b6:10:ac:8c:
92:e2:52:0b:8a:f5:0e:69:e0:d2:f6:b5:b0:d8:d6:
e3:48:59:59:be:da:10:9d:79:97:85:99:d3:b9:05:
3b:fb:ea:24:93:4c:06:ad:a1:79:01:a1:da:79:0c:
e1:23:ca:fb:bc:ab:18:24:ae:f3:0d:55:b9:e9:da:
43:12:60:b1:d3:db:d9:51:05:c2:87:a9:13:c9:7e:
36:60:91:7b:ad:ed:95:a2:16:32:d8:2e:70:ba:33:
41:26:1a:ea:39:84:6b:92:fe:9f:97:29:f8:71:42:
d8:a7:43:5a:1e:cc:ce:69:54:a9:6e:c5:ca:c2:c3:
c3:ef:f2:23:db:80:d6:9f:95:f4:3e:db:57:97:41:
ff:c2:64:86:1e:59:52:40:1d:ea:74:cd:0d:8f:df:
1b:b6:aa:0e:3e:43:14:ad:cd:d2:4a:6e:ad:1f:91:
7e:60:98:b1:10:6d:15:e5:d2:1e:01:bc:26:ca:44:
64:a1:9e:91:c7:ad:61:69:d4:88:d6:6f:04:d9:29:
53:3d:52:16:31:81:63:fe:df:6b:d5:76:2d:d9:d1:
63:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:46:A5:33:B7:22:7A:1E:F8:ED:60:8D:E7:0E:29:0B:21:B3:96:6D
X509v3 Authority Key Identifier:
keyid:57:7C:0C:D5:A4:CF:D8:3D:49:1D:62:7D:8B:0F:CC:B6:70:E8:15:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V3wM1aTP2D1JHWJ9iw_MtnDoFTQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/011b5d-652e-452a-96c9-d8ec2cbcad26/1/qUalM7cieh747WCN5w4pCyGzlm0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/011b5d-652e-452a-96c9-d8ec2cbcad26/1/V3wM1aTP2D1JHWJ9iw_MtnDoFTQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.147.128.0/22
Signature Algorithm: sha256WithRSAEncryption
90:9b:0d:9e:79:14:a1:6c:05:5a:65:09:e9:47:54:f6:67:e7:
16:0f:df:24:27:3f:dc:33:a7:2d:73:f7:80:88:36:01:a6:c4:
91:65:9d:d7:a7:4c:fd:3b:11:45:8d:0d:57:ac:15:d6:6a:fa:
8b:76:ac:6e:12:40:c6:81:69:31:0e:38:ba:84:c8:d4:65:31:
16:a5:73:83:0a:71:68:b2:63:d1:c7:2c:48:ac:8a:e7:45:96:
cd:d9:0a:b6:55:1a:5d:84:d7:cf:f7:07:f1:7c:c3:2f:5e:26:
3a:a1:f4:9c:d6:a7:ef:49:d2:a5:52:46:bc:50:a8:6f:e8:b2:
42:71:39:ac:1a:1a:fc:d9:e8:99:33:28:c7:9f:67:bd:14:af:
1e:c6:56:68:54:ef:10:f9:ab:f7:fa:fb:2c:8e:f8:d6:b3:7c:
e5:9d:8e:7a:de:75:67:80:e9:e5:57:c8:dd:5d:a2:88:9a:5a:
19:2a:80:b6:4a:c3:64:a1:1d:41:8e:8a:38:ea:02:7d:77:aa:
35:c8:f1:e1:25:ff:a4:a9:62:a8:60:e6:ca:ef:56:8f:63:db:
59:94:49:ec:0f:e0:8f:f3:56:01:53:4d:25:a6:c7:21:19:b9:
f3:ff:2b:1c:4d:52:0d:3e:26:3f:ba:12:16:72:90:1e:81:a0:
36:7f:41:44
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEtLrqDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NzdjMGNkNWE0Y2ZkODNkNDkxZDYyN2Q4YjBmY2NiNjcwZTgxNTM0MB4XDTIyMDEw
MTAzMDE0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTk0NmE1MzNiNzIy
N2ExZWY4ZWQ2MDhkZTcwZTI5MGIyMWIzOTY2ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMxVaTboGqubnzkPmuplUf+3/BdXFyw6qOSoX+e1FuvRResj
IMgzJ4G2EKyMkuJSC4r1Dmng0va1sNjW40hZWb7aEJ15l4WZ07kFO/vqJJNMBq2h
eQGh2nkM4SPK+7yrGCSu8w1VuenaQxJgsdPb2VEFwoepE8l+NmCRe63tlaIWMtgu
cLozQSYa6jmEa5L+n5cp+HFC2KdDWh7MzmlUqW7FysLDw+/yI9uA1p+V9D7bV5dB
/8Jkhh5ZUkAd6nTNDY/fG7aqDj5DFK3N0kpurR+RfmCYsRBtFeXSHgG8JspEZKGe
kcetYWnUiNZvBNkpUz1SFjGBY/7fa9V2LdnRY3sCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSpRqUztyJ6HvjtYI3nDikLIbOWbTAfBgNVHSMEGDAWgBRXfAzVpM/YPUkd
Yn2LD8y2cOgVNDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Yzd00xYVRQMkQxSkhXSjlpd19NdG5Eb0ZUUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvMDExYjVkLTY1MmUtNDUyYS05NmM5LWQ4ZWMyY2JjYWQyNi8x
L3FVYWxNN2NpZWg3NDdXQ041dzRwQ3lHemxtMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
MDExYjVkLTY1MmUtNDUyYS05NmM5LWQ4ZWMyY2JjYWQyNi8xL1Yzd00xYVRQMkQx
SkhXSjlpd19NdG5Eb0ZUUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAluTgDANBgkqhkiG9w0BAQsFAAOC
AQEAkJsNnnkUoWwFWmUJ6UdU9mfnFg/fJCc/3DOnLXP3gIg2AabEkWWd16dM/TsR
RY0NV6wV1mr6i3asbhJAxoFpMQ44uoTI1GUxFqVzgwpxaLJj0ccsSKyK50WWzdkK
tlUaXYTXz/cH8XzDL14mOqH0nNan70nSpVJGvFCob+iyQnE5rBoa/NnomTMox59n
vRSvHsZWaFTvEPmr9/r7LI741rN85Z2Oet51Z4Dp5VfI3V2iiJpaGSqAtkrDZKEd
QY6KOOoCfXeqNcjx4SX/pKliqGDmyu9Wj2PbWZRJ7A/gj/NWAVNNJabHIRm58/8r
HE1SDT4mP7oSFnKQHoGgNn9BRA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:25:49 2025 by rpki-client