Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/RtQr1GPyH8QReQVzTcYk_QEUNGA.roa
File: RtQr1GPyH8QReQVzTcYk_QEUNGA.roa (raw, json)
Hash identifier: 3DkZ30RRtqJ/H3l6anvBY82yM09F0vX6NRniaFV+95Q=
Subject key identifier: 46:D4:2B:D4:63:F2:1F:C4:11:79:05:73:4D:C6:24:FD:01:14:34:60
Certificate issuer: /CN=320b24a740f2e61632050adc146c1ee6a3e686c5
Certificate serial: 01856D81C356D0F06E14F3E00804AB7FD4C7
Authority key identifier: 32:0B:24:A7:40:F2:E6:16:32:05:0A:DC:14:6C:1E:E6:A3:E6:86:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/RtQr1GPyH8QReQVzTcYk_QEUNGA.roa
Signing time: Sun 01 Jan 2023 13:24:58 +0000
ROA not before: Sun 01 Jan 2023 13:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51955
IP address blocks: 194.0.8.0/24 maxlen: 24
194.0.48.0/24 maxlen: 24
194.0.49.0/24 maxlen: 24
194.0.50.0/24 maxlen: 24
91.198.156.0/24 maxlen: 24
194.8.2.0/24 maxlen: 24
194.8.3.0/24 maxlen: 24
2001:678:80::/48 maxlen: 48
2a02:503:8::/48 maxlen: 48
2001:678:b::/48 maxlen: 48
2001:678:84::/48 maxlen: 48
2a02:503::/48 maxlen: 48
2001:678:7c::/48 maxlen: 48
2a02:503:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:c3:56:d0:f0:6e:14:f3:e0:08:04:ab:7f:d4:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=320b24a740f2e61632050adc146c1ee6a3e686c5
Validity
Not Before: Jan 1 13:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=46d42bd463f21fc4117905734dc624fd01143460
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:78:5e:f1:ee:24:0a:d6:dd:ce:89:a5:b5:51:
73:f7:4f:92:e9:70:d9:eb:78:32:d1:f8:f9:19:36:
d9:96:26:69:3f:60:19:d3:a9:a2:34:40:8e:29:f5:
52:65:3a:47:f3:37:ed:1e:fe:78:61:17:3a:76:7b:
18:9c:58:13:d7:95:62:e8:b8:29:30:ca:a9:89:32:
fa:45:89:13:bd:ee:b4:c1:16:e5:b1:4c:8b:00:90:
77:65:be:27:d3:c3:6a:46:a3:4a:bb:55:76:cb:88:
f7:10:8d:6d:2e:50:94:71:39:f0:16:68:b7:b8:8b:
72:29:74:bd:b3:8b:6a:df:9e:a3:1c:ed:e7:b3:b4:
4f:5b:2b:4d:c0:36:fc:3a:a1:9f:54:45:c4:b5:0f:
0b:66:7c:0f:af:52:2b:cd:c5:a2:d8:a0:10:a6:3e:
d9:03:ad:72:40:e2:82:6a:d3:c7:bf:53:b8:67:05:
96:b0:1c:3b:4f:0a:dd:fe:dd:13:af:dc:98:02:15:
44:4b:28:b3:4e:81:9c:43:b2:bb:f0:96:48:e3:f3:
19:7f:f4:3b:1d:98:d9:71:cc:36:a8:69:36:e7:05:
cd:b6:3d:bf:aa:e0:1e:a5:70:cf:cb:2f:3e:83:ab:
b0:e6:41:dc:cb:bd:94:1c:8a:96:1f:73:3a:37:e6:
df:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:D4:2B:D4:63:F2:1F:C4:11:79:05:73:4D:C6:24:FD:01:14:34:60
X509v3 Authority Key Identifier:
keyid:32:0B:24:A7:40:F2:E6:16:32:05:0A:DC:14:6C:1E:E6:A3:E6:86:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/RtQr1GPyH8QReQVzTcYk_QEUNGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.156.0/24
194.0.8.0/24
194.0.48.0-194.0.50.255
194.8.2.0/23
IPv6:
2001:678:b::/48
2001:678:7c::/48
2001:678:80::/48
2001:678:84::/48
2a02:503::/47
2a02:503:8::/48
Signature Algorithm: sha256WithRSAEncryption
13:b2:fd:2e:1f:d1:e8:a1:ff:dc:f0:be:2d:a8:8d:3a:d5:58:
16:c0:38:a8:79:c8:5a:ea:52:43:ac:bd:e5:83:47:ee:18:54:
88:48:1f:6a:a0:16:ce:6a:d0:e0:0f:56:ea:ba:78:5c:9b:82:
b6:d1:a8:4d:3d:27:03:5b:7b:c5:77:89:56:7e:c7:01:8d:72:
11:b1:d0:ba:cd:37:07:19:7a:92:60:d5:d6:e7:67:ec:d6:d6:
42:3a:a4:5e:fc:ea:ab:df:a2:f0:2f:5e:29:05:2c:25:2c:63:
80:5c:41:e4:c2:13:b4:fd:56:cb:07:75:1c:e2:2c:74:e8:8e:
58:09:ad:31:67:36:5e:9d:74:f7:47:87:1b:97:a7:7a:8f:d9:
61:10:ab:d4:60:bf:8c:9a:80:66:d8:91:c8:f6:41:ca:cd:e8:
78:de:6f:a2:cc:4d:65:99:61:6b:bb:25:d1:38:e9:c1:b9:c5:
3e:18:08:fe:f9:f4:3f:a3:42:d7:14:61:9a:3a:d8:b9:82:0d:
65:54:a6:d4:42:45:a3:88:c9:23:25:7d:2a:a1:41:68:76:6a:
8c:c4:eb:ba:c7:b7:0b:4c:4d:06:05:78:25:b0:18:1c:d3:0b:
5a:63:48:ea:40:71:80:b2:b3:7d:f6:d1:1e:c2:50:fb:6b:61:
da:ad:cc:0a
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAYVtgcNW0PBuFPPgCASrf9THMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMGIyNGE3NDBmMmU2MTYzMjA1MGFkYzE0NmMxZWU2YTNl
Njg2YzUwHhcNMjMwMTAxMTMyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmQ0MmJkNDYzZjIxZmM0MTE3OTA1NzM0ZGM2MjRmZDAxMTQzNDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkHhe8e4kCtbdzomltVFz90+S6XDZ
63gy0fj5GTbZliZpP2AZ06miNECOKfVSZTpH8zftHv54YRc6dnsYnFgT15Vi6Lgp
MMqpiTL6RYkTve60wRblsUyLAJB3Zb4n08NqRqNKu1V2y4j3EI1tLlCUcTnwFmi3
uItyKXS9s4tq356jHO3ns7RPWytNwDb8OqGfVEXEtQ8LZnwPr1IrzcWi2KAQpj7Z
A61yQOKCatPHv1O4ZwWWsBw7Twrd/t0Tr9yYAhVESyizToGcQ7K78JZI4/MZf/Q7
HZjZccw2qGk25wXNtj2/quAepXDPyy8+g6uw5kHcy72UHIqWH3M6N+bfiwIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFEbUK9Rj8h/EEXkFc03GJP0BFDRgMB8GA1UdIwQY
MBaAFDILJKdA8uYWMgUK3BRsHuaj5obFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWdza3AwRHk1aFl5QlFyY0ZHd2U1cVBtaHNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy85YzI3ZTQtZDdiMS00M2MxLWEzOGYt
OTQ5MTRmNWRkYjNjLzEvUnRRcjFHUHlIOFFSZVFWelRjWWtfUUVVTkdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy85YzI3ZTQtZDdiMS00M2MxLWEzOGYtOTQ5MTRmNWRkYjNj
LzEvTWdza3AwRHk1aFl5QlFyY0ZHd2U1cVBtaHNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjAmBAIAATAgAwQAW8acAwQA
wgAIMAwDBATCADADBADCADIDBAHCCAIwPAQCAAIwNgMHACABBngACwMHACABBngA
fAMHACABBngAgAMHACABBngAhAMHASoCBQMAAAMHACoCBQMACDANBgkqhkiG9w0B
AQsFAAOCAQEAE7L9Lh/R6KH/3PC+LaiNOtVYFsA4qHnIWupSQ6y95YNH7hhUiEgf
aqAWzmrQ4A9W6rp4XJuCttGoTT0nA1t7xXeJVn7HAY1yEbHQus03Bxl6kmDV1udn
7NbWQjqkXvzqq9+i8C9eKQUsJSxjgFxB5MITtP1Wywd1HOIsdOiOWAmtMWc2Xp10
90eHG5eneo/ZYRCr1GC/jJqAZtiRyPZBys3oeN5vosxNZZlha7sl0TjpwbnFPhgI
/vn0P6NC1xRhmjrYuYINZVSm1EJFo4jJIyV9KqFBaHZqjMTruse3C0xNBgV4JbAY
HNMLWmNI6kBxgLKzffbRHsJQ+2th2q3MCg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:02:03 2025 by rpki-client