Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/53b13e-debb-456a-8dc1-e811d9407e7a/1/KQ-XusuDy-HqaGsYb_SVV56PJhE.roa
File: KQ-XusuDy-HqaGsYb_SVV56PJhE.roa (raw, json)
Hash identifier: MKp1SgefyRm4xOKO54wdUqDi1VhQpWrUfraxje2CkTQ=
Subject key identifier: 29:0F:97:BA:CB:83:CB:E1:EA:68:6B:18:6F:F4:95:57:9E:8F:26:11
Certificate issuer: /CN=6cefa411f0936a466d841ec290cd80cc550a7f6e
Certificate serial: C0D144
Authority key identifier: 6C:EF:A4:11:F0:93:6A:46:6D:84:1E:C2:90:CD:80:CC:55:0A:7F:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bO-kEfCTakZthB7CkM2AzFUKf24.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/53b13e-debb-456a-8dc1-e811d9407e7a/1/KQ-XusuDy-HqaGsYb_SVV56PJhE.roa
Signing time: Mon 30 May 2022 14:20:13 +0000
ROA not before: Mon 30 May 2022 14:20:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210626
IP address blocks: 91.242.247.0/24 maxlen: 24
2a11:af40::/29 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12636484 (0xc0d144)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cefa411f0936a466d841ec290cd80cc550a7f6e
Validity
Not Before: May 30 14:20:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=290f97bacb83cbe1ea686b186ff495579e8f2611
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ee:c0:43:e4:ef:ef:f7:95:17:fc:90:d9:97:
b5:0e:5e:a2:c2:41:7e:8f:30:f0:b3:a4:af:90:d9:
6d:25:73:04:bc:8c:59:01:f7:09:1d:9f:ed:fb:bb:
20:a0:25:d3:87:1a:9d:1f:fe:fd:d5:4e:7a:16:53:
04:72:d5:9e:76:2b:cc:c4:4c:38:85:a8:a3:2b:65:
21:fa:c3:93:61:04:8e:7d:de:5c:ad:fa:67:d8:fe:
33:1b:9d:0a:bd:ec:7b:a4:d4:63:5b:95:3a:e6:28:
6a:f4:59:51:81:5e:1e:0f:50:ac:0f:03:1a:fe:01:
93:af:f0:be:37:ef:ce:62:2e:af:ee:b7:f2:ad:94:
57:14:08:09:62:90:d0:03:a6:f7:4c:4a:35:83:b9:
d2:15:2d:63:b7:0b:f1:fe:9e:0b:f0:46:3a:5f:33:
d0:a0:ca:9a:2f:a8:13:b4:9f:89:e7:dd:f1:91:c3:
a5:07:62:aa:64:6b:81:bf:13:82:f2:b1:f6:44:16:
c2:c1:3d:ee:a9:7d:00:b8:10:19:a0:c2:c4:69:ac:
75:b2:47:44:d3:97:00:4e:94:58:ea:97:e3:c6:e1:
91:19:57:ec:47:64:bd:76:20:c0:70:7c:e6:34:11:
8a:a1:fd:f9:29:6b:98:df:71:71:72:39:17:6a:0d:
6c:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:0F:97:BA:CB:83:CB:E1:EA:68:6B:18:6F:F4:95:57:9E:8F:26:11
X509v3 Authority Key Identifier:
keyid:6C:EF:A4:11:F0:93:6A:46:6D:84:1E:C2:90:CD:80:CC:55:0A:7F:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bO-kEfCTakZthB7CkM2AzFUKf24.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/53b13e-debb-456a-8dc1-e811d9407e7a/1/KQ-XusuDy-HqaGsYb_SVV56PJhE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/53b13e-debb-456a-8dc1-e811d9407e7a/1/bO-kEfCTakZthB7CkM2AzFUKf24.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.247.0/24
IPv6:
2a11:af40::/29
Signature Algorithm: sha256WithRSAEncryption
74:da:e4:21:68:32:a9:12:cb:36:21:3d:4a:d7:d4:7a:d2:4b:
a8:35:5a:a0:c4:be:07:5a:26:71:fb:3f:26:40:a9:d6:3d:17:
7e:8c:d4:1e:76:ec:4e:6b:51:fc:c2:4c:ef:b5:9a:51:3a:5e:
ab:c8:b0:91:05:5a:3e:57:78:7d:c4:38:87:db:7e:46:42:29:
2e:10:7f:a2:fe:dc:d0:67:42:5b:7c:a1:5a:96:a1:f3:bf:ad:
3d:6d:7c:a0:1a:6c:1e:0c:36:5a:84:f6:d4:d1:a1:91:1b:09:
af:a7:28:c7:b4:54:e0:53:a4:fc:59:87:bd:fd:eb:5e:00:9d:
2b:31:97:9e:18:12:8f:b4:d4:52:50:be:49:80:29:6b:93:d2:
66:cb:a5:2d:ec:1e:ba:26:77:c2:92:a9:2d:b4:54:e9:a0:e2:
b8:8a:00:e8:9f:6e:1d:1f:49:98:f9:62:e3:ac:93:02:44:8b:
c6:fc:ea:3d:33:35:d5:f0:d5:59:f9:0c:05:94:ca:de:6a:d4:
f6:17:de:4d:26:fb:f7:ac:8a:b9:ad:fa:f1:07:a3:03:f2:f0:
e3:7e:3a:37:e1:cf:b7:ea:ce:c4:4e:49:cc:0b:4e:18:5c:90:
e8:ad:4d:b7:ee:d7:19:6d:ac:b2:f6:f3:46:e1:74:7a:00:e6:
c8:28:3d:dd
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAMDRRDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
Y2VmYTQxMWYwOTM2YTQ2NmQ4NDFlYzI5MGNkODBjYzU1MGE3ZjZlMB4XDTIyMDUz
MDE0MjAxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjkwZjk3YmFjYjgz
Y2JlMWVhNjg2YjE4NmZmNDk1NTc5ZThmMjYxMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJvuwEPk7+/3lRf8kNmXtQ5eosJBfo8w8LOkr5DZbSVzBLyM
WQH3CR2f7fu7IKAl04canR/+/dVOehZTBHLVnnYrzMRMOIWooytlIfrDk2EEjn3e
XK36Z9j+MxudCr3se6TUY1uVOuYoavRZUYFeHg9QrA8DGv4Bk6/wvjfvzmIur+63
8q2UVxQICWKQ0AOm90xKNYO50hUtY7cL8f6eC/BGOl8z0KDKmi+oE7Sfiefd8ZHD
pQdiqmRrgb8TgvKx9kQWwsE97ql9ALgQGaDCxGmsdbJHRNOXAE6UWOqX48bhkRlX
7EdkvXYgwHB85jQRiqH9+SlrmN9xcXI5F2oNbKMCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQpD5e6y4PL4epoaxhv9JVXno8mETAfBgNVHSMEGDAWgBRs76QR8JNqRm2E
HsKQzYDMVQp/bjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JPLWtFZkNUYWtadGhCN0NrTTJBekZVS2YyNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGIvNTNiMTNlLWRlYmItNDU2YS04ZGMxLWU4MTFkOTQwN2U3YS8x
L0tRLVh1c3VEeS1IcWFHc1liX1NWVjU2UEpoRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGIv
NTNiMTNlLWRlYmItNDU2YS04ZGMxLWU4MTFkOTQwN2U3YS8xL2JPLWtFZkNUYWta
dGhCN0NrTTJBekZVS2YyNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAFvy9zANBAIAAjAHAwUDKhGvQDAN
BgkqhkiG9w0BAQsFAAOCAQEAdNrkIWgyqRLLNiE9StfUetJLqDVaoMS+B1omcfs/
JkCp1j0XfozUHnbsTmtR/MJM77WaUTpeq8iwkQVaPld4fcQ4h9t+RkIpLhB/ov7c
0GdCW3yhWpah87+tPW18oBpsHgw2WoT21NGhkRsJr6cox7RU4FOk/FmHvf3rXgCd
KzGXnhgSj7TUUlC+SYApa5PSZsulLeweuiZ3wpKpLbRU6aDiuIoA6J9uHR9JmPli
46yTAkSLxvzqPTM11fDVWfkMBZTK3mrU9hfeTSb796yKua368QejA/Lw4346N+HP
t+rOxE5JzAtOGFyQ6K1Nt+7XGW2ssvbzRuF0egDmyCg93Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:31 2024 by rpki-client on console-fra.rpki-client.org