Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/53b13e-debb-456a-8dc1-e811d9407e7a/1/QZ5zwPAM3V45_gDFDq1CJvns24w.roa
File: QZ5zwPAM3V45_gDFDq1CJvns24w.roa (raw, json)
Hash identifier: Yl68f5LREBy52pVOjMnNvYuTtYYx3ppE6DksmGS76BE=
Subject key identifier: 41:9E:73:C0:F0:0C:DD:5E:39:FE:00:C5:0E:AD:42:26:F9:EC:DB:8C
Certificate issuer: /CN=6cefa411f0936a466d841ec290cd80cc550a7f6e
Certificate serial: C568FD
Authority key identifier: 6C:EF:A4:11:F0:93:6A:46:6D:84:1E:C2:90:CD:80:CC:55:0A:7F:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bO-kEfCTakZthB7CkM2AzFUKf24.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/53b13e-debb-456a-8dc1-e811d9407e7a/1/QZ5zwPAM3V45_gDFDq1CJvns24w.roa
Signing time: Wed 01 Jun 2022 11:33:20 +0000
ROA not before: Wed 01 Jun 2022 11:33:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210626
IP address blocks: 91.242.247.0/24 maxlen: 24
2a11:af40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12937469 (0xc568fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cefa411f0936a466d841ec290cd80cc550a7f6e
Validity
Not Before: Jun 1 11:33:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=419e73c0f00cdd5e39fe00c50ead4226f9ecdb8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:df:32:50:fc:98:7b:d9:78:30:43:e3:eb:61:
73:ae:cf:74:cf:08:42:f7:eb:15:4c:8c:9e:3c:f5:
3c:c3:5c:9f:74:70:74:d4:88:5c:85:d9:6e:3d:d9:
6f:38:ce:e2:45:36:af:ab:a9:d8:30:26:d0:ba:e4:
92:1a:b2:58:8d:60:0c:19:44:f8:7f:ec:9a:ec:5b:
be:8c:71:b4:fa:1d:c7:d2:86:fd:f4:3e:9d:92:bb:
10:b1:b5:3a:11:24:88:e9:d2:10:2e:ed:a6:1e:49:
b6:bd:09:be:5e:b2:71:fc:45:9e:94:e9:d3:4f:87:
4b:01:7f:52:16:fc:17:0e:15:33:45:94:a2:70:8f:
06:38:28:f3:dc:a0:7d:2f:1e:8c:ea:de:f9:8c:45:
66:2a:04:85:f8:51:a7:71:8b:21:02:7b:c3:f7:fa:
04:0f:2e:54:5a:f5:82:d9:95:4a:56:18:45:d9:6b:
0b:5f:9f:13:a7:34:f0:4a:c6:03:61:44:7f:a6:f1:
41:3e:1b:19:27:c2:ef:e5:99:94:8f:d7:b8:c8:32:
f1:9b:4b:08:a2:3e:be:5a:2f:61:8f:ab:10:5d:54:
ec:99:fd:f3:50:d6:89:df:1b:75:e1:f3:d7:35:ba:
e8:d8:60:9a:83:bf:1e:4b:fb:0e:cd:a0:01:86:9c:
1f:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:9E:73:C0:F0:0C:DD:5E:39:FE:00:C5:0E:AD:42:26:F9:EC:DB:8C
X509v3 Authority Key Identifier:
keyid:6C:EF:A4:11:F0:93:6A:46:6D:84:1E:C2:90:CD:80:CC:55:0A:7F:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bO-kEfCTakZthB7CkM2AzFUKf24.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/53b13e-debb-456a-8dc1-e811d9407e7a/1/QZ5zwPAM3V45_gDFDq1CJvns24w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/53b13e-debb-456a-8dc1-e811d9407e7a/1/bO-kEfCTakZthB7CkM2AzFUKf24.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.247.0/24
IPv6:
2a11:af40::/29
Signature Algorithm: sha256WithRSAEncryption
28:4f:ab:a4:72:c9:36:8a:28:6b:a2:59:90:a8:64:3e:51:98:
ec:27:b9:35:1f:80:e5:05:59:c3:20:1c:33:8c:98:8e:1b:e6:
c5:36:07:59:a9:6a:f4:64:35:3e:f0:a6:1e:08:00:15:bb:e9:
c5:ac:e1:9f:2f:e2:ed:9e:52:9b:d0:37:36:d5:fb:b4:7b:98:
41:2b:58:95:9f:e0:db:44:6e:ed:fb:86:16:67:d0:a0:5c:21:
66:fa:32:fe:51:68:3b:5d:cf:12:48:88:9b:3e:4e:91:8e:d6:
6c:8d:66:f0:22:2c:30:e9:01:f4:cc:30:db:dc:b6:18:5f:e4:
7a:7b:74:d5:94:6a:61:bb:fc:12:f6:87:59:76:e3:69:d7:64:
e5:5f:4d:fd:4d:d3:36:e9:be:f6:81:f3:87:e2:de:ee:c4:5d:
6f:ec:58:c6:0d:b4:28:d1:1e:a6:9a:26:28:d0:75:a0:9c:d8:
03:a0:e9:c6:dd:67:02:6a:24:ae:f8:6a:21:45:dd:09:71:c9:
ef:a8:ca:db:04:34:04:b7:87:69:a0:b5:dd:44:2c:95:0f:79:
bd:88:22:2c:b2:09:80:e3:c4:69:4b:dd:28:5c:84:7e:dc:52:
8d:46:03:c1:ad:51:2f:5a:3f:f3:99:3f:a2:fe:dc:10:8a:f6:
96:5b:44:76
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAMVo/TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
Y2VmYTQxMWYwOTM2YTQ2NmQ4NDFlYzI5MGNkODBjYzU1MGE3ZjZlMB4XDTIyMDYw
MTExMzMyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDE5ZTczYzBmMDBj
ZGQ1ZTM5ZmUwMGM1MGVhZDQyMjZmOWVjZGI4YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI/fMlD8mHvZeDBD4+thc67PdM8IQvfrFUyMnjz1PMNcn3Rw
dNSIXIXZbj3ZbzjO4kU2r6up2DAm0LrkkhqyWI1gDBlE+H/smuxbvoxxtPodx9KG
/fQ+nZK7ELG1OhEkiOnSEC7tph5Jtr0Jvl6ycfxFnpTp00+HSwF/Uhb8Fw4VM0WU
onCPBjgo89ygfS8ejOre+YxFZioEhfhRp3GLIQJ7w/f6BA8uVFr1gtmVSlYYRdlr
C1+fE6c08ErGA2FEf6bxQT4bGSfC7+WZlI/XuMgy8ZtLCKI+vlovYY+rEF1U7Jn9
81DWid8bdeHz1zW66NhgmoO/Hkv7Ds2gAYacH8ECAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRBnnPA8AzdXjn+AMUOrUIm+ezbjDAfBgNVHSMEGDAWgBRs76QR8JNqRm2E
HsKQzYDMVQp/bjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JPLWtFZkNUYWtadGhCN0NrTTJBekZVS2YyNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGIvNTNiMTNlLWRlYmItNDU2YS04ZGMxLWU4MTFkOTQwN2U3YS8x
L1FaNXp3UEFNM1Y0NV9nREZEcTFDSnZuczI0dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGIv
NTNiMTNlLWRlYmItNDU2YS04ZGMxLWU4MTFkOTQwN2U3YS8xL2JPLWtFZkNUYWta
dGhCN0NrTTJBekZVS2YyNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAFvy9zANBAIAAjAHAwUDKhGvQDAN
BgkqhkiG9w0BAQsFAAOCAQEAKE+rpHLJNoooa6JZkKhkPlGY7Ce5NR+A5QVZwyAc
M4yYjhvmxTYHWalq9GQ1PvCmHggAFbvpxazhny/i7Z5Sm9A3NtX7tHuYQStYlZ/g
20Ru7fuGFmfQoFwhZvoy/lFoO13PEkiImz5OkY7WbI1m8CIsMOkB9Mww29y2GF/k
ent01ZRqYbv8EvaHWXbjaddk5V9N/U3TNum+9oHzh+Le7sRdb+xYxg20KNEeppom
KNB1oJzYA6Dpxt1nAmokrvhqIUXdCXHJ76jK2wQ0BLeHaaC13UQslQ95vYgiLLIJ
gOPEaUvdKFyEftxSjUYDwa1RL1o/85k/ov7cEIr2lltEdg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:20 2024 by rpki-client on console-ams.rpki-client.org