Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/qYx9-2FcIwj0SFGPJRFxifcf40g.roa
File: qYx9-2FcIwj0SFGPJRFxifcf40g.roa (raw, json)
Hash identifier: xzbBlNCpA+Ga7WdImTpzCFIxGmC9wYlRcIRWqc2X/Fs=
Subject key identifier: A9:8C:7D:FB:61:5C:23:08:F4:48:51:8F:25:11:71:89:F7:1F:E3:48
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 137BB4F0
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/qYx9-2FcIwj0SFGPJRFxifcf40g.roa
Signing time: Sat 01 Jan 2022 05:56:11 +0000
ROA not before: Sat 01 Jan 2022 05:56:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 22773
IP address blocks: 194.50.200.0/23 maxlen: 23
195.138.96.0/19 maxlen: 24
194.50.206.0/23 maxlen: 23
91.242.105.0/24 maxlen: 24
91.242.100.0/23 maxlen: 23
91.242.108.0/22 maxlen: 22
91.242.120.0/21 maxlen: 21
185.173.244.0/22 maxlen: 24
91.242.64.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 326874352 (0x137bb4f0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 1 05:56:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a98c7dfb615c2308f448518f25117189f71fe348
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:0a:1e:fd:29:e5:32:e8:51:1f:c6:d6:de:30:
3b:b1:13:c8:8e:62:3e:a2:2a:a0:58:4f:80:31:ca:
c7:1e:20:dd:2d:13:37:a0:ac:fa:17:1c:09:62:e7:
ab:4a:62:6b:6b:0a:9a:73:4a:23:3c:ab:4c:d3:a5:
8f:39:28:8f:e3:5e:16:7c:ba:b9:0d:f7:c8:df:fe:
34:9f:a9:31:d5:47:86:aa:57:40:12:d3:16:0c:e0:
7e:11:f5:af:2e:cb:7e:28:da:72:5d:16:57:88:fc:
7d:96:31:b6:21:d9:51:c9:97:d9:9b:9a:4b:4a:80:
3a:1b:1c:b2:53:a4:79:df:eb:3c:0e:c8:01:ff:82:
da:c5:77:1e:67:4f:be:da:a6:23:62:44:76:6a:dc:
9e:a1:c8:c6:11:18:24:a3:3e:db:45:33:c5:72:3a:
6d:62:2d:04:c8:e2:8f:dd:10:d7:05:cd:1a:5c:90:
4d:64:28:6d:77:f7:25:10:d0:f9:b4:f2:a1:6e:c8:
9f:26:66:02:86:e6:96:d9:84:0d:5e:e3:93:9e:31:
9c:b9:7b:82:96:95:de:a7:5a:81:86:5d:97:cf:fe:
e4:11:ae:63:b9:74:1a:ed:f6:5c:6d:3a:18:90:30:
32:f0:f9:87:df:3e:29:a9:da:f8:02:33:73:0a:37:
1f:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:8C:7D:FB:61:5C:23:08:F4:48:51:8F:25:11:71:89:F7:1F:E3:48
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/qYx9-2FcIwj0SFGPJRFxifcf40g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.64.0/22
91.242.100.0/23
91.242.105.0/24
91.242.108.0/22
91.242.120.0/21
185.173.244.0/22
194.50.200.0/23
194.50.206.0/23
195.138.96.0/19
Signature Algorithm: sha256WithRSAEncryption
58:16:e8:a8:13:91:9a:69:b5:af:9c:7d:d0:f1:67:43:6d:fc:
9c:bf:9d:85:16:56:25:78:44:83:35:1f:66:1d:9e:ba:6f:38:
d1:ec:a1:a7:48:a8:d0:1a:46:3a:e6:78:37:96:2e:7a:ea:12:
37:23:74:6c:82:c7:34:1f:c4:8e:8b:7b:36:55:17:0c:ce:c5:
d4:9a:54:03:6d:e0:56:fd:b5:68:13:b6:30:4d:69:36:25:52:
45:f7:12:a5:da:ed:ab:b6:57:2a:1a:94:f0:f5:12:0a:e2:4d:
e1:e2:64:d5:aa:0e:60:43:53:c4:f2:5f:d0:03:08:cd:e3:83:
da:3a:37:d8:81:a4:b0:fc:e4:ff:1c:16:54:86:e6:e6:09:e2:
a5:d9:68:fe:97:99:b5:21:fc:35:7e:2f:6d:0c:b7:c9:bd:8d:
35:75:d7:d0:55:0f:30:2e:89:f8:e7:10:92:fb:45:4b:cb:e8:
07:ce:de:2f:09:50:02:4c:ab:99:6e:ff:c4:aa:8b:76:3c:89:
12:3e:3d:b5:c3:60:d1:c5:75:8e:96:53:21:d1:f4:a4:ee:74:
e2:11:56:b9:0f:d5:b0:52:07:62:c8:a8:c6:65:41:05:08:4a:
37:84:7b:74:91:32:d2:78:2e:1c:3d:a5:b9:cb:ef:2a:17:ea:
ca:77:73:ea
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEE3u08DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YmFiMzA2ODM4NTllYzdlMDIwNmZlOTI2NTM2M2U4ZTM5NzFhOWE4MB4XDTIyMDEw
MTA1NTYxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTk4YzdkZmI2MTVj
MjMwOGY0NDg1MThmMjUxMTcxODlmNzFmZTM0ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJoKHv0p5TLoUR/G1t4wO7ETyI5iPqIqoFhPgDHKxx4g3S0T
N6Cs+hccCWLnq0pia2sKmnNKIzyrTNOljzkoj+NeFny6uQ33yN/+NJ+pMdVHhqpX
QBLTFgzgfhH1ry7Lfijacl0WV4j8fZYxtiHZUcmX2ZuaS0qAOhscslOked/rPA7I
Af+C2sV3HmdPvtqmI2JEdmrcnqHIxhEYJKM+20UzxXI6bWItBMjij90Q1wXNGlyQ
TWQobXf3JRDQ+bTyoW7InyZmAobmltmEDV7jk54xnLl7gpaV3qdagYZdl8/+5BGu
Y7l0Gu32XG06GJAwMvD5h98+Kana+AIzcwo3H7sCAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBSpjH37YVwjCPRIUY8lEXGJ9x/jSDAfBgNVHSMEGDAWgBSLqzBoOFnsfgIG
/pJlNj6OOXGpqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2k2c3dhRGhaN0g0Q0J2NlNaVFktampseHFhZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8x
L3FZeDktMkZjSXdqMFNGR1BKUkZ4aWZjZjQwZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
ODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8xL2k2c3dhRGhaN0g0
Q0J2NlNaVFktampseHFhZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEAlvyQAMEAVvyZAMEAFvyaQMEAlvy
bAMEA1vyeAMEArmt9AMEAcIyyAMEAcIyzgMEBcOKYDANBgkqhkiG9w0BAQsFAAOC
AQEAWBboqBORmmm1r5x90PFnQ238nL+dhRZWJXhEgzUfZh2eum840eyhp0io0BpG
OuZ4N5YueuoSNyN0bILHNB/Ejot7NlUXDM7F1JpUA23gVv21aBO2ME1pNiVSRfcS
pdrtq7ZXKhqU8PUSCuJN4eJk1aoOYENTxPJf0AMIzeOD2jo32IGksPzk/xwWVIbm
5gnipdlo/peZtSH8NX4vbQy3yb2NNXXX0FUPMC6J+OcQkvtFS8voB87eLwlQAkyr
mW7/xKqLdjyJEj49tcNg0cV1jpZTIdH0pO504hFWuQ/VsFIHYsioxmVBBQhKN4R7
dJEy0nguHD2lucvvKhfqyndz6g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:42 2024 by rpki-client on console-fra.rpki-client.org