Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/c0fc0a-15d4-46cc-a8b9-47632cb5b854/1/hqjfkyfLh_cK_4PNKbHVltM374k.roa
File: hqjfkyfLh_cK_4PNKbHVltM374k.roa (raw, json)
Hash identifier: Kihbh8K5G6bP/dekH1Ni5xLh19EAqe/Y3o/LQX0e/gI=
Subject key identifier: 86:A8:DF:93:27:CB:87:F7:0A:FF:83:CD:29:B1:D5:96:D3:37:EF:89
Certificate issuer: /CN=7de98f48e988790d0e0793537941b413d2e60306
Certificate serial: 09CE204B
Authority key identifier: 7D:E9:8F:48:E9:88:79:0D:0E:07:93:53:79:41:B4:13:D2:E6:03:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/femPSOmIeQ0OB5NTeUG0E9LmAwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/c0fc0a-15d4-46cc-a8b9-47632cb5b854/1/hqjfkyfLh_cK_4PNKbHVltM374k.roa
Signing time: Thu 24 Feb 2022 17:27:38 +0000
ROA not before: Thu 24 Feb 2022 17:27:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41849
IP address blocks: 91.102.135.0/24 maxlen: 24
91.102.134.0/23 maxlen: 23
91.102.134.0/24 maxlen: 24
91.102.130.0/24 maxlen: 24
91.102.128.0/22 maxlen: 22
2a01:7140::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 164503627 (0x9ce204b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7de98f48e988790d0e0793537941b413d2e60306
Validity
Not Before: Feb 24 17:27:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=86a8df9327cb87f70aff83cd29b1d596d337ef89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:92:af:e6:74:95:68:3c:d5:1e:11:ee:87:74:
06:58:53:a5:a7:dd:c4:d0:30:30:09:27:f0:ab:04:
d4:da:f1:8a:3d:88:76:a1:e4:63:4d:c8:7e:01:d4:
65:52:30:79:75:d1:36:49:d7:77:46:ee:4e:eb:c5:
16:07:93:0c:0a:ac:b0:a7:d0:b8:39:76:c2:66:ff:
42:17:a2:92:f6:d1:17:f3:3b:e0:75:ad:81:d6:85:
1a:fe:7e:3e:0c:16:7d:8f:b0:c3:38:4b:a2:ec:9c:
4b:a9:cd:05:b5:ac:14:af:17:9e:16:35:53:ee:85:
d5:51:8a:2c:3d:84:44:88:e3:79:83:da:ab:14:e1:
6e:25:6b:81:38:e5:87:bf:ab:58:ae:05:38:38:d7:
1d:cf:36:ac:57:2c:06:a1:74:e9:14:0f:cb:28:b8:
71:85:19:1c:b8:f6:95:5c:47:e2:2b:37:88:8f:da:
e7:2f:a8:3c:bc:cd:a1:e9:e1:33:00:8c:fa:5f:54:
a8:c9:a5:f4:eb:f3:2f:0d:59:04:b7:c1:fd:e1:cd:
26:2c:6a:99:01:3b:80:05:7f:0c:cb:2a:5c:24:07:
6f:f3:8e:a8:7d:b3:fb:9e:15:c5:d7:a0:d1:ae:55:
42:1d:fd:43:0f:2d:da:e9:2a:e9:ef:26:a1:e1:85:
82:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:A8:DF:93:27:CB:87:F7:0A:FF:83:CD:29:B1:D5:96:D3:37:EF:89
X509v3 Authority Key Identifier:
keyid:7D:E9:8F:48:E9:88:79:0D:0E:07:93:53:79:41:B4:13:D2:E6:03:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/femPSOmIeQ0OB5NTeUG0E9LmAwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/c0fc0a-15d4-46cc-a8b9-47632cb5b854/1/hqjfkyfLh_cK_4PNKbHVltM374k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/c0fc0a-15d4-46cc-a8b9-47632cb5b854/1/femPSOmIeQ0OB5NTeUG0E9LmAwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.102.128.0/22
91.102.134.0/23
IPv6:
2a01:7140::/32
Signature Algorithm: sha256WithRSAEncryption
5e:e4:e1:a0:3c:8d:b7:8d:b7:b1:66:0d:1b:c5:6a:cf:11:9e:
b5:23:f8:7a:d5:8e:54:2f:c0:17:57:b5:41:70:b2:02:eb:82:
7b:b3:c4:d2:e9:83:b2:8f:16:58:9a:23:2c:2d:56:4b:d2:3b:
92:03:a1:5f:e1:48:34:de:17:66:8f:fe:1d:93:ca:d1:53:18:
e0:a5:bc:6e:9c:56:ea:ce:3a:6a:b5:65:13:69:84:2f:3a:89:
fd:91:e1:8e:b3:b9:55:a2:5f:f2:4a:1d:33:4f:02:a0:9b:3b:
0f:75:30:52:19:7b:f7:6e:34:c6:50:a5:0d:ed:4c:4c:6a:38:
1a:83:3e:f0:00:ff:9a:a1:50:d9:93:d4:4e:a8:cd:1a:ee:61:
a1:e4:69:7e:58:27:52:10:29:a2:04:f4:b4:d5:ac:68:68:f1:
08:4c:be:b7:64:61:c4:bd:76:b1:70:49:6e:88:c9:7a:a6:a1:
be:12:dc:48:33:74:79:19:7e:45:0b:75:0b:1d:47:47:eb:a5:
49:89:6a:a4:a9:1e:ea:30:c5:03:ac:d5:78:d2:1c:70:23:db:
18:f3:a0:16:ed:57:11:67:1d:ca:e9:95:c1:86:55:ed:9b:d9:
b5:66:48:6f:b8:0a:62:80:ae:fc:98:7d:5f:73:00:8b:aa:f7:
fc:29:89:8d
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIECc4gSzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZGU5OGY0OGU5ODg3OTBkMGUwNzkzNTM3OTQxYjQxM2QyZTYwMzA2MB4XDTIyMDIy
NDE3MjczOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODZhOGRmOTMyN2Ni
ODdmNzBhZmY4M2NkMjliMWQ1OTZkMzM3ZWY4OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALuSr+Z0lWg81R4R7od0BlhTpafdxNAwMAkn8KsE1Nrxij2I
dqHkY03IfgHUZVIweXXRNknXd0buTuvFFgeTDAqssKfQuDl2wmb/QheikvbRF/M7
4HWtgdaFGv5+PgwWfY+wwzhLouycS6nNBbWsFK8XnhY1U+6F1VGKLD2ERIjjeYPa
qxThbiVrgTjlh7+rWK4FODjXHc82rFcsBqF06RQPyyi4cYUZHLj2lVxH4is3iI/a
5y+oPLzNoenhMwCM+l9UqMml9OvzLw1ZBLfB/eHNJixqmQE7gAV/DMsqXCQHb/OO
qH2z+54Vxdeg0a5VQh39Qw8t2ukq6e8moeGFgpMCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSGqN+TJ8uH9wr/g80psdWW0zfviTAfBgNVHSMEGDAWgBR96Y9I6Yh5DQ4H
k1N5QbQT0uYDBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZlbVBTT21JZVEwT0I1TlRlVUcwRTlMbUF3WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmQvYzBmYzBhLTE1ZDQtNDZjYy1hOGI5LTQ3NjMyY2I1Yjg1NC8x
L2hxamZreWZMaF9jS180UE5LYkhWbHRNMzc0ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQv
YzBmYzBhLTE1ZDQtNDZjYy1hOGI5LTQ3NjMyY2I1Yjg1NC8xL2ZlbVBTT21JZVEw
T0I1TlRlVUcwRTlMbUF3WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAltmgAMEAVtmhjANBAIAAjAHAwUA
KgFxQDANBgkqhkiG9w0BAQsFAAOCAQEAXuThoDyNt423sWYNG8VqzxGetSP4etWO
VC/AF1e1QXCyAuuCe7PE0umDso8WWJojLC1WS9I7kgOhX+FINN4XZo/+HZPK0VMY
4KW8bpxW6s46arVlE2mELzqJ/ZHhjrO5VaJf8kodM08CoJs7D3UwUhl79240xlCl
De1MTGo4GoM+8AD/mqFQ2ZPUTqjNGu5hoeRpflgnUhApogT0tNWsaGjxCEy+t2Rh
xL12sXBJbojJeqahvhLcSDN0eRl+RQt1Cx1HR+ulSYlqpKke6jDFA6zVeNIccCPb
GPOgFu1XEWcdyumVwYZV7ZvZtWZIb7gKYoCu/Jh9X3MAi6r3/CmJjQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:47 2024 by rpki-client on console-ams.rpki-client.org