Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/3cac6b-2c2a-4b66-adee-d52325de6b08/1/qsghRpJfhMUJoC4x3BQSU9LAzis.roa
File: qsghRpJfhMUJoC4x3BQSU9LAzis.roa (raw, json)
Hash identifier: WV3u8Lm55awbKnbfEbrwxXVdTF0IQGJXtuAaTRUN2pA=
Subject key identifier: AA:C8:21:46:92:5F:84:C5:09:A0:2E:31:DC:14:12:53:D2:C0:CE:2B
Certificate issuer: /CN=d350a076ce4a8ce6fb69f1fda4a194614a941afa
Certificate serial: 069DAE25
Authority key identifier: D3:50:A0:76:CE:4A:8C:E6:FB:69:F1:FD:A4:A1:94:61:4A:94:1A:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/01Cgds5KjOb7afH9pKGUYUqUGvo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/3cac6b-2c2a-4b66-adee-d52325de6b08/1/qsghRpJfhMUJoC4x3BQSU9LAzis.roa
Signing time: Sat 01 Jan 2022 02:00:30 +0000
ROA not before: Sat 01 Jan 2022 02:00:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51790
IP address blocks: 91.229.72.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 110997029 (0x69dae25)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d350a076ce4a8ce6fb69f1fda4a194614a941afa
Validity
Not Before: Jan 1 02:00:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aac82146925f84c509a02e31dc141253d2c0ce2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:92:10:d9:ea:ec:14:07:3f:54:82:e0:88:37:
a6:e0:db:e0:c2:48:17:ae:74:72:aa:e0:b5:27:30:
40:76:0b:7d:03:f1:d3:2b:da:65:e1:7f:33:11:1e:
90:11:06:2a:4a:5a:7f:8b:38:89:22:7f:81:7c:7e:
c1:89:66:a1:87:2e:70:99:d1:01:87:39:16:c5:c7:
84:03:8c:db:79:d6:f9:9b:6b:2f:e9:1c:85:d9:6b:
2e:bb:80:05:b1:25:34:82:26:98:0a:c3:cf:73:4c:
5f:7a:af:ff:8e:b5:1a:1f:ab:99:33:6c:10:a6:3a:
45:c8:5c:a6:16:74:e4:3b:bd:3a:e4:4b:14:82:36:
2a:84:0c:29:a0:64:df:1c:ce:fe:50:13:79:74:0f:
98:2c:53:dd:24:1d:66:08:21:a4:16:75:c0:db:48:
6f:0c:e3:d8:e1:75:6c:be:37:f4:3e:fb:7b:db:b7:
e0:52:64:cf:80:25:4c:86:38:98:a9:6a:98:6c:99:
d6:2d:c8:f5:48:e2:3c:8a:09:f3:8b:5e:92:76:43:
a5:67:14:18:2e:24:f0:0d:4f:ae:af:d5:5b:29:23:
1f:cb:ee:19:2a:b9:95:90:ce:a8:4d:4b:6d:f1:7f:
7d:0d:51:b3:68:9f:3c:7a:12:0a:b7:7a:18:d6:83:
fb:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:C8:21:46:92:5F:84:C5:09:A0:2E:31:DC:14:12:53:D2:C0:CE:2B
X509v3 Authority Key Identifier:
keyid:D3:50:A0:76:CE:4A:8C:E6:FB:69:F1:FD:A4:A1:94:61:4A:94:1A:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/01Cgds5KjOb7afH9pKGUYUqUGvo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/3cac6b-2c2a-4b66-adee-d52325de6b08/1/qsghRpJfhMUJoC4x3BQSU9LAzis.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/3cac6b-2c2a-4b66-adee-d52325de6b08/1/01Cgds5KjOb7afH9pKGUYUqUGvo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.229.72.0/24
Signature Algorithm: sha256WithRSAEncryption
33:1a:b2:1e:a1:e0:e3:60:44:f7:d1:ad:87:14:c7:0f:d4:8d:
53:c6:d2:43:2b:2b:d4:4f:30:39:91:d1:ee:e5:13:d4:45:3f:
72:e3:04:16:ec:b1:a4:09:29:17:59:50:5b:05:58:4d:03:da:
3f:3f:82:a7:01:d0:c5:57:ab:c8:d1:36:2b:5c:40:02:91:ff:
8c:ef:26:e3:d7:64:07:2a:e4:0e:b8:12:2e:9d:1e:1a:b2:17:
47:34:f4:1a:22:ad:14:1a:e5:39:47:a7:9a:1a:3a:bc:45:04:
80:ce:7d:61:ae:34:3e:51:d2:d2:16:94:34:cc:8b:3c:6f:33:
49:2f:e5:a3:3f:07:bd:0f:5c:3e:94:7e:f0:68:2c:04:3b:b0:
8c:87:a9:1d:f2:75:79:a8:db:5f:22:39:ba:3c:b3:0b:57:f1:
9f:51:b2:15:7e:d9:28:85:e7:54:4b:69:df:9f:dd:7a:3b:20:
d5:17:62:15:20:e6:b4:92:21:93:78:6b:12:21:5f:23:38:d8:
d5:a4:53:ff:0e:54:05:bc:e2:13:71:3b:13:67:b8:b0:68:a8:
e2:d1:e8:0b:35:23:8d:af:a6:5e:21:87:f9:55:8c:ac:42:70:
bd:65:46:f2:a9:e9:44:a2:d9:3a:38:7c:e7:56:5d:4a:e1:c6:
cd:a8:a9:86
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBp2uJTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MzUwYTA3NmNlNGE4Y2U2ZmI2OWYxZmRhNGExOTQ2MTRhOTQxYWZhMB4XDTIyMDEw
MTAyMDAzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWFjODIxNDY5MjVm
ODRjNTA5YTAyZTMxZGMxNDEyNTNkMmMwY2UyYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMySENnq7BQHP1SC4Ig3puDb4MJIF650cqrgtScwQHYLfQPx
0yvaZeF/MxEekBEGKkpaf4s4iSJ/gXx+wYlmoYcucJnRAYc5FsXHhAOM23nW+Ztr
L+kchdlrLruABbElNIImmArDz3NMX3qv/461Gh+rmTNsEKY6RchcphZ05Du9OuRL
FII2KoQMKaBk3xzO/lATeXQPmCxT3SQdZgghpBZ1wNtIbwzj2OF1bL439D77e9u3
4FJkz4AlTIY4mKlqmGyZ1i3I9UjiPIoJ84teknZDpWcUGC4k8A1Prq/VWykjH8vu
GSq5lZDOqE1LbfF/fQ1Rs2ifPHoSCrd6GNaD+zUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSqyCFGkl+ExQmgLjHcFBJT0sDOKzAfBgNVHSMEGDAWgBTTUKB2zkqM5vtp
8f2koZRhSpQa+jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzAxQ2dkczVLak9iN2FmSDlwS0dVWVVxVUd2by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmYvM2NhYzZiLTJjMmEtNGI2Ni1hZGVlLWQ1MjMyNWRlNmIwOC8x
L3FzZ2hScEpmaE1VSm9DNHgzQlFTVTlMQXppcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmYv
M2NhYzZiLTJjMmEtNGI2Ni1hZGVlLWQ1MjMyNWRlNmIwOC8xLzAxQ2dkczVLak9i
N2FmSDlwS0dVWVVxVUd2by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvlSDANBgkqhkiG9w0BAQsFAAOC
AQEAMxqyHqHg42BE99GthxTHD9SNU8bSQysr1E8wOZHR7uUT1EU/cuMEFuyxpAkp
F1lQWwVYTQPaPz+CpwHQxVeryNE2K1xAApH/jO8m49dkByrkDrgSLp0eGrIXRzT0
GiKtFBrlOUenmho6vEUEgM59Ya40PlHS0haUNMyLPG8zSS/loz8HvQ9cPpR+8Ggs
BDuwjIepHfJ1eajbXyI5ujyzC1fxn1GyFX7ZKIXnVEtp35/dejsg1RdiFSDmtJIh
k3hrEiFfIzjY1aRT/w5UBbziE3E7E2e4sGio4tHoCzUjja+mXiGH+VWMrEJwvWVG
8qnpRKLZOjh851ZdSuHGzaiphg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:01 2023 by rpki-client on console-fra.rpki-client.org