Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/d3363e-4832-4d57-9da5-dbf76ed3939f/1/qKfZZgNmD8wLMn3CjSiglBdRZM8.roa
File: qKfZZgNmD8wLMn3CjSiglBdRZM8.roa (raw, json)
Hash identifier: EqvopSPlg/YCPGGJvWVZPcvUCmN4vRkXJ3voYpxkq20=
Subject key identifier: A8:A7:D9:66:03:66:0F:CC:0B:32:7D:C2:8D:28:A0:94:17:51:64:CF
Certificate issuer: /CN=010a7d4c64aed4bc98c6b5b064ff0a9b82eada82
Certificate serial: 0182EE8F6F7023550FA17A5E5981DF76C209
Authority key identifier: 01:0A:7D:4C:64:AE:D4:BC:98:C6:B5:B0:64:FF:0A:9B:82:EA:DA:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AQp9TGSu1LyYxrWwZP8Km4Lq2oI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/d3363e-4832-4d57-9da5-dbf76ed3939f/1/qKfZZgNmD8wLMn3CjSiglBdRZM8.roa
Signing time: Tue 30 Aug 2022 11:42:33 +0000
ROA not before: Tue 30 Aug 2022 11:42:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201355
IP address blocks: 91.220.251.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ee:8f:6f:70:23:55:0f:a1:7a:5e:59:81:df:76:c2:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=010a7d4c64aed4bc98c6b5b064ff0a9b82eada82
Validity
Not Before: Aug 30 11:42:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a8a7d96603660fcc0b327dc28d28a094175164cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:52:04:32:7b:9a:4b:e5:75:28:a2:cf:dc:66:
c7:03:62:a2:58:a5:db:8b:ca:1e:13:81:7f:d3:ef:
cd:a0:a0:2f:6a:8b:12:dc:07:38:1a:54:d7:61:5b:
9c:4d:0a:45:20:ca:ac:49:c4:77:31:2f:d6:f6:0f:
f5:e7:2e:36:80:7a:ed:dd:69:82:c8:59:4a:30:5a:
b2:f1:ad:2a:d2:47:fe:ee:57:8c:ab:01:c0:f4:60:
db:88:80:ca:1e:1c:c1:fe:28:02:e6:5e:bd:55:29:
54:40:52:0f:d8:fb:e1:2b:1f:57:72:38:17:da:86:
f9:73:40:de:8b:43:df:e5:68:6d:cf:ef:86:e9:b3:
c5:a0:83:06:53:78:4b:f7:80:d2:bd:43:48:5a:d7:
d1:07:21:b5:13:7f:d6:39:ab:41:74:12:55:1c:cb:
77:60:25:ff:9e:41:52:76:3b:b4:49:be:cc:bd:14:
9e:b6:c3:fe:a5:3c:17:a4:6b:ba:5f:53:1f:39:07:
85:36:c6:34:31:44:24:50:f8:da:34:23:40:9e:e7:
24:b9:55:01:28:62:85:a8:de:3c:f4:ba:dc:f8:18:
b4:c5:f4:ba:b1:3f:67:55:1c:d2:3e:99:ca:0e:73:
eb:bc:e6:f1:1a:45:fc:ff:10:46:36:af:88:74:79:
6b:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:A7:D9:66:03:66:0F:CC:0B:32:7D:C2:8D:28:A0:94:17:51:64:CF
X509v3 Authority Key Identifier:
keyid:01:0A:7D:4C:64:AE:D4:BC:98:C6:B5:B0:64:FF:0A:9B:82:EA:DA:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AQp9TGSu1LyYxrWwZP8Km4Lq2oI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/d3363e-4832-4d57-9da5-dbf76ed3939f/1/qKfZZgNmD8wLMn3CjSiglBdRZM8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/d3363e-4832-4d57-9da5-dbf76ed3939f/1/AQp9TGSu1LyYxrWwZP8Km4Lq2oI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.251.0/24
Signature Algorithm: sha256WithRSAEncryption
06:19:b8:c3:e1:f8:37:1a:b8:14:73:17:c1:06:03:9c:dd:5e:
40:9e:85:4d:cb:c1:aa:33:78:99:ac:a7:70:01:f6:39:31:c3:
96:55:fd:e8:bb:15:3e:e5:23:cf:ff:4f:08:00:cd:3a:aa:82:
e1:67:ba:92:54:64:59:13:02:e5:c6:e4:09:2e:61:74:c0:24:
6c:ec:b6:00:d8:36:7c:a1:c6:b1:a7:7f:b9:fc:8a:8c:db:cc:
3f:d8:54:c1:3e:f2:5e:02:1c:01:4c:13:6b:01:3c:86:f1:16:
df:2f:3f:f5:23:b6:b9:7c:65:b1:c4:9f:cd:b0:c4:b8:34:d6:
c1:1c:09:40:4e:32:ce:93:e4:2f:f4:d3:c8:e1:ec:db:1b:13:
26:05:9b:86:9b:b1:65:8c:78:98:9e:15:d6:7a:e9:45:83:6c:
7e:71:52:06:c2:60:7e:d7:62:21:40:c1:1e:3c:e6:06:e9:53:
7a:ab:4b:94:04:92:61:ac:90:b7:63:d2:7c:04:fe:a3:e2:84:
cd:35:53:e0:b0:cd:5d:de:94:d6:7a:a7:54:c7:62:a2:76:2c:
9c:e5:08:21:8d:b5:90:15:a2:89:20:98:e4:1b:da:05:e3:df:
e5:1a:cd:6f:bd:5d:99:71:cb:6e:e0:84:77:93:59:70:48:64:
76:7d:2a:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYLuj29wI1UPoXpeWYHfdsIJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxMGE3ZDRjNjRhZWQ0YmM5OGM2YjViMDY0ZmYwYTliODJl
YWRhODIwHhcNMjIwODMwMTE0MjMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGE3ZDk2NjAzNjYwZmNjMGIzMjdkYzI4ZDI4YTA5NDE3NTE2NGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolIEMnuaS+V1KKLP3GbHA2KiWKXb
i8oeE4F/0+/NoKAvaosS3Ac4GlTXYVucTQpFIMqsScR3MS/W9g/15y42gHrt3WmC
yFlKMFqy8a0q0kf+7leMqwHA9GDbiIDKHhzB/igC5l69VSlUQFIP2PvhKx9XcjgX
2ob5c0Dei0Pf5Whtz++G6bPFoIMGU3hL94DSvUNIWtfRByG1E3/WOatBdBJVHMt3
YCX/nkFSdju0Sb7MvRSetsP+pTwXpGu6X1MfOQeFNsY0MUQkUPjaNCNAnuckuVUB
KGKFqN489Lrc+Bi0xfS6sT9nVRzSPpnKDnPrvObxGkX8/xBGNq+IdHlr9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKin2WYDZg/MCzJ9wo0ooJQXUWTPMB8GA1UdIwQY
MBaAFAEKfUxkrtS8mMa1sGT/CpuC6tqCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVFwOVRHU3UxTHlZeHJXd1pQOEttNExxMm9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9kMzM2M2UtNDgzMi00ZDU3LTlkYTUt
ZGJmNzZlZDM5MzlmLzEvcUtmWlpnTm1EOHdMTW4zQ2pTaWdsQmRSWk04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy9kMzM2M2UtNDgzMi00ZDU3LTlkYTUtZGJmNzZlZDM5Mzlm
LzEvQVFwOVRHU3UxTHlZeHJXd1pQOEttNExxMm9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9z7MA0G
CSqGSIb3DQEBCwUAA4IBAQAGGbjD4fg3GrgUcxfBBgOc3V5AnoVNy8GqM3iZrKdw
AfY5McOWVf3ouxU+5SPP/08IAM06qoLhZ7qSVGRZEwLlxuQJLmF0wCRs7LYA2DZ8
ocaxp3+5/IqM28w/2FTBPvJeAhwBTBNrATyG8RbfLz/1I7a5fGWxxJ/NsMS4NNbB
HAlATjLOk+Qv9NPI4ezbGxMmBZuGm7FljHiYnhXWeulFg2x+cVIGwmB+12IhQMEe
POYG6VN6q0uUBJJhrJC3Y9J8BP6j4oTNNVPgsM1d3pTWeqdUx2Kidiyc5QghjbWQ
FaKJIJjkG9oF49/lGs1vvV2Zcctu4IR3k1lwSGR2fSpp
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:23 2023 by rpki-client on console-ams.rpki-client.org