Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/qfbf8w618D8NOBXLh4VCm-u39rs.roa
File: qfbf8w618D8NOBXLh4VCm-u39rs.roa (raw, json)
Hash identifier: wUOyA/pnsHFrNFNEaj5zcrzGy77yj2enDm8vIaHRSJk=
Subject key identifier: A9:F6:DF:F3:0E:B5:F0:3F:0D:38:15:CB:87:85:42:9B:EB:B7:F6:BB
Certificate issuer: /CN=458d12f095053c35876b88b47685d6435421fcf2
Certificate serial: 01830283E50B50CD5B3198926F315595E48D
Authority key identifier: 45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/qfbf8w618D8NOBXLh4VCm-u39rs.roa
Signing time: Sat 03 Sep 2022 08:42:21 +0000
ROA not before: Sat 03 Sep 2022 08:42:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42708
IP address blocks: 194.76.224.0/24 maxlen: 24
91.242.219.0/24 maxlen: 24
109.230.199.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:02:83:e5:0b:50:cd:5b:31:98:92:6f:31:55:95:e4:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=458d12f095053c35876b88b47685d6435421fcf2
Validity
Not Before: Sep 3 08:42:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a9f6dff30eb5f03f0d3815cb8785429bebb7f6bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:19:96:25:d9:d7:89:2a:a7:ed:65:1b:3a:1a:
46:f7:eb:ea:84:bd:8f:e0:f8:63:29:fe:88:05:8f:
62:e6:ed:3d:d9:99:0d:f8:91:56:8b:49:21:77:87:
4a:b0:5a:27:9d:9e:a0:13:49:79:22:c8:73:f1:98:
cd:1e:73:be:f9:fc:b9:97:67:8c:7d:72:c4:45:38:
f3:34:ea:25:c3:9d:d9:d5:8c:e0:41:9f:6e:19:c0:
44:63:40:34:14:0e:4d:df:ba:aa:20:99:8f:14:23:
eb:23:6a:b7:3a:f5:cb:d0:64:21:78:c0:35:53:e7:
9a:52:d0:c4:7a:5b:0f:f6:5c:93:ed:f7:ec:f6:9b:
da:6f:9f:fc:7d:8b:e9:75:c8:c0:f9:8b:5d:1a:07:
54:c5:c6:28:9e:cf:3e:ba:7f:43:20:d3:a6:ab:1b:
a4:f2:a4:44:bc:87:74:96:cf:8e:ed:24:c8:32:db:
cf:97:18:ee:77:00:1b:26:d3:06:3d:5e:22:a6:b1:
39:30:fb:70:b9:0b:98:09:a1:89:30:df:06:ef:ec:
0d:e5:18:b0:f8:95:dd:e4:da:ea:0f:ae:cc:d3:69:
41:e5:fc:99:f3:68:13:71:48:3b:be:6a:00:41:f7:
76:5d:59:a8:70:4d:eb:7e:b5:82:e9:21:27:e5:1a:
65:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:F6:DF:F3:0E:B5:F0:3F:0D:38:15:CB:87:85:42:9B:EB:B7:F6:BB
X509v3 Authority Key Identifier:
keyid:45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/qfbf8w618D8NOBXLh4VCm-u39rs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.219.0/24
109.230.199.0/24
194.76.224.0/24
Signature Algorithm: sha256WithRSAEncryption
53:76:95:b3:b0:2f:eb:84:00:51:9c:fa:32:73:e8:6e:4a:0b:
51:45:b5:e3:56:ed:bc:4f:97:f6:50:a3:49:bc:2e:aa:66:66:
f1:a4:ac:0d:30:7c:4f:f1:bb:83:c2:a3:c0:43:25:4c:1a:9a:
2d:78:b7:a1:68:4d:e9:43:ca:af:a7:45:95:fb:83:ca:b1:07:
69:16:bf:92:cf:9b:b5:a0:b8:18:9a:9a:06:98:8d:07:4a:ba:
5c:7c:35:6f:ed:91:2f:04:21:d8:7b:47:c6:b2:8b:32:3c:54:
e5:c8:9c:08:2b:27:ba:07:7b:99:46:2a:2a:68:45:67:52:0f:
a6:b7:6b:bb:e5:79:8e:10:b3:df:52:dc:13:56:68:ae:a9:60:
aa:e6:34:64:d3:96:42:d9:4c:e9:1d:4e:9d:96:a8:c2:44:db:
93:a5:17:c7:fe:68:90:a1:3d:a7:01:42:70:81:e1:44:b6:3a:
2e:6d:61:0f:c3:24:05:ce:ab:ce:cc:d4:56:0d:c0:4a:12:ef:
2c:46:cf:6f:a3:c3:02:85:c4:9e:3d:3f:7a:9d:83:13:10:7d:
38:0a:9d:d0:1d:db:14:06:3c:84:10:34:7c:33:af:e4:26:85:
44:ab:f3:34:3e:c8:96:57:72:17:b9:71:e2:5e:72:51:44:5f:
79:e9:9c:27
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYMCg+ULUM1bMZiSbzFVleSNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1OGQxMmYwOTUwNTNjMzU4NzZiODhiNDc2ODVkNjQzNTQy
MWZjZjIwHhcNMjIwOTAzMDg0MjIxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWY2ZGZmMzBlYjVmMDNmMGQzODE1Y2I4Nzg1NDI5YmViYjdmNmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmRmWJdnXiSqn7WUbOhpG9+vqhL2P
4PhjKf6IBY9i5u092ZkN+JFWi0khd4dKsFonnZ6gE0l5Ishz8ZjNHnO++fy5l2eM
fXLERTjzNOolw53Z1YzgQZ9uGcBEY0A0FA5N37qqIJmPFCPrI2q3OvXL0GQheMA1
U+eaUtDEelsP9lyT7ffs9pvab5/8fYvpdcjA+YtdGgdUxcYons8+un9DINOmqxuk
8qREvId0ls+O7STIMtvPlxjudwAbJtMGPV4iprE5MPtwuQuYCaGJMN8G7+wN5Riw
+JXd5NrqD67M02lB5fyZ82gTcUg7vmoAQfd2XVmocE3rfrWC6SEn5RpleQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKn23/MOtfA/DTgVy4eFQpvrt/a7MB8GA1UdIwQY
MBaAFEWNEvCVBTw1h2uItHaF1kNUIfzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTkt
Mzk1NTk1OWVhZjgxLzEvcWZiZjh3NjE4RDhOT0JYTGg0VkNtLXUzOXJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTktMzk1NTk1OWVhZjgx
LzEvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW/LbAwQA
bebHAwQAwkzgMA0GCSqGSIb3DQEBCwUAA4IBAQBTdpWzsC/rhABRnPoyc+huSgtR
RbXjVu28T5f2UKNJvC6qZmbxpKwNMHxP8buDwqPAQyVMGpoteLehaE3pQ8qvp0WV
+4PKsQdpFr+Sz5u1oLgYmpoGmI0HSrpcfDVv7ZEvBCHYe0fGsosyPFTlyJwIKye6
B3uZRioqaEVnUg+mt2u75XmOELPfUtwTVmiuqWCq5jRk05ZC2UzpHU6dlqjCRNuT
pRfH/miQoT2nAUJwgeFEtjoubWEPwyQFzqvOzNRWDcBKEu8sRs9vo8MChcSePT96
nYMTEH04Cp3QHdsUBjyEEDR8M6/kJoVEq/M0PsiWV3IXuXHiXnJRRF956Zwn
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:56 2024 by rpki-client on console-ams.rpki-client.org