Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/713bd7-f73b-4614-8e92-1ef0090b7154/1/QFk3DEwSCM31S32lvxZrkESS75Q.roa
File: QFk3DEwSCM31S32lvxZrkESS75Q.roa (raw, json)
Hash identifier: KKo78Pf00ib6u+o0zdSPS1w1LWYIhrdRi8eIwMGjRc8=
Subject key identifier: 40:59:37:0C:4C:12:08:CD:F5:4B:7D:A5:BF:16:6B:90:44:92:EF:94
Certificate issuer: /CN=cc323163bbb465f2a0fa2f93fa50ef3b0d4c6a9a
Certificate serial: 0B38C7BD
Authority key identifier: CC:32:31:63:BB:B4:65:F2:A0:FA:2F:93:FA:50:EF:3B:0D:4C:6A:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zDIxY7u0ZfKg-i-T-lDvOw1Mapo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/713bd7-f73b-4614-8e92-1ef0090b7154/1/QFk3DEwSCM31S32lvxZrkESS75Q.roa
Signing time: Sat 01 Jan 2022 02:57:35 +0000
ROA not before: Sat 01 Jan 2022 02:57:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48415
IP address blocks: 91.223.245.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 188270525 (0xb38c7bd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc323163bbb465f2a0fa2f93fa50ef3b0d4c6a9a
Validity
Not Before: Jan 1 02:57:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4059370c4c1208cdf54b7da5bf166b904492ef94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:48:93:90:97:09:e8:52:50:51:89:68:82:45:
ae:8b:57:34:e5:2b:e3:75:59:4a:36:94:7b:50:41:
b5:e8:bb:38:8f:59:c8:94:32:1c:08:77:39:dc:aa:
96:42:4d:c9:8b:6d:d2:0b:5f:a9:52:12:5a:85:8c:
49:33:00:08:5b:66:bb:d0:82:36:db:10:ca:47:3c:
06:05:e0:a9:62:d9:d8:6f:18:a8:8e:63:05:94:90:
4d:f1:05:a7:e9:11:34:58:77:d7:32:4a:a5:15:1d:
4e:49:85:67:51:02:a8:2e:41:8a:09:f7:c4:67:6a:
bf:38:52:cb:1d:e0:6c:87:e6:47:c4:15:1f:89:45:
65:dd:37:41:22:f7:5d:d5:ff:6b:22:d2:cb:ef:0b:
81:c0:0c:bf:83:fc:1b:8b:90:36:47:98:dc:fd:2d:
41:b1:dd:2d:d4:26:df:2f:9f:71:41:bf:77:1b:0a:
b4:62:a4:41:b9:9b:b5:50:d4:3f:15:4b:f8:91:a0:
94:39:07:0d:70:8c:b1:a8:92:b7:c2:a2:60:d3:30:
d4:8e:30:08:8c:05:d8:c4:d2:98:47:49:cf:ab:fc:
d3:fc:82:ca:8e:ff:d7:d8:6d:89:70:96:3a:65:c8:
27:14:55:17:dd:5b:5f:aa:45:76:1b:47:f3:07:09:
cf:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:59:37:0C:4C:12:08:CD:F5:4B:7D:A5:BF:16:6B:90:44:92:EF:94
X509v3 Authority Key Identifier:
keyid:CC:32:31:63:BB:B4:65:F2:A0:FA:2F:93:FA:50:EF:3B:0D:4C:6A:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zDIxY7u0ZfKg-i-T-lDvOw1Mapo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/713bd7-f73b-4614-8e92-1ef0090b7154/1/QFk3DEwSCM31S32lvxZrkESS75Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/713bd7-f73b-4614-8e92-1ef0090b7154/1/zDIxY7u0ZfKg-i-T-lDvOw1Mapo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.245.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:39:61:27:d0:e6:e0:92:6e:42:21:2f:6b:41:00:9e:24:89:
01:f7:8d:bf:1d:01:24:3b:36:6f:5b:d8:de:7c:67:0f:2d:32:
37:cb:97:f2:49:1b:bc:e5:f1:71:ea:1f:58:2b:f9:8b:c6:9b:
28:37:bc:f6:56:c8:1a:a8:a2:79:19:aa:fc:9e:a7:93:d2:69:
cf:6a:71:a8:cb:90:42:2b:04:c5:35:cb:38:e5:aa:c8:cd:57:
c8:ba:a3:4a:96:66:06:40:a8:58:0c:f7:fb:db:de:47:15:09:
51:82:ab:1f:10:17:f6:6e:e4:b5:e9:12:df:a4:e7:1f:d7:27:
71:90:c4:01:4f:70:c4:f3:ed:ac:c5:61:6e:c0:93:6f:79:16:
65:be:4f:33:20:dc:dd:ba:47:da:5d:61:05:fc:a9:61:63:6d:
02:0f:d5:54:6e:28:4e:1e:84:f6:b4:a6:5a:7a:07:3e:c7:aa:
09:92:f1:a6:9a:1b:e0:57:d7:79:28:87:a7:d7:69:5b:47:64:
d5:7c:88:b1:01:38:c3:a1:ea:35:af:a8:fa:b3:d7:cb:05:69:
29:5e:3a:bc:c4:9c:da:10:90:ea:95:04:bc:84:e0:de:11:6f:
09:a9:8a:ea:9f:98:d9:1d:0b:0e:0f:19:90:e0:b1:bd:26:12:
fe:e6:fd:56
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECzjHvTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
YzMyMzE2M2JiYjQ2NWYyYTBmYTJmOTNmYTUwZWYzYjBkNGM2YTlhMB4XDTIyMDEw
MTAyNTczNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDA1OTM3MGM0YzEy
MDhjZGY1NGI3ZGE1YmYxNjZiOTA0NDkyZWY5NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMpIk5CXCehSUFGJaIJFrotXNOUr43VZSjaUe1BBtei7OI9Z
yJQyHAh3OdyqlkJNyYtt0gtfqVISWoWMSTMACFtmu9CCNtsQykc8BgXgqWLZ2G8Y
qI5jBZSQTfEFp+kRNFh31zJKpRUdTkmFZ1ECqC5Bign3xGdqvzhSyx3gbIfmR8QV
H4lFZd03QSL3XdX/ayLSy+8LgcAMv4P8G4uQNkeY3P0tQbHdLdQm3y+fcUG/dxsK
tGKkQbmbtVDUPxVL+JGglDkHDXCMsaiSt8KiYNMw1I4wCIwF2MTSmEdJz6v80/yC
yo7/19htiXCWOmXIJxRVF91bX6pFdhtH8wcJzwkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRAWTcMTBIIzfVLfaW/FmuQRJLvlDAfBgNVHSMEGDAWgBTMMjFju7Rl8qD6
L5P6UO87DUxqmjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pESXhZN3UwWmZLZy1pLVQtbER2T3cxTWFwby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGIvNzEzYmQ3LWY3M2ItNDYxNC04ZTkyLTFlZjAwOTBiNzE1NC8x
L1FGazNERXdTQ00zMVMzMmx2eFpya0VTUzc1US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGIv
NzEzYmQ3LWY3M2ItNDYxNC04ZTkyLTFlZjAwOTBiNzE1NC8xL3pESXhZN3UwWmZL
Zy1pLVQtbER2T3cxTWFwby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvf9TANBgkqhkiG9w0BAQsFAAOC
AQEAqDlhJ9Dm4JJuQiEva0EAniSJAfeNvx0BJDs2b1vY3nxnDy0yN8uX8kkbvOXx
ceofWCv5i8abKDe89lbIGqiieRmq/J6nk9Jpz2pxqMuQQisExTXLOOWqyM1XyLqj
SpZmBkCoWAz3+9veRxUJUYKrHxAX9m7ktekS36TnH9cncZDEAU9wxPPtrMVhbsCT
b3kWZb5PMyDc3bpH2l1hBfypYWNtAg/VVG4oTh6E9rSmWnoHPseqCZLxppob4FfX
eSiHp9dpW0dk1XyIsQE4w6HqNa+o+rPXywVpKV46vMSc2hCQ6pUEvITg3hFvCamK
6p+Y2R0LDg8ZkOCxvSYS/ub9Vg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:22:54 2025 by rpki-client