Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/c76275-d8da-4523-83ad-b421c38b2f7f/1/qRo1YfjwRMbwPsfPEEnVXEhzXI8.roa
File: qRo1YfjwRMbwPsfPEEnVXEhzXI8.roa (raw, json)
Hash identifier: roFqyhEokiQBPr5RNJviRLWB1Z1fua3XIvQF9qovkd0=
Subject key identifier: A9:1A:35:61:F8:F0:44:C6:F0:3E:C7:CF:10:49:D5:5C:48:73:5C:8F
Certificate issuer: /CN=30195c3bb050586b5f4e5004118007c48b34eae5
Certificate serial: 01857014F6FC0962733744ADF850A6209408
Authority key identifier: 30:19:5C:3B:B0:50:58:6B:5F:4E:50:04:11:80:07:C4:8B:34:EA:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MBlcO7BQWGtfTlAEEYAHxIs06uU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/c76275-d8da-4523-83ad-b421c38b2f7f/1/qRo1YfjwRMbwPsfPEEnVXEhzXI8.roa
Signing time: Mon 02 Jan 2023 01:24:59 +0000
ROA not before: Mon 02 Jan 2023 01:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20546
IP address blocks: 45.91.159.0/24 maxlen: 24
45.91.156.0/24 maxlen: 24
45.91.157.0/24 maxlen: 24
45.91.158.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:14:f6:fc:09:62:73:37:44:ad:f8:50:a6:20:94:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30195c3bb050586b5f4e5004118007c48b34eae5
Validity
Not Before: Jan 2 01:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a91a3561f8f044c6f03ec7cf1049d55c48735c8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:61:42:f5:96:63:49:80:b9:ff:85:fb:50:39:
72:94:8a:3b:70:7f:4a:60:0a:4c:df:93:0b:89:89:
d6:05:27:98:2e:a0:cb:7d:9c:19:08:aa:4a:06:e5:
0a:3d:a0:31:d6:ec:13:97:45:37:7c:b6:f8:59:de:
d1:87:e9:7c:06:59:1f:48:b9:d2:98:d5:85:87:ff:
a4:eb:ba:85:46:03:84:c2:62:6f:3c:e3:db:6b:85:
47:c1:6c:32:a3:b0:f1:dd:e0:76:28:6c:84:77:48:
60:84:51:a6:db:b2:6e:99:14:78:05:db:57:f0:5d:
59:d4:24:f8:22:a8:e4:2f:6e:8f:3d:ad:f4:32:06:
f9:a2:61:01:73:9a:c4:57:c9:5c:13:3d:b1:ff:72:
63:59:de:d5:f3:41:92:bc:1e:a3:d7:bc:8e:0f:5a:
65:74:f1:db:b0:86:d1:48:56:f1:fa:fd:6a:cf:85:
cb:d7:15:35:b6:fa:39:a3:fd:b8:b1:a1:ad:c1:44:
d8:6c:95:47:b1:ba:1b:dd:bd:5b:3b:71:93:9c:4b:
bb:56:53:de:39:84:07:d0:94:81:a3:2e:3c:44:24:
ba:62:12:11:ca:1e:d0:36:8f:34:8d:85:c5:82:b6:
d3:f1:84:5a:07:14:2a:69:57:ec:66:a8:b3:ab:8a:
63:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:1A:35:61:F8:F0:44:C6:F0:3E:C7:CF:10:49:D5:5C:48:73:5C:8F
X509v3 Authority Key Identifier:
keyid:30:19:5C:3B:B0:50:58:6B:5F:4E:50:04:11:80:07:C4:8B:34:EA:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MBlcO7BQWGtfTlAEEYAHxIs06uU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/c76275-d8da-4523-83ad-b421c38b2f7f/1/qRo1YfjwRMbwPsfPEEnVXEhzXI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/c76275-d8da-4523-83ad-b421c38b2f7f/1/MBlcO7BQWGtfTlAEEYAHxIs06uU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.156.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:5b:61:70:24:41:ff:cf:e0:e9:b1:17:4e:05:62:ca:8c:6c:
fb:2d:6f:95:f2:47:45:ab:ce:aa:7b:b0:cd:e7:bb:34:c4:3f:
ba:a8:02:bc:20:ce:94:e8:3a:0e:43:e2:c3:68:8a:31:02:b5:
d0:0d:64:e9:0a:eb:a7:07:d6:f6:e4:a5:92:c9:46:ab:d0:b5:
72:b3:a9:f9:07:11:61:37:48:ff:b3:1f:9b:ca:e1:6f:40:b8:
f5:d3:e9:4a:46:04:fa:02:76:0d:b8:83:cd:9d:9b:d2:90:9e:
0b:e1:a3:91:1c:be:9f:06:90:fa:3a:9f:44:25:ef:2a:43:b7:
95:e9:53:83:0e:c1:02:b9:7a:c5:3f:ea:21:4b:a4:e9:30:71:
9e:ab:cf:02:e1:c0:96:49:83:61:d9:36:87:fd:2b:08:ed:94:
32:f2:5c:6a:ae:b9:4c:79:2b:a6:d6:33:9e:5a:9b:4b:ad:35:
2d:47:ce:94:ab:f1:9c:a0:bd:a2:46:e5:4a:56:c0:00:1b:43:
53:0f:72:f0:fb:cd:1b:57:10:47:4a:a8:9c:85:9e:29:c1:e1:
90:06:bf:ce:0e:bb:51:28:e5:33:e0:70:ac:47:5a:ce:0b:d4:
f9:c6:3d:0f:67:fb:a2:20:26:de:5b:c6:0e:e7:f8:f7:ad:c7:
5f:71:8b:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwFPb8CWJzN0St+FCmIJQIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMTk1YzNiYjA1MDU4NmI1ZjRlNTAwNDExODAwN2M0OGIz
NGVhZTUwHhcNMjMwMTAyMDEyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTFhMzU2MWY4ZjA0NGM2ZjAzZWM3Y2YxMDQ5ZDU1YzQ4NzM1YzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkWFC9ZZjSYC5/4X7UDlylIo7cH9K
YApM35MLiYnWBSeYLqDLfZwZCKpKBuUKPaAx1uwTl0U3fLb4Wd7Rh+l8BlkfSLnS
mNWFh/+k67qFRgOEwmJvPOPba4VHwWwyo7Dx3eB2KGyEd0hghFGm27JumRR4BdtX
8F1Z1CT4IqjkL26PPa30Mgb5omEBc5rEV8lcEz2x/3JjWd7V80GSvB6j17yOD1pl
dPHbsIbRSFbx+v1qz4XL1xU1tvo5o/24saGtwUTYbJVHsbob3b1bO3GTnEu7VlPe
OYQH0JSBoy48RCS6YhIRyh7QNo80jYXFgrbT8YRaBxQqaVfsZqizq4pj2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKkaNWH48ETG8D7HzxBJ1VxIc1yPMB8GA1UdIwQY
MBaAFDAZXDuwUFhrX05QBBGAB8SLNOrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUJsY083QlFXR3RmVGxBRUVZQUh4SXMwNnVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9jNzYyNzUtZDhkYS00NTIzLTgzYWQt
YjQyMWMzOGIyZjdmLzEvcVJvMVlmandSTWJ3UHNmUEVFblZYRWh6WEk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9jNzYyNzUtZDhkYS00NTIzLTgzYWQtYjQyMWMzOGIyZjdm
LzEvTUJsY083QlFXR3RmVGxBRUVZQUh4SXMwNnVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVucMA0G
CSqGSIb3DQEBCwUAA4IBAQBrW2FwJEH/z+DpsRdOBWLKjGz7LW+V8kdFq86qe7DN
57s0xD+6qAK8IM6U6DoOQ+LDaIoxArXQDWTpCuunB9b25KWSyUar0LVys6n5BxFh
N0j/sx+byuFvQLj10+lKRgT6AnYNuIPNnZvSkJ4L4aORHL6fBpD6Op9EJe8qQ7eV
6VODDsECuXrFP+ohS6TpMHGeq88C4cCWSYNh2TaH/SsI7ZQy8lxqrrlMeSum1jOe
WptLrTUtR86Uq/GcoL2iRuVKVsAAG0NTD3Lw+80bVxBHSqichZ4pweGQBr/ODrtR
KOUz4HCsR1rOC9T5xj0PZ/uiICbeW8YO5/j3rcdfcYuT
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:56 2025 by rpki-client