Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/KvSRqyQfiLRdxnq3uif-fXQ4duw.roa
File: KvSRqyQfiLRdxnq3uif-fXQ4duw.roa (raw, json)
Hash identifier: u+7F4BXNoItszWlKe9r3VBsYnfzGZTRVTbI8D2s0a3w=
Subject key identifier: 2A:F4:91:AB:24:1F:88:B4:5D:C6:7A:B7:BA:27:FE:7D:74:38:76:EC
Certificate issuer: /CN=f84128146b7bec8bd1185bbe0c3b9340aaf5b714
Certificate serial: 018AEF10CE8274B2E16078348136EC7622F4
Authority key identifier: F8:41:28:14:6B:7B:EC:8B:D1:18:5B:BE:0C:3B:93:40:AA:F5:B7:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-EEoFGt77IvRGFu-DDuTQKr1txQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/KvSRqyQfiLRdxnq3uif-fXQ4duw.roa
Signing time: Mon 02 Oct 2023 06:26:10 +0000
ROA not before: Mon 02 Oct 2023 06:26:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41911
IP address blocks: 91.241.120.0/21 maxlen: 22
176.110.32.0/19 maxlen: 19
176.110.0.0/19 maxlen: 19
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ef:10:ce:82:74:b2:e1:60:78:34:81:36:ec:76:22:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f84128146b7bec8bd1185bbe0c3b9340aaf5b714
Validity
Not Before: Oct 2 06:26:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2af491ab241f88b45dc67ab7ba27fe7d743876ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:9f:e9:8e:4c:74:05:14:67:a4:8a:cf:75:30:
78:4f:bd:4b:50:84:a4:2f:88:5b:e3:7a:e4:49:c6:
df:15:28:c2:8e:d4:c3:5e:f4:54:7f:b2:7b:32:6f:
f7:60:9f:36:85:3d:76:f4:71:5d:b6:2e:40:c6:ec:
88:30:c9:0f:fa:56:3e:1d:ad:d2:69:b4:46:b6:54:
44:5b:b8:68:4c:e2:4b:88:25:4b:39:69:0a:c6:fa:
2b:5e:34:2d:40:c6:22:aa:b6:f6:3a:b4:36:c3:a4:
e2:e2:ad:71:74:63:e6:36:ed:54:70:eb:0d:e8:4b:
ee:6c:59:41:3f:c5:d0:5c:83:a8:a8:4b:31:53:ba:
d2:81:90:fc:6b:d3:87:96:fa:e0:55:e2:30:b5:c1:
42:59:c1:c0:db:2f:db:9a:bc:62:ae:a2:56:1f:8d:
5d:54:03:02:e3:68:84:37:4f:07:02:c0:5d:24:ba:
89:c5:3a:5a:66:a5:2c:3b:86:a6:f1:8b:77:bd:cc:
4a:26:f5:4d:f9:be:33:f7:6c:18:b4:58:47:f4:7d:
55:2a:94:72:0f:9b:ff:96:aa:ed:31:d4:7f:10:d8:
ab:5e:a1:cd:8c:8f:c3:0a:37:fb:23:e3:44:b2:90:
e1:df:ba:0e:fa:07:27:3d:b0:5c:7c:a7:d7:69:a4:
2f:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:F4:91:AB:24:1F:88:B4:5D:C6:7A:B7:BA:27:FE:7D:74:38:76:EC
X509v3 Authority Key Identifier:
keyid:F8:41:28:14:6B:7B:EC:8B:D1:18:5B:BE:0C:3B:93:40:AA:F5:B7:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-EEoFGt77IvRGFu-DDuTQKr1txQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/KvSRqyQfiLRdxnq3uif-fXQ4duw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/1-EEoFGt77IvRGFu-DDuTQKr1txQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.241.120.0/21
176.110.0.0/18
Signature Algorithm: sha256WithRSAEncryption
a3:1d:bd:e5:bf:4b:9a:f0:45:2f:15:68:26:f1:35:39:8f:49:
40:2b:6c:33:da:be:e8:e8:72:30:31:06:8d:a7:f6:16:27:cb:
61:41:99:0d:e7:55:d8:19:f9:9c:5e:8f:25:e9:27:51:0d:0e:
32:63:b4:f4:0f:36:8d:13:bf:76:6d:3d:86:a7:f0:3a:0b:c5:
d1:67:d1:41:0b:4c:4e:23:b8:89:58:29:04:ce:be:c3:b6:0c:
04:92:cb:7d:8d:7c:88:06:13:75:ec:9e:25:c1:49:a3:6f:84:
64:2c:d3:f1:1e:e9:9f:7c:77:9a:8a:d6:a1:6c:05:c6:c2:88:
44:69:d5:4d:8d:09:e8:9e:b1:6e:22:48:11:36:24:38:08:70:
18:50:a9:87:bb:06:0e:b5:b7:49:21:33:55:40:53:33:a4:94:
69:2b:01:19:aa:b2:eb:61:bb:21:4d:38:5e:a0:ba:3e:57:e3:
e5:1c:90:a8:4e:ca:c1:e9:19:ff:76:ae:b1:b6:8e:53:42:b2:
cc:94:09:29:19:3d:4b:62:b4:5b:5a:48:97:e2:92:cb:82:8f:
79:eb:fe:38:5f:96:b0:30:f9:4c:d7:c2:81:c7:c4:e2:94:b1:
9c:e3:a9:33:bf:b1:97:30:11:50:59:e8:36:5e:a9:09:f6:ec:
bf:b9:ae:1f
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYrvEM6CdLLhYHg0gTbsdiL0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4NDEyODE0NmI3YmVjOGJkMTE4NWJiZTBjM2I5MzQwYWFm
NWI3MTQwHhcNMjMxMDAyMDYyNjEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWY0OTFhYjI0MWY4OGI0NWRjNjdhYjdiYTI3ZmU3ZDc0Mzg3NmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJ/pjkx0BRRnpIrPdTB4T71LUISk
L4hb43rkScbfFSjCjtTDXvRUf7J7Mm/3YJ82hT129HFdti5AxuyIMMkP+lY+Ha3S
abRGtlREW7hoTOJLiCVLOWkKxvorXjQtQMYiqrb2OrQ2w6Ti4q1xdGPmNu1UcOsN
6EvubFlBP8XQXIOoqEsxU7rSgZD8a9OHlvrgVeIwtcFCWcHA2y/bmrxirqJWH41d
VAMC42iEN08HAsBdJLqJxTpaZqUsO4am8Yt3vcxKJvVN+b4z92wYtFhH9H1VKpRy
D5v/lqrtMdR/ENirXqHNjI/DCjf7I+NEspDh37oO+gcnPbBcfKfXaaQvJQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCr0kaskH4i0XcZ6t7on/n10OHbsMB8GA1UdIwQY
MBaAFPhBKBRre+yL0Rhbvgw7k0Cq9bcUMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1FRW9GR3Q3N0l2UkdGdS1ERHVUUUtyMXR4US5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIvZmIyNDExLTQ4NWItNDE0My05MjQx
LTEzODM5NjQwYTYwNC8xL0t2U1JxeVFmaUxSZHhucTN1aWYtZlhRNGR1dy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjIvZmIyNDExLTQ4NWItNDE0My05MjQxLTEzODM5NjQwYTYw
NC8xLzEtRUVvRkd0NzdJdlJHRnUtRER1VFFLcjF0eFEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBANb8XgD
BAawbgAwDQYJKoZIhvcNAQELBQADggEBAKMdveW/S5rwRS8VaCbxNTmPSUArbDPa
vujocjAxBo2n9hYny2FBmQ3nVdgZ+ZxejyXpJ1ENDjJjtPQPNo0Tv3ZtPYan8DoL
xdFn0UELTE4juIlYKQTOvsO2DASSy32NfIgGE3XsniXBSaNvhGQs0/Ee6Z98d5qK
1qFsBcbCiERp1U2NCeiesW4iSBE2JDgIcBhQqYe7Bg61t0khM1VAUzOklGkrARmq
suthuyFNOF6guj5X4+UckKhOysHpGf92rrG2jlNCssyUCSkZPUtitFtaSJfiksuC
j3nr/jhflrAw+UzXwoHHxOKUsZzjqTO/sZcwEVBZ6DZeqQn27L+5rh8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:47:45 2025 by rpki-client