Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/b3411b-4862-4871-b9a8-fe7ad7fc4789/1/qkRX6UgodZi42ZsVxd6hbER6RfE.roa
File: qkRX6UgodZi42ZsVxd6hbER6RfE.roa (raw, json)
Hash identifier: po3Bedoc8hEgl6brvfckvoM4wGeZVfsYFLYClXYbDgo=
Subject key identifier: AA:44:57:E9:48:28:75:98:B8:D9:9B:15:C5:DE:A1:6C:44:7A:45:F1
Certificate issuer: /CN=8463862620d467c8a79f8f44ef35bb60af823f9d
Certificate serial: 01856E54242B79EA2FF805DCEB9AA1DE391D
Authority key identifier: 84:63:86:26:20:D4:67:C8:A7:9F:8F:44:EF:35:BB:60:AF:82:3F:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hGOGJiDUZ8inn49E7zW7YK-CP50.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/b3411b-4862-4871-b9a8-fe7ad7fc4789/1/qkRX6UgodZi42ZsVxd6hbER6RfE.roa
Signing time: Sun 01 Jan 2023 17:14:45 +0000
ROA not before: Sun 01 Jan 2023 17:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50912
IP address blocks: 91.216.27.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:54:24:2b:79:ea:2f:f8:05:dc:eb:9a:a1:de:39:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8463862620d467c8a79f8f44ef35bb60af823f9d
Validity
Not Before: Jan 1 17:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa4457e948287598b8d99b15c5dea16c447a45f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:6b:03:a1:4c:3c:87:fd:f3:68:d4:ad:83:8a:
5b:d6:6f:3b:69:c0:3f:45:90:2e:b3:1a:ac:06:07:
28:87:d0:b5:64:00:e4:e4:31:c2:ec:2a:11:68:0c:
bc:36:69:75:8d:84:98:a9:64:28:a6:14:59:19:f1:
93:fe:a2:72:49:9d:76:df:be:61:9a:70:ad:45:c0:
6f:bc:16:fa:c2:99:5b:45:fd:d9:37:50:bc:2e:f6:
a2:e0:e4:7d:27:26:ef:ca:10:36:b7:5b:be:47:3d:
d2:09:29:62:8c:12:ea:9f:e8:89:a9:35:f2:a5:06:
cb:9c:06:07:d2:3b:56:f8:c9:0e:53:5e:ea:68:ba:
d6:fc:4d:cf:99:dd:a2:e3:5b:f5:fd:56:dc:2a:ae:
a9:57:d2:09:dd:ed:3e:82:5c:66:dc:6a:14:0b:5e:
29:cc:0a:ab:72:19:3c:83:fd:3b:3a:77:85:59:4f:
3b:3a:07:fa:32:3d:63:b4:31:ad:43:01:c1:49:87:
5b:0b:a4:2f:2e:91:08:d1:71:25:79:b3:c0:b4:e7:
8a:61:3a:69:32:df:6d:15:81:9f:cb:f4:a4:88:06:
ca:6d:39:6b:34:6a:e4:dd:d3:1e:b0:c3:18:06:63:
00:30:9d:cb:6a:8f:82:fd:d7:ae:8b:f0:61:b4:9c:
9e:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:44:57:E9:48:28:75:98:B8:D9:9B:15:C5:DE:A1:6C:44:7A:45:F1
X509v3 Authority Key Identifier:
keyid:84:63:86:26:20:D4:67:C8:A7:9F:8F:44:EF:35:BB:60:AF:82:3F:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hGOGJiDUZ8inn49E7zW7YK-CP50.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/b3411b-4862-4871-b9a8-fe7ad7fc4789/1/qkRX6UgodZi42ZsVxd6hbER6RfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/b3411b-4862-4871-b9a8-fe7ad7fc4789/1/hGOGJiDUZ8inn49E7zW7YK-CP50.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.27.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:39:4e:b3:1b:f2:43:a7:45:b6:35:4f:b3:73:19:76:17:ac:
41:31:c6:1e:8d:b7:bf:66:e3:9f:36:8c:cb:61:77:cd:95:bf:
5c:80:be:e4:a9:30:d1:93:ea:94:22:98:ec:c9:e1:53:a4:64:
2e:44:98:1b:b9:2f:95:b1:57:5b:21:ab:c4:5b:7e:28:0c:fc:
d2:d8:b8:f8:60:89:1b:4d:a5:bb:8e:a3:a4:9a:19:95:6a:5f:
17:93:de:2d:92:cc:6f:09:5b:ed:61:62:59:15:d2:7c:2e:c5:
e8:04:4e:db:3c:7d:b0:6c:4f:58:27:67:31:c3:22:12:94:f2:
76:3c:06:a1:88:15:2e:24:97:ca:53:1d:5f:e1:f2:d4:a5:f9:
d9:03:a7:9c:e7:60:aa:de:c4:dc:6f:7d:3a:3e:eb:6b:18:d8:
a6:6b:d9:c8:9a:aa:03:86:62:1e:ad:37:f2:ae:c2:31:4b:c1:
00:79:3d:29:ad:f8:0c:38:0a:d8:3a:7e:19:cf:b1:17:c2:e6:
98:1e:ee:f0:97:32:80:e7:7e:03:70:ed:fa:9d:9d:98:f1:01:
83:4e:24:86:e2:e2:9d:05:7c:06:af:fc:cf:86:18:df:1e:64:
ce:20:8d:0d:6f:fc:a8:d1:00:33:51:fd:76:21:8f:9c:39:97:
06:c8:f7:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuVCQreeov+AXc65qh3jkdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NjM4NjI2MjBkNDY3YzhhNzlmOGY0NGVmMzViYjYwYWY4
MjNmOWQwHhcNMjMwMTAxMTcxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTQ0NTdlOTQ4Mjg3NTk4YjhkOTliMTVjNWRlYTE2YzQ0N2E0NWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWsDoUw8h/3zaNStg4pb1m87acA/
RZAusxqsBgcoh9C1ZADk5DHC7CoRaAy8Nml1jYSYqWQophRZGfGT/qJySZ12375h
mnCtRcBvvBb6wplbRf3ZN1C8Lvai4OR9JybvyhA2t1u+Rz3SCSlijBLqn+iJqTXy
pQbLnAYH0jtW+MkOU17qaLrW/E3Pmd2i41v1/VbcKq6pV9IJ3e0+glxm3GoUC14p
zAqrchk8g/07OneFWU87Ogf6Mj1jtDGtQwHBSYdbC6QvLpEI0XElebPAtOeKYTpp
Mt9tFYGfy/SkiAbKbTlrNGrk3dMesMMYBmMAMJ3Lao+C/deui/BhtJyeGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKpEV+lIKHWYuNmbFcXeoWxEekXxMB8GA1UdIwQY
MBaAFIRjhiYg1GfIp5+PRO81u2Cvgj+dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEdPR0ppRFVaOGlubjQ5RTd6VzdZSy1DUDUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9iMzQxMWItNDg2Mi00ODcxLWI5YTgt
ZmU3YWQ3ZmM0Nzg5LzEvcWtSWDZVZ29kWmk0MlpzVnhkNmhiRVI2UmZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9iMzQxMWItNDg2Mi00ODcxLWI5YTgtZmU3YWQ3ZmM0Nzg5
LzEvaEdPR0ppRFVaOGlubjQ5RTd6VzdZSy1DUDUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9gbMA0G
CSqGSIb3DQEBCwUAA4IBAQBcOU6zG/JDp0W2NU+zcxl2F6xBMcYejbe/ZuOfNozL
YXfNlb9cgL7kqTDRk+qUIpjsyeFTpGQuRJgbuS+VsVdbIavEW34oDPzS2Lj4YIkb
TaW7jqOkmhmVal8Xk94tksxvCVvtYWJZFdJ8LsXoBE7bPH2wbE9YJ2cxwyISlPJ2
PAahiBUuJJfKUx1f4fLUpfnZA6ec52Cq3sTcb306PutrGNima9nImqoDhmIerTfy
rsIxS8EAeT0prfgMOArYOn4Zz7EXwuaYHu7wlzKA534DcO36nZ2Y8QGDTiSG4uKd
BXwGr/zPhhjfHmTOII0Nb/yo0QAzUf12IY+cOZcGyPeW
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:12:24 2025 by rpki-client