Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/_qorHuzZZvkavRrA4Bm5V6dsw30.roa
File: _qorHuzZZvkavRrA4Bm5V6dsw30.roa (raw, json)
Hash identifier: EC1pD6iZ1/VXq1BPHDWst2ZnQ/ZwWt7nIBd0PHoJeUI=
Subject key identifier: FE:AA:2B:1E:EC:D9:66:F9:1A:BD:1A:C0:E0:19:B9:57:A7:6C:C3:7D
Certificate issuer: /CN=cfeace714c29568ef197007b141d12758cc415d5
Certificate serial: 018A3B38E73DFF85B567C571F35B15D16BFC
Authority key identifier: CF:EA:CE:71:4C:29:56:8E:F1:97:00:7B:14:1D:12:75:8C:C4:15:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z-rOcUwpVo7xlwB7FB0SdYzEFdU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/_qorHuzZZvkavRrA4Bm5V6dsw30.roa
Signing time: Mon 28 Aug 2023 08:18:19 +0000
ROA not before: Mon 28 Aug 2023 08:18:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42595
IP address blocks: 91.223.51.0/24 maxlen: 24
91.192.252.0/22 maxlen: 24
91.224.36.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3b:38:e7:3d:ff:85:b5:67:c5:71:f3:5b:15:d1:6b:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfeace714c29568ef197007b141d12758cc415d5
Validity
Not Before: Aug 28 08:18:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=feaa2b1eecd966f91abd1ac0e019b957a76cc37d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:2d:fd:d5:fa:62:32:2f:66:f4:f8:94:36:75:
b2:1f:44:30:e9:02:01:80:6f:03:89:4b:cc:75:22:
bf:ad:b3:cd:b0:ad:73:49:6d:ab:f2:fb:00:22:82:
e7:32:2d:32:2e:fa:04:94:e5:2f:63:c4:e3:b6:71:
02:25:83:59:ee:24:ef:03:5a:08:28:2a:c9:58:aa:
d5:8b:d2:6d:11:46:aa:8d:99:86:4a:2b:2e:e9:11:
dc:8a:1d:33:05:b1:82:c8:ed:98:dc:10:ec:ef:33:
58:b4:c8:e0:d9:17:60:90:c8:ed:ce:25:c8:71:eb:
3d:c8:f6:1c:fc:51:82:5a:cb:1e:9c:99:3e:6e:22:
77:57:1a:78:c2:45:f8:b8:2b:f6:f9:3f:ad:96:6c:
5f:6b:ec:54:62:20:f6:88:61:1a:4f:d7:6e:f7:4e:
fd:89:43:34:63:f4:01:09:22:48:58:92:c6:a3:ca:
8f:e9:9b:0d:b7:97:37:67:0c:99:d2:54:87:bb:4d:
27:22:39:53:84:ed:47:e7:35:7c:38:d3:b4:79:7c:
bd:d5:2c:16:41:ff:8d:90:6e:1d:76:ce:4a:f7:bb:
25:7c:7b:24:73:7e:c3:d5:e6:33:99:98:3f:a2:04:
8a:07:d2:70:80:ec:6a:8d:80:75:75:1a:ed:a1:ca:
b7:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:AA:2B:1E:EC:D9:66:F9:1A:BD:1A:C0:E0:19:B9:57:A7:6C:C3:7D
X509v3 Authority Key Identifier:
keyid:CF:EA:CE:71:4C:29:56:8E:F1:97:00:7B:14:1D:12:75:8C:C4:15:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z-rOcUwpVo7xlwB7FB0SdYzEFdU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/_qorHuzZZvkavRrA4Bm5V6dsw30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/z-rOcUwpVo7xlwB7FB0SdYzEFdU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.192.252.0/22
91.223.51.0/24
91.224.36.0/23
Signature Algorithm: sha256WithRSAEncryption
6b:ae:14:6d:0e:40:0d:25:bf:51:84:c6:d4:80:d9:88:d4:ab:
58:b5:c5:2a:1c:47:d7:07:c9:da:27:cf:c3:a7:03:70:af:bf:
a8:69:47:08:7f:29:80:b3:f5:94:24:16:78:d2:ce:57:60:78:
68:11:8b:0d:42:d4:2a:c9:58:08:a2:d4:5b:6a:89:78:9f:71:
48:2f:82:da:56:92:03:6c:3b:0c:94:80:9c:aa:e3:7b:0e:48:
e1:df:55:b6:ab:93:0e:8b:15:77:07:52:b7:7f:0b:28:94:26:
fc:0d:a9:5b:ac:27:43:71:50:60:9e:0e:ab:1e:8b:a8:e0:b2:
77:b0:57:3a:31:f6:08:e4:27:c6:94:1f:11:a4:9a:68:7e:81:
87:d8:f9:83:35:7c:9b:72:f0:f4:9c:06:de:ba:2f:13:2c:cf:
be:f0:31:b1:c3:81:84:e1:d5:ee:26:1e:bb:ce:bb:6c:59:fb:
f2:4d:82:2a:78:d9:e7:0e:3e:71:33:d5:c2:20:b6:09:71:aa:
41:6e:eb:ba:27:66:f6:47:f8:26:bd:09:68:fb:a3:e9:f7:a6:
c6:39:a7:ae:17:a5:95:24:9d:0a:a3:7e:b1:a2:92:69:f4:4f:
c4:bd:f0:75:38:1d:f1:22:2c:cc:d7:82:f4:92:18:66:16:47:
4a:98:27:b8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYo7OOc9/4W1Z8Vx81sV0Wv8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZWFjZTcxNGMyOTU2OGVmMTk3MDA3YjE0MWQxMjc1OGNj
NDE1ZDUwHhcNMjMwODI4MDgxODE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWFhMmIxZWVjZDk2NmY5MWFiZDFhYzBlMDE5Yjk1N2E3NmNjMzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsy391fpiMi9m9PiUNnWyH0Qw6QIB
gG8DiUvMdSK/rbPNsK1zSW2r8vsAIoLnMi0yLvoElOUvY8TjtnECJYNZ7iTvA1oI
KCrJWKrVi9JtEUaqjZmGSisu6RHcih0zBbGCyO2Y3BDs7zNYtMjg2RdgkMjtziXI
ces9yPYc/FGCWssenJk+biJ3Vxp4wkX4uCv2+T+tlmxfa+xUYiD2iGEaT9du9079
iUM0Y/QBCSJIWJLGo8qP6ZsNt5c3ZwyZ0lSHu00nIjlThO1H5zV8ONO0eXy91SwW
Qf+NkG4dds5K97slfHskc37D1eYzmZg/ogSKB9JwgOxqjYB1dRrtocq3fQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFP6qKx7s2Wb5Gr0awOAZuVenbMN9MB8GA1UdIwQY
MBaAFM/qznFMKVaO8ZcAexQdEnWMxBXVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvei1yT2NVd3BWbzd4bHdCN0ZCMFNkWXpFRmRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mYzFiZWYtZTcyYi00YTQ1LTk0NjMt
OGZkMzk0YjUzNTdjLzEvX3Fvckh1elpadmthdlJyQTRCbTVWNmRzdzMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9mYzFiZWYtZTcyYi00YTQ1LTk0NjMtOGZkMzk0YjUzNTdj
LzEvei1yT2NVd3BWbzd4bHdCN0ZCMFNkWXpFRmRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW8D8AwQA
W98zAwQBW+AkMA0GCSqGSIb3DQEBCwUAA4IBAQBrrhRtDkANJb9RhMbUgNmI1KtY
tcUqHEfXB8naJ8/DpwNwr7+oaUcIfymAs/WUJBZ40s5XYHhoEYsNQtQqyVgIotRb
aol4n3FIL4LaVpIDbDsMlICcquN7Dkjh31W2q5MOixV3B1K3fwsolCb8DalbrCdD
cVBgng6rHouo4LJ3sFc6MfYI5CfGlB8RpJpofoGH2PmDNXybcvD0nAbeui8TLM++
8DGxw4GE4dXuJh67zrtsWfvyTYIqeNnnDj5xM9XCILYJcapBbuu6J2b2R/gmvQlo
+6Pp96bGOaeuF6WVJJ0Ko36xopJp9E/EvfB1OB3xIizM14L0khhmFkdKmCe4
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:26 2025 by rpki-client