Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/591600-8b26-4286-9ec2-77002f70fb4a/1/q2ZTs8IJ0kMv_FeodY5fc82EBDE.roa
File: q2ZTs8IJ0kMv_FeodY5fc82EBDE.roa (raw, json)
Hash identifier: pMcCAjL+iYqtaCsNiX++E+9/b5sxTqGQnSlOBYyuh1Y=
Subject key identifier: AB:66:53:B3:C2:09:D2:43:2F:FC:57:A8:75:8E:5F:73:CD:84:04:31
Certificate issuer: /CN=d41f8efdcf6e266a82c61302526f6bcfc465e571
Certificate serial: 0184F6D4068E314B2919F393FAB111F27B56
Authority key identifier: D4:1F:8E:FD:CF:6E:26:6A:82:C6:13:02:52:6F:6B:CF:C4:65:E5:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1B-O_c9uJmqCxhMCUm9rz8Rl5XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/591600-8b26-4286-9ec2-77002f70fb4a/1/q2ZTs8IJ0kMv_FeodY5fc82EBDE.roa
Signing time: Fri 09 Dec 2022 12:20:01 +0000
ROA not before: Fri 09 Dec 2022 12:20:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51143
IP address blocks: 91.216.172.0/24 maxlen: 24
2001:678:29c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f6:d4:06:8e:31:4b:29:19:f3:93:fa:b1:11:f2:7b:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d41f8efdcf6e266a82c61302526f6bcfc465e571
Validity
Not Before: Dec 9 12:20:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ab6653b3c209d2432ffc57a8758e5f73cd840431
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:40:28:3e:0f:e6:6c:09:95:47:00:0c:9b:62:
f1:5b:72:74:2d:03:05:e7:20:24:76:17:af:5a:56:
74:33:9e:b5:77:8b:7c:93:6e:de:d4:4f:c6:4b:3a:
1a:ba:9c:4b:2f:ce:69:59:17:89:d4:8b:8f:26:25:
54:88:1f:cd:7b:f2:c7:b1:5b:70:6d:6f:14:46:2e:
63:67:4b:b6:3b:32:42:b6:82:8f:9e:06:4a:24:eb:
d5:3c:16:b1:97:0d:d6:e2:16:d2:ec:e7:bd:fa:22:
d2:c1:f4:b1:bc:68:cb:ac:e2:e3:b2:e9:73:73:03:
49:d9:4d:db:07:57:1f:91:ee:05:10:2b:ac:0e:8b:
a8:21:bb:6b:95:1a:b0:9c:ec:d8:94:12:56:0a:01:
d8:80:4b:7a:e3:8b:28:98:f1:34:60:6e:65:9a:37:
ec:af:75:e4:fb:c6:88:15:62:7f:99:66:74:3e:80:
ed:47:c4:be:27:ac:2f:b4:94:51:93:19:e0:fb:da:
0b:65:b4:99:e2:c2:c4:4c:f1:c9:15:2e:4b:11:0d:
04:a2:77:60:49:0b:43:04:7a:1e:5d:69:89:4f:3f:
31:29:18:96:2b:93:ba:da:c3:0c:a6:44:e7:31:25:
d5:f9:07:7b:25:1e:b9:10:c5:f0:57:49:51:1b:13:
2f:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:66:53:B3:C2:09:D2:43:2F:FC:57:A8:75:8E:5F:73:CD:84:04:31
X509v3 Authority Key Identifier:
keyid:D4:1F:8E:FD:CF:6E:26:6A:82:C6:13:02:52:6F:6B:CF:C4:65:E5:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1B-O_c9uJmqCxhMCUm9rz8Rl5XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/591600-8b26-4286-9ec2-77002f70fb4a/1/q2ZTs8IJ0kMv_FeodY5fc82EBDE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/591600-8b26-4286-9ec2-77002f70fb4a/1/1B-O_c9uJmqCxhMCUm9rz8Rl5XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.172.0/24
IPv6:
2001:678:29c::/48
Signature Algorithm: sha256WithRSAEncryption
2d:bb:92:e3:3e:c1:16:39:fc:fe:7a:97:9a:b7:c6:b9:58:75:
03:22:ae:1f:fe:0c:f1:90:d3:b5:b9:db:db:52:3b:0e:d1:26:
74:c0:93:d1:18:67:55:08:51:f5:a4:bd:5a:bd:3c:b6:1f:c5:
5b:0d:d6:87:6d:b3:92:2f:43:77:22:81:49:0b:ee:07:e0:6e:
19:c1:75:aa:1f:fc:4c:63:36:71:57:f5:74:8b:9f:0b:79:c4:
17:94:7f:65:31:4a:3f:f6:19:59:50:f2:d9:b7:76:66:96:93:
6c:48:51:83:71:93:91:bb:77:41:bc:69:b9:70:57:1b:f0:b7:
12:e2:19:6f:c1:fe:0f:50:05:8c:0e:49:a4:60:77:25:e8:d2:
7c:c6:4b:26:67:53:83:8b:c3:70:be:48:8c:63:bb:e9:ff:5d:
b4:b3:e7:01:ce:b2:a3:be:72:8a:e6:59:6f:02:32:b4:fc:f4:
fc:bd:41:ff:7a:2d:49:c8:1c:15:bf:8f:61:6c:c5:07:82:62:
59:9f:4e:c2:56:7e:41:b1:78:6b:02:7b:84:d3:3f:b1:8e:9d:
2e:04:73:22:14:34:c3:e4:f9:f7:d4:e5:44:57:88:26:44:a4:
e8:9b:78:19:41:a6:2f:c6:27:40:b0:ad:10:f9:75:d8:bd:e6:
27:56:e9:f3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYT21AaOMUspGfOT+rER8ntWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MWY4ZWZkY2Y2ZTI2NmE4MmM2MTMwMjUyNmY2YmNmYzQ2
NWU1NzEwHhcNMjIxMjA5MTIyMDAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjY2NTNiM2MyMDlkMjQzMmZmYzU3YTg3NThlNWY3M2NkODQwNDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh0AoPg/mbAmVRwAMm2LxW3J0LQMF
5yAkdhevWlZ0M561d4t8k27e1E/GSzoaupxLL85pWReJ1IuPJiVUiB/Ne/LHsVtw
bW8URi5jZ0u2OzJCtoKPngZKJOvVPBaxlw3W4hbS7Oe9+iLSwfSxvGjLrOLjsulz
cwNJ2U3bB1cfke4FECusDouoIbtrlRqwnOzYlBJWCgHYgEt644somPE0YG5lmjfs
r3Xk+8aIFWJ/mWZ0PoDtR8S+J6wvtJRRkxng+9oLZbSZ4sLETPHJFS5LEQ0Eondg
SQtDBHoeXWmJTz8xKRiWK5O62sMMpkTnMSXV+Qd7JR65EMXwV0lRGxMvvwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKtmU7PCCdJDL/xXqHWOX3PNhAQxMB8GA1UdIwQY
MBaAFNQfjv3PbiZqgsYTAlJva8/EZeVxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUItT19jOXVKbXFDeGhNQ1VtOXJ6OFJsNVhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi81OTE2MDAtOGIyNi00Mjg2LTllYzIt
NzcwMDJmNzBmYjRhLzEvcTJaVHM4SUowa012X0Zlb2RZNWZjODJFQkRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi81OTE2MDAtOGIyNi00Mjg2LTllYzItNzcwMDJmNzBmYjRh
LzEvMUItT19jOXVKbXFDeGhNQ1VtOXJ6OFJsNVhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW9isMA8E
AgACMAkDBwAgAQZ4ApwwDQYJKoZIhvcNAQELBQADggEBAC27kuM+wRY5/P56l5q3
xrlYdQMirh/+DPGQ07W529tSOw7RJnTAk9EYZ1UIUfWkvVq9PLYfxVsN1odts5Iv
Q3cigUkL7gfgbhnBdaof/ExjNnFX9XSLnwt5xBeUf2UxSj/2GVlQ8tm3dmaWk2xI
UYNxk5G7d0G8ablwVxvwtxLiGW/B/g9QBYwOSaRgdyXo0nzGSyZnU4OLw3C+SIxj
u+n/XbSz5wHOsqO+cormWW8CMrT89Py9Qf96LUnIHBW/j2FsxQeCYlmfTsJWfkGx
eGsCe4TTP7GOnS4EcyIUNMPk+ffU5URXiCZEpOibeBlBpi/GJ0CwrRD5ddi95idW
6fM=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:09 2023 by rpki-client on console-ams.rpki-client.org