Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/d4497a-11f2-49ac-aef9-43e67d5d0a85/1/KqR2zjZpiQRJps1jo8yWFwkH5WM.roa
File: KqR2zjZpiQRJps1jo8yWFwkH5WM.roa (raw, json)
Hash identifier: 8R05PUJlDbsV8wW5h7zLYYXqAROJeKWqPcivb63ACAk=
Subject key identifier: 2A:A4:76:CE:36:69:89:04:49:A6:CD:63:A3:CC:96:17:09:07:E5:63
Certificate issuer: /CN=1a93849bff337df8b8b0bd1ae252ee6119d8a61f
Certificate serial: 0F3B47CD
Authority key identifier: 1A:93:84:9B:FF:33:7D:F8:B8:B0:BD:1A:E2:52:EE:61:19:D8:A6:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GpOEm_8zffi4sL0a4lLuYRnYph8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/d4497a-11f2-49ac-aef9-43e67d5d0a85/1/KqR2zjZpiQRJps1jo8yWFwkH5WM.roa
Signing time: Sat 01 Jan 2022 03:58:49 +0000
ROA not before: Sat 01 Jan 2022 03:58:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14618
IP address blocks: 195.46.38.0/24 maxlen: 24
91.213.115.0/24 maxlen: 24
91.241.6.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 255543245 (0xf3b47cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a93849bff337df8b8b0bd1ae252ee6119d8a61f
Validity
Not Before: Jan 1 03:58:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2aa476ce3669890449a6cd63a3cc96170907e563
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f0:29:53:1b:78:b4:ef:5f:5f:48:0e:d7:52:
41:e3:0d:96:08:9f:b7:64:a2:9b:22:3a:81:b5:c7:
7d:e0:9f:b5:12:ef:a9:bb:00:30:c4:59:8d:34:0b:
0e:52:a7:71:5c:63:c0:e0:37:ba:5c:f5:2a:41:cc:
03:78:2c:65:a3:e4:92:10:00:db:a8:d8:91:e9:4f:
19:6d:4d:45:a8:cb:52:f2:ce:12:d2:23:62:c9:e5:
94:50:41:37:47:14:d4:e2:89:6c:09:6c:76:da:e8:
04:cc:ef:05:e1:14:9f:a0:f6:70:fd:fa:98:40:dd:
fb:4e:fc:b6:c3:ce:86:0e:d3:d9:03:cf:d0:c8:bb:
87:ba:a8:99:9c:7c:20:70:ca:e3:89:ca:9c:8d:db:
42:34:a0:c4:50:ec:0f:47:44:48:e4:7a:18:21:86:
6e:44:c9:26:96:e2:f5:26:de:85:5a:a4:1d:79:7e:
9e:ba:5f:3e:57:36:6e:cd:13:a4:90:90:49:d3:7b:
55:88:85:bb:3b:5e:cc:d2:37:e2:61:17:0f:e5:c5:
85:c9:1e:a5:8b:50:21:16:16:1b:f5:df:99:97:13:
4f:ba:c8:19:1a:79:75:a1:37:44:de:28:4b:13:3f:
6f:6a:06:77:17:c8:d1:a0:7a:96:08:f1:9d:41:ad:
bb:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:A4:76:CE:36:69:89:04:49:A6:CD:63:A3:CC:96:17:09:07:E5:63
X509v3 Authority Key Identifier:
keyid:1A:93:84:9B:FF:33:7D:F8:B8:B0:BD:1A:E2:52:EE:61:19:D8:A6:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GpOEm_8zffi4sL0a4lLuYRnYph8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/d4497a-11f2-49ac-aef9-43e67d5d0a85/1/KqR2zjZpiQRJps1jo8yWFwkH5WM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/d4497a-11f2-49ac-aef9-43e67d5d0a85/1/GpOEm_8zffi4sL0a4lLuYRnYph8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.115.0/24
91.241.6.0/23
195.46.38.0/24
Signature Algorithm: sha256WithRSAEncryption
96:6d:0c:df:2a:d7:0f:76:6a:34:d8:69:ba:ed:d5:ed:22:e9:
57:f9:a8:5c:40:90:52:38:bd:00:d3:4d:87:fb:4c:9b:59:92:
21:11:92:8b:1f:07:6f:c3:e1:64:70:c4:8e:cc:19:c3:76:19:
32:97:dd:62:ad:c6:0f:7a:31:e5:81:48:a4:12:2e:b1:8a:70:
62:8c:80:15:da:f4:e2:c4:89:6a:a0:77:4e:0a:46:99:53:1f:
a0:a0:04:8f:cf:5a:86:2a:76:80:64:90:8b:d4:a0:3e:7c:d7:
9e:d1:c1:cf:5a:b0:15:a2:65:fc:e6:c8:84:e4:14:fe:4c:c2:
77:4a:3e:0d:84:37:6c:60:9d:65:d5:cf:f8:99:09:02:53:8e:
c7:a8:5c:7d:c5:6d:c9:21:2a:3c:5e:5f:b8:5c:66:39:32:1f:
ff:07:e7:e4:5e:06:76:cf:d4:c6:93:2f:fd:a6:d7:04:3c:f6:
9b:d5:36:80:4e:fa:ce:96:f9:08:19:f7:ee:15:59:b9:15:fb:
23:9f:76:ec:1a:e5:6b:4c:01:5d:d2:e5:3b:92:76:14:3e:03:
17:9e:b5:4d:28:24:de:b3:14:c0:11:d8:f6:60:89:70:e0:0a:
2f:00:77:6d:2b:cb:a8:4a:aa:8a:13:9f:12:e7:55:18:10:9c:
35:c7:71:67
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEDztHzTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YTkzODQ5YmZmMzM3ZGY4YjhiMGJkMWFlMjUyZWU2MTE5ZDhhNjFmMB4XDTIyMDEw
MTAzNTg0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmFhNDc2Y2UzNjY5
ODkwNDQ5YTZjZDYzYTNjYzk2MTcwOTA3ZTU2MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKPwKVMbeLTvX19IDtdSQeMNlgift2SimyI6gbXHfeCftRLv
qbsAMMRZjTQLDlKncVxjwOA3ulz1KkHMA3gsZaPkkhAA26jYkelPGW1NRajLUvLO
EtIjYsnllFBBN0cU1OKJbAlsdtroBMzvBeEUn6D2cP36mEDd+078tsPOhg7T2QPP
0Mi7h7qomZx8IHDK44nKnI3bQjSgxFDsD0dESOR6GCGGbkTJJpbi9SbehVqkHXl+
nrpfPlc2bs0TpJCQSdN7VYiFuztezNI34mEXD+XFhckepYtQIRYWG/XfmZcTT7rI
GRp5daE3RN4oSxM/b2oGdxfI0aB6lgjxnUGtu5MCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQqpHbONmmJBEmmzWOjzJYXCQflYzAfBgNVHSMEGDAWgBQak4Sb/zN9+Liw
vRriUu5hGdimHzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dwT0VtXzh6ZmZpNHNMMGE0bEx1WVJuWXBoOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWIvZDQ0OTdhLTExZjItNDlhYy1hZWY5LTQzZTY3ZDVkMGE4NS8x
L0txUjJ6alpwaVFSSnBzMWpvOHlXRndrSDVXTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWIv
ZDQ0OTdhLTExZjItNDlhYy1hZWY5LTQzZTY3ZDVkMGE4NS8xL0dwT0VtXzh6ZmZp
NHNMMGE0bEx1WVJuWXBoOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAFvVcwMEAVvxBgMEAMMuJjANBgkq
hkiG9w0BAQsFAAOCAQEAlm0M3yrXD3ZqNNhpuu3V7SLpV/moXECQUji9ANNNh/tM
m1mSIRGSix8Hb8PhZHDEjswZw3YZMpfdYq3GD3ox5YFIpBIusYpwYoyAFdr04sSJ
aqB3TgpGmVMfoKAEj89ahip2gGSQi9SgPnzXntHBz1qwFaJl/ObIhOQU/kzCd0o+
DYQ3bGCdZdXP+JkJAlOOx6hcfcVtySEqPF5fuFxmOTIf/wfn5F4Gds/UxpMv/abX
BDz2m9U2gE76zpb5CBn37hVZuRX7I5927Brla0wBXdLlO5J2FD4DF561TSgk3rMU
wBHY9mCJcOAKLwB3bSvLqEqqihOfEudVGBCcNcdxZw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:57 2023 by rpki-client on console-fra.rpki-client.org