Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/323a92-7d38-49ec-ba99-be434cb9f8f8/1/Qa8PHcy_Y7dg8W98z6CgoDBV_Lg.roa
File: Qa8PHcy_Y7dg8W98z6CgoDBV_Lg.roa (raw, json)
Hash identifier: gL5QBb+VfWwWAdAYVUwa13+XR3ShkRNa3kdxUglYOtI=
Subject key identifier: 41:AF:0F:1D:CC:BF:63:B7:60:F1:6F:7C:CF:A0:A0:A0:30:55:FC:B8
Certificate issuer: /CN=d5620cec70974d037d7769758c74668305b32cf2
Certificate serial: 984991
Authority key identifier: D5:62:0C:EC:70:97:4D:03:7D:77:69:75:8C:74:66:83:05:B3:2C:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1WIM7HCXTQN9d2l1jHRmgwWzLPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/323a92-7d38-49ec-ba99-be434cb9f8f8/1/Qa8PHcy_Y7dg8W98z6CgoDBV_Lg.roa
Signing time: Thu 26 May 2022 06:05:36 +0000
ROA not before: Thu 26 May 2022 06:05:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62212
IP address blocks: 87.236.146.0/24 maxlen: 24
91.199.137.0/24 maxlen: 24
91.199.147.0/24 maxlen: 24
91.199.154.0/24 maxlen: 24
91.199.160.0/24 maxlen: 24
2a11:3b80::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9980305 (0x984991)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5620cec70974d037d7769758c74668305b32cf2
Validity
Not Before: May 26 06:05:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=41af0f1dccbf63b760f16f7ccfa0a0a03055fcb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:50:17:1e:2b:59:bf:7b:25:b9:07:28:ff:0e:
55:4d:98:78:b5:47:49:74:38:76:d0:e9:e4:a5:a6:
3f:c5:bf:33:e9:88:23:ec:ac:cc:fc:b4:4f:bb:68:
19:00:66:71:a2:fa:f4:22:5f:9c:81:05:3b:cd:82:
6b:f8:54:dc:6d:54:a8:15:8b:1f:61:d5:c6:1c:f7:
8a:84:37:8e:b3:cc:ff:fa:a7:9c:39:ae:cd:87:f4:
19:5f:44:a1:0c:06:cd:43:ee:f5:c4:a1:bf:d1:e2:
de:98:ac:52:57:1b:67:d7:77:f0:38:b8:01:a3:7d:
7a:0a:ff:34:d8:97:8d:c8:3a:a8:13:c6:10:0d:c2:
73:14:e7:49:9e:35:65:68:8c:2c:93:2c:47:64:cb:
b1:f1:f2:c3:4a:f8:76:ce:87:b1:2e:a8:ec:93:02:
55:7b:a5:92:68:b4:5c:e9:cf:00:8b:36:f8:74:09:
c2:98:3d:77:c9:09:0e:11:97:5c:60:2a:65:12:30:
3e:11:c7:ce:69:ce:4b:5d:a8:12:d4:98:04:29:89:
03:1f:ba:9d:ad:d9:6b:83:29:ee:9d:e5:46:b9:48:
b4:08:ca:9d:cb:c1:69:eb:72:07:91:76:75:eb:c5:
30:e7:85:07:31:36:3f:6c:a3:76:2a:47:8f:0e:e1:
bf:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:AF:0F:1D:CC:BF:63:B7:60:F1:6F:7C:CF:A0:A0:A0:30:55:FC:B8
X509v3 Authority Key Identifier:
keyid:D5:62:0C:EC:70:97:4D:03:7D:77:69:75:8C:74:66:83:05:B3:2C:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1WIM7HCXTQN9d2l1jHRmgwWzLPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/323a92-7d38-49ec-ba99-be434cb9f8f8/1/Qa8PHcy_Y7dg8W98z6CgoDBV_Lg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/323a92-7d38-49ec-ba99-be434cb9f8f8/1/1WIM7HCXTQN9d2l1jHRmgwWzLPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.236.146.0/24
91.199.137.0/24
91.199.147.0/24
91.199.154.0/24
91.199.160.0/24
IPv6:
2a11:3b80::/29
Signature Algorithm: sha256WithRSAEncryption
6f:59:71:d2:ab:f8:94:16:3c:1b:af:7d:df:33:aa:28:c9:e1:
75:96:ea:47:3d:29:3b:1b:c8:b6:2e:f6:f7:d7:fc:e3:53:31:
11:16:7d:6c:cc:4c:b1:2f:4e:c0:cf:fc:b3:88:80:da:b7:b7:
3f:6a:1f:be:d3:11:97:c2:58:eb:ad:f0:c7:80:e6:78:94:86:
17:e7:a1:3b:34:77:dd:f2:ec:25:0a:8e:dd:22:d1:a9:66:c1:
eb:3e:e7:6d:74:02:c0:30:de:bf:cd:9d:c4:d6:0f:fa:f9:14:
df:51:e5:31:81:23:76:9b:88:64:a4:5e:af:75:c0:53:52:ca:
1b:f8:93:61:28:13:b3:62:60:67:de:a8:6d:37:17:41:b1:02:
5c:05:19:39:60:74:d6:e0:f4:48:23:0b:ed:47:54:61:c1:77:
a9:ac:58:c7:a3:61:8a:c9:02:eb:11:a4:c3:48:1e:b3:0e:c2:
59:4f:74:36:18:ca:fc:4a:0f:0a:72:71:1d:57:cc:46:8f:7d:
95:48:5b:6f:19:48:25:4c:e7:4c:ba:90:18:c7:ff:e1:b9:9b:
7b:b8:6c:7c:b1:ac:bc:4b:08:db:f2:41:7a:9b:63:66:df:c6:
b0:c4:da:7a:a8:ca:21:87:91:c8:85:a4:f3:18:c8:51:e2:55:
58:30:5a:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEAJhJkTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NTYyMGNlYzcwOTc0ZDAzN2Q3NzY5NzU4Yzc0NjY4MzA1YjMyY2YyMB4XDTIyMDUy
NjA2MDUzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDFhZjBmMWRjY2Jm
NjNiNzYwZjE2ZjdjY2ZhMGEwYTAzMDU1ZmNiODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANJQFx4rWb97JbkHKP8OVU2YeLVHSXQ4dtDp5KWmP8W/M+mI
I+yszPy0T7toGQBmcaL69CJfnIEFO82Ca/hU3G1UqBWLH2HVxhz3ioQ3jrPM//qn
nDmuzYf0GV9EoQwGzUPu9cShv9Hi3pisUlcbZ9d38Di4AaN9egr/NNiXjcg6qBPG
EA3CcxTnSZ41ZWiMLJMsR2TLsfHyw0r4ds6HsS6o7JMCVXulkmi0XOnPAIs2+HQJ
wpg9d8kJDhGXXGAqZRIwPhHHzmnOS12oEtSYBCmJAx+6na3Za4Mp7p3lRrlItAjK
ncvBaetyB5F2devFMOeFBzE2P2yjdipHjw7hv1MCAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBRBrw8dzL9jt2Dxb3zPoKCgMFX8uDAfBgNVHSMEGDAWgBTVYgzscJdNA313
aXWMdGaDBbMs8jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFXSU03SENYVFFOOWQybDFqSFJtZ3dXekxQSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTYvMzIzYTkyLTdkMzgtNDllYy1iYTk5LWJlNDM0Y2I5ZjhmOC8x
L1FhOFBIY3lfWTdkZzhXOTh6NkNnb0RCVl9MZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTYv
MzIzYTkyLTdkMzgtNDllYy1iYTk5LWJlNDM0Y2I5ZjhmOC8xLzFXSU03SENYVFFO
OWQybDFqSFJtZ3dXekxQSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEAFfskgMEAFvHiQMEAFvHkwMEAFvH
mgMEAFvHoDANBAIAAjAHAwUDKhE7gDANBgkqhkiG9w0BAQsFAAOCAQEAb1lx0qv4
lBY8G6993zOqKMnhdZbqRz0pOxvIti7299f841MxERZ9bMxMsS9OwM/8s4iA2re3
P2ofvtMRl8JY663wx4DmeJSGF+ehOzR33fLsJQqO3SLRqWbB6z7nbXQCwDDev82d
xNYP+vkU31HlMYEjdpuIZKRer3XAU1LKG/iTYSgTs2JgZ96obTcXQbECXAUZOWB0
1uD0SCML7UdUYcF3qaxYx6NhiskC6xGkw0gesw7CWU90NhjK/EoPCnJxHVfMRo99
lUhbbxlIJUznTLqQGMf/4bmbe7hsfLGsvEsI2/JBeptjZt/GsMTaeqjKIYeRyIWk
8xjIUeJVWDBa+Q==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:39 2023 by rpki-client on console-ams.rpki-client.org