Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/cbfa9b-0291-48e3-805c-43d66a0331ec/1/Qfp1LpGfW2934kgdIj0k92D-0MQ.roa
File: Qfp1LpGfW2934kgdIj0k92D-0MQ.roa (raw, json)
Hash identifier: lRcD6Ff2F/H+0PuWCTtiNvOkG0QNPaV0XnEtGeP74mE=
Subject key identifier: 41:FA:75:2E:91:9F:5B:6F:77:E2:48:1D:22:3D:24:F7:60:FE:D0:C4
Certificate issuer: /CN=2bc8695772f0e64f3b9a1621733cc02506f74702
Certificate serial: 087A7D81
Authority key identifier: 2B:C8:69:57:72:F0:E6:4F:3B:9A:16:21:73:3C:C0:25:06:F7:47:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K8hpV3Lw5k87mhYhczzAJQb3RwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/cbfa9b-0291-48e3-805c-43d66a0331ec/1/Qfp1LpGfW2934kgdIj0k92D-0MQ.roa
Signing time: Mon 18 Apr 2022 11:52:48 +0000
ROA not before: Mon 18 Apr 2022 11:52:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35732
IP address blocks: 91.188.209.0/24 maxlen: 24
91.188.209.224/27 maxlen: 27
91.188.210.0/24 maxlen: 24
91.188.211.0/24 maxlen: 24
91.188.208.0/24 maxlen: 24
2a0f:b1c2:1::/48 maxlen: 48
2a0f:b1c2:3::/48 maxlen: 48
2a0f:b1c1::/32 maxlen: 32
2a0f:b1c2::/48 maxlen: 48
2a0f:b1c0::/32 maxlen: 32
2a0f:b1c2:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 142245249 (0x87a7d81)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2bc8695772f0e64f3b9a1621733cc02506f74702
Validity
Not Before: Apr 18 11:52:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=41fa752e919f5b6f77e2481d223d24f760fed0c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:bc:6c:e9:b0:30:72:86:4a:a8:db:99:36:bc:
17:23:e1:78:c7:dc:8b:1e:54:8b:e6:ab:88:87:0e:
68:e9:29:88:d7:c9:af:2b:13:29:8e:ed:31:b8:28:
98:97:c4:9d:6e:32:e6:2c:bf:f0:60:74:15:5a:c7:
44:1b:20:d5:92:1a:85:20:5b:19:87:b9:cf:5b:f2:
70:09:d7:4e:bd:32:78:84:3d:a7:dd:e6:3d:8d:ae:
7a:fa:3b:11:1a:41:a1:1d:0b:96:95:6f:d4:6b:31:
a2:3a:d9:7b:26:5f:ab:91:5f:82:3e:72:f2:94:bf:
e1:3e:7a:2e:18:0d:cc:5b:e3:f6:a6:2b:a1:eb:48:
5f:9b:13:32:13:9b:14:21:4b:e6:23:b3:bc:72:93:
58:6d:27:e4:d5:81:24:df:c0:4f:ab:f2:f8:07:76:
79:02:2b:28:59:10:a7:ad:38:23:16:e6:b4:49:92:
67:af:8b:4e:4b:bb:5d:be:00:ed:bb:00:ac:38:ef:
df:72:1e:01:29:9b:eb:a7:a2:60:cb:fd:4c:82:e7:
e0:4d:43:3c:93:e9:6e:24:4a:64:67:60:db:a7:f1:
9b:5e:02:7c:ab:ac:8f:0d:ce:ba:1f:57:66:3c:a6:
d0:09:5b:2d:09:4a:a6:06:f5:3e:a0:bb:14:f9:0e:
0c:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:FA:75:2E:91:9F:5B:6F:77:E2:48:1D:22:3D:24:F7:60:FE:D0:C4
X509v3 Authority Key Identifier:
keyid:2B:C8:69:57:72:F0:E6:4F:3B:9A:16:21:73:3C:C0:25:06:F7:47:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K8hpV3Lw5k87mhYhczzAJQb3RwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/cbfa9b-0291-48e3-805c-43d66a0331ec/1/Qfp1LpGfW2934kgdIj0k92D-0MQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/cbfa9b-0291-48e3-805c-43d66a0331ec/1/K8hpV3Lw5k87mhYhczzAJQb3RwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.188.208.0/22
IPv6:
2a0f:b1c0::-2a0f:b1c2:3:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
02:aa:b1:9b:a8:99:0f:a5:81:d2:c6:07:e3:22:0c:4b:f8:37:
49:7e:f1:b1:45:c8:c2:e2:76:e2:5c:ee:25:67:2c:d0:ad:f2:
4c:43:30:88:67:c5:0c:45:a0:91:d7:79:e0:19:b1:33:8d:c1:
40:10:58:16:54:5c:c0:48:77:7f:fc:b9:6a:d0:84:d6:57:75:
ad:ca:e5:0a:08:06:24:43:fa:4b:91:ba:7f:72:b0:33:14:1c:
a5:6f:b8:12:04:a4:7a:79:5c:38:25:ea:79:08:89:c8:88:07:
e6:99:b1:e4:a0:cd:bb:7c:a8:ab:f8:9a:c8:13:17:60:9a:bd:
65:a2:5d:26:9a:ab:51:59:fd:0f:d7:a3:fa:f9:aa:b0:7c:ea:
0e:b5:85:d0:70:84:04:58:84:f2:d0:9f:f8:c3:77:3e:94:d8:
3c:e8:40:e8:eb:7f:60:d5:9d:09:a2:a3:c3:c7:48:f9:bb:b6:
63:bc:1f:1d:eb:92:fb:60:44:16:02:e5:2c:d1:c7:03:f2:9d:
f8:d0:16:05:af:4e:96:f3:19:50:9b:96:7f:54:a2:2b:5e:ba:
b9:38:e2:6c:4f:ea:ea:44:6e:bf:87:aa:70:e6:b5:cd:97:23:
6f:f6:c4:b5:61:21:62:ec:8d:00:a2:2d:ce:dc:66:c2:ae:4d:
2d:05:56:57
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIECHp9gTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YmM4Njk1NzcyZjBlNjRmM2I5YTE2MjE3MzNjYzAyNTA2Zjc0NzAyMB4XDTIyMDQx
ODExNTI0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDFmYTc1MmU5MTlm
NWI2Zjc3ZTI0ODFkMjIzZDI0Zjc2MGZlZDBjNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANu8bOmwMHKGSqjbmTa8FyPheMfcix5Ui+ariIcOaOkpiNfJ
rysTKY7tMbgomJfEnW4y5iy/8GB0FVrHRBsg1ZIahSBbGYe5z1vycAnXTr0yeIQ9
p93mPY2uevo7ERpBoR0LlpVv1GsxojrZeyZfq5Ffgj5y8pS/4T56LhgNzFvj9qYr
oetIX5sTMhObFCFL5iOzvHKTWG0n5NWBJN/AT6vy+Ad2eQIrKFkQp604IxbmtEmS
Z6+LTku7Xb4A7bsArDjv33IeASmb66eiYMv9TILn4E1DPJPpbiRKZGdg26fxm14C
fKusjw3Ouh9XZjym0AlbLQlKpgb1PqC7FPkODGkCAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBRB+nUukZ9bb3fiSB0iPST3YP7QxDAfBgNVHSMEGDAWgBQryGlXcvDmTzua
FiFzPMAlBvdHAjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0s4aHBWM0x3NWs4N21oWWhjenpBSlFiM1J3SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTkvY2JmYTliLTAyOTEtNDhlMy04MDVjLTQzZDY2YTAzMzFlYy8x
L1FmcDFMcEdmVzI5MzRrZ2RJajBrOTJELTBNUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTkv
Y2JmYTliLTAyOTEtNDhlMy04MDVjLTQzZDY2YTAzMzFlYy8xL0s4aHBWM0x3NWs4
N21oWWhjenpBSlFiM1J3SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwDAQCAAEwBgMEAlu80DAYBAIAAjASMBADBQYqD7HA
AwcCKg+xwgAAMA0GCSqGSIb3DQEBCwUAA4IBAQACqrGbqJkPpYHSxgfjIgxL+DdJ
fvGxRcjC4nbiXO4lZyzQrfJMQzCIZ8UMRaCR13ngGbEzjcFAEFgWVFzASHd//Llq
0ITWV3WtyuUKCAYkQ/pLkbp/crAzFBylb7gSBKR6eVw4Jep5CInIiAfmmbHkoM27
fKir+JrIExdgmr1lol0mmqtRWf0P16P6+aqwfOoOtYXQcIQEWITy0J/4w3c+lNg8
6EDo639g1Z0JoqPDx0j5u7ZjvB8d65L7YEQWAuUs0ccD8p340BYFr06W8xlQm5Z/
VKIrXrq5OOJsT+rqRG6/h6pw5rXNlyNv9sS1YSFi7I0Aoi3O3GbCrk0tBVZX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:01 2024 by rpki-client on console-fra.rpki-client.org