Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/89f0f6-a5ac-467b-a4ad-be218cef4a11/1/PQyBo5HzY4SbPbTW9Pk3kBoR1r8.roa
File: PQyBo5HzY4SbPbTW9Pk3kBoR1r8.roa (raw, json)
Hash identifier: GI8ZRF86eDvW4U6/sEn3mNuZyUQ72hFJjQJRPWD/skA=
Subject key identifier: 3D:0C:81:A3:91:F3:63:84:9B:3D:B4:D6:F4:F9:37:90:1A:11:D6:BF
Certificate issuer: /CN=46d713ada8dabcf77681c0ca42d9969e447c8ea7
Certificate serial: 018750B1AE3A3B2BE778070868C2B88FD12E
Authority key identifier: 46:D7:13:AD:A8:DA:BC:F7:76:81:C0:CA:42:D9:96:9E:44:7C:8E:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RtcTrajavPd2gcDKQtmWnkR8jqc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/89f0f6-a5ac-467b-a4ad-be218cef4a11/1/PQyBo5HzY4SbPbTW9Pk3kBoR1r8.roa
Signing time: Wed 05 Apr 2023 09:13:54 +0000
ROA not before: Wed 05 Apr 2023 09:13:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39673
IP address blocks: 91.209.40.0/24 maxlen: 24
91.209.48.0/24 maxlen: 24
91.209.50.0/24 maxlen: 24
2a0f:5fc0:dead::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:50:b1:ae:3a:3b:2b:e7:78:07:08:68:c2:b8:8f:d1:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46d713ada8dabcf77681c0ca42d9969e447c8ea7
Validity
Not Before: Apr 5 09:13:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d0c81a391f363849b3db4d6f4f937901a11d6bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:93:a6:ef:af:23:fc:60:0d:c0:6a:22:a7:9e:
21:eb:79:d1:d7:cd:47:b7:6e:fd:46:9c:e8:77:36:
97:ac:99:f3:c3:f9:51:e2:4c:ce:0e:0a:31:be:20:
29:e0:55:21:f0:30:ed:aa:3a:dc:ba:06:6a:f4:5d:
90:d8:47:d7:f7:41:e6:ac:29:8e:17:73:cc:af:8a:
db:13:02:0c:24:dc:3a:06:14:1f:58:24:a1:44:ba:
db:89:b8:f8:ae:8e:54:16:81:04:96:ef:5f:d7:70:
eb:ac:ec:e5:f1:4a:5c:b9:76:e0:23:34:3b:2d:7f:
7b:9d:e6:23:94:fe:e2:f8:5e:25:62:47:86:64:87:
fa:19:c2:6d:60:a4:e4:49:d9:bf:c8:9b:5b:dd:11:
31:d5:13:7e:2c:68:73:07:5d:69:34:d0:db:6d:2f:
67:6a:dd:b9:a6:dd:f2:d6:56:ec:e9:6d:c9:ff:24:
cd:d6:58:43:0a:dd:52:12:9e:9a:a0:5e:76:52:93:
61:40:3b:3a:15:70:b1:52:c9:85:2d:60:97:3b:4d:
4e:88:4a:f2:be:4c:3d:68:1c:fa:c9:9a:1c:85:16:
e4:16:38:7d:0d:a2:7e:3a:f6:13:0e:ca:b1:31:9a:
70:c8:7f:6b:e6:65:c2:60:0d:25:f6:62:37:18:05:
4e:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:0C:81:A3:91:F3:63:84:9B:3D:B4:D6:F4:F9:37:90:1A:11:D6:BF
X509v3 Authority Key Identifier:
keyid:46:D7:13:AD:A8:DA:BC:F7:76:81:C0:CA:42:D9:96:9E:44:7C:8E:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RtcTrajavPd2gcDKQtmWnkR8jqc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/89f0f6-a5ac-467b-a4ad-be218cef4a11/1/PQyBo5HzY4SbPbTW9Pk3kBoR1r8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/89f0f6-a5ac-467b-a4ad-be218cef4a11/1/RtcTrajavPd2gcDKQtmWnkR8jqc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.40.0/24
91.209.48.0/24
91.209.50.0/24
IPv6:
2a0f:5fc0:dead::/48
Signature Algorithm: sha256WithRSAEncryption
a7:32:8e:cc:0d:7b:1e:90:0d:fa:e1:8e:4e:ac:f4:10:8e:d8:
5a:97:d7:99:c9:a1:d8:40:d3:27:59:01:2b:e8:11:06:d2:80:
f4:e3:b5:75:e3:ec:91:05:08:e4:e2:c3:03:b2:ac:35:3f:54:
2a:89:7d:e9:1f:cf:11:ea:fd:d2:e5:a7:27:24:5d:3e:a3:81:
61:9c:d9:7f:50:55:0e:ff:c1:30:7e:ec:15:87:a4:cc:b7:cb:
08:8b:5e:2b:a2:2e:e5:f9:4e:45:0f:03:22:11:7d:d0:82:8b:
fa:c2:2c:7b:34:eb:c1:01:8d:86:83:70:a5:9b:ab:d1:6c:27:
7b:ae:48:44:96:1d:b8:11:63:65:b6:60:7d:52:eb:0b:27:e5:
be:ce:89:f9:f0:f9:05:2c:9d:a3:b3:db:30:20:40:fe:c0:f4:
43:26:6c:3f:c1:32:c8:f0:ae:55:c9:7b:ac:5f:07:63:37:c1:
c1:bb:38:84:ca:26:64:fc:53:d2:51:b2:2e:c9:2d:2a:0a:c6:
b0:d4:7b:6d:31:93:81:df:5e:9c:e2:2a:91:f8:57:01:a4:b3:
00:ef:13:28:e7:06:c2:7f:74:da:ae:a7:c4:47:e9:72:84:6e:
c7:72:4b:49:c4:ea:a4:9a:5e:d0:db:30:f8:84:a5:78:c3:4f:
16:43:ef:6e
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYdQsa46OyvneAcIaMK4j9EuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2ZDcxM2FkYThkYWJjZjc3NjgxYzBjYTQyZDk5NjllNDQ3
YzhlYTcwHhcNMjMwNDA1MDkxMzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDBjODFhMzkxZjM2Mzg0OWIzZGI0ZDZmNGY5Mzc5MDFhMTFkNmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJOm768j/GANwGoip54h63nR181H
t279RpzodzaXrJnzw/lR4kzODgoxviAp4FUh8DDtqjrcugZq9F2Q2EfX90HmrCmO
F3PMr4rbEwIMJNw6BhQfWCShRLrbibj4ro5UFoEElu9f13DrrOzl8UpcuXbgIzQ7
LX97neYjlP7i+F4lYkeGZIf6GcJtYKTkSdm/yJtb3REx1RN+LGhzB11pNNDbbS9n
at25pt3y1lbs6W3J/yTN1lhDCt1SEp6aoF52UpNhQDs6FXCxUsmFLWCXO01OiEry
vkw9aBz6yZochRbkFjh9DaJ+OvYTDsqxMZpwyH9r5mXCYA0l9mI3GAVOiwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFD0MgaOR82OEmz201vT5N5AaEda/MB8GA1UdIwQY
MBaAFEbXE62o2rz3doHAykLZlp5EfI6nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnRjVHJhamF2UGQyZ2NES1F0bVdua1I4anFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS84OWYwZjYtYTVhYy00NjdiLWE0YWQt
YmUyMThjZWY0YTExLzEvUFF5Qm81SHpZNFNiUGJUVzlQazNrQm9SMXI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS84OWYwZjYtYTVhYy00NjdiLWE0YWQtYmUyMThjZWY0YTEx
LzEvUnRjVHJhamF2UGQyZ2NES1F0bVdua1I4anFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAW9EoAwQA
W9EwAwQAW9EyMA8EAgACMAkDBwAqD1/A3q0wDQYJKoZIhvcNAQELBQADggEBAKcy
jswNex6QDfrhjk6s9BCO2FqX15nJodhA0ydZASvoEQbSgPTjtXXj7JEFCOTiwwOy
rDU/VCqJfekfzxHq/dLlpyckXT6jgWGc2X9QVQ7/wTB+7BWHpMy3ywiLXiuiLuX5
TkUPAyIRfdCCi/rCLHs068EBjYaDcKWbq9FsJ3uuSESWHbgRY2W2YH1S6wsn5b7O
ifnw+QUsnaOz2zAgQP7A9EMmbD/BMsjwrlXJe6xfB2M3wcG7OITKJmT8U9JRsi7J
LSoKxrDUe20xk4HfXpziKpH4VwGkswDvEyjnBsJ/dNqup8RH6XKEbsdyS0nE6qSa
XtDbMPiEpXjDTxZD724=
-----END CERTIFICATE-----
Generated at Tue Feb 18 13:35:22 2025 by rpki-client