Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/38f016-f821-4c3e-b391-e2037352725a/1/4qbsLaEN-BgC4dnkkHjQdrX7uUY.roa
File: 4qbsLaEN-BgC4dnkkHjQdrX7uUY.roa (raw, json)
Hash identifier: /BJcXUpllHBwo2Ay7j5HSU1Kwyu99EcaLG29G03vmuo=
Subject key identifier: E2:A6:EC:2D:A1:0D:F8:18:02:E1:D9:E4:90:78:D0:76:B5:FB:B9:46
Certificate issuer: /CN=2fc515b71f91c6e56a14afb4eefd95061dec49d4
Certificate serial: 015C10E7
Authority key identifier: 2F:C5:15:B7:1F:91:C6:E5:6A:14:AF:B4:EE:FD:95:06:1D:EC:49:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L8UVtx-RxuVqFK-07v2VBh3sSdQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/38f016-f821-4c3e-b391-e2037352725a/1/4qbsLaEN-BgC4dnkkHjQdrX7uUY.roa
Signing time: Sat 01 Jan 2022 00:52:04 +0000
ROA not before: Sat 01 Jan 2022 00:52:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197659
IP address blocks: 91.223.228.0/24 maxlen: 24
185.188.48.0/22 maxlen: 22
2a0b:c080::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22810855 (0x15c10e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fc515b71f91c6e56a14afb4eefd95061dec49d4
Validity
Not Before: Jan 1 00:52:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e2a6ec2da10df81802e1d9e49078d076b5fbb946
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:59:a3:36:2f:4a:d1:44:b4:a8:69:5e:67:a9:
f3:dd:d0:9f:83:23:00:2f:cb:a0:f2:7a:cd:c8:48:
40:77:38:3b:21:0e:19:9e:4b:33:f2:67:23:0c:ab:
fc:71:8c:98:14:20:db:9a:ed:be:f9:4e:64:9e:a2:
88:49:f1:9a:31:e5:81:a7:3a:0e:c2:22:36:99:7c:
c4:86:9f:16:f9:26:90:46:e5:05:49:b0:fd:e8:3d:
81:64:a9:5e:0d:08:da:a2:10:1f:5f:0b:33:dc:a0:
7f:27:00:fe:95:c2:d7:14:e9:3d:b7:41:03:bb:ab:
5c:52:53:6e:fd:5d:82:9f:f2:87:4c:87:ae:b7:95:
ef:54:51:8f:60:f9:2a:3b:7d:82:0d:0a:c9:58:5f:
b9:2c:47:1f:7d:ab:62:ba:a7:be:00:52:e1:54:08:
29:ce:60:b5:84:0d:20:2e:14:ea:d4:e4:98:af:90:
43:da:e3:56:da:c8:cb:5c:22:e6:d7:7f:e8:6b:05:
8a:3c:88:4e:31:53:41:0f:9d:a4:9c:13:ad:56:bd:
23:23:a4:96:93:0d:26:c6:d3:48:92:d7:4a:3b:5a:
9f:1b:0d:f7:db:88:f6:7b:51:fe:0a:c6:ca:be:88:
d3:60:81:ad:1b:02:df:b6:e9:36:aa:0d:a6:c2:7f:
7d:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:A6:EC:2D:A1:0D:F8:18:02:E1:D9:E4:90:78:D0:76:B5:FB:B9:46
X509v3 Authority Key Identifier:
keyid:2F:C5:15:B7:1F:91:C6:E5:6A:14:AF:B4:EE:FD:95:06:1D:EC:49:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L8UVtx-RxuVqFK-07v2VBh3sSdQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/38f016-f821-4c3e-b391-e2037352725a/1/4qbsLaEN-BgC4dnkkHjQdrX7uUY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/38f016-f821-4c3e-b391-e2037352725a/1/L8UVtx-RxuVqFK-07v2VBh3sSdQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.228.0/24
185.188.48.0/22
IPv6:
2a0b:c080::/29
Signature Algorithm: sha256WithRSAEncryption
77:ef:85:70:1f:51:a7:87:2b:b4:ff:96:75:18:0e:37:69:46:
de:2c:78:0b:5d:f4:ef:93:a8:d4:f2:86:8f:84:57:f9:cf:04:
67:c1:29:84:a1:75:11:79:ec:e6:8d:e6:e9:ef:a4:7c:71:ac:
76:90:ce:d4:d1:0c:7c:8a:9d:0b:af:59:37:1e:a9:12:21:a8:
52:d5:11:04:bf:e5:de:ac:c7:5d:fd:a3:cf:b3:11:1b:43:28:
83:74:c8:75:cf:bd:78:a1:27:bc:c4:29:79:44:f2:de:2f:97:
8f:a2:10:f0:6e:46:e2:b3:74:f3:03:ce:92:3a:8f:84:27:cb:
83:7d:29:2e:1d:23:7d:1d:ce:35:7c:93:19:fc:bc:a9:ec:ab:
50:7e:38:37:b5:cd:de:2c:75:13:ef:c3:e0:d0:f3:5b:db:e1:
8f:0d:a8:51:f1:80:4e:68:dc:20:d5:53:a8:1b:61:2d:09:3d:
a1:e3:16:20:d0:87:cd:4b:60:53:a1:c8:97:9c:5f:c1:70:52:
60:dd:ed:93:eb:a4:75:f1:c1:13:e4:93:39:8c:f0:fa:6b:33:
a6:1a:c0:01:8f:f2:10:e4:8d:30:a8:6e:d5:70:bd:9e:6b:4b:
1d:3a:38:da:fa:f7:23:07:ae:8a:5c:4e:24:6c:94:f3:7c:ee:
45:7d:db:0f
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEAVwQ5zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZmM1MTViNzFmOTFjNmU1NmExNGFmYjRlZWZkOTUwNjFkZWM0OWQ0MB4XDTIyMDEw
MTAwNTIwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTJhNmVjMmRhMTBk
ZjgxODAyZTFkOWU0OTA3OGQwNzZiNWZiYjk0NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANpZozYvStFEtKhpXmep893Qn4MjAC/LoPJ6zchIQHc4OyEO
GZ5LM/JnIwyr/HGMmBQg25rtvvlOZJ6iiEnxmjHlgac6DsIiNpl8xIafFvkmkEbl
BUmw/eg9gWSpXg0I2qIQH18LM9ygfycA/pXC1xTpPbdBA7urXFJTbv1dgp/yh0yH
rreV71RRj2D5Kjt9gg0KyVhfuSxHH32rYrqnvgBS4VQIKc5gtYQNIC4U6tTkmK+Q
Q9rjVtrIy1wi5td/6GsFijyITjFTQQ+dpJwTrVa9IyOklpMNJsbTSJLXSjtanxsN
99uI9ntR/grGyr6I02CBrRsC37bpNqoNpsJ/fUECAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBTipuwtoQ34GALh2eSQeNB2tfu5RjAfBgNVHSMEGDAWgBQvxRW3H5HG5WoU
r7Tu/ZUGHexJ1DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0w4VVZ0eC1SeHVWcUZLLTA3djJWQmgzc1NkUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWYvMzhmMDE2LWY4MjEtNGMzZS1iMzkxLWUyMDM3MzUyNzI1YS8x
LzRxYnNMYUVOLUJnQzRkbmtrSGpRZHJYN3VVWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWYv
MzhmMDE2LWY4MjEtNGMzZS1iMzkxLWUyMDM3MzUyNzI1YS8xL0w4VVZ0eC1SeHVW
cUZLLTA3djJWQmgzc1NkUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAFvf5AMEArm8MDANBAIAAjAHAwUD
KgvAgDANBgkqhkiG9w0BAQsFAAOCAQEAd++FcB9Rp4crtP+WdRgON2lG3ix4C130
75Oo1PKGj4RX+c8EZ8EphKF1EXns5o3m6e+kfHGsdpDO1NEMfIqdC69ZNx6pEiGo
UtURBL/l3qzHXf2jz7MRG0Mog3TIdc+9eKEnvMQpeUTy3i+Xj6IQ8G5G4rN08wPO
kjqPhCfLg30pLh0jfR3ONXyTGfy8qeyrUH44N7XN3ix1E+/D4NDzW9vhjw2oUfGA
TmjcINVTqBthLQk9oeMWINCHzUtgU6HIl5xfwXBSYN3tk+ukdfHBE+STOYzw+msz
phrAAY/yEOSNMKhu1XC9nmtLHTo42vr3IweuilxOJGyU83zuRX3bDw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:29 2024 by rpki-client on console-ams.rpki-client.org