Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/qC1k79AWs8p8YMekpFOgOU2z8yk.roa
File: qC1k79AWs8p8YMekpFOgOU2z8yk.roa (raw, json)
Hash identifier: p+TEu11gks16yQFHmSQSA62trek1ylO5mmJ5DcK+BWE=
Subject key identifier: A8:2D:64:EF:D0:16:B3:CA:7C:60:C7:A4:A4:53:A0:39:4D:B3:F3:29
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 034DB3A0
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/qC1k79AWs8p8YMekpFOgOU2z8yk.roa
Signing time: Sat 01 Jan 2022 16:04:43 +0000
ROA not before: Sat 01 Jan 2022 16:04:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211443
IP address blocks: 192.162.100.0/24 maxlen: 24
192.162.101.0/24 maxlen: 24
192.162.102.0/24 maxlen: 24
192.162.103.0/24 maxlen: 24
193.0.200.0/24 maxlen: 24
193.0.203.0/24 maxlen: 24
194.63.140.0/24 maxlen: 24
194.63.141.0/24 maxlen: 24
194.63.142.0/24 maxlen: 24
194.63.143.0/24 maxlen: 24
91.217.77.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 55423904 (0x34db3a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 1 16:04:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a82d64efd016b3ca7c60c7a4a453a0394db3f329
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ca:83:7f:98:5f:94:07:a9:63:9a:ed:dc:8e:
a7:44:13:1c:1e:8c:e5:82:5e:ad:81:52:b9:24:d8:
b4:e0:6e:63:5d:9a:91:76:35:45:2a:aa:54:85:dd:
cd:9b:0d:ef:f5:b0:0d:3d:3b:9c:5c:ff:77:5f:40:
8b:a9:a3:d2:e2:71:eb:f6:d5:13:39:17:c5:ed:c1:
bb:63:ee:d7:be:ef:62:27:25:e4:9e:9d:b4:44:9d:
62:60:2c:23:ba:5d:8f:86:bd:4e:4e:ac:de:d9:41:
be:87:80:0c:f9:3d:c6:43:3c:e4:e0:54:90:16:65:
c8:94:9b:f7:70:e8:fd:26:db:53:b9:cd:dc:a6:5d:
4c:21:18:f1:56:a5:92:44:81:a9:a4:6e:e0:e4:a0:
91:dc:1f:3d:ff:06:b5:79:5a:78:09:44:f6:3d:21:
21:39:79:e1:55:b4:46:2a:20:85:57:6a:61:c2:42:
c3:cb:94:60:ec:7f:2a:73:c3:c0:3b:d5:5e:3c:35:
91:da:0c:fe:93:52:34:ac:89:c3:3f:25:7f:db:ef:
c9:e9:8b:05:10:bb:96:45:e4:02:39:84:7b:f7:ed:
e8:18:22:ef:67:48:21:6f:b9:c9:9d:8a:e1:64:c5:
37:70:36:48:4d:5e:a5:26:e5:4d:12:a3:01:a2:04:
77:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:2D:64:EF:D0:16:B3:CA:7C:60:C7:A4:A4:53:A0:39:4D:B3:F3:29
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/qC1k79AWs8p8YMekpFOgOU2z8yk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.77.0/24
192.162.100.0/22
193.0.200.0/24
193.0.203.0/24
194.63.140.0/22
Signature Algorithm: sha256WithRSAEncryption
92:6f:4b:f5:6c:f5:d9:38:48:cc:40:64:3d:57:4a:f4:06:9f:
57:cc:03:3f:69:5f:14:a9:75:4c:8d:b0:1d:dc:02:04:c6:11:
37:c4:8f:df:92:76:95:64:df:dd:05:b0:5a:64:88:2a:ca:5a:
40:fd:75:4a:03:d9:26:60:1f:41:71:0a:09:a3:c6:6b:90:5f:
9c:bf:d8:90:df:2e:58:44:5f:8b:27:ad:67:6c:98:e4:b6:3c:
dc:09:92:19:1d:4f:62:52:0d:b0:c2:6e:ef:70:ad:b0:cd:c0:
02:71:7c:54:27:a1:92:64:8b:4f:b8:c6:c9:0b:14:a9:30:38:
43:e2:f7:8b:23:cd:33:36:42:56:8a:83:23:77:96:6c:d4:29:
7d:b8:78:47:42:d1:fc:a5:ed:1b:78:15:fa:14:11:38:e4:34:
db:ba:e3:68:65:24:ee:b8:1b:f1:9d:4a:38:ff:db:48:80:12:
01:e8:fc:70:f3:07:31:9d:59:12:7c:52:3d:73:c4:73:d1:1f:
58:85:65:f9:bd:8e:d2:92:7b:c1:fc:23:d1:cd:43:38:f5:bb:
1a:7e:3a:c7:7d:db:15:9d:66:67:d0:cd:d2:e2:cf:f0:7c:ff:
6d:62:e5:96:33:d4:d8:49:c8:c0:fb:d2:97:29:aa:36:fc:32:
73:a4:58:08
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEA02zoDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGY5NjM0NWQzZjIyZWRiMzk1ZDI0N2Y3Yjg2ZDJkNzNlNGEwMDkxMB4XDTIyMDEw
MTE2MDQ0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTgyZDY0ZWZkMDE2
YjNjYTdjNjBjN2E0YTQ1M2EwMzk0ZGIzZjMyOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKrKg3+YX5QHqWOa7dyOp0QTHB6M5YJerYFSuSTYtOBuY12a
kXY1RSqqVIXdzZsN7/WwDT07nFz/d19Ai6mj0uJx6/bVEzkXxe3Bu2Pu177vYicl
5J6dtESdYmAsI7pdj4a9Tk6s3tlBvoeADPk9xkM85OBUkBZlyJSb93Do/SbbU7nN
3KZdTCEY8ValkkSBqaRu4OSgkdwfPf8GtXlaeAlE9j0hITl54VW0RioghVdqYcJC
w8uUYOx/KnPDwDvVXjw1kdoM/pNSNKyJwz8lf9vvyemLBRC7lkXkAjmEe/ft6Bgi
72dIIW+5yZ2K4WTFN3A2SE1epSblTRKjAaIEdw8CAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBSoLWTv0Bazynxgx6SkU6A5TbPzKTAfBgNVHSMEGDAWgBS0+WNF0/Iu2zld
JH97htLXPkoAkTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RQbGpSZFB5THRzNVhTUl9lNGJTMXo1S0FKRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvOGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8x
L3FDMWs3OUFXczhwOFlNZWtwRk9nT1Uyejh5ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
OGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8xL3RQbGpSZFB5THRz
NVhTUl9lNGJTMXo1S0FKRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAFvZTQMEAsCiZAMEAMEAyAMEAMEA
ywMEAsI/jDANBgkqhkiG9w0BAQsFAAOCAQEAkm9L9Wz12ThIzEBkPVdK9AafV8wD
P2lfFKl1TI2wHdwCBMYRN8SP35J2lWTf3QWwWmSIKspaQP11SgPZJmAfQXEKCaPG
a5BfnL/YkN8uWERfiyetZ2yY5LY83AmSGR1PYlINsMJu73CtsM3AAnF8VCehkmSL
T7jGyQsUqTA4Q+L3iyPNMzZCVoqDI3eWbNQpfbh4R0LR/KXtG3gV+hQROOQ027rj
aGUk7rgb8Z1KOP/bSIASAej8cPMHMZ1ZEnxSPXPEc9EfWIVl+b2O0pJ7wfwj0c1D
OPW7Gn46x33bFZ1mZ9DN0uLP8Hz/bWLlljPU2EnIwPvSlymqNvwyc6RYCA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:08 2024 by rpki-client on console-fra.rpki-client.org