Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/d6bf5e-4812-430e-9a13-e5947614ef3f/1/qpG1I9H7eIGgoS4KN7Kmesncy2o.roa
File: qpG1I9H7eIGgoS4KN7Kmesncy2o.roa (raw, json)
Hash identifier: q+j7aVlQNMZKxlpsvrInwdwLn4frJ9TCuTofU7ZYF9Y=
Subject key identifier: AA:91:B5:23:D1:FB:78:81:A0:A1:2E:0A:37:B2:A6:7A:C9:DC:CB:6A
Certificate issuer: /CN=5c746e9f12c2c0e5459fe4e3d413c1c89de6db0e
Certificate serial: 018A02689364AE3C0B8E5E0CF5EB8BE70351
Authority key identifier: 5C:74:6E:9F:12:C2:C0:E5:45:9F:E4:E3:D4:13:C1:C8:9D:E6:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XHRunxLCwOVFn-Tj1BPByJ3m2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/d6bf5e-4812-430e-9a13-e5947614ef3f/1/qpG1I9H7eIGgoS4KN7Kmesncy2o.roa
Signing time: Thu 17 Aug 2023 07:32:02 +0000
ROA not before: Thu 17 Aug 2023 07:32:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57829
IP address blocks: 91.196.240.0/23 maxlen: 24
91.196.240.0/22 maxlen: 24
217.16.192.0/20 maxlen: 24
91.196.242.0/23 maxlen: 24
31.25.64.0/22 maxlen: 24
31.25.64.0/21 maxlen: 24
31.25.68.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:02:68:93:64:ae:3c:0b:8e:5e:0c:f5:eb:8b:e7:03:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c746e9f12c2c0e5459fe4e3d413c1c89de6db0e
Validity
Not Before: Aug 17 07:32:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa91b523d1fb7881a0a12e0a37b2a67ac9dccb6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:6c:22:4b:d6:6a:1a:aa:a1:f5:de:a2:65:e4:
8f:a8:cd:44:b5:29:67:3a:0d:d6:c4:fc:91:0f:d3:
f2:d8:44:12:19:76:cf:2d:d5:55:b3:07:95:7e:74:
48:15:bb:df:6f:44:13:90:b1:1f:32:4f:d6:60:e9:
fa:11:a8:30:6e:91:3f:b0:38:9a:d4:2b:11:78:7a:
2c:11:19:7f:c4:3a:f8:fc:43:0e:74:6a:41:47:13:
f2:bc:5c:bc:b5:a0:89:b8:c6:ee:0e:81:06:72:4a:
9d:42:f2:a1:b0:7c:a0:f5:03:23:ca:a3:d8:4f:a8:
bb:cf:e4:2c:47:a3:4f:ca:bc:37:c9:f3:18:06:b3:
e0:c5:2f:09:b3:99:6f:65:50:ec:48:91:e1:5e:1d:
3f:f2:9e:cf:ab:d3:df:1b:7e:1e:90:de:48:9d:7c:
96:70:4a:16:05:03:95:ef:d0:94:91:dc:ac:98:39:
01:cc:88:41:13:47:ac:8d:82:d5:79:39:5c:6c:cb:
34:e5:0b:04:e3:a3:4a:39:75:9c:ea:8e:4b:b7:f7:
8e:86:92:c7:b1:d8:3b:d3:03:9f:8a:61:e8:fa:23:
4d:c0:3e:15:4a:bd:77:7e:7f:3d:da:d4:ec:1c:20:
15:23:a2:f6:c2:97:79:35:49:ae:99:b2:13:3e:ee:
0f:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:91:B5:23:D1:FB:78:81:A0:A1:2E:0A:37:B2:A6:7A:C9:DC:CB:6A
X509v3 Authority Key Identifier:
keyid:5C:74:6E:9F:12:C2:C0:E5:45:9F:E4:E3:D4:13:C1:C8:9D:E6:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XHRunxLCwOVFn-Tj1BPByJ3m2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/d6bf5e-4812-430e-9a13-e5947614ef3f/1/qpG1I9H7eIGgoS4KN7Kmesncy2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/d6bf5e-4812-430e-9a13-e5947614ef3f/1/XHRunxLCwOVFn-Tj1BPByJ3m2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.64.0/21
91.196.240.0/22
217.16.192.0/20
Signature Algorithm: sha256WithRSAEncryption
25:a9:1f:92:c3:76:76:f3:4a:7f:b6:40:e5:ea:67:39:15:50:
4d:f9:0f:3e:8a:9b:af:fa:4f:10:0a:f5:f7:a3:b8:99:a0:77:
b1:f7:ab:cb:02:1a:f1:17:26:7a:2a:63:cc:0f:56:e5:e1:e2:
ac:05:ab:39:06:42:3e:89:86:5e:f1:9c:5b:16:18:f4:23:fb:
de:a9:9a:8a:85:88:36:67:28:bd:e9:32:52:a7:e3:ee:30:6b:
66:24:36:8f:75:22:ca:49:45:09:19:2c:f4:e5:04:97:cc:a2:
f7:00:65:fa:0a:ee:66:fe:c7:2a:2b:d6:83:6c:05:8f:54:c5:
cf:46:6e:19:2c:6b:d6:59:8e:23:83:ae:da:3b:40:c6:eb:58:
6a:a4:cd:e3:51:14:0b:e3:b5:a1:da:27:45:5c:28:1e:f3:63:
23:89:33:00:39:28:a8:35:9d:a8:61:20:c9:3c:6b:79:23:44:
cc:83:04:4d:70:22:a1:54:a1:91:e8:31:e8:ed:a0:2a:a6:f6:
a8:c7:a5:f7:9a:54:c9:34:db:39:54:c4:eb:d8:c9:40:78:29:
f3:18:19:2d:4d:55:fb:40:72:b5:8c:f9:86:80:49:1f:a0:af:
68:72:24:b1:fb:56:ff:2e:a6:43:a1:ad:66:89:5c:86:12:60:
b0:bb:d5:2c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYoCaJNkrjwLjl4M9euL5wNRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNzQ2ZTlmMTJjMmMwZTU0NTlmZTRlM2Q0MTNjMWM4OWRl
NmRiMGUwHhcNMjMwODE3MDczMjAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTkxYjUyM2QxZmI3ODgxYTBhMTJlMGEzN2IyYTY3YWM5ZGNjYjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgmwiS9ZqGqqh9d6iZeSPqM1EtSln
Og3WxPyRD9Py2EQSGXbPLdVVsweVfnRIFbvfb0QTkLEfMk/WYOn6EagwbpE/sDia
1CsReHosERl/xDr4/EMOdGpBRxPyvFy8taCJuMbuDoEGckqdQvKhsHyg9QMjyqPY
T6i7z+QsR6NPyrw3yfMYBrPgxS8Js5lvZVDsSJHhXh0/8p7Pq9PfG34ekN5InXyW
cEoWBQOV79CUkdysmDkBzIhBE0esjYLVeTlcbMs05QsE46NKOXWc6o5Lt/eOhpLH
sdg70wOfimHo+iNNwD4VSr13fn892tTsHCAVI6L2wpd5NUmumbITPu4PawIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKqRtSPR+3iBoKEuCjeypnrJ3MtqMB8GA1UdIwQY
MBaAFFx0bp8SwsDlRZ/k49QTwcid5tsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEhSdW54TEN3T1ZGbi1UajFCUEJ5SjNtMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9kNmJmNWUtNDgxMi00MzBlLTlhMTMt
ZTU5NDc2MTRlZjNmLzEvcXBHMUk5SDdlSUdnb1M0S043S21lc25jeTJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9kNmJmNWUtNDgxMi00MzBlLTlhMTMtZTU5NDc2MTRlZjNm
LzEvWEhSdW54TEN3T1ZGbi1UajFCUEJ5SjNtMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDHxlAAwQC
W8TwAwQE2RDAMA0GCSqGSIb3DQEBCwUAA4IBAQAlqR+Sw3Z280p/tkDl6mc5FVBN
+Q8+ipuv+k8QCvX3o7iZoHex96vLAhrxFyZ6KmPMD1bl4eKsBas5BkI+iYZe8Zxb
Fhj0I/veqZqKhYg2Zyi96TJSp+PuMGtmJDaPdSLKSUUJGSz05QSXzKL3AGX6Cu5m
/scqK9aDbAWPVMXPRm4ZLGvWWY4jg67aO0DG61hqpM3jURQL47Wh2idFXCge82Mj
iTMAOSioNZ2oYSDJPGt5I0TMgwRNcCKhVKGR6DHo7aAqpvaox6X3mlTJNNs5VMTr
2MlAeCnzGBktTVX7QHK1jPmGgEkfoK9ociSx+1b/LqZDoa1miVyGEmCwu9Us
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:47:40 2025 by rpki-client