Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/a564e9-3a4e-4d4a-807d-7055c2e0476f/1/QgMk6BJDDcFmVvPuKJ70ctkU47k.roa
File: QgMk6BJDDcFmVvPuKJ70ctkU47k.roa (raw, json)
Hash identifier: 2LWzGz/YVqEmdS5e3BH/50q8czigA+hUviERjbbNFXU=
Subject key identifier: 42:03:24:E8:12:43:0D:C1:66:56:F3:EE:28:9E:F4:72:D9:14:E3:B9
Certificate issuer: /CN=63636c3bef55d12a64536b70130a74f53f44d6d0
Certificate serial: 018C30DDF49DFA35A4789EA6D3ACA8B5E0D8
Authority key identifier: 63:63:6C:3B:EF:55:D1:2A:64:53:6B:70:13:0A:74:F5:3F:44:D6:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y2NsO-9V0SpkU2twEwp09T9E1tA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/a564e9-3a4e-4d4a-807d-7055c2e0476f/1/QgMk6BJDDcFmVvPuKJ70ctkU47k.roa
Signing time: Sun 03 Dec 2023 18:08:21 +0000
ROA not before: Sun 03 Dec 2023 18:08:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197946
IP address blocks: 91.208.163.0/24 maxlen: 24
185.105.237.0/24 maxlen: 24
185.231.114.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:30:dd:f4:9d:fa:35:a4:78:9e:a6:d3:ac:a8:b5:e0:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63636c3bef55d12a64536b70130a74f53f44d6d0
Validity
Not Before: Dec 3 18:08:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=420324e812430dc16656f3ee289ef472d914e3b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:de:6b:3d:5b:c3:de:2b:62:39:e2:80:89:b2:
6d:64:e2:68:59:63:fe:64:8b:d7:62:16:34:ba:ed:
65:74:9e:08:28:0b:05:43:8b:c2:31:52:83:77:fe:
8b:b4:c8:2d:b1:44:e7:ea:18:5a:8f:fc:30:90:20:
ab:01:ff:86:73:c5:72:e4:5b:39:36:35:c4:8f:dc:
ab:44:e5:f9:01:63:03:06:25:1f:a4:67:52:7f:71:
30:a5:6a:64:ed:2a:ab:48:1f:d0:fa:db:8e:1e:f1:
c7:9f:08:5b:44:f6:83:d6:84:d3:28:4d:e7:b7:c1:
5f:95:95:1c:82:39:02:fa:b0:a1:df:f2:49:b3:e5:
e9:43:c8:00:5e:97:a7:cf:74:1f:01:ef:64:bb:59:
2d:5a:0c:6f:79:7a:c3:7b:da:44:9b:63:31:80:fb:
2a:8a:bb:36:eb:05:70:85:b2:81:49:d3:ed:db:9c:
cd:6f:0b:89:5a:5f:46:24:85:25:c6:e9:7b:1b:ad:
82:c8:de:1d:ec:4c:9d:67:4e:0e:7e:ca:f3:c0:f1:
b7:62:28:f5:a9:03:4f:94:15:fa:ef:28:fd:b3:55:
d3:16:be:82:6a:d7:89:48:de:45:e0:4a:74:59:d2:
ba:9d:1e:5c:01:d2:d5:7d:5b:53:cd:33:1e:2c:dc:
30:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:03:24:E8:12:43:0D:C1:66:56:F3:EE:28:9E:F4:72:D9:14:E3:B9
X509v3 Authority Key Identifier:
keyid:63:63:6C:3B:EF:55:D1:2A:64:53:6B:70:13:0A:74:F5:3F:44:D6:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y2NsO-9V0SpkU2twEwp09T9E1tA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/a564e9-3a4e-4d4a-807d-7055c2e0476f/1/QgMk6BJDDcFmVvPuKJ70ctkU47k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/a564e9-3a4e-4d4a-807d-7055c2e0476f/1/Y2NsO-9V0SpkU2twEwp09T9E1tA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.163.0/24
185.105.237.0/24
185.231.114.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:e4:ab:fe:2a:b0:a8:84:2b:eb:d3:e2:6a:e8:4d:cf:48:31:
ee:45:42:3e:47:b6:fc:ec:d5:c7:ee:be:44:58:74:1b:b8:98:
72:0c:59:3b:3e:bc:e4:39:00:f4:c7:bd:3e:85:3d:67:84:22:
aa:4e:4e:c4:36:4d:0e:44:f9:67:b6:8f:27:75:63:20:f0:f7:
c6:ab:47:2a:60:7f:a8:a9:2e:14:c6:c0:12:88:59:79:2c:44:
4a:c0:1c:40:aa:05:ec:f0:1a:c5:bd:cd:43:b7:1b:c0:6e:67:
48:6f:a9:e3:42:e2:36:0d:2a:c0:e4:30:4d:29:d3:d3:a6:2b:
e2:41:2a:42:1a:82:f0:45:42:50:31:8e:be:07:d8:aa:d6:da:
23:72:5c:b4:ee:86:09:e8:8e:67:7b:4a:ec:38:d1:af:36:93:
e1:dd:e5:61:73:b5:6c:cb:84:32:db:66:4a:8c:4c:13:8d:9b:
9a:60:e8:dc:df:66:bc:44:08:d1:18:ed:75:56:89:93:64:0c:
57:f1:d9:f3:97:7d:1e:44:42:12:aa:0c:3d:02:e5:45:a2:40:
49:ba:07:6a:76:e4:8e:ae:2c:48:22:44:b7:40:15:42:6d:f7:
cf:18:01:23:26:c3:31:a9:48:f9:09:5b:1f:a1:1d:5b:11:56:
c2:af:12:76
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYww3fSd+jWkeJ6m06yoteDYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNjM2YzNiZWY1NWQxMmE2NDUzNmI3MDEzMGE3NGY1M2Y0
NGQ2ZDAwHhcNMjMxMjAzMTgwODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjAzMjRlODEyNDMwZGMxNjY1NmYzZWUyODllZjQ3MmQ5MTRlM2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgN5rPVvD3itiOeKAibJtZOJoWWP+
ZIvXYhY0uu1ldJ4IKAsFQ4vCMVKDd/6LtMgtsUTn6hhaj/wwkCCrAf+Gc8Vy5Fs5
NjXEj9yrROX5AWMDBiUfpGdSf3EwpWpk7SqrSB/Q+tuOHvHHnwhbRPaD1oTTKE3n
t8FflZUcgjkC+rCh3/JJs+XpQ8gAXpenz3QfAe9ku1ktWgxveXrDe9pEm2MxgPsq
irs26wVwhbKBSdPt25zNbwuJWl9GJIUlxul7G62CyN4d7EydZ04OfsrzwPG3Yij1
qQNPlBX67yj9s1XTFr6CateJSN5F4Ep0WdK6nR5cAdLVfVtTzTMeLNwwrQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEIDJOgSQw3BZlbz7iie9HLZFOO5MB8GA1UdIwQY
MBaAFGNjbDvvVdEqZFNrcBMKdPU/RNbQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTJOc08tOVYwU3BrVTJ0d0V3cDA5VDlFMXRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9hNTY0ZTktM2E0ZS00ZDRhLTgwN2Qt
NzA1NWMyZTA0NzZmLzEvUWdNazZCSkREY0ZtVnZQdUtKNzBjdGtVNDdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9hNTY0ZTktM2E0ZS00ZDRhLTgwN2QtNzA1NWMyZTA0NzZm
LzEvWTJOc08tOVYwU3BrVTJ0d0V3cDA5VDlFMXRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW9CjAwQA
uWntAwQAuedyMA0GCSqGSIb3DQEBCwUAA4IBAQAs5Kv+KrCohCvr0+Jq6E3PSDHu
RUI+R7b87NXH7r5EWHQbuJhyDFk7PrzkOQD0x70+hT1nhCKqTk7ENk0ORPlnto8n
dWMg8PfGq0cqYH+oqS4UxsASiFl5LERKwBxAqgXs8BrFvc1DtxvAbmdIb6njQuI2
DSrA5DBNKdPTpiviQSpCGoLwRUJQMY6+B9iq1tojcly07oYJ6I5ne0rsONGvNpPh
3eVhc7Vsy4Qy22ZKjEwTjZuaYOjc32a8RAjRGO11VomTZAxX8dnzl30eREISqgw9
AuVFokBJugdqduSOrixIIkS3QBVCbffPGAEjJsMxqUj5CVsfoR1bEVbCrxJ2
-----END CERTIFICATE-----
Generated at Sun Apr 20 19:30:58 2025 by rpki-client