Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/c4a70e-f7a8-4aa0-98c6-23e09652b3d8/1/QcRSvk9-OK3B4s0aQqUcaV5fJSQ.roa
File: QcRSvk9-OK3B4s0aQqUcaV5fJSQ.roa (raw, json)
Hash identifier: stV7LephpD5dsyhhiCaS7aGNUsQ+0OX+tCrTTlV0N0A=
Subject key identifier: 41:C4:52:BE:4F:7E:38:AD:C1:E2:CD:1A:42:A5:1C:69:5E:5F:25:24
Certificate issuer: /CN=63c05afa0dc9a5f8f618c3ed2eec672ec38f6fef
Certificate serial: 0181D9B679F242876601BC764B3A168BE001
Authority key identifier: 63:C0:5A:FA:0D:C9:A5:F8:F6:18:C3:ED:2E:EC:67:2E:C3:8F:6F:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y8Ba-g3Jpfj2GMPtLuxnLsOPb-8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/c4a70e-f7a8-4aa0-98c6-23e09652b3d8/1/QcRSvk9-OK3B4s0aQqUcaV5fJSQ.roa
Signing time: Thu 07 Jul 2022 17:30:23 +0000
ROA not before: Thu 07 Jul 2022 17:30:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57350
IP address blocks: 91.231.217.0/24 maxlen: 24
91.231.216.0/24 maxlen: 24
185.41.116.0/23 maxlen: 23
185.41.118.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:d9:b6:79:f2:42:87:66:01:bc:76:4b:3a:16:8b:e0:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63c05afa0dc9a5f8f618c3ed2eec672ec38f6fef
Validity
Not Before: Jul 7 17:30:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=41c452be4f7e38adc1e2cd1a42a51c695e5f2524
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:2c:7c:cc:e8:75:28:e0:63:81:bc:0e:27:0c:
99:15:92:b2:90:de:55:45:e9:fd:be:3c:b1:c1:ff:
50:0a:73:57:ca:c2:fe:fb:71:c8:4a:04:0d:c7:70:
89:b4:6c:8d:e9:73:4f:38:0b:74:fe:aa:53:7e:25:
b1:72:84:fa:e8:72:e4:3e:a9:11:8a:00:ac:db:ec:
25:4e:71:0c:1b:b8:6b:f4:aa:c9:51:5d:18:52:66:
74:ba:ea:4f:46:95:65:a1:4a:d5:47:d5:17:0d:ed:
e6:39:32:a7:51:e6:0c:35:a6:f5:83:e4:2f:f3:15:
52:e4:15:25:86:20:d2:96:51:e2:ba:a0:a6:4e:6f:
2f:9b:5a:da:85:f2:d5:81:c2:ac:24:74:ad:d5:43:
36:5f:c5:e9:25:95:9d:22:0a:b5:1b:20:77:52:93:
af:06:50:b5:88:88:86:39:09:a3:e1:f2:f1:e2:dd:
ba:8d:d6:de:6c:56:8f:25:ee:04:98:83:17:8b:e6:
98:8c:d8:d4:5d:90:15:82:95:2b:bb:59:41:43:95:
b9:86:b0:e4:3f:08:a7:00:71:64:3f:26:af:54:e0:
dc:0b:0e:f5:1a:c3:85:bc:7f:31:8c:08:87:54:fb:
62:ec:25:b8:44:3b:cd:98:4b:74:aa:e2:5c:68:28:
bb:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:C4:52:BE:4F:7E:38:AD:C1:E2:CD:1A:42:A5:1C:69:5E:5F:25:24
X509v3 Authority Key Identifier:
keyid:63:C0:5A:FA:0D:C9:A5:F8:F6:18:C3:ED:2E:EC:67:2E:C3:8F:6F:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y8Ba-g3Jpfj2GMPtLuxnLsOPb-8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/c4a70e-f7a8-4aa0-98c6-23e09652b3d8/1/QcRSvk9-OK3B4s0aQqUcaV5fJSQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/c4a70e-f7a8-4aa0-98c6-23e09652b3d8/1/Y8Ba-g3Jpfj2GMPtLuxnLsOPb-8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.216.0/23
185.41.116.0/22
Signature Algorithm: sha256WithRSAEncryption
b5:34:a2:ef:10:0d:fa:2c:ae:dd:a3:ba:86:de:33:dd:3f:fd:
6f:f5:1c:7c:de:e3:45:27:9e:ff:c7:e1:32:1f:7b:60:d9:7b:
78:a9:a8:ec:46:18:88:9f:79:9d:50:bb:0c:26:e4:f7:3c:b3:
c7:d0:73:2f:b6:ed:a7:45:0a:c7:0f:18:e2:65:8e:6e:ff:eb:
10:f9:56:bd:c6:ce:1f:c8:7c:59:9c:42:5a:ea:d4:e1:8b:cd:
41:4d:d7:42:99:ac:89:42:90:9b:1b:93:4c:c3:cd:cc:aa:e8:
b2:cd:57:b8:f1:ac:99:ef:c5:91:77:28:a6:3e:f2:57:8b:eb:
d3:27:cd:67:4a:05:2d:55:79:d0:3f:f9:93:39:59:79:5d:1a:
c9:ba:57:63:73:31:af:20:e1:b0:75:04:03:59:97:4e:97:d5:
d6:45:4a:90:f1:2b:b8:c0:97:96:ed:9a:b0:2b:98:1b:da:04:
32:88:41:22:69:a4:e7:19:b0:33:47:c5:b1:79:83:3a:80:91:
d8:c8:92:21:12:70:09:ae:a2:85:5d:66:d4:90:49:cd:e8:54:
f4:db:92:1e:7a:8f:65:3e:c2:b0:2f:92:2f:83:c5:b8:36:a9:
d4:89:9c:01:9e:90:ef:c4:86:9c:99:76:cb:a5:4c:ef:8e:bc:
87:f3:8a:00
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYHZtnnyQodmAbx2SzoWi+ABMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzYzA1YWZhMGRjOWE1ZjhmNjE4YzNlZDJlZWM2NzJlYzM4
ZjZmZWYwHhcNMjIwNzA3MTczMDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWM0NTJiZTRmN2UzOGFkYzFlMmNkMWE0MmE1MWM2OTVlNWYyNTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmix8zOh1KOBjgbwOJwyZFZKykN5V
Ren9vjyxwf9QCnNXysL++3HISgQNx3CJtGyN6XNPOAt0/qpTfiWxcoT66HLkPqkR
igCs2+wlTnEMG7hr9KrJUV0YUmZ0uupPRpVloUrVR9UXDe3mOTKnUeYMNab1g+Qv
8xVS5BUlhiDSllHiuqCmTm8vm1rahfLVgcKsJHSt1UM2X8XpJZWdIgq1GyB3UpOv
BlC1iIiGOQmj4fLx4t26jdbebFaPJe4EmIMXi+aYjNjUXZAVgpUru1lBQ5W5hrDk
PwinAHFkPyavVODcCw71GsOFvH8xjAiHVPti7CW4RDvNmEt0quJcaCi7fwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEHEUr5PfjitweLNGkKlHGleXyUkMB8GA1UdIwQY
MBaAFGPAWvoNyaX49hjD7S7sZy7Dj2/vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWThCYS1nM0pwZmoyR01QdEx1eG5Mc09QYi04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9jNGE3MGUtZjdhOC00YWEwLTk4YzYt
MjNlMDk2NTJiM2Q4LzEvUWNSU3ZrOS1PSzNCNHMwYVFxVWNhVjVmSlNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9jNGE3MGUtZjdhOC00YWEwLTk4YzYtMjNlMDk2NTJiM2Q4
LzEvWThCYS1nM0pwZmoyR01QdEx1eG5Mc09QYi04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW+fYAwQC
uSl0MA0GCSqGSIb3DQEBCwUAA4IBAQC1NKLvEA36LK7do7qG3jPdP/1v9Rx83uNF
J57/x+EyH3tg2Xt4qajsRhiIn3mdULsMJuT3PLPH0HMvtu2nRQrHDxjiZY5u/+sQ
+Va9xs4fyHxZnEJa6tThi81BTddCmayJQpCbG5NMw83MquiyzVe48ayZ78WRdyim
PvJXi+vTJ81nSgUtVXnQP/mTOVl5XRrJuldjczGvIOGwdQQDWZdOl9XWRUqQ8Su4
wJeW7ZqwK5gb2gQyiEEiaaTnGbAzR8WxeYM6gJHYyJIhEnAJrqKFXWbUkEnN6FT0
25Ieeo9lPsKwL5Ivg8W4NqnUiZwBnpDvxIacmXbLpUzvjryH84oA
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:30 2023 by rpki-client on console.sobornost.net