Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/QZMj73pkCqw3LH8OTnkvRvg-UQY.roa
File: QZMj73pkCqw3LH8OTnkvRvg-UQY.roa (raw, json)
Hash identifier: oRKiElo2xz9Lapb1x9+XfR1X1fveJxC+dlbnwFW4ED0=
Subject key identifier: 41:93:23:EF:7A:64:0A:AC:37:2C:7F:0E:4E:79:2F:46:F8:3E:51:06
Certificate issuer: /CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Certificate serial: 01840D357257E07AE9E3B907304695AD7D44
Authority key identifier: 63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/QZMj73pkCqw3LH8OTnkvRvg-UQY.roa
Signing time: Tue 25 Oct 2022 03:35:17 +0000
ROA not before: Tue 25 Oct 2022 03:35:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29119
IP address blocks: 185.126.156.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0d:35:72:57:e0:7a:e9:e3:b9:07:30:46:95:ad:7d:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Validity
Not Before: Oct 25 03:35:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=419323ef7a640aac372c7f0e4e792f46f83e5106
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:64:d9:b6:b2:62:fe:82:d3:1b:ab:8a:86:27:
dc:5a:86:72:7a:b9:d6:47:f8:22:c1:c0:04:b7:f0:
03:66:c3:88:ae:90:9c:9b:c4:c4:b9:c9:3e:83:68:
c4:1c:2a:97:4d:fa:29:66:e0:4c:06:40:ed:07:9d:
76:c2:7c:58:1a:01:6e:80:6b:13:38:ef:8d:0a:cd:
07:be:eb:0a:45:59:12:e7:c7:0f:1d:0c:b2:43:1e:
39:7b:09:dc:48:01:9c:26:6b:9b:20:2e:e7:f5:85:
2b:b2:b7:0e:56:0d:8f:78:77:22:b2:fc:4c:b4:b5:
d9:ad:a8:39:68:15:1e:4d:4e:03:b0:da:45:e7:ee:
0c:3b:1b:ca:a3:ba:cc:cf:72:7f:fc:19:8f:1c:9c:
88:c1:b6:5b:ae:08:cf:aa:1b:28:16:30:a1:9c:22:
b1:0d:00:3a:3b:dd:3b:f3:fe:a7:cb:1a:07:a4:f8:
1c:51:c8:e0:ab:33:27:8b:69:84:16:ae:16:30:eb:
a1:8b:27:ea:64:63:eb:fa:82:f2:2b:da:7e:a8:33:
9f:90:cd:6d:d5:c7:38:1f:ff:5f:d6:11:81:82:56:
47:40:76:34:73:60:76:72:b2:05:79:3a:88:90:f5:
48:a1:db:d1:04:eb:90:4a:21:02:c7:91:84:eb:27:
37:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:93:23:EF:7A:64:0A:AC:37:2C:7F:0E:4E:79:2F:46:F8:3E:51:06
X509v3 Authority Key Identifier:
keyid:63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/QZMj73pkCqw3LH8OTnkvRvg-UQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.126.156.0/23
Signature Algorithm: sha256WithRSAEncryption
50:5f:06:9d:ae:02:0b:33:6f:2a:9f:6a:2f:74:2f:84:b4:d1:
31:8d:8e:89:5b:e2:c4:90:59:9d:b4:d9:92:5e:c8:78:d4:2e:
af:61:fb:ee:a8:fe:28:6a:e3:a4:26:8c:dc:09:87:13:25:13:
0f:fc:51:ec:fd:04:c3:51:9c:7d:51:dc:20:02:a5:2d:ad:22:
40:30:f4:ab:2f:31:ed:a5:b5:e9:6c:b2:33:75:e1:59:9d:3d:
1d:6f:b9:b8:2b:f6:36:a4:2c:b6:07:16:0c:91:af:05:3f:33:
2c:16:9b:b2:b8:7c:95:f4:58:3d:cc:b6:0e:c0:25:14:57:04:
a2:4e:23:9f:7b:08:a9:98:f7:f2:4f:ea:3e:57:4d:f0:5e:ec:
42:02:7d:a6:d2:a2:94:19:52:a6:8e:ac:d3:8f:e3:6a:b8:5e:
66:ba:83:47:21:80:2d:0d:c3:40:9c:c8:91:bf:4a:54:e3:ce:
32:34:49:5d:02:b6:7c:18:88:39:2f:92:f8:1a:07:66:03:91:
d7:ee:34:a8:11:1f:06:4b:f3:e3:79:37:69:71:6e:b2:71:89:
96:07:91:33:6c:84:07:a1:46:e7:c3:2d:cb:66:b8:98:37:71:
77:91:41:43:7c:0b:ae:82:c2:4f:86:a8:ab:69:ce:7d:7d:f1:
4b:3f:74:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQNNXJX4Hrp47kHMEaVrX1EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNjNiYjY1ODk1ZjNhNTRhNGIzMjRhMTBjNzlhYzk4ZWZl
MmExY2EwHhcNMjIxMDI1MDMzNTE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTkzMjNlZjdhNjQwYWFjMzcyYzdmMGU0ZTc5MmY0NmY4M2U1MTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmTZtrJi/oLTG6uKhifcWoZyernW
R/giwcAEt/ADZsOIrpCcm8TEuck+g2jEHCqXTfopZuBMBkDtB512wnxYGgFugGsT
OO+NCs0HvusKRVkS58cPHQyyQx45ewncSAGcJmubIC7n9YUrsrcOVg2PeHcisvxM
tLXZrag5aBUeTU4DsNpF5+4MOxvKo7rMz3J//BmPHJyIwbZbrgjPqhsoFjChnCKx
DQA6O9078/6nyxoHpPgcUcjgqzMni2mEFq4WMOuhiyfqZGPr+oLyK9p+qDOfkM1t
1cc4H/9f1hGBglZHQHY0c2B2crIFeTqIkPVIodvRBOuQSiECx5GE6yc3GQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEGTI+96ZAqsNyx/Dk55L0b4PlEGMB8GA1UdIwQY
MBaAFGNju2WJXzpUpLMkoQx5rJjv4qHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMt
YTZjYTQ1NGRiMmQ3LzEvUVpNajczcGtDcXczTEg4T1Rua3ZSdmctVVFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMtYTZjYTQ1NGRiMmQ3
LzEvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuX6cMA0G
CSqGSIb3DQEBCwUAA4IBAQBQXwadrgILM28qn2ovdC+EtNExjY6JW+LEkFmdtNmS
Xsh41C6vYfvuqP4oauOkJozcCYcTJRMP/FHs/QTDUZx9UdwgAqUtrSJAMPSrLzHt
pbXpbLIzdeFZnT0db7m4K/Y2pCy2BxYMka8FPzMsFpuyuHyV9Fg9zLYOwCUUVwSi
TiOfewipmPfyT+o+V03wXuxCAn2m0qKUGVKmjqzTj+NquF5muoNHIYAtDcNAnMiR
v0pU484yNEldArZ8GIg5L5L4GgdmA5HX7jSoER8GS/PjeTdpcW6ycYmWB5EzbIQH
oUbnwy3LZriYN3F3kUFDfAuugsJPhqirac59ffFLP3RQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:45 2024 by rpki-client on console-fra.rpki-client.org