Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/5fe0df-b008-4e94-99c6-b22695c703a9/1/2q8Nm8c-3HG25iBDLrwfdrHCRGA.roa
File: 2q8Nm8c-3HG25iBDLrwfdrHCRGA.roa (raw, json)
Hash identifier: CiR6echUb+xfh/1Pc5fsl1ztQOMXe05TipIu/06tzEU=
Subject key identifier: DA:AF:0D:9B:C7:3E:DC:71:B6:E6:20:43:2E:BC:1F:76:B1:C2:44:60
Certificate issuer: /CN=42267f5a6cf49bc43f2304de00f7705ec5b79fca
Certificate serial: 0184800554F74C7122DDB625BDDF77C79D64
Authority key identifier: 42:26:7F:5A:6C:F4:9B:C4:3F:23:04:DE:00:F7:70:5E:C5:B7:9F:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QiZ_Wmz0m8Q_IwTeAPdwXsW3n8o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/5fe0df-b008-4e94-99c6-b22695c703a9/1/2q8Nm8c-3HG25iBDLrwfdrHCRGA.roa
Signing time: Wed 16 Nov 2022 10:39:03 +0000
ROA not before: Wed 16 Nov 2022 10:39:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6830
IP address blocks: 193.8.58.0/23 maxlen: 23
193.8.60.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:80:05:54:f7:4c:71:22:dd:b6:25:bd:df:77:c7:9d:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42267f5a6cf49bc43f2304de00f7705ec5b79fca
Validity
Not Before: Nov 16 10:39:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=daaf0d9bc73edc71b6e620432ebc1f76b1c24460
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:15:ed:8c:65:03:96:97:6e:a6:ba:60:43:e2:
40:c7:5b:f6:24:8d:4b:cf:c9:6a:5b:95:bb:71:77:
bf:2e:9a:ea:fc:12:f0:67:da:6d:5c:80:c4:2e:23:
87:e0:f4:41:95:0c:a0:76:4c:78:9e:b5:83:d9:95:
55:f4:48:2c:fe:78:00:1f:2f:74:25:ac:3d:6a:e2:
b8:f7:81:a8:ed:c9:4c:e7:22:e6:a9:ab:61:38:54:
d1:97:53:e0:95:43:79:6d:67:65:cd:0f:ce:c8:25:
5c:83:2e:76:35:69:70:f7:66:82:43:7d:4f:db:61:
1f:00:25:e1:51:a1:12:bf:be:4b:95:ce:6f:05:b7:
15:4c:9d:56:8a:88:64:bb:bb:7c:e6:ca:23:85:34:
6d:9a:31:ed:fb:53:81:5a:8e:9e:36:e7:94:c4:08:
82:e1:7d:1c:21:60:59:bf:ee:a8:1c:cf:fc:90:d8:
5c:3f:d3:40:f2:5a:7f:b4:44:d5:46:e2:28:e9:df:
5b:22:0e:12:31:29:09:e3:df:6e:97:67:44:1a:1c:
d2:d9:bb:32:8b:3d:bd:0b:e3:5e:0c:3c:b3:59:06:
bf:0d:bc:13:da:49:1b:d3:d0:44:26:5d:c2:b6:80:
56:55:f6:11:21:88:74:59:b8:46:00:89:a4:f7:5e:
14:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:AF:0D:9B:C7:3E:DC:71:B6:E6:20:43:2E:BC:1F:76:B1:C2:44:60
X509v3 Authority Key Identifier:
keyid:42:26:7F:5A:6C:F4:9B:C4:3F:23:04:DE:00:F7:70:5E:C5:B7:9F:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QiZ_Wmz0m8Q_IwTeAPdwXsW3n8o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/5fe0df-b008-4e94-99c6-b22695c703a9/1/2q8Nm8c-3HG25iBDLrwfdrHCRGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/5fe0df-b008-4e94-99c6-b22695c703a9/1/QiZ_Wmz0m8Q_IwTeAPdwXsW3n8o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.8.58.0-193.8.60.255
Signature Algorithm: sha256WithRSAEncryption
8a:aa:ef:04:79:6d:ae:3b:da:9f:08:95:e6:97:9e:25:b1:85:
8f:55:8f:e7:44:12:17:89:6d:32:6e:c9:18:61:e7:f3:b9:b7:
6b:f1:67:da:e1:16:3c:ca:c7:73:9a:c9:6a:eb:b3:2c:1c:86:
8e:03:98:7e:c5:16:12:99:b0:d5:4e:89:f9:94:3f:62:d3:e6:
a6:a2:21:bc:7f:0b:2a:3a:a2:88:e8:ec:32:8e:6a:9f:39:5d:
df:3e:ec:9d:e1:09:ed:3e:a6:74:08:c2:eb:1a:91:7f:37:80:
04:a2:2b:0e:33:6e:71:5f:b8:e2:2d:0a:1b:40:1a:3d:5e:6c:
f8:5d:b8:47:c3:bc:5e:8f:1a:b5:82:4d:9a:b7:0e:d7:a7:38:
c5:a8:88:8c:de:d4:48:c8:97:ef:00:c1:a7:47:90:d4:de:36:
c3:b4:93:70:02:fd:4f:2e:ce:b6:d2:a3:b3:8e:a7:b9:d2:9b:
a5:10:7c:60:3a:0b:8a:22:c9:01:72:e6:6b:75:1e:fd:99:a8:
e2:04:75:03:f0:a6:c9:d2:60:28:02:6d:17:ad:b7:f7:1e:bc:
87:7f:2e:de:58:d1:13:8e:a5:d4:ba:68:ee:83:db:63:83:20:
84:80:ee:63:c0:bf:ff:51:4c:b1:f7:37:36:f6:7b:dd:de:fc:
23:62:e2:b8
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYSABVT3THEi3bYlvd93x51kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMjY3ZjVhNmNmNDliYzQzZjIzMDRkZTAwZjc3MDVlYzVi
NzlmY2EwHhcNMjIxMTE2MTAzOTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWFmMGQ5YmM3M2VkYzcxYjZlNjIwNDMyZWJjMWY3NmIxYzI0NDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBXtjGUDlpduprpgQ+JAx1v2JI1L
z8lqW5W7cXe/Lprq/BLwZ9ptXIDELiOH4PRBlQygdkx4nrWD2ZVV9Egs/ngAHy90
Jaw9auK494Go7clM5yLmqathOFTRl1PglUN5bWdlzQ/OyCVcgy52NWlw92aCQ31P
22EfACXhUaESv75Llc5vBbcVTJ1Wiohku7t85sojhTRtmjHt+1OBWo6eNueUxAiC
4X0cIWBZv+6oHM/8kNhcP9NA8lp/tETVRuIo6d9bIg4SMSkJ499ul2dEGhzS2bsy
iz29C+NeDDyzWQa/DbwT2kkb09BEJl3CtoBWVfYRIYh0WbhGAImk914UZQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNqvDZvHPtxxtuYgQy68H3axwkRgMB8GA1UdIwQY
MBaAFEImf1ps9JvEPyME3gD3cF7Ft5/KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWlaX1dtejBtOFFfSXdUZUFQZHdYc1czbjhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC81ZmUwZGYtYjAwOC00ZTk0LTk5YzYt
YjIyNjk1YzcwM2E5LzEvMnE4Tm04Yy0zSEcyNWlCRExyd2ZkckhDUkdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC81ZmUwZGYtYjAwOC00ZTk0LTk5YzYtYjIyNjk1YzcwM2E5
LzEvUWlaX1dtejBtOFFfSXdUZUFQZHdYc1czbjhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAHBCDoD
BADBCDwwDQYJKoZIhvcNAQELBQADggEBAIqq7wR5ba472p8IleaXniWxhY9Vj+dE
EheJbTJuyRhh5/O5t2vxZ9rhFjzKx3OayWrrsywcho4DmH7FFhKZsNVOifmUP2LT
5qaiIbx/Cyo6oojo7DKOap85Xd8+7J3hCe0+pnQIwusakX83gASiKw4zbnFfuOIt
ChtAGj1ebPhduEfDvF6PGrWCTZq3DtenOMWoiIze1EjIl+8AwadHkNTeNsO0k3AC
/U8uzrbSo7OOp7nSm6UQfGA6C4oiyQFy5mt1Hv2ZqOIEdQPwpsnSYCgCbRett/ce
vId/Lt5Y0ROOpdS6aO6D22ODIISA7mPAv/9RTLH3Nzb2e93e/CNi4rg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:18 2024 by rpki-client on console-ams.rpki-client.org