Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/Q-csaZA6eW9sbkRQ-HH_1swVfdc.roa
File: Q-csaZA6eW9sbkRQ-HH_1swVfdc.roa (raw, json)
Hash identifier: BqRM9NjU71uLNSQPmYvnl9eyDu2Q328IDHaa3GoxWco=
Subject key identifier: 43:E7:2C:69:90:3A:79:6F:6C:6E:44:50:F8:71:FF:D6:CC:15:7D:D7
Certificate issuer: /CN=3474210c28413e26284822abe83ad6d7c0f764fa
Certificate serial: 0EE3D931
Authority key identifier: 34:74:21:0C:28:41:3E:26:28:48:22:AB:E8:3A:D6:D7:C0:F7:64:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NHQhDChBPiYoSCKr6DrW18D3ZPo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/Q-csaZA6eW9sbkRQ-HH_1swVfdc.roa
Signing time: Sat 01 Jan 2022 13:56:02 +0000
ROA not before: Sat 01 Jan 2022 13:56:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34224
IP address blocks: 185.161.232.0/22 maxlen: 24
185.68.44.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 249813297 (0xee3d931)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3474210c28413e26284822abe83ad6d7c0f764fa
Validity
Not Before: Jan 1 13:56:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=43e72c69903a796f6c6e4450f871ffd6cc157dd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:7d:d9:ab:15:7e:32:0e:a6:92:e8:04:06:7f:
8d:af:60:c7:94:33:42:e2:2e:28:e9:76:7c:78:5c:
ca:f4:53:03:d2:b7:49:7a:e4:34:45:eb:cc:a0:47:
f2:c4:e8:ba:d6:05:ae:18:69:3c:6b:06:b6:97:37:
b2:19:bf:76:29:30:75:2e:f7:7a:f4:ec:bc:2b:b4:
ee:d4:08:30:d0:aa:ba:a0:82:8d:91:5c:71:dd:53:
ab:16:56:86:ff:77:4e:c3:bf:47:19:74:01:ca:ae:
6f:38:de:ab:59:8c:61:7c:8d:ab:4d:d5:c6:52:86:
3d:ff:9b:3d:93:d2:31:ce:f5:6a:2b:30:5f:89:cb:
89:84:91:12:ae:c0:8a:56:86:69:fe:24:83:0f:2e:
77:a4:fc:ad:78:f1:61:fe:8c:39:68:c3:6d:c9:c2:
8c:f1:9c:6c:a7:1d:97:1e:0a:bc:f1:8b:34:49:13:
4a:47:60:83:ea:af:65:36:6b:18:8f:be:2a:59:0b:
63:9a:60:6e:f6:58:38:bf:77:99:56:d1:a4:fd:55:
89:21:eb:e6:c0:8b:6d:47:71:b9:0c:38:01:3c:08:
c5:89:0e:a0:c8:3d:1c:f6:ef:2f:34:11:8a:e4:f7:
35:51:27:1d:1e:6f:53:3c:59:b3:27:fa:fb:b1:28:
9e:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:E7:2C:69:90:3A:79:6F:6C:6E:44:50:F8:71:FF:D6:CC:15:7D:D7
X509v3 Authority Key Identifier:
keyid:34:74:21:0C:28:41:3E:26:28:48:22:AB:E8:3A:D6:D7:C0:F7:64:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHQhDChBPiYoSCKr6DrW18D3ZPo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/Q-csaZA6eW9sbkRQ-HH_1swVfdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/NHQhDChBPiYoSCKr6DrW18D3ZPo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.68.44.0/22
185.161.232.0/22
Signature Algorithm: sha256WithRSAEncryption
71:5f:be:8f:de:61:64:42:ea:60:ee:43:86:ea:99:66:05:b1:
2e:14:5c:0f:48:ca:e9:79:96:32:37:36:1e:b1:bd:c3:99:b2:
00:9f:7c:7a:dd:a8:21:3d:e2:8f:86:7b:b0:44:11:44:22:41:
86:21:ac:a3:d9:f6:ec:3e:ad:cb:25:40:38:3c:49:63:83:37:
75:e7:dd:73:ef:55:a4:f9:59:ee:b6:56:af:7f:f3:1d:86:24:
39:ef:ac:e1:04:7b:74:d0:42:68:6f:e9:ac:21:7b:46:6b:8b:
4c:51:33:1d:29:2e:9d:5f:56:6c:5f:ee:87:1b:45:3d:9b:be:
d8:16:74:07:f7:b2:62:fc:aa:bb:ae:a6:76:86:72:13:42:97:
c3:a1:8a:ea:43:e0:02:c7:bc:0b:55:26:10:ad:0c:c2:83:90:
a7:bb:7f:52:26:fc:de:fb:f9:9f:3f:e5:d6:b4:c6:e2:02:73:
57:b8:04:7b:62:ca:59:00:4a:e6:d3:8f:f6:9e:b0:23:d4:c3:
2d:2d:31:83:6f:dc:94:6f:67:53:49:20:39:49:ba:02:49:76:
f3:91:ca:0b:e1:78:a7:33:87:60:5e:97:12:88:10:0b:0b:75:
5c:eb:5b:fa:7d:35:f3:79:6b:ce:ec:d1:26:4e:b5:8a:2d:4c:
fa:88:97:24
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEDuPZMTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NDc0MjEwYzI4NDEzZTI2Mjg0ODIyYWJlODNhZDZkN2MwZjc2NGZhMB4XDTIyMDEw
MTEzNTYwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDNlNzJjNjk5MDNh
Nzk2ZjZjNmU0NDUwZjg3MWZmZDZjYzE1N2RkNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAId92asVfjIOppLoBAZ/ja9gx5QzQuIuKOl2fHhcyvRTA9K3
SXrkNEXrzKBH8sToutYFrhhpPGsGtpc3shm/dikwdS73evTsvCu07tQIMNCquqCC
jZFccd1TqxZWhv93TsO/Rxl0Acqubzjeq1mMYXyNq03VxlKGPf+bPZPSMc71aisw
X4nLiYSREq7AilaGaf4kgw8ud6T8rXjxYf6MOWjDbcnCjPGcbKcdlx4KvPGLNEkT
Skdgg+qvZTZrGI++KlkLY5pgbvZYOL93mVbRpP1ViSHr5sCLbUdxuQw4ATwIxYkO
oMg9HPbvLzQRiuT3NVEnHR5vUzxZsyf6+7EonvsCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRD5yxpkDp5b2xuRFD4cf/WzBV91zAfBgNVHSMEGDAWgBQ0dCEMKEE+JihI
IqvoOtbXwPdk+jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05IUWhEQ2hCUGlZb1NDS3I2RHJXMThEM1pQby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjMvM2U5OTE2LTRmOGEtNGIwOC04OWM5LWIwYzc0Yjc2ZTE4Mi8x
L1EtY3NhWkE2ZVc5c2JrUlEtSEhfMXN3VmZkYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjMv
M2U5OTE2LTRmOGEtNGIwOC04OWM5LWIwYzc0Yjc2ZTE4Mi8xL05IUWhEQ2hCUGlZ
b1NDS3I2RHJXMThEM1pQby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArlELAMEArmh6DANBgkqhkiG9w0B
AQsFAAOCAQEAcV++j95hZELqYO5DhuqZZgWxLhRcD0jK6XmWMjc2HrG9w5myAJ98
et2oIT3ij4Z7sEQRRCJBhiGso9n27D6tyyVAODxJY4M3defdc+9VpPlZ7rZWr3/z
HYYkOe+s4QR7dNBCaG/prCF7RmuLTFEzHSkunV9WbF/uhxtFPZu+2BZ0B/eyYvyq
u66mdoZyE0KXw6GK6kPgAse8C1UmEK0MwoOQp7t/Uib83vv5nz/l1rTG4gJzV7gE
e2LKWQBK5tOP9p6wI9TDLS0xg2/clG9nU0kgOUm6Akl285HKC+F4pzOHYF6XEogQ
Cwt1XOtb+n0183lrzuzRJk61ii1M+oiXJA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:36 2024 by rpki-client on console-ams.rpki-client.org