Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/nQDUPb0ygkUE3q296sEtnlO0ZP4.roa
File: nQDUPb0ygkUE3q296sEtnlO0ZP4.roa (raw, json)
Hash identifier: 5QhHgshVMigwpXyhYw2j0SNYGvZhOcE6uatWkdeY77k=
Subject key identifier: 9D:00:D4:3D:BD:32:82:45:04:DE:AD:BD:EA:C1:2D:9E:53:B4:64:FE
Certificate issuer: /CN=947320d030930178e6f7ceef91d2ab8784d3dc16
Certificate serial: 040722D9
Authority key identifier: 94:73:20:D0:30:93:01:78:E6:F7:CE:EF:91:D2:AB:87:84:D3:DC:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lHMg0DCTAXjm987vkdKrh4TT3BY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/nQDUPb0ygkUE3q296sEtnlO0ZP4.roa
Signing time: Thu 21 Apr 2022 11:44:33 +0000
ROA not before: Thu 21 Apr 2022 11:44:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62005
IP address blocks: 185.123.53.0/24 maxlen: 24
2a10:1fc0:1::/48 maxlen: 48
2a10:1fc0:2::/48 maxlen: 48
2a10:1fc0:5::/48 maxlen: 48
2a10:1fc0:3::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67576537 (0x40722d9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=947320d030930178e6f7ceef91d2ab8784d3dc16
Validity
Not Before: Apr 21 11:44:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9d00d43dbd32824504deadbdeac12d9e53b464fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:7b:da:e2:d3:86:6b:24:f7:07:a2:74:1a:a3:
13:21:48:6a:d1:fd:2b:97:54:0a:15:c4:aa:39:38:
8f:e1:3f:c6:95:75:f2:78:ae:97:ee:ce:f1:e7:c2:
4b:7e:04:29:ea:b8:c9:53:47:e1:f4:bb:ac:62:dd:
de:d9:23:c2:2c:b1:83:bf:b7:54:e9:e7:f4:ca:1b:
00:1a:d3:fa:5a:0d:24:7f:03:8b:40:c6:9c:10:d1:
d3:16:d0:18:a6:f8:14:cd:4a:12:0d:2c:42:90:02:
ec:de:e8:2c:73:31:06:73:d6:93:34:3d:73:07:c5:
9b:93:6e:76:3f:fd:c9:df:f6:a4:17:2e:c8:3f:d8:
85:9b:99:50:b1:8c:3c:f5:46:59:a0:b6:81:93:bd:
1c:3c:47:3d:56:5d:41:7a:f1:25:0e:05:55:a8:7d:
de:33:2d:e4:d4:7a:f0:df:48:90:44:cb:e7:7c:4b:
aa:1e:2a:0d:a9:ee:5e:1f:49:9a:96:cd:39:db:d8:
2d:01:11:31:6a:4b:97:31:75:0e:2b:85:eb:b4:0b:
77:21:b7:b9:33:b2:23:a0:4d:51:89:9d:54:bc:8f:
54:95:c3:22:12:a7:6a:fe:83:e7:69:bf:cb:a6:86:
00:54:c0:32:25:6d:f6:f1:46:69:3b:30:79:a0:23:
39:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:00:D4:3D:BD:32:82:45:04:DE:AD:BD:EA:C1:2D:9E:53:B4:64:FE
X509v3 Authority Key Identifier:
keyid:94:73:20:D0:30:93:01:78:E6:F7:CE:EF:91:D2:AB:87:84:D3:DC:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lHMg0DCTAXjm987vkdKrh4TT3BY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/nQDUPb0ygkUE3q296sEtnlO0ZP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/lHMg0DCTAXjm987vkdKrh4TT3BY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.123.53.0/24
IPv6:
2a10:1fc0:1::-2a10:1fc0:3:ffff:ffff:ffff:ffff:ffff
2a10:1fc0:5::/48
Signature Algorithm: sha256WithRSAEncryption
1b:96:48:eb:8d:1e:92:b6:fb:5f:3f:73:12:48:91:fa:0d:40:
d3:4e:80:74:c3:4a:27:08:c7:5b:57:9c:55:b5:7f:ca:91:d4:
19:7d:f1:67:84:90:26:b3:9c:f8:1f:5e:74:37:07:22:91:0e:
7b:a2:13:8b:32:a6:d7:74:a4:e3:dc:7f:33:89:f4:32:93:32:
e1:44:c0:08:7d:50:0c:26:59:ce:74:5d:8a:7b:23:55:18:89:
d9:4c:5a:99:1f:9f:ae:1b:92:e5:a9:f6:d0:01:66:12:54:98:
e1:b3:54:f0:a9:6c:02:db:e7:78:53:19:2c:83:96:b3:d3:ae:
29:e2:ee:a8:4b:1a:0c:a1:6a:98:f3:16:2c:ca:8a:a2:d5:93:
5c:82:48:60:ba:50:4c:7b:43:49:03:25:1c:ee:c2:e7:f8:ee:
f2:07:0b:0e:c6:ec:5c:42:e2:25:03:62:e2:58:e6:46:12:22:
c5:68:cf:f6:01:c7:82:1c:a9:a3:d6:5c:49:50:5a:fd:7f:2f:
37:ef:ac:70:d4:67:5f:f2:b4:93:39:e3:03:00:46:8d:38:27:
cf:d1:ba:30:fa:c8:32:ab:f3:54:b1:8a:6f:49:12:fc:af:7a:
52:d1:19:58:6d:e1:5e:99:33:be:e8:f3:4e:94:22:b7:bc:7f:
0c:21:aa:01
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgIEBAci2TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDczMjBkMDMwOTMwMTc4ZTZmN2NlZWY5MWQyYWI4Nzg0ZDNkYzE2MB4XDTIyMDQy
MTExNDQzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWQwMGQ0M2RiZDMy
ODI0NTA0ZGVhZGJkZWFjMTJkOWU1M2I0NjRmZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ972uLThmsk9weidBqjEyFIatH9K5dUChXEqjk4j+E/xpV1
8niul+7O8efCS34EKeq4yVNH4fS7rGLd3tkjwiyxg7+3VOnn9MobABrT+loNJH8D
i0DGnBDR0xbQGKb4FM1KEg0sQpAC7N7oLHMxBnPWkzQ9cwfFm5Nudj/9yd/2pBcu
yD/YhZuZULGMPPVGWaC2gZO9HDxHPVZdQXrxJQ4FVah93jMt5NR68N9IkETL53xL
qh4qDanuXh9JmpbNOdvYLQERMWpLlzF1DiuF67QLdyG3uTOyI6BNUYmdVLyPVJXD
IhKnav6D52m/y6aGAFTAMiVt9vFGaTsweaAjOXMCAwEAAaOCAi4wggIqMB0GA1Ud
DgQWBBSdANQ9vTKCRQTerb3qwS2eU7Rk/jAfBgNVHSMEGDAWgBSUcyDQMJMBeOb3
zu+R0quHhNPcFjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xITWcwRENUQVhqbTk4N3ZrZEtyaDRUVDNCWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODQvODJlODc2LWM5OTctNDYwNS04N2FhLThhYzRhMjE5MzhiNC8x
L25RRFVQYjB5Z2tVRTNxMjk2c0V0bmxPMFpQNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODQv
ODJlODc2LWM5OTctNDYwNS04N2FhLThhYzRhMjE5MzhiNC8xL2xITWcwRENUQVhq
bTk4N3ZrZEtyaDRUVDNCWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBE
BggrBgEFBQcBBwEB/wQ1MDMwDAQCAAEwBgMEALl7NTAjBAIAAjAdMBIDBwAqEB/A
AAEDBwIqEB/AAAADBwAqEB/AAAUwDQYJKoZIhvcNAQELBQADggEBABuWSOuNHpK2
+18/cxJIkfoNQNNOgHTDSicIx1tXnFW1f8qR1Bl98WeEkCaznPgfXnQ3ByKRDnui
E4syptd0pOPcfzOJ9DKTMuFEwAh9UAwmWc50XYp7I1UYidlMWpkfn64bkuWp9tAB
ZhJUmOGzVPCpbALb53hTGSyDlrPTrini7qhLGgyhapjzFizKiqLVk1yCSGC6UEx7
Q0kDJRzuwuf47vIHCw7G7FxC4iUDYuJY5kYSIsVoz/YBx4IcqaPWXElQWv1/Lzfv
rHDUZ1/ytJM54wMARo04J8/RujD6yDKr81Sxim9JEvyvelLRGVht4V6ZM77o806U
Ire8fwwhqgE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:49 2023 by rpki-client on console-fra.rpki-client.org