Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/de5add-ac68-4fb1-8419-3180ae4274f3/1/q4sjzG81EXe4l1h23tCzdcgBK24.roa
File: q4sjzG81EXe4l1h23tCzdcgBK24.roa (raw, json)
Hash identifier: yEKkrPI2l8MRkr7kkDdWEoMhopEsZ9u7D/mWs8bhauk=
Subject key identifier: AB:8B:23:CC:6F:35:11:77:B8:97:58:76:DE:D0:B3:75:C8:01:2B:6E
Certificate issuer: /CN=5949b31ebb6e4cbbd0cc770cc6f4d50f78f0eb7b
Certificate serial: 0923D069
Authority key identifier: 59:49:B3:1E:BB:6E:4C:BB:D0:CC:77:0C:C6:F4:D5:0F:78:F0:EB:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WUmzHrtuTLvQzHcMxvTVD3jw63s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/de5add-ac68-4fb1-8419-3180ae4274f3/1/q4sjzG81EXe4l1h23tCzdcgBK24.roa
Signing time: Fri 11 Feb 2022 11:08:48 +0000
ROA not before: Fri 11 Feb 2022 11:08:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16236
IP address blocks: 194.104.188.0/24 maxlen: 24
194.104.191.0/24 maxlen: 24
194.104.189.0/24 maxlen: 24
194.104.190.0/24 maxlen: 24
2a00:ec20::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 153342057 (0x923d069)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5949b31ebb6e4cbbd0cc770cc6f4d50f78f0eb7b
Validity
Not Before: Feb 11 11:08:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ab8b23cc6f351177b8975876ded0b375c8012b6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:bd:bc:00:7f:d4:7b:48:b0:1c:6b:db:87:6b:
06:c6:51:20:63:b7:45:95:b9:ef:03:5d:dc:12:02:
02:ab:5b:9e:2d:33:b6:cc:19:e4:bc:74:46:b0:b0:
e3:a8:4a:45:88:d0:a0:39:ad:6b:c1:55:e3:50:45:
85:17:43:bf:e2:17:0f:81:ae:e4:d9:2b:3f:5b:03:
7c:b0:b0:e7:9c:89:e0:f0:34:7c:e1:4e:7e:bb:50:
4c:38:e8:83:ad:72:d1:2e:5b:3a:77:10:38:87:0f:
e6:d2:00:1b:4b:e2:cd:22:b1:83:eb:4b:ee:12:63:
8e:1e:45:95:26:d4:51:c5:4f:6a:23:a8:56:6a:c5:
02:07:6e:3b:01:cc:e6:26:17:3c:82:b6:b9:f1:fc:
0d:99:1a:bf:2b:8b:0d:40:e7:56:df:a1:c7:88:e2:
0b:b0:b3:af:cb:c3:a6:95:bf:2c:2a:d6:fc:02:89:
64:b0:28:70:40:c5:03:ff:1b:79:a7:2c:a8:d5:3a:
ee:6c:77:44:11:43:f8:30:fc:10:76:8c:96:7a:57:
73:24:d0:36:1f:dc:48:bd:41:a0:dc:4d:c1:b5:1b:
9d:9d:11:a0:c0:a2:fd:a4:f6:59:68:d0:cf:dc:24:
e3:c7:d5:96:68:d8:80:64:4d:94:d2:67:ec:bf:f7:
24:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:8B:23:CC:6F:35:11:77:B8:97:58:76:DE:D0:B3:75:C8:01:2B:6E
X509v3 Authority Key Identifier:
keyid:59:49:B3:1E:BB:6E:4C:BB:D0:CC:77:0C:C6:F4:D5:0F:78:F0:EB:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WUmzHrtuTLvQzHcMxvTVD3jw63s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/de5add-ac68-4fb1-8419-3180ae4274f3/1/q4sjzG81EXe4l1h23tCzdcgBK24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/de5add-ac68-4fb1-8419-3180ae4274f3/1/WUmzHrtuTLvQzHcMxvTVD3jw63s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.104.188.0/22
IPv6:
2a00:ec20::/32
Signature Algorithm: sha256WithRSAEncryption
89:45:96:be:09:89:93:ae:ca:9a:f4:6b:04:e5:60:de:3f:26:
e2:fe:7e:e1:b9:b1:12:54:c3:c2:75:67:76:d1:aa:3c:c2:12:
53:10:b8:c8:4c:e6:02:da:4a:02:be:07:79:72:e8:29:5b:f2:
07:20:3f:b9:cf:46:89:80:15:0a:76:4e:ab:1f:4b:d1:19:b6:
1b:99:a2:5b:81:83:3e:80:6e:d8:f2:67:37:8c:e7:24:c1:8d:
c9:cd:89:01:29:05:4e:3c:ef:d8:dc:98:d1:83:c9:5b:b4:16:
a3:d7:e0:00:db:09:e9:32:46:09:75:cc:31:2e:16:65:94:76:
a3:de:89:2b:d8:61:21:8e:7b:70:e6:21:a6:5a:a3:61:5a:5e:
c4:d1:e7:24:9f:4e:c6:52:85:1d:9d:69:a7:cc:a8:e9:a1:c0:
9c:89:39:b0:45:8b:be:f9:c7:fa:60:6f:0b:eb:6b:64:93:37:
7a:f1:58:b3:64:b0:30:3f:93:62:0f:ba:75:f3:a5:1d:7f:5b:
ed:6e:ae:34:d9:96:aa:4f:13:ac:3a:86:e0:21:df:ac:e6:e0:
b5:f8:5d:91:8e:8e:b3:01:6c:58:69:5a:6e:cc:fd:58:75:67:
f0:91:e6:82:23:8f:f4:c2:2a:be:a0:26:39:2c:ff:21:f4:29:
7c:5b:5c:6e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECSPQaTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
OTQ5YjMxZWJiNmU0Y2JiZDBjYzc3MGNjNmY0ZDUwZjc4ZjBlYjdiMB4XDTIyMDIx
MTExMDg0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWI4YjIzY2M2ZjM1
MTE3N2I4OTc1ODc2ZGVkMGIzNzVjODAxMmI2ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALa9vAB/1HtIsBxr24drBsZRIGO3RZW57wNd3BICAqtbni0z
tswZ5Lx0RrCw46hKRYjQoDmta8FV41BFhRdDv+IXD4Gu5NkrP1sDfLCw55yJ4PA0
fOFOfrtQTDjog61y0S5bOncQOIcP5tIAG0vizSKxg+tL7hJjjh5FlSbUUcVPaiOo
VmrFAgduOwHM5iYXPIK2ufH8DZkavyuLDUDnVt+hx4jiC7Czr8vDppW/LCrW/AKJ
ZLAocEDFA/8beacsqNU67mx3RBFD+DD8EHaMlnpXcyTQNh/cSL1BoNxNwbUbnZ0R
oMCi/aT2WWjQz9wk48fVlmjYgGRNlNJn7L/3JIkCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSriyPMbzURd7iXWHbe0LN1yAErbjAfBgNVHSMEGDAWgBRZSbMeu25Mu9DM
dwzG9NUPePDrezAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dVbXpIcnR1VEx2UXpIY014dlRWRDNqdzYzcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDgvZGU1YWRkLWFjNjgtNGZiMS04NDE5LTMxODBhZTQyNzRmMy8x
L3E0c2p6RzgxRVhlNGwxaDIzdEN6ZGNnQksyNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDgv
ZGU1YWRkLWFjNjgtNGZiMS04NDE5LTMxODBhZTQyNzRmMy8xL1dVbXpIcnR1VEx2
UXpIY014dlRWRDNqdzYzcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAsJovDANBAIAAjAHAwUAKgDsIDAN
BgkqhkiG9w0BAQsFAAOCAQEAiUWWvgmJk67KmvRrBOVg3j8m4v5+4bmxElTDwnVn
dtGqPMISUxC4yEzmAtpKAr4HeXLoKVvyByA/uc9GiYAVCnZOqx9L0Rm2G5miW4GD
PoBu2PJnN4znJMGNyc2JASkFTjzv2NyY0YPJW7QWo9fgANsJ6TJGCXXMMS4WZZR2
o96JK9hhIY57cOYhplqjYVpexNHnJJ9OxlKFHZ1pp8yo6aHAnIk5sEWLvvnH+mBv
C+trZJM3evFYs2SwMD+TYg+6dfOlHX9b7W6uNNmWqk8TrDqG4CHfrObgtfhdkY6O
swFsWGlabsz9WHVn8JHmgiOP9MIqvqAmOSz/IfQpfFtcbg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:48 2024 by rpki-client on console-fra.rpki-client.org