Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/AFP0_Q3ZEj0LEqZG-QAkUU95bks.roa
File: AFP0_Q3ZEj0LEqZG-QAkUU95bks.roa (raw, json)
Hash identifier: OPLcbt0EE0tErpuJw45ENY9RApS46zqsgT1ITlBVazI=
Subject key identifier: 00:53:F4:FD:0D:D9:12:3D:0B:12:A6:46:F9:00:24:51:4F:79:6E:4B
Certificate issuer: /CN=a85310f503137ae8b35d4f329f46f069dd703815
Certificate serial: 0184758380C1089FDE6C2BAE483539C0E97E
Authority key identifier: A8:53:10:F5:03:13:7A:E8:B3:5D:4F:32:9F:46:F0:69:DD:70:38:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/AFP0_Q3ZEj0LEqZG-QAkUU95bks.roa
Signing time: Mon 14 Nov 2022 09:41:03 +0000
ROA not before: Mon 14 Nov 2022 09:41:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212384
IP address blocks: 146.19.85.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:75:83:80:c1:08:9f:de:6c:2b:ae:48:35:39:c0:e9:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a85310f503137ae8b35d4f329f46f069dd703815
Validity
Not Before: Nov 14 09:41:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0053f4fd0dd9123d0b12a646f90024514f796e4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:85:a8:1f:0c:92:e0:89:a0:e8:2c:e2:14:4a:
15:40:30:5f:c7:66:5b:74:f4:9c:42:34:47:99:d0:
64:d0:1c:2e:b6:74:27:da:76:ce:9b:1e:a6:8a:98:
53:10:ca:0e:0e:b6:e2:2b:15:0a:64:0f:ac:58:60:
b5:4e:a5:68:48:b0:6c:95:7f:ae:df:19:f6:c9:24:
21:d1:e5:cd:0a:c9:71:cd:39:25:b8:09:cf:58:50:
ca:de:50:46:8b:87:8e:2d:0e:11:1e:82:18:be:34:
18:68:76:cf:28:29:72:eb:e1:48:0f:b4:78:ca:41:
d0:ef:01:a1:20:85:c3:b4:80:6b:ee:e8:15:64:ba:
4a:0c:37:3a:86:79:c3:85:ba:62:98:54:84:f4:0a:
86:75:ab:78:d3:5a:38:29:cf:f2:06:c5:89:d8:16:
a8:6c:42:e9:28:97:19:9b:93:a1:f0:23:8e:80:75:
65:40:fb:60:46:51:e8:8c:ea:28:cf:07:b7:0a:13:
3b:38:c5:21:2b:87:9d:9d:fb:73:93:9a:95:78:04:
66:d3:22:46:71:3e:db:e4:6d:3a:e0:0c:6c:06:ae:
37:9a:04:e9:7e:ab:90:25:b4:2c:36:c8:7b:35:7a:
84:c0:17:63:39:c3:48:af:b7:2e:97:81:3c:0c:3c:
be:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:53:F4:FD:0D:D9:12:3D:0B:12:A6:46:F9:00:24:51:4F:79:6E:4B
X509v3 Authority Key Identifier:
keyid:A8:53:10:F5:03:13:7A:E8:B3:5D:4F:32:9F:46:F0:69:DD:70:38:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/AFP0_Q3ZEj0LEqZG-QAkUU95bks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/qFMQ9QMTeuizXU8yn0bwad1wOBU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.85.0/24
Signature Algorithm: sha256WithRSAEncryption
77:3a:0b:4c:cd:07:2d:94:31:53:e4:0e:bf:22:60:0d:bd:c3:
2b:f1:34:36:e5:ea:c0:e4:dd:31:bb:29:d7:52:50:12:fc:dd:
d9:d9:1b:bd:2e:3c:3a:df:0f:8c:e3:7c:2c:c5:77:91:12:3c:
ae:04:7e:98:61:4c:0f:ea:49:a5:c6:f1:82:cf:b1:8c:81:be:
5a:17:7d:bc:f3:8d:57:a2:9c:5f:99:68:cf:5b:14:71:ad:5a:
2c:cc:06:5a:d9:11:9a:82:a1:6e:1b:56:31:85:2d:f9:c8:a8:
7a:b4:a1:6b:bf:c1:43:df:22:e8:d3:23:56:44:e1:1d:7b:b5:
9c:1b:34:bc:cc:7a:04:11:04:71:48:6e:fe:8b:1e:69:6d:2b:
ed:a0:22:d4:bc:04:9e:c2:9d:30:d1:2d:4d:82:86:bf:40:b6:
d0:a8:d5:6b:6d:80:c9:d2:ca:7e:30:f5:93:f9:7c:85:4f:98:
34:f5:a6:75:83:34:75:2b:3c:7d:1c:c7:ac:be:70:51:20:11:
93:f8:ac:ad:13:d9:7a:2c:8f:07:b4:9a:ed:ed:8f:45:4e:54:
d3:4d:05:65:cc:19:48:1c:f8:b5:90:bf:82:51:f8:7a:1c:71:
64:ca:e6:4e:22:85:7d:d7:bb:b1:9a:6b:a2:a0:aa:48:5b:73:
5a:fd:17:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYR1g4DBCJ/ebCuuSDU5wOl+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NTMxMGY1MDMxMzdhZThiMzVkNGYzMjlmNDZmMDY5ZGQ3
MDM4MTUwHhcNMjIxMTE0MDk0MTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDUzZjRmZDBkZDkxMjNkMGIxMmE2NDZmOTAwMjQ1MTRmNzk2ZTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIWoHwyS4Img6CziFEoVQDBfx2Zb
dPScQjRHmdBk0BwutnQn2nbOmx6miphTEMoODrbiKxUKZA+sWGC1TqVoSLBslX+u
3xn2ySQh0eXNCslxzTkluAnPWFDK3lBGi4eOLQ4RHoIYvjQYaHbPKCly6+FID7R4
ykHQ7wGhIIXDtIBr7ugVZLpKDDc6hnnDhbpimFSE9AqGdat401o4Kc/yBsWJ2Bao
bELpKJcZm5Oh8COOgHVlQPtgRlHojOoozwe3ChM7OMUhK4ednftzk5qVeARm0yJG
cT7b5G064AxsBq43mgTpfquQJbQsNsh7NXqEwBdjOcNIr7cul4E8DDy+GQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFABT9P0N2RI9CxKmRvkAJFFPeW5LMB8GA1UdIwQY
MBaAFKhTEPUDE3ros11PMp9G8GndcDgVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUZNUTlRTVRldWl6WFU4eW4wYndhZDF3T0JVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iNDI5NDktZWUwYS00MTIzLTg3YmYt
MzAxODlhNWE0ZWJhLzEvQUZQMF9RM1pFajBMRXFaRy1RQWtVVTk1YmtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iNDI5NDktZWUwYS00MTIzLTg3YmYtMzAxODlhNWE0ZWJh
LzEvcUZNUTlRTVRldWl6WFU4eW4wYndhZDF3T0JVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhNVMA0G
CSqGSIb3DQEBCwUAA4IBAQB3OgtMzQctlDFT5A6/ImANvcMr8TQ25erA5N0xuynX
UlAS/N3Z2Ru9Ljw63w+M43wsxXeREjyuBH6YYUwP6kmlxvGCz7GMgb5aF328841X
opxfmWjPWxRxrVoszAZa2RGagqFuG1YxhS35yKh6tKFrv8FD3yLo0yNWROEde7Wc
GzS8zHoEEQRxSG7+ix5pbSvtoCLUvASewp0w0S1Ngoa/QLbQqNVrbYDJ0sp+MPWT
+XyFT5g09aZ1gzR1Kzx9HMesvnBRIBGT+KytE9l6LI8HtJrt7Y9FTlTTTQVlzBlI
HPi1kL+CUfh6HHFkyuZOIoV917uxmmuioKpIW3Na/Re6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:59 2024 by rpki-client on console-fra.rpki-client.org