Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/fe2e01-d854-4fbc-ba19-2b012fe8ea52/1/aOyX8pMRfmg6ERquHCOjwC3mAzE.roa
File: aOyX8pMRfmg6ERquHCOjwC3mAzE.roa (raw, json)
Hash identifier: 3hi9Jn4CQD0XZjT+VYusR2/g/gXmmgJ5L/sX5LgHpbA=
Subject key identifier: 68:EC:97:F2:93:11:7E:68:3A:11:1A:AE:1C:23:A3:C0:2D:E6:03:31
Certificate issuer: /CN=40c57f7c0befe63b6004e944df684c9d51e468f3
Certificate serial: 0186263ABEDDD36860380E67379364FD5044
Authority key identifier: 40:C5:7F:7C:0B:EF:E6:3B:60:04:E9:44:DF:68:4C:9D:51:E4:68:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QMV_fAvv5jtgBOlE32hMnVHkaPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/fe2e01-d854-4fbc-ba19-2b012fe8ea52/1/aOyX8pMRfmg6ERquHCOjwC3mAzE.roa
Signing time: Mon 06 Feb 2023 10:17:09 +0000
ROA not before: Mon 06 Feb 2023 10:17:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57574
IP address blocks: 164.215.56.0/23 maxlen: 23
164.215.58.0/23 maxlen: 23
164.215.61.0/24 maxlen: 24
164.215.60.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:26:3a:be:dd:d3:68:60:38:0e:67:37:93:64:fd:50:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40c57f7c0befe63b6004e944df684c9d51e468f3
Validity
Not Before: Feb 6 10:17:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68ec97f293117e683a111aae1c23a3c02de60331
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:76:a6:d8:c6:d3:4f:e1:ca:c4:90:64:96:2a:
58:92:10:a5:fc:0a:a2:c0:12:30:4e:7e:e2:d5:4f:
22:7b:25:05:d5:f2:61:b1:68:4c:91:51:87:6c:2e:
62:c0:60:c0:2a:39:cc:ce:70:7a:63:d5:c5:62:29:
a7:00:b2:03:94:91:00:b0:24:19:7f:0e:58:bc:e9:
f1:9c:12:9d:1f:80:7f:fa:a2:30:57:47:1b:34:c5:
8a:69:ed:8b:0a:22:db:95:44:33:cf:d9:53:ae:9c:
9d:d2:ad:62:fb:7a:c9:bd:56:97:d1:21:7e:4e:24:
52:4d:a8:c5:cb:28:af:ba:2c:56:4a:46:f9:d8:16:
f7:5e:f2:8b:56:c1:47:55:06:42:cf:b3:6f:ac:8f:
ea:14:d0:91:5b:c6:55:5a:ad:66:18:38:e6:9f:90:
ac:c9:8c:99:f6:03:2f:1e:23:65:e3:79:48:cc:7f:
a2:f4:47:f5:49:76:76:71:aa:ca:a0:7b:68:56:48:
d3:06:92:f1:c1:1c:c5:3d:f6:82:ac:c5:d7:90:ff:
ed:00:74:be:12:20:bd:93:d2:a5:54:f4:29:60:55:
49:31:c9:e8:e0:03:d9:31:47:47:31:c5:b8:95:e2:
2a:42:5f:b5:c3:08:cf:40:d2:3e:ef:27:d0:50:96:
58:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:EC:97:F2:93:11:7E:68:3A:11:1A:AE:1C:23:A3:C0:2D:E6:03:31
X509v3 Authority Key Identifier:
keyid:40:C5:7F:7C:0B:EF:E6:3B:60:04:E9:44:DF:68:4C:9D:51:E4:68:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QMV_fAvv5jtgBOlE32hMnVHkaPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/fe2e01-d854-4fbc-ba19-2b012fe8ea52/1/aOyX8pMRfmg6ERquHCOjwC3mAzE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/fe2e01-d854-4fbc-ba19-2b012fe8ea52/1/QMV_fAvv5jtgBOlE32hMnVHkaPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.215.56.0-164.215.61.255
Signature Algorithm: sha256WithRSAEncryption
8a:5c:71:65:6f:0e:49:d3:21:4a:de:48:6e:90:b1:8f:33:09:
35:3c:e5:4f:63:7f:01:77:da:ef:cb:b1:93:dc:57:cd:7e:7c:
ba:e5:e5:21:ba:2a:50:04:5f:ec:91:76:d0:6a:2b:b1:f0:03:
91:05:3e:f7:31:fd:b3:ff:42:10:08:6c:60:38:bb:9b:4f:1d:
60:f0:80:19:14:19:a4:70:d9:69:1c:15:0f:03:a3:87:1c:36:
06:be:be:d3:42:b1:b8:fe:28:bb:0a:93:fa:24:38:d5:0b:57:
a7:53:34:b3:cc:75:0a:c2:b3:5e:a3:70:c2:eb:12:1b:9e:d6:
23:fa:66:14:2f:02:55:d8:e9:87:38:06:05:c4:55:da:f2:46:
09:90:99:4c:17:7d:4b:76:fc:41:92:13:1c:45:d3:73:7e:66:
00:03:69:d4:48:2a:94:00:e7:db:e5:ce:04:e0:1c:6b:9a:c8:
05:be:67:cd:da:48:46:b9:7a:6c:75:9c:a9:d4:66:00:c1:7a:
f6:77:a7:91:cc:22:f7:af:a2:8e:34:b2:42:bc:69:8f:14:cf:
0d:1a:e6:b6:5a:28:64:23:7e:9e:54:04:a9:62:3a:a3:68:f9:
7f:af:f8:6a:cd:bd:31:6b:2d:4b:66:fc:be:c5:c3:13:be:e4:
29:3a:02:44
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYYmOr7d02hgOA5nN5Nk/VBEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYzU3ZjdjMGJlZmU2M2I2MDA0ZTk0NGRmNjg0YzlkNTFl
NDY4ZjMwHhcNMjMwMjA2MTAxNzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGVjOTdmMjkzMTE3ZTY4M2ExMTFhYWUxYzIzYTNjMDJkZTYwMzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHam2MbTT+HKxJBklipYkhCl/Aqi
wBIwTn7i1U8ieyUF1fJhsWhMkVGHbC5iwGDAKjnMznB6Y9XFYimnALIDlJEAsCQZ
fw5YvOnxnBKdH4B/+qIwV0cbNMWKae2LCiLblUQzz9lTrpyd0q1i+3rJvVaX0SF+
TiRSTajFyyivuixWSkb52Bb3XvKLVsFHVQZCz7NvrI/qFNCRW8ZVWq1mGDjmn5Cs
yYyZ9gMvHiNl43lIzH+i9Ef1SXZ2carKoHtoVkjTBpLxwRzFPfaCrMXXkP/tAHS+
EiC9k9KlVPQpYFVJMcno4APZMUdHMcW4leIqQl+1wwjPQNI+7yfQUJZYTwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGjsl/KTEX5oOhEarhwjo8At5gMxMB8GA1UdIwQY
MBaAFEDFf3wL7+Y7YATpRN9oTJ1R5GjzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU1WX2ZBdnY1anRnQk9sRTMyaE1uVkhrYVBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9mZTJlMDEtZDg1NC00ZmJjLWJhMTkt
MmIwMTJmZThlYTUyLzEvYU95WDhwTVJmbWc2RVJxdUhDT2p3QzNtQXpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9mZTJlMDEtZDg1NC00ZmJjLWJhMTktMmIwMTJmZThlYTUy
LzEvUU1WX2ZBdnY1anRnQk9sRTMyaE1uVkhrYVBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAOk1zgD
BAGk1zwwDQYJKoZIhvcNAQELBQADggEBAIpccWVvDknTIUreSG6QsY8zCTU85U9j
fwF32u/LsZPcV81+fLrl5SG6KlAEX+yRdtBqK7HwA5EFPvcx/bP/QhAIbGA4u5tP
HWDwgBkUGaRw2WkcFQ8Do4ccNga+vtNCsbj+KLsKk/okONULV6dTNLPMdQrCs16j
cMLrEhue1iP6ZhQvAlXY6Yc4BgXEVdryRgmQmUwXfUt2/EGSExxF03N+ZgADadRI
KpQA59vlzgTgHGuayAW+Z83aSEa5emx1nKnUZgDBevZ3p5HMIvevoo40skK8aY8U
zw0a5rZaKGQjfp5UBKliOqNo+X+v+GrNvTFrLUtm/L7FwxO+5Ck6AkQ=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:18:03 2025 by rpki-client