Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/2c0d80-3937-4455-b9cf-2b4a3538c5e3/1/qjhzF2R4NfP19FuvDJFH1GmJQrY.roa
File: qjhzF2R4NfP19FuvDJFH1GmJQrY.roa (raw, json)
Hash identifier: OL3Om05OWl3p9Qd84ZthIyKghd94jtDKfPcaGULO0ss=
Subject key identifier: AA:38:73:17:64:78:35:F3:F5:F4:5B:AF:0C:91:47:D4:69:89:42:B6
Certificate issuer: /CN=f8dd7ae12d2a37f21aac6f81b6af67d6617ca28e
Certificate serial: 0183695FC7D31E09962B0812A5E60EEE51C0
Authority key identifier: F8:DD:7A:E1:2D:2A:37:F2:1A:AC:6F:81:B6:AF:67:D6:61:7C:A2:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-N164S0qN_IarG-Btq9n1mF8oo4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/2c0d80-3937-4455-b9cf-2b4a3538c5e3/1/qjhzF2R4NfP19FuvDJFH1GmJQrY.roa
Signing time: Fri 23 Sep 2022 08:03:48 +0000
ROA not before: Fri 23 Sep 2022 08:03:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60781
IP address blocks: 185.145.60.0/22 maxlen: 22
195.93.238.0/23 maxlen: 23
91.199.58.0/24 maxlen: 24
2a02:cc8::/32 maxlen: 32
2a02:cc9::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:69:5f:c7:d3:1e:09:96:2b:08:12:a5:e6:0e:ee:51:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8dd7ae12d2a37f21aac6f81b6af67d6617ca28e
Validity
Not Before: Sep 23 08:03:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aa387317647835f3f5f45baf0c9147d4698942b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:a8:4a:47:1f:91:f5:2e:ac:30:4a:85:21:32:
eb:65:88:8e:28:cb:ea:de:36:d7:cc:08:33:c9:18:
78:2b:d7:98:b7:a8:1c:fe:4e:f8:7e:12:75:2d:95:
d6:24:72:2e:f4:27:c5:6b:a4:67:47:9e:ce:7e:bb:
a5:d5:86:09:56:85:a0:8b:f4:ca:66:86:9d:7b:f5:
6f:82:fe:f8:05:80:d1:e5:17:3c:1b:ea:a6:b1:c2:
95:f2:00:de:0a:cb:4f:b1:8f:32:03:e5:2e:0e:8e:
74:cf:6e:0a:5d:2a:ad:39:a5:66:b1:14:1c:bc:20:
63:80:75:0e:60:d3:ad:41:36:bf:55:a2:b0:fc:e1:
54:bd:24:54:ce:b3:10:ee:ab:e4:83:21:46:ff:93:
9f:80:e4:07:b9:ed:37:14:09:0f:e8:3a:b4:30:d1:
53:d5:9c:51:22:03:e4:f8:02:f0:91:61:a6:d2:eb:
e6:04:8b:49:1f:07:f6:88:c0:25:d0:86:2b:11:62:
96:20:28:da:b2:4b:00:10:43:35:3b:d8:48:f2:c3:
42:26:d1:f4:a2:cf:3e:74:1c:53:5e:74:cc:6a:ac:
ac:3a:d0:8e:35:85:2c:1c:e5:c1:45:83:99:45:e8:
02:f5:1f:1d:3b:32:e5:9d:b0:2a:66:71:c4:8d:49:
34:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:38:73:17:64:78:35:F3:F5:F4:5B:AF:0C:91:47:D4:69:89:42:B6
X509v3 Authority Key Identifier:
keyid:F8:DD:7A:E1:2D:2A:37:F2:1A:AC:6F:81:B6:AF:67:D6:61:7C:A2:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-N164S0qN_IarG-Btq9n1mF8oo4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/2c0d80-3937-4455-b9cf-2b4a3538c5e3/1/qjhzF2R4NfP19FuvDJFH1GmJQrY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/2c0d80-3937-4455-b9cf-2b4a3538c5e3/1/1-N164S0qN_IarG-Btq9n1mF8oo4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.58.0/24
185.145.60.0/22
195.93.238.0/23
IPv6:
2a02:cc8::/31
Signature Algorithm: sha256WithRSAEncryption
bb:62:da:f2:96:0b:2e:a0:3c:3c:82:8e:52:8d:b1:a8:a7:9a:
b8:1f:11:ee:86:6b:dd:35:20:c7:07:7f:cc:3f:31:eb:28:48:
4e:d2:7e:44:11:7d:fa:fe:cb:62:78:db:38:40:c3:de:f0:fb:
95:5b:7a:2f:c5:06:bb:b1:3a:e0:54:3f:6a:0f:eb:1e:9f:2e:
a0:a4:ae:a9:e5:e1:1b:34:70:a5:6e:46:53:65:d0:7b:36:3c:
8a:bd:58:9a:9f:3e:66:de:e2:8c:19:6a:0d:45:8e:4a:22:bb:
d0:b9:35:48:18:06:71:6d:f2:c5:15:ee:b0:22:fd:91:e8:89:
08:33:bb:1e:d7:06:f9:68:68:f2:44:6b:14:33:53:40:7e:82:
b8:a5:58:75:68:c8:63:49:99:a1:80:0f:f7:13:68:b1:9b:20:
f4:98:59:eb:8a:54:40:e0:80:e8:02:16:7d:4f:8b:0b:01:f3:
88:d7:33:90:80:12:e2:0f:34:09:fd:f1:87:ef:8e:89:4b:c5:
8b:09:c6:e2:83:aa:5c:66:27:5a:f6:95:7c:27:5a:5d:03:6f:
57:c0:64:e7:ee:cd:53:6c:86:fb:6d:ca:a2:32:80:47:e4:ee:
df:0a:eb:3e:89:aa:40:3d:89:82:68:41:b0:f7:35:7a:47:40:
7e:4c:42:f9
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYNpX8fTHgmWKwgSpeYO7lHAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZGQ3YWUxMmQyYTM3ZjIxYWFjNmY4MWI2YWY2N2Q2NjE3
Y2EyOGUwHhcNMjIwOTIzMDgwMzQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTM4NzMxNzY0NzgzNWYzZjVmNDViYWYwYzkxNDdkNDY5ODk0MmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkahKRx+R9S6sMEqFITLrZYiOKMvq
3jbXzAgzyRh4K9eYt6gc/k74fhJ1LZXWJHIu9CfFa6RnR57Ofrul1YYJVoWgi/TK
Zoade/Vvgv74BYDR5Rc8G+qmscKV8gDeCstPsY8yA+UuDo50z24KXSqtOaVmsRQc
vCBjgHUOYNOtQTa/VaKw/OFUvSRUzrMQ7qvkgyFG/5OfgOQHue03FAkP6Dq0MNFT
1ZxRIgPk+ALwkWGm0uvmBItJHwf2iMAl0IYrEWKWICjasksAEEM1O9hI8sNCJtH0
os8+dBxTXnTMaqysOtCONYUsHOXBRYOZRegC9R8dOzLlnbAqZnHEjUk0jwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFKo4cxdkeDXz9fRbrwyRR9RpiUK2MB8GA1UdIwQY
MBaAFPjdeuEtKjfyGqxvgbavZ9ZhfKKOMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1OMTY0UzBxTl9JYXJHLUJ0cTluMW1GOG9vNC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDYvMmMwZDgwLTM5MzctNDQ1NS1iOWNm
LTJiNGEzNTM4YzVlMy8xL3FqaHpGMlI0TmZQMTlGdXZESkZIMUdtSlFyWS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDYvMmMwZDgwLTM5MzctNDQ1NS1iOWNmLTJiNGEzNTM4YzVl
My8xLzEtTjE2NFMwcU5fSWFyRy1CdHE5bjFtRjhvbzQuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwOgYIKwYBBQUHAQcBAf8EKzApMBgEAgABMBIDBABbxzoD
BAK5kTwDBAHDXe4wDQQCAAIwBwMFASoCDMgwDQYJKoZIhvcNAQELBQADggEBALti
2vKWCy6gPDyCjlKNsainmrgfEe6Ga901IMcHf8w/MesoSE7SfkQRffr+y2J42zhA
w97w+5Vbei/FBruxOuBUP2oP6x6fLqCkrqnl4Rs0cKVuRlNl0Hs2PIq9WJqfPmbe
4owZag1Fjkoiu9C5NUgYBnFt8sUV7rAi/ZHoiQgzux7XBvloaPJEaxQzU0B+gril
WHVoyGNJmaGAD/cTaLGbIPSYWeuKVEDggOgCFn1PiwsB84jXM5CAEuIPNAn98Yfv
jolLxYsJxuKDqlxmJ1r2lXwnWl0Db1fAZOfuzVNshvttyqIygEfk7t8K6z6JqkA9
iYJoQbD3NXpHQH5MQvk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:55 2023 by rpki-client on console-ams.rpki-client.org