Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/1-Q0RWvluAN51sk3UmzYa6GdHSpw.roa
File: 1-Q0RWvluAN51sk3UmzYa6GdHSpw.roa (raw, json)
Hash identifier: sgVlbT++09xayJ2Tw2PW4J0hxvLnRYxk4NrPjDBky1Q=
Subject key identifier: F9:0D:11:5A:F9:6E:00:DE:75:B2:4D:D4:9B:36:1A:E8:67:47:4A:9C
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 01849C6CD984BB5488B6C4B4BBB8DE34FED3
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/1-Q0RWvluAN51sk3UmzYa6GdHSpw.roa
Signing time: Mon 21 Nov 2022 23:01:29 +0000
ROA not before: Mon 21 Nov 2022 23:01:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 109.206.248.0/23 maxlen: 23
185.232.84.0/23 maxlen: 23
2a0b:3c40:10::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9c:6c:d9:84:bb:54:88:b6:c4:b4:bb:b8:de:34:fe:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Nov 21 23:01:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f90d115af96e00de75b24dd49b361ae867474a9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:f2:bc:be:85:88:90:a1:96:81:0e:88:0d:3a:
31:60:39:e2:72:56:55:77:1c:e8:70:33:08:87:6a:
6e:e0:b3:c9:ec:48:24:c9:da:22:6f:c2:53:53:dc:
e6:bf:96:ae:2a:c4:c4:e1:a5:d2:ae:3d:d9:90:e0:
f7:07:b4:d0:55:56:fc:42:63:7c:a5:23:e3:eb:4c:
b1:13:46:63:48:67:80:ca:1b:fe:17:c5:d1:dc:64:
e5:08:13:ac:49:75:d1:e2:06:77:ac:9f:b1:fd:d9:
e9:78:16:cb:36:73:ec:3b:a0:27:72:17:fd:8d:c3:
ce:65:ad:24:b7:d3:48:02:09:e6:da:3c:df:a2:2c:
43:6f:0e:03:20:82:ba:b4:0e:4e:32:70:09:e5:28:
b8:aa:af:1d:62:59:42:58:46:e5:f3:ea:e2:aa:c2:
06:5a:b6:a9:43:34:15:32:46:74:d5:03:96:98:0d:
96:4e:a4:d8:be:27:f7:ac:41:9b:56:e5:f3:82:a3:
0d:32:37:06:41:53:e6:c0:19:62:c4:6c:db:46:25:
46:7a:b5:4e:ef:ed:d0:f0:e2:81:39:85:f0:eb:15:
95:2a:5e:e8:c7:9c:4e:dd:6a:58:e8:3c:6d:23:2a:
15:e2:8f:fd:16:3a:8a:77:6c:f7:ec:81:66:db:0d:
f9:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:0D:11:5A:F9:6E:00:DE:75:B2:4D:D4:9B:36:1A:E8:67:47:4A:9C
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/1-Q0RWvluAN51sk3UmzYa6GdHSpw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.206.248.0/23
185.232.84.0/23
IPv6:
2a0b:3c40:10::/48
Signature Algorithm: sha256WithRSAEncryption
33:c2:a0:0f:26:1f:50:d1:ec:f5:c2:36:ca:be:a3:09:06:1a:
a2:7e:ef:4b:bc:47:18:75:8f:ba:99:14:76:e9:4b:2a:29:a8:
49:dd:51:bc:e1:49:cd:26:51:79:be:f0:69:f8:08:93:56:b3:
6f:4a:30:05:82:2a:1c:fd:50:b9:8d:84:d7:fb:b8:66:66:4a:
aa:ae:4d:08:91:a8:21:64:d8:b7:f2:b8:e0:e6:a2:b9:b9:b0:
4b:02:61:45:84:c3:d8:bd:a7:f8:a9:e7:d1:2d:33:23:37:fb:
86:f5:c0:ef:9e:8f:59:90:7c:e0:d5:f9:a5:c2:ff:ae:57:d3:
b9:bb:71:d0:f2:3d:48:f9:81:02:24:b3:c9:c5:0a:5d:a3:70:
fa:3c:ab:f9:c5:d0:58:fe:b3:47:d5:9e:f1:eb:96:db:8b:df:
8b:c4:74:52:a3:16:49:c6:82:c3:89:50:38:ab:10:17:82:6d:
a0:1a:35:ba:ee:3c:2b:51:f2:b0:97:6d:bb:3a:3d:de:d2:ae:
95:be:e9:f3:57:68:59:c4:a6:cb:5e:52:71:e9:50:8c:08:64:
5f:23:dc:3a:3d:c5:29:6f:a8:10:e0:12:15:c4:cb:63:04:a9:
3f:71:4c:bd:84:d7:b5:f7:ad:1e:00:2d:07:b5:bd:96:5d:22:
50:0f:f2:62
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYScbNmEu1SItsS0u7jeNP7TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjIxMTIxMjMwMTI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTBkMTE1YWY5NmUwMGRlNzViMjRkZDQ5YjM2MWFlODY3NDc0YTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgvK8voWIkKGWgQ6IDToxYDniclZV
dxzocDMIh2pu4LPJ7Egkydoib8JTU9zmv5auKsTE4aXSrj3ZkOD3B7TQVVb8QmN8
pSPj60yxE0ZjSGeAyhv+F8XR3GTlCBOsSXXR4gZ3rJ+x/dnpeBbLNnPsO6Anchf9
jcPOZa0kt9NIAgnm2jzfoixDbw4DIIK6tA5OMnAJ5Si4qq8dYllCWEbl8+riqsIG
WrapQzQVMkZ01QOWmA2WTqTYvif3rEGbVuXzgqMNMjcGQVPmwBlixGzbRiVGerVO
7+3Q8OKBOYXw6xWVKl7ox5xO3WpY6DxtIyoV4o/9FjqKd2z37IFm2w35SQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPkNEVr5bgDedbJN1Js2GuhnR0qcMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvMS1RMFJXdmx1QU41MXNrM1VtellhNkdkSFNwdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMGIvMTkwODQzLTE4MDMtNDQ2Mi1hNzk1LTZiYzc1NTc4YjRj
My8xL3RWZk0xRHItZ1c1SlV5S0w4VXAxM0NrQlM0MC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA2BggrBgEFBQcBBwEB/wQnMCUwEgQCAAEwDAMEAW3O+AME
AbnoVDAPBAIAAjAJAwcAKgs8QAAQMA0GCSqGSIb3DQEBCwUAA4IBAQAzwqAPJh9Q
0ez1wjbKvqMJBhqifu9LvEcYdY+6mRR26UsqKahJ3VG84UnNJlF5vvBp+AiTVrNv
SjAFgioc/VC5jYTX+7hmZkqqrk0IkaghZNi38rjg5qK5ubBLAmFFhMPYvaf4qefR
LTMjN/uG9cDvno9ZkHzg1fmlwv+uV9O5u3HQ8j1I+YECJLPJxQpdo3D6PKv5xdBY
/rNH1Z7x65bbi9+LxHRSoxZJxoLDiVA4qxAXgm2gGjW67jwrUfKwl227Oj3e0q6V
vunzV2hZxKbLXlJx6VCMCGRfI9w6PcUpb6gQ4BIVxMtjBKk/cUy9hNe1960eAC0H
tb2WXSJQD/Ji
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:25 2024 by rpki-client on console-fra.rpki-client.org