Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/QKhZ9R0q9AssPjwCyX4SpPrgb-I.roa
File: QKhZ9R0q9AssPjwCyX4SpPrgb-I.roa (raw, json)
Hash identifier: tWz/RoRkaUT/eUvgPTi1H/gFbNIXBPzYAmCmtWs5mnY=
Subject key identifier: 40:A8:59:F5:1D:2A:F4:0B:2C:3E:3C:02:C9:7E:12:A4:FA:E0:6F:E2
Certificate issuer: /CN=f4d08a1e1cbc909254e9e6b9c939fd85a268b1e1
Certificate serial: 0183AFA07A3416A7AEA65816DA9F5A94A3BD
Authority key identifier: F4:D0:8A:1E:1C:BC:90:92:54:E9:E6:B9:C9:39:FD:85:A2:68:B1:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9NCKHhy8kJJU6ea5yTn9haJoseE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/QKhZ9R0q9AssPjwCyX4SpPrgb-I.roa
Signing time: Thu 06 Oct 2022 23:27:53 +0000
ROA not before: Thu 06 Oct 2022 23:27:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 45.95.18.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:af:a0:7a:34:16:a7:ae:a6:58:16:da:9f:5a:94:a3:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4d08a1e1cbc909254e9e6b9c939fd85a268b1e1
Validity
Not Before: Oct 6 23:27:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=40a859f51d2af40b2c3e3c02c97e12a4fae06fe2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:3d:cd:3d:68:92:29:b0:bb:fd:00:a6:4a:f4:
88:27:a6:1a:ea:b0:e4:f6:2a:8a:08:d3:d2:a5:9b:
53:68:fa:8a:35:c8:f5:0f:5f:45:80:9e:81:b2:b4:
b2:58:0d:b1:09:68:94:b1:73:02:bc:71:bb:9c:fa:
7b:3e:1b:35:ff:c0:75:90:74:06:7e:97:2a:7a:da:
60:31:b1:42:a4:6b:cd:39:71:4a:53:f5:22:b7:36:
75:2d:c6:a2:58:82:9b:4f:12:8e:84:76:2c:47:a4:
a0:b9:77:23:86:ba:35:e3:43:33:08:2e:0e:33:b1:
96:62:6d:73:96:ec:ba:f0:b4:63:33:e6:56:47:3a:
3c:28:5c:27:8c:ce:06:c1:0d:c8:8c:8a:13:e8:2b:
b2:3f:4f:db:84:be:16:7b:22:c2:6c:61:77:43:e6:
da:77:2e:d8:17:5f:77:ca:1b:db:29:7a:b4:30:84:
06:7f:9b:89:fe:2e:b2:98:6b:c7:0b:81:22:70:66:
bb:52:bc:5a:67:ff:1b:5c:d1:9e:96:55:5b:72:27:
83:2d:14:d9:0b:59:44:1b:66:98:71:59:fd:2e:e6:
59:a4:1b:ea:90:43:c1:90:62:18:d1:e2:d5:67:ad:
da:55:5f:2f:a1:75:84:4a:d0:ad:5f:aa:f0:ef:89:
e5:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:A8:59:F5:1D:2A:F4:0B:2C:3E:3C:02:C9:7E:12:A4:FA:E0:6F:E2
X509v3 Authority Key Identifier:
keyid:F4:D0:8A:1E:1C:BC:90:92:54:E9:E6:B9:C9:39:FD:85:A2:68:B1:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9NCKHhy8kJJU6ea5yTn9haJoseE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/QKhZ9R0q9AssPjwCyX4SpPrgb-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/9NCKHhy8kJJU6ea5yTn9haJoseE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.18.0/23
Signature Algorithm: sha256WithRSAEncryption
93:44:e0:52:bd:ae:e9:c1:f7:4e:81:2b:b2:b1:40:8c:0c:3c:
2c:40:17:e8:a2:aa:0d:51:10:a0:1b:fb:87:2c:9a:b3:1b:dd:
c4:ba:b7:61:9d:24:67:51:95:d2:40:bc:9f:e8:63:19:d8:66:
29:46:7c:cb:66:fa:f9:f0:bc:d5:37:83:a1:a3:80:a1:a9:62:
65:be:0c:1c:5e:bc:7f:df:e1:0f:11:b5:fb:76:34:9e:75:8f:
a6:e1:a6:b7:94:b7:23:6f:df:a5:94:ce:37:73:93:2c:86:6c:
9e:30:94:f5:7c:fa:28:ad:0d:c2:bf:cb:6b:ed:f5:20:16:ba:
8c:de:7d:59:c3:9e:51:e0:c8:e2:ac:db:d7:c1:b7:99:4f:4c:
b8:a0:d3:2a:cf:9a:57:8e:1a:6b:f0:af:98:9b:bd:73:12:ca:
ab:cf:27:c0:44:95:c2:b8:c3:45:61:8e:6b:4f:91:26:db:05:
ae:22:1d:10:f7:ae:6e:13:29:64:4b:65:d6:ae:03:8a:43:12:
4d:ce:a0:77:00:aa:15:77:03:b6:77:18:27:6b:5b:09:b5:ad:
9e:68:1e:c7:04:b2:c6:43:17:22:94:e6:f7:cd:c1:fd:99:fc:
e0:cd:ed:81:12:f3:b7:be:a4:10:c3:df:7f:90:ae:95:e2:c6:
dc:51:a3:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYOvoHo0FqeuplgW2p9alKO9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZDA4YTFlMWNiYzkwOTI1NGU5ZTZiOWM5MzlmZDg1YTI2
OGIxZTEwHhcNMjIxMDA2MjMyNzUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGE4NTlmNTFkMmFmNDBiMmMzZTNjMDJjOTdlMTJhNGZhZTA2ZmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9D3NPWiSKbC7/QCmSvSIJ6Ya6rDk
9iqKCNPSpZtTaPqKNcj1D19FgJ6BsrSyWA2xCWiUsXMCvHG7nPp7Phs1/8B1kHQG
fpcqetpgMbFCpGvNOXFKU/UitzZ1LcaiWIKbTxKOhHYsR6SguXcjhro140MzCC4O
M7GWYm1zluy68LRjM+ZWRzo8KFwnjM4GwQ3IjIoT6CuyP0/bhL4WeyLCbGF3Q+ba
dy7YF193yhvbKXq0MIQGf5uJ/i6ymGvHC4EicGa7UrxaZ/8bXNGellVbcieDLRTZ
C1lEG2aYcVn9LuZZpBvqkEPBkGIY0eLVZ63aVV8voXWEStCtX6rw74nlnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFECoWfUdKvQLLD48Asl+EqT64G/iMB8GA1UdIwQY
MBaAFPTQih4cvJCSVOnmuck5/YWiaLHhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU5DS0hoeThrSkpVNmVhNXlUbjloYUpvc2VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NDlmZGMtMGQzYS00MWVjLWExY2Ut
ZGNlOTQ3ZTI5NGI2LzEvUUtoWjlSMHE5QXNzUGp3Q3lYNFNwUHJnYi1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NDlmZGMtMGQzYS00MWVjLWExY2UtZGNlOTQ3ZTI5NGI2
LzEvOU5DS0hoeThrSkpVNmVhNXlUbjloYUpvc2VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLV8SMA0G
CSqGSIb3DQEBCwUAA4IBAQCTROBSva7pwfdOgSuysUCMDDwsQBfooqoNURCgG/uH
LJqzG93EurdhnSRnUZXSQLyf6GMZ2GYpRnzLZvr58LzVN4Oho4ChqWJlvgwcXrx/
3+EPEbX7djSedY+m4aa3lLcjb9+llM43c5MshmyeMJT1fPoorQ3Cv8tr7fUgFrqM
3n1Zw55R4MjirNvXwbeZT0y4oNMqz5pXjhpr8K+Ym71zEsqrzyfARJXCuMNFYY5r
T5Em2wWuIh0Q965uEylkS2XWrgOKQxJNzqB3AKoVdwO2dxgna1sJta2eaB7HBLLG
QxcilOb3zcH9mfzgze2BEvO3vqQQw99/kK6V4sbcUaON
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:32 2023 by rpki-client on console-fra.rpki-client.org