Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/27d4f2-d1dc-41bd-b8e6-9545b133c4e3/1/QGdKub0hOAE9tR2kLMRccH4jTWg.roa
File: QGdKub0hOAE9tR2kLMRccH4jTWg.roa (raw, json)
Hash identifier: JUcJP4vh1eMeTgWxfZQec5OFoVE1l/aBxTysmWjmQsI=
Subject key identifier: 40:67:4A:B9:BD:21:38:01:3D:B5:1D:A4:2C:C4:5C:70:7E:23:4D:68
Certificate issuer: /CN=d9f349d6906ed1edd3c89e756e6a8ce4c1910054
Certificate serial: ED7B
Authority key identifier: D9:F3:49:D6:90:6E:D1:ED:D3:C8:9E:75:6E:6A:8C:E4:C1:91:00:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2fNJ1pBu0e3TyJ51bmqM5MGRAFQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/27d4f2-d1dc-41bd-b8e6-9545b133c4e3/1/QGdKub0hOAE9tR2kLMRccH4jTWg.roa
Signing time: Thu 27 Jan 2022 09:36:41 +0000
ROA not before: Thu 27 Jan 2022 09:36:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212667
IP address blocks: 195.64.117.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60795 (0xed7b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9f349d6906ed1edd3c89e756e6a8ce4c1910054
Validity
Not Before: Jan 27 09:36:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=40674ab9bd2138013db51da42cc45c707e234d68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:cc:83:7e:a9:10:5a:ac:68:40:f2:2e:53:0f:
90:42:3f:ea:4e:3a:1e:e5:d5:1c:0d:e9:2c:ba:de:
bf:74:76:d5:05:89:b2:2d:84:7f:91:5c:37:48:43:
e8:3c:42:7a:3f:7d:ad:31:fe:5f:a6:90:a3:e5:e2:
08:8e:44:52:0e:1d:bb:30:81:fe:96:77:cc:c9:68:
6d:76:dd:b7:3c:e0:31:03:7a:ce:12:29:fe:84:05:
c5:da:e3:fa:b8:f1:a5:03:45:fe:da:ef:d2:71:06:
e5:f8:df:85:7a:88:0f:5e:03:f2:5e:cb:6a:8f:d6:
22:c5:17:2e:b6:08:51:5d:dd:3c:fc:d2:fb:f1:aa:
b3:ec:45:4f:ca:54:86:11:3d:c2:43:17:45:92:40:
60:7e:be:00:00:8e:ab:ef:b0:84:9b:a0:f7:a1:aa:
f5:0d:63:66:d4:8c:6e:fc:a2:c7:a3:fd:4a:d5:a1:
f9:4a:e1:b8:75:3c:fc:ba:8d:6a:5b:9c:ed:9a:8c:
5c:17:05:bf:b3:2d:50:0d:b6:f0:bf:68:49:a7:4f:
97:8f:14:86:a1:28:50:87:df:52:de:c6:93:ba:71:
11:d1:17:fc:bc:26:cc:74:f0:fc:7e:b2:78:c3:6d:
c4:49:0d:ef:c3:c4:99:e1:03:80:15:89:2d:6e:e8:
c9:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:67:4A:B9:BD:21:38:01:3D:B5:1D:A4:2C:C4:5C:70:7E:23:4D:68
X509v3 Authority Key Identifier:
keyid:D9:F3:49:D6:90:6E:D1:ED:D3:C8:9E:75:6E:6A:8C:E4:C1:91:00:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2fNJ1pBu0e3TyJ51bmqM5MGRAFQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/27d4f2-d1dc-41bd-b8e6-9545b133c4e3/1/QGdKub0hOAE9tR2kLMRccH4jTWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/27d4f2-d1dc-41bd-b8e6-9545b133c4e3/1/2fNJ1pBu0e3TyJ51bmqM5MGRAFQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.64.117.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:ee:01:4b:e7:a0:e6:ac:24:c0:29:92:46:8a:ca:82:1a:72:
b2:0e:3d:5b:e1:33:77:c4:74:5f:fb:c6:16:e3:c2:b5:63:a8:
d9:86:39:5b:2b:03:4d:92:99:2f:4b:01:9e:71:63:6b:6d:8c:
a1:91:8c:76:a5:c8:2a:6b:b1:ec:c7:40:88:0e:66:d4:c8:65:
63:60:23:55:f4:61:7e:76:b0:b6:b7:9b:dc:e8:c9:03:c8:dc:
d7:bc:eb:59:15:bf:35:ab:b9:a9:c2:af:88:fa:6c:c6:85:48:
0c:92:36:65:37:79:b6:2b:d9:84:c7:86:e6:29:4e:5c:98:6c:
e0:03:a2:f2:6e:91:6a:e5:df:07:74:69:a6:03:89:ec:02:77:
26:f7:5e:fc:ae:bf:45:7f:f2:3e:27:3c:b4:41:dd:00:fa:e8:
75:4f:d3:be:79:e9:b9:8c:93:07:f0:f5:80:cd:d1:51:d0:aa:
b4:60:91:67:99:81:af:2b:c7:31:c9:33:63:77:1c:9f:06:03:
2f:78:66:e3:d8:e6:b5:d2:b1:cc:0c:d8:3e:c5:c8:50:a8:f7:
8b:8f:ad:ca:16:15:ed:a8:4a:ba:14:10:f3:ac:00:b2:46:68:
83:ff:b5:dd:d3:89:62:12:b7:c7:9b:b3:47:52:75:21:67:58:
f8:29:48:1d
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAO17MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ5
ZjM0OWQ2OTA2ZWQxZWRkM2M4OWU3NTZlNmE4Y2U0YzE5MTAwNTQwHhcNMjIwMTI3
MDkzNjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg0MDY3NGFiOWJkMjEz
ODAxM2RiNTFkYTQyY2M0NWM3MDdlMjM0ZDY4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAwMyDfqkQWqxoQPIuUw+QQj/qTjoe5dUcDeksut6/dHbVBYmy
LYR/kVw3SEPoPEJ6P32tMf5fppCj5eIIjkRSDh27MIH+lnfMyWhtdt23POAxA3rO
Ein+hAXF2uP6uPGlA0X+2u/ScQbl+N+FeogPXgPyXstqj9YixRcutghRXd08/NL7
8aqz7EVPylSGET3CQxdFkkBgfr4AAI6r77CEm6D3oar1DWNm1Ixu/KLHo/1K1aH5
SuG4dTz8uo1qW5ztmoxcFwW/sy1QDbbwv2hJp0+XjxSGoShQh99S3saTunER0Rf8
vCbMdPD8frJ4w23ESQ3vw8SZ4QOAFYktbujJmQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFEBnSrm9ITgBPbUdpCzEXHB+I01oMB8GA1UdIwQYMBaAFNnzSdaQbtHt08ie
dW5qjOTBkQBUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
MmZOSjFwQnUwZTNUeUo1MWJtcU01TUdSQUZRLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8xZi8yN2Q0ZjItZDFkYy00MWJkLWI4ZTYtOTU0NWIxMzNjNGUzLzEv
UUdkS3ViMGhPQUU5dFIya0xNUmNjSDRqVFdnLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi8y
N2Q0ZjItZDFkYy00MWJkLWI4ZTYtOTU0NWIxMzNjNGUzLzEvMmZOSjFwQnUwZTNU
eUo1MWJtcU01TUdSQUZRLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw0B1MA0GCSqGSIb3DQEBCwUAA4IB
AQBN7gFL56DmrCTAKZJGisqCGnKyDj1b4TN3xHRf+8YW48K1Y6jZhjlbKwNNkpkv
SwGecWNrbYyhkYx2pcgqa7Hsx0CIDmbUyGVjYCNV9GF+drC2t5vc6MkDyNzXvOtZ
Fb81q7mpwq+I+mzGhUgMkjZlN3m2K9mEx4bmKU5cmGzgA6LybpFq5d8HdGmmA4ns
Ancm9178rr9Ff/I+Jzy0Qd0A+uh1T9O+eem5jJMH8PWAzdFR0Kq0YJFnmYGvK8cx
yTNjdxyfBgMveGbj2Oa10rHMDNg+xchQqPeLj63KFhXtqEq6FBDzrACyRmiD/7Xd
04liErfHm7NHUnUhZ1j4KUgd
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:05 2023 by rpki-client on console-fra.rpki-client.org