Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/QHPNQdUQ-LM8OBJzd7U7eI1ufec.roa
File: QHPNQdUQ-LM8OBJzd7U7eI1ufec.roa (raw, json)
Hash identifier: ib0bhGSImLZgoMasP7I2XpkfukmiRUN54grh+4eueRg=
Subject key identifier: 40:73:CD:41:D5:10:F8:B3:3C:38:12:73:77:B5:3B:78:8D:6E:7D:E7
Certificate issuer: /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial: 3A423FE0
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/QHPNQdUQ-LM8OBJzd7U7eI1ufec.roa
Signing time: Sat 01 Jan 2022 14:56:17 +0000
ROA not before: Sat 01 Jan 2022 14:56:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35043
IP address blocks: 5.160.248.0/21 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 977420256 (0x3a423fe0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Validity
Not Before: Jan 1 14:56:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4073cd41d510f8b33c38127377b53b788d6e7de7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:b5:6e:f8:a2:b3:97:ae:c1:ce:af:c3:95:e2:
30:a0:11:99:0d:e3:5a:71:7f:23:58:23:02:05:67:
47:66:01:33:51:ac:20:70:e2:62:ce:fd:6b:72:5a:
1d:4c:1f:95:23:d1:35:fe:d5:9f:5f:b6:9c:9c:15:
e4:ea:84:0a:8e:4e:3e:56:83:e2:25:fc:01:22:26:
52:ba:14:f9:93:7e:19:83:f5:c1:55:ee:9d:46:5c:
37:0f:d3:6d:d7:e8:2f:d7:bc:9a:a0:81:0c:f0:76:
f7:8e:24:0a:41:ba:ee:07:88:88:e7:f3:a5:1a:d8:
2d:11:eb:6f:ce:c6:51:b7:74:e7:85:25:09:f3:d9:
e9:b6:5b:db:cc:e5:12:32:fb:35:98:5d:df:ca:87:
9e:a1:48:0f:ce:8f:2f:46:7b:f7:76:e8:6d:eb:97:
a6:b3:0b:c6:e8:ee:16:5a:ad:7b:f9:5c:85:21:76:
08:72:21:b3:ed:06:c4:87:b2:29:43:7d:b0:e0:44:
fd:fc:a7:23:51:26:5f:02:1b:9c:b6:f1:c9:a9:0f:
aa:a8:ef:4b:09:c5:15:88:22:7f:5d:d8:e8:69:91:
7c:fa:4d:25:0c:da:a9:6d:1e:5e:59:fe:98:a7:17:
11:39:e4:87:4e:a3:5c:57:d3:99:82:50:79:32:27:
aa:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:73:CD:41:D5:10:F8:B3:3C:38:12:73:77:B5:3B:78:8D:6E:7D:E7
X509v3 Authority Key Identifier:
keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/QHPNQdUQ-LM8OBJzd7U7eI1ufec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.248.0/21
Signature Algorithm: sha256WithRSAEncryption
21:aa:97:05:f1:af:04:21:2a:d3:36:65:06:07:7b:05:97:46:
ae:83:01:e5:77:ab:27:e5:42:b4:b6:9b:d2:c2:37:42:49:28:
8f:36:1d:1d:68:fb:e9:22:02:34:84:f9:39:9e:26:fa:2f:25:
88:de:64:c7:d4:37:60:9b:3e:92:b3:81:02:40:b8:ff:8c:b2:
f0:4d:04:e9:6d:be:d1:31:ea:b8:2e:2b:35:a6:0b:a9:03:37:
d2:48:57:34:4e:a6:7e:57:8f:80:5c:90:63:61:ae:8f:1a:ac:
bd:92:b0:d7:d5:df:89:3f:45:4d:79:2c:a3:1f:0d:85:e8:db:
f5:03:72:29:8c:97:21:38:51:08:45:f2:20:ad:da:41:e0:31:
f0:d6:14:43:f0:d5:cb:32:2f:2b:06:06:f9:a1:bc:d5:08:9c:
b1:b0:9a:14:28:02:72:02:f2:45:68:c0:e2:70:6c:3d:b0:dc:
2d:c0:58:6e:fc:5e:56:43:b4:92:8f:d1:30:99:09:36:81:e8:
4b:9a:ba:e1:fc:cf:7d:4a:14:db:12:f9:a6:59:06:ab:20:7c:
be:b6:27:05:c3:a8:bc:6b:b9:e1:48:3d:ad:ce:80:52:2a:7d:
64:56:ad:4a:17:b2:a5:9a:a5:48:2a:5a:b9:2b:37:9f:91:06:
3f:e6:04:ad
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEOkI/4DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MWNjYTlmMTVlMTkyMTk1M2E2MjhjOGFkMmFjNGJlOTc3YjZjMzAzMB4XDTIyMDEw
MTE0NTYxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDA3M2NkNDFkNTEw
ZjhiMzNjMzgxMjczNzdiNTNiNzg4ZDZlN2RlNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJm1bviis5euwc6vw5XiMKARmQ3jWnF/I1gjAgVnR2YBM1Gs
IHDiYs79a3JaHUwflSPRNf7Vn1+2nJwV5OqECo5OPlaD4iX8ASImUroU+ZN+GYP1
wVXunUZcNw/TbdfoL9e8mqCBDPB2944kCkG67geIiOfzpRrYLRHrb87GUbd054Ul
CfPZ6bZb28zlEjL7NZhd38qHnqFID86PL0Z793bobeuXprMLxujuFlqte/lchSF2
CHIhs+0GxIeyKUN9sOBE/fynI1EmXwIbnLbxyakPqqjvSwnFFYgif13Y6GmRfPpN
JQzaqW0eXln+mKcXETnkh06jXFfTmYJQeTInqlECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRAc81B1RD4szw4EnN3tTt4jW595zAfBgNVHSMEGDAWgBSBzKnxXhkhlTpi
jIrSrEvpd7bDAzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2djeXA4VjRaSVpVNllveUswcXhMNlhlMnd3TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvMWVhMmIwLTZiOWEtNDRkNy1hMmU1LTIyMDZjYzJlNjkxYy8x
L1FIUE5RZFVRLUxNOE9CSnpkN1U3ZUkxdWZlYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
MWVhMmIwLTZiOWEtNDRkNy1hMmU1LTIyMDZjYzJlNjkxYy8xL2djeXA4VjRaSVpV
NllveUswcXhMNlhlMnd3TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAwWg+DANBgkqhkiG9w0BAQsFAAOC
AQEAIaqXBfGvBCEq0zZlBgd7BZdGroMB5XerJ+VCtLab0sI3QkkojzYdHWj76SIC
NIT5OZ4m+i8liN5kx9Q3YJs+krOBAkC4/4yy8E0E6W2+0THquC4rNaYLqQM30khX
NE6mflePgFyQY2GujxqsvZKw19XfiT9FTXksox8Nhejb9QNyKYyXIThRCEXyIK3a
QeAx8NYUQ/DVyzIvKwYG+aG81QicsbCaFCgCcgLyRWjA4nBsPbDcLcBYbvxeVkO0
ko/RMJkJNoHoS5q64fzPfUoU2xL5plkGqyB8vrYnBcOovGu54Ug9rc6AUip9ZFat
SheypZqlSCpauSs3n5EGP+YErQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:19 2023 by rpki-client on console-fra.rpki-client.org