Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/QO39rfZsIBz82Kntg2NErh31wAM.roa
File: QO39rfZsIBz82Kntg2NErh31wAM.roa (raw, json)
Hash identifier: 407F+cRiB7+FUcvuAhSKZvIMpFiH4DUnXWgc1Htps7k=
Subject key identifier: 40:ED:FD:AD:F6:6C:20:1C:FC:D8:A9:ED:83:63:44:AE:1D:F5:C0:03
Certificate issuer: /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial: 3A4DFE5E
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/QO39rfZsIBz82Kntg2NErh31wAM.roa
Signing time: Sat 01 Jan 2022 14:56:24 +0000
ROA not before: Sat 01 Jan 2022 14:56:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51541
IP address blocks: 5.160.152.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 978189918 (0x3a4dfe5e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Validity
Not Before: Jan 1 14:56:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=40edfdadf66c201cfcd8a9ed836344ae1df5c003
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:72:3c:eb:33:97:59:be:02:be:3f:5d:79:fc:
ba:30:35:d8:3b:e1:eb:a8:c8:b1:dd:c3:9f:69:41:
2e:1c:39:d2:ce:33:81:46:69:06:cf:86:a2:94:0a:
34:60:a5:80:0e:49:b9:f6:82:d2:bf:f6:05:24:10:
ef:ea:3b:5e:83:9c:c6:f8:79:4b:81:ee:a5:45:24:
2d:e8:2a:c9:f2:e4:14:54:94:f2:b8:6b:cd:d0:64:
4e:47:cf:ec:a0:82:46:f6:fd:3d:04:94:64:0c:f6:
fb:a0:dd:52:1a:54:c8:b0:8a:f8:c8:41:3a:1c:92:
0d:86:98:f6:ad:40:ad:90:d9:a9:e0:d2:c4:6c:fb:
65:e3:df:f4:97:dc:9e:0c:e0:d9:a8:61:a3:d2:5d:
b7:fd:cb:08:1d:e7:c2:f6:bd:0d:58:65:1f:33:9e:
0b:2f:57:03:35:a8:3f:ca:9e:85:50:0d:a5:8a:b8:
c9:4e:45:08:bb:65:30:3c:9e:0b:2a:24:a1:b5:93:
9e:60:63:bc:08:07:b4:7b:38:e4:28:ad:01:28:96:
07:69:35:56:e7:e2:0c:d8:2a:90:19:d7:fa:62:50:
12:c4:4d:b9:15:04:e5:f4:53:d4:64:0a:7d:db:58:
23:f4:10:d9:fc:e9:91:af:77:bf:a6:ae:2f:6f:91:
04:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:ED:FD:AD:F6:6C:20:1C:FC:D8:A9:ED:83:63:44:AE:1D:F5:C0:03
X509v3 Authority Key Identifier:
keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/QO39rfZsIBz82Kntg2NErh31wAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.152.0/24
Signature Algorithm: sha256WithRSAEncryption
17:ee:5a:7d:60:d9:6d:b8:5d:47:00:fd:94:22:7e:94:5c:b5:
47:1b:7d:67:c7:a0:76:32:23:5c:44:0d:d1:a9:a8:d4:2b:0e:
37:f8:9f:71:26:b1:b8:45:ce:8e:35:fe:26:42:ee:58:00:83:
d0:52:35:33:d0:18:d4:4f:7b:34:95:51:58:7c:82:a0:67:8d:
6d:80:67:2a:b7:1a:13:b7:06:ed:95:2d:bc:22:ab:cb:f1:37:
5f:38:29:8c:9f:4f:e1:1c:04:60:6d:fa:7d:55:8c:3c:78:52:
4f:ff:ae:ef:f1:30:39:8d:ce:8f:ed:75:9a:90:e8:f4:57:74:
fb:5c:b4:07:12:38:f0:00:15:98:e9:a3:00:45:e8:59:f3:fa:
9a:1d:f2:f5:ee:e2:00:c2:5a:83:b5:40:5b:19:23:9f:5f:ed:
2d:27:41:8a:7c:fb:28:e6:94:20:8a:6b:a5:08:31:10:4c:e8:
ff:83:7f:d1:3e:64:7c:57:11:57:9f:76:1b:f3:8b:b3:78:29:
d6:96:38:d3:c5:b0:ca:73:86:c0:83:f3:4c:ef:e7:12:29:35:
d7:8e:2c:67:ef:84:40:8e:20:26:1e:74:30:87:ef:66:73:61:
6f:34:12:ac:94:d0:1c:fd:84:07:93:33:f2:ff:e4:44:d8:30:
6f:b1:fc:93
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEOk3+XjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MWNjYTlmMTVlMTkyMTk1M2E2MjhjOGFkMmFjNGJlOTc3YjZjMzAzMB4XDTIyMDEw
MTE0NTYyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDBlZGZkYWRmNjZj
MjAxY2ZjZDhhOWVkODM2MzQ0YWUxZGY1YzAwMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPVyPOszl1m+Ar4/XXn8ujA12Dvh66jIsd3Dn2lBLhw50s4z
gUZpBs+GopQKNGClgA5JufaC0r/2BSQQ7+o7XoOcxvh5S4HupUUkLegqyfLkFFSU
8rhrzdBkTkfP7KCCRvb9PQSUZAz2+6DdUhpUyLCK+MhBOhySDYaY9q1ArZDZqeDS
xGz7ZePf9Jfcngzg2ahho9Jdt/3LCB3nwva9DVhlHzOeCy9XAzWoP8qehVANpYq4
yU5FCLtlMDyeCyokobWTnmBjvAgHtHs45CitASiWB2k1VufiDNgqkBnX+mJQEsRN
uRUE5fRT1GQKfdtYI/QQ2fzpka93v6auL2+RBNsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRA7f2t9mwgHPzYqe2DY0SuHfXAAzAfBgNVHSMEGDAWgBSBzKnxXhkhlTpi
jIrSrEvpd7bDAzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2djeXA4VjRaSVpVNllveUswcXhMNlhlMnd3TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvMWVhMmIwLTZiOWEtNDRkNy1hMmU1LTIyMDZjYzJlNjkxYy8x
L1FPMzlyZlpzSUJ6ODJLbnRnMk5FcmgzMXdBTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
MWVhMmIwLTZiOWEtNDRkNy1hMmU1LTIyMDZjYzJlNjkxYy8xL2djeXA4VjRaSVpV
NllveUswcXhMNlhlMnd3TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAWgmDANBgkqhkiG9w0BAQsFAAOC
AQEAF+5afWDZbbhdRwD9lCJ+lFy1Rxt9Z8egdjIjXEQN0amo1CsON/ifcSaxuEXO
jjX+JkLuWACD0FI1M9AY1E97NJVRWHyCoGeNbYBnKrcaE7cG7ZUtvCKry/E3Xzgp
jJ9P4RwEYG36fVWMPHhST/+u7/EwOY3Oj+11mpDo9Fd0+1y0BxI48AAVmOmjAEXo
WfP6mh3y9e7iAMJag7VAWxkjn1/tLSdBinz7KOaUIIprpQgxEEzo/4N/0T5kfFcR
V592G/OLs3gp1pY408WwynOGwIPzTO/nEik1144sZ++EQI4gJh50MIfvZnNhbzQS
rJTQHP2EB5Mz8v/kRNgwb7H8kw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:21 2024 by rpki-client on console-ams.rpki-client.org