Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/e74a58-bb9e-4ae9-a746-8936f091f4f4/1/aCquzrt8tMsqN-Jc7iAZgLxka5I.roa
File: aCquzrt8tMsqN-Jc7iAZgLxka5I.roa (raw, json)
Hash identifier: g/l9ysQbTnaIJFoKIA/t5MD6hGLNk3VS5VrBUQlUm0A=
Subject key identifier: 68:2A:AE:CE:BB:7C:B4:CB:2A:37:E2:5C:EE:20:19:80:BC:64:6B:92
Certificate issuer: /CN=40479ea562dd3a7d0cf2a6e978b6bbf378f73ce4
Certificate serial: 03EB7817
Authority key identifier: 40:47:9E:A5:62:DD:3A:7D:0C:F2:A6:E9:78:B6:BB:F3:78:F7:3C:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QEeepWLdOn0M8qbpeLa783j3POQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/e74a58-bb9e-4ae9-a746-8936f091f4f4/1/aCquzrt8tMsqN-Jc7iAZgLxka5I.roa
Signing time: Sat 01 Jan 2022 07:02:47 +0000
ROA not before: Sat 01 Jan 2022 07:02:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60407
IP address blocks: 185.31.125.0/24 maxlen: 24
185.31.124.0/22 maxlen: 22
185.31.124.0/24 maxlen: 24
185.31.124.0/23 maxlen: 23
185.31.127.0/24 maxlen: 24
185.31.126.0/24 maxlen: 24
185.31.126.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65763351 (0x3eb7817)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40479ea562dd3a7d0cf2a6e978b6bbf378f73ce4
Validity
Not Before: Jan 1 07:02:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=682aaecebb7cb4cb2a37e25cee201980bc646b92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:7b:6a:bb:d6:5b:a2:5f:bc:9c:ff:ff:6d:9a:
62:75:58:6d:58:7a:d1:8c:cc:53:0c:d8:fe:a0:b2:
a8:bd:3d:02:85:e6:0a:68:ed:62:82:f7:18:45:51:
29:ea:27:86:ee:7a:27:8a:61:cd:ed:63:00:4f:35:
46:c3:59:dd:60:78:63:7c:95:3d:cd:2b:94:ee:a9:
4d:2a:4f:98:04:45:6a:a2:78:a6:6b:a1:b5:a3:46:
15:d5:85:05:2d:e4:93:13:9a:e9:f7:d1:c9:1a:51:
a0:4e:42:9d:fd:21:6b:79:59:68:5b:d4:e3:15:6a:
a1:82:c4:b0:fc:d0:25:0e:3c:ee:5a:7a:0c:b1:61:
6e:e5:61:34:26:1c:b4:23:3b:79:d4:f6:55:03:22:
62:c4:36:fb:9e:3d:68:f2:bd:2b:67:66:02:b5:a4:
da:9f:eb:53:75:67:e2:da:47:25:c2:d7:a0:bc:4b:
7e:cf:66:0f:f1:9b:58:9c:51:76:ae:56:fa:13:e0:
8f:5e:15:0b:fa:46:d6:87:f8:76:f1:4e:03:4d:ab:
6f:69:11:1d:48:11:c8:c9:e3:44:e2:4f:98:cf:99:
61:f2:b6:59:bb:d6:69:e3:f5:a3:07:19:5e:ba:b5:
95:82:e0:8a:24:f0:bb:e2:f0:b8:7a:91:d0:a9:83:
a0:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:2A:AE:CE:BB:7C:B4:CB:2A:37:E2:5C:EE:20:19:80:BC:64:6B:92
X509v3 Authority Key Identifier:
keyid:40:47:9E:A5:62:DD:3A:7D:0C:F2:A6:E9:78:B6:BB:F3:78:F7:3C:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QEeepWLdOn0M8qbpeLa783j3POQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/e74a58-bb9e-4ae9-a746-8936f091f4f4/1/aCquzrt8tMsqN-Jc7iAZgLxka5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/e74a58-bb9e-4ae9-a746-8936f091f4f4/1/QEeepWLdOn0M8qbpeLa783j3POQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.31.124.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:36:5c:49:77:db:7a:16:41:9d:76:e0:2f:51:92:00:71:64:
4c:ea:1e:d0:39:e2:1f:0a:a9:3e:b6:e9:37:4d:68:c0:d9:08:
51:0f:3e:98:51:1f:b3:21:a3:e9:13:b5:c8:e6:62:07:f0:90:
b6:62:95:bd:ec:63:b5:4a:e8:c2:be:ec:7d:6a:a6:de:1d:de:
8f:4a:a5:c2:52:67:30:78:c2:33:5b:03:b4:7b:2e:96:20:9e:
6c:3e:b8:e2:ba:38:80:8c:0e:9c:52:42:76:cd:d0:06:02:41:
34:d4:9d:08:1e:0c:1c:8b:28:55:e8:8d:b5:5f:7c:ab:d0:f3:
77:04:ba:07:36:17:55:a0:3b:36:62:17:30:9f:7c:3c:bc:d9:
69:82:1a:73:c6:ce:74:ee:8b:f7:6b:17:92:69:83:c3:67:47:
86:1b:e7:5b:72:ac:8b:fe:b4:0e:47:a2:9d:6d:9c:de:fc:69:
05:a3:11:37:e8:41:83:a5:09:e5:0a:25:0e:9b:35:89:ec:4a:
53:88:f7:ef:cd:69:0d:45:5b:ac:2e:62:98:91:c0:5d:f4:47:
6d:21:b5:12:f3:e6:39:56:52:d8:7e:46:97:06:d2:3e:55:d1:
b4:ad:c1:e9:98:b5:30:97:a2:9e:16:74:0a:8b:95:a8:1c:49:
6f:b6:44:f6
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA+t4FzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MDQ3OWVhNTYyZGQzYTdkMGNmMmE2ZTk3OGI2YmJmMzc4ZjczY2U0MB4XDTIyMDEw
MTA3MDI0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjgyYWFlY2ViYjdj
YjRjYjJhMzdlMjVjZWUyMDE5ODBiYzY0NmI5MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMd7arvWW6JfvJz//22aYnVYbVh60YzMUwzY/qCyqL09AoXm
CmjtYoL3GEVRKeonhu56J4phze1jAE81RsNZ3WB4Y3yVPc0rlO6pTSpPmARFaqJ4
pmuhtaNGFdWFBS3kkxOa6ffRyRpRoE5Cnf0ha3lZaFvU4xVqoYLEsPzQJQ487lp6
DLFhbuVhNCYctCM7edT2VQMiYsQ2+549aPK9K2dmArWk2p/rU3Vn4tpHJcLXoLxL
fs9mD/GbWJxRdq5W+hPgj14VC/pG1of4dvFOA02rb2kRHUgRyMnjROJPmM+ZYfK2
WbvWaeP1owcZXrq1lYLgiiTwu+LwuHqR0KmDoNcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRoKq7Ou3y0yyo34lzuIBmAvGRrkjAfBgNVHSMEGDAWgBRAR56lYt06fQzy
pul4trvzePc85DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FFZWVwV0xkT24wTThxYnBlTGE3ODNqM1BPUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmMvZTc0YTU4LWJiOWUtNGFlOS1hNzQ2LTg5MzZmMDkxZjRmNC8x
L2FDcXV6cnQ4dE1zcU4tSmM3aUFaZ0x4a2E1SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmMv
ZTc0YTU4LWJiOWUtNGFlOS1hNzQ2LTg5MzZmMDkxZjRmNC8xL1FFZWVwV0xkT24w
TThxYnBlTGE3ODNqM1BPUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArkffDANBgkqhkiG9w0BAQsFAAOC
AQEAKzZcSXfbehZBnXbgL1GSAHFkTOoe0DniHwqpPrbpN01owNkIUQ8+mFEfsyGj
6RO1yOZiB/CQtmKVvexjtUrowr7sfWqm3h3ej0qlwlJnMHjCM1sDtHsuliCebD64
4ro4gIwOnFJCds3QBgJBNNSdCB4MHIsoVeiNtV98q9DzdwS6BzYXVaA7NmIXMJ98
PLzZaYIac8bOdO6L92sXkmmDw2dHhhvnW3Ksi/60DkeinW2c3vxpBaMRN+hBg6UJ
5QolDps1iexKU4j3781pDUVbrC5imJHAXfRHbSG1EvPmOVZS2H5GlwbSPlXRtK3B
6Zi1MJeinhZ0CouVqBxJb7ZE9g==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:40 2023 by rpki-client on console-ams.rpki-client.org