Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/Qm_TkVMe0o2EKnohbm0wsbaNO2g.roa
File: Qm_TkVMe0o2EKnohbm0wsbaNO2g.roa (raw, json)
Hash identifier: qoQOJVWZKnUU6a9hat7yXAwFU57W6Q7HzhNUBB/rE2Y=
Subject key identifier: 42:6F:D3:91:53:1E:D2:8D:84:2A:7A:21:6E:6D:30:B1:B6:8D:3B:68
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 1BA73461
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/Qm_TkVMe0o2EKnohbm0wsbaNO2g.roa
Signing time: Sat 01 Jan 2022 05:03:46 +0000
ROA not before: Sat 01 Jan 2022 05:03:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207023
IP address blocks: 176.116.238.0/23 maxlen: 24
91.234.122.0/23 maxlen: 24
37.97.116.0/22 maxlen: 24
192.162.186.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 463942753 (0x1ba73461)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 1 05:03:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=426fd391531ed28d842a7a216e6d30b1b68d3b68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:80:01:9e:0b:e0:7b:ca:4d:3e:6d:a7:58:88:
03:dc:47:e9:a9:17:b4:cb:c4:a7:98:fa:72:4b:d2:
84:fe:54:d2:40:76:72:11:24:5d:39:4a:93:53:01:
a5:20:0a:bf:c3:66:11:51:d9:c4:5d:bf:4b:f5:f9:
5d:bc:38:da:98:06:60:77:ec:42:92:bc:c5:1d:68:
84:b6:9d:21:94:70:60:6b:9e:a6:52:13:a1:64:9c:
18:7e:65:d6:00:c1:10:d8:cb:c4:b6:3b:b7:1f:d9:
b1:ce:48:e3:a8:57:a4:7c:72:03:91:4a:6f:4b:9a:
b9:b5:92:70:b1:42:7f:4e:57:b9:fb:c3:3c:84:80:
df:f0:76:c9:ea:06:6b:03:f8:56:3b:a0:75:52:08:
7c:d6:50:ad:43:b1:0b:cc:c2:c0:69:df:65:41:5b:
4e:0c:9c:74:94:e5:14:bc:87:b7:b3:6c:4f:3b:f5:
1c:0e:33:91:65:94:4a:88:c5:21:cf:9e:2a:b5:92:
75:88:5c:81:68:be:54:fa:9e:01:86:24:6e:c1:09:
90:2c:3c:cb:8f:50:a7:95:60:86:46:6f:57:c8:9e:
b7:ad:c0:f6:68:20:5c:96:0a:2b:84:0e:d6:4e:ec:
0d:1c:80:0c:fa:f9:49:90:1c:d5:af:ff:eb:46:31:
ae:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:6F:D3:91:53:1E:D2:8D:84:2A:7A:21:6E:6D:30:B1:B6:8D:3B:68
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/Qm_TkVMe0o2EKnohbm0wsbaNO2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.97.116.0/22
91.234.122.0/23
176.116.238.0/23
192.162.186.0/23
Signature Algorithm: sha256WithRSAEncryption
43:98:d6:bd:15:f4:14:f2:45:85:1f:5c:85:cc:cb:33:c7:43:
38:bd:dc:8c:81:6a:68:31:a8:3d:0b:7f:47:ff:a3:90:7b:1f:
56:00:4f:bd:88:8b:32:6e:a3:8d:f8:a9:f3:af:13:49:1e:8d:
b4:dc:6a:d7:bc:32:c2:3c:83:59:27:62:9a:53:c7:7b:6f:a0:
7f:00:1c:81:09:cf:1a:c1:3f:1e:53:ee:b4:b0:9b:28:95:e2:
f8:7a:45:bb:1e:5d:d9:2d:cb:1c:5e:c1:ba:1f:b3:71:54:fa:
2e:46:31:dd:50:83:08:7d:40:17:13:ee:d8:30:18:06:fd:4f:
55:b9:c1:73:66:93:6d:a4:10:8a:a9:d5:8f:be:e5:5b:c6:02:
ce:66:45:d6:77:1c:df:10:33:32:db:7a:9c:e6:c7:3c:67:13:
e0:69:89:d6:b4:fa:24:b4:35:65:a8:4a:d7:ce:aa:26:48:a1:
78:11:2e:db:75:37:92:0c:48:bc:53:1a:1c:bd:e4:bc:b3:66:
86:1b:ad:91:06:d2:86:c8:a4:8c:a3:7a:9e:60:3f:30:37:6d:
1b:c6:1d:ab:52:36:59:6e:11:ff:91:e9:1d:91:a4:8a:2e:be:
8b:c1:df:0e:3c:7d:47:16:6d:a8:99:3e:bf:33:a5:43:66:e8:
09:35:fc:df
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEG6c0YTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NDljYmJkNWMyY2Y0MTk1Y2M2ZWM3ZjIxZjYwNzU4MWEwMjI0ZGFhMB4XDTIyMDEw
MTA1MDM0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDI2ZmQzOTE1MzFl
ZDI4ZDg0MmE3YTIxNmU2ZDMwYjFiNjhkM2I2ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMCAAZ4L4HvKTT5tp1iIA9xH6akXtMvEp5j6ckvShP5U0kB2
chEkXTlKk1MBpSAKv8NmEVHZxF2/S/X5Xbw42pgGYHfsQpK8xR1ohLadIZRwYGue
plIToWScGH5l1gDBENjLxLY7tx/Zsc5I46hXpHxyA5FKb0uaubWScLFCf05XufvD
PISA3/B2yeoGawP4VjugdVIIfNZQrUOxC8zCwGnfZUFbTgycdJTlFLyHt7NsTzv1
HA4zkWWUSojFIc+eKrWSdYhcgWi+VPqeAYYkbsEJkCw8y49Qp5VghkZvV8iet63A
9mggXJYKK4QO1k7sDRyADPr5SZAc1a//60YxrlECAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBRCb9ORUx7SjYQqeiFubTCxto07aDAfBgNVHSMEGDAWgBQ0nLvVws9Blcxu
x/IfYHWBoCJNqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05KeTcxY0xQUVpYTWJzZnlIMkIxZ2FBaVRhby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmQvY2RmNWY2LTJmMTgtNDJjNy05MzBlLWRjMDZkZDgwNTk2MC8x
L1FtX1RrVk1lMG8yRUtub2hibTB3c2JhTk8yZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQv
Y2RmNWY2LTJmMTgtNDJjNy05MzBlLWRjMDZkZDgwNTk2MC8xL05KeTcxY0xQUVpY
TWJzZnlIMkIxZ2FBaVRhby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAiVhdAMEAVvqegMEAbB07gMEAcCi
ujANBgkqhkiG9w0BAQsFAAOCAQEAQ5jWvRX0FPJFhR9chczLM8dDOL3cjIFqaDGo
PQt/R/+jkHsfVgBPvYiLMm6jjfip868TSR6NtNxq17wywjyDWSdimlPHe2+gfwAc
gQnPGsE/HlPutLCbKJXi+HpFux5d2S3LHF7Buh+zcVT6LkYx3VCDCH1AFxPu2DAY
Bv1PVbnBc2aTbaQQiqnVj77lW8YCzmZF1ncc3xAzMtt6nObHPGcT4GmJ1rT6JLQ1
ZahK186qJkiheBEu23U3kgxIvFMaHL3kvLNmhhutkQbShsikjKN6nmA/MDdtG8Yd
q1I2WW4R/5HpHZGkii6+i8HfDjx9RxZtqJk+vzOlQ2boCTX83w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:48 2024 by rpki-client on console-ams.rpki-client.org