Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/4b43b5-0d95-4d42-8068-480e27adc79a/1/qd3y2wYZelM9l2d7BdVQR668yes.roa
File: qd3y2wYZelM9l2d7BdVQR668yes.roa (raw, json)
Hash identifier: VVyyZhXYGihUtAArbA7MgzkPZvSB//57jme66Dri/48=
Subject key identifier: A9:DD:F2:DB:06:19:7A:53:3D:97:67:7B:05:D5:50:47:AE:BC:C9:EB
Certificate issuer: /CN=8faca1a5b17015e1d163ddbd51a217ebbe58e46b
Certificate serial: 02032D
Authority key identifier: 8F:AC:A1:A5:B1:70:15:E1:D1:63:DD:BD:51:A2:17:EB:BE:58:E4:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j6yhpbFwFeHRY929UaIX675Y5Gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/4b43b5-0d95-4d42-8068-480e27adc79a/1/qd3y2wYZelM9l2d7BdVQR668yes.roa
Signing time: Sun 06 Mar 2022 07:51:37 +0000
ROA not before: Sun 06 Mar 2022 07:51:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201106
IP address blocks: 217.114.47.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 131885 (0x2032d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8faca1a5b17015e1d163ddbd51a217ebbe58e46b
Validity
Not Before: Mar 6 07:51:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a9ddf2db06197a533d97677b05d55047aebcc9eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:08:d7:17:fe:f7:93:4b:17:78:18:2d:06:ec:
b9:5e:62:01:df:ec:ca:92:77:05:91:5b:98:22:3e:
c6:66:18:e0:ab:3a:da:3b:d4:aa:91:2b:13:bc:b0:
07:95:aa:ab:54:e5:e9:94:8c:e6:6f:fa:5d:2d:8d:
1b:2a:2f:85:0f:0a:7b:e6:49:70:e5:dc:24:bf:c4:
b5:db:b3:45:f1:7a:c9:f9:1b:3c:7b:22:fe:dc:aa:
db:16:c7:da:60:11:a7:6a:9c:e1:87:7a:7b:27:a0:
44:57:ff:e8:35:6d:18:b9:d7:b8:44:64:6e:4a:b2:
bb:5b:f5:14:55:00:04:4a:48:83:38:20:81:84:1b:
29:71:f2:7a:93:02:1c:31:b6:39:bc:fc:10:3a:69:
4b:7b:d9:04:b3:00:84:c3:10:85:9e:8b:2b:50:cb:
3b:a2:4b:da:f9:34:b5:5a:31:b3:5e:52:1e:0f:51:
57:7b:06:b0:a4:20:5c:0b:df:89:17:b3:ae:2f:f7:
ac:9d:1a:82:58:a5:f7:e4:3a:92:81:3f:59:70:73:
5f:40:65:16:0e:26:2a:cf:a2:f8:55:96:a0:7d:a7:
5b:8d:39:f2:93:83:b5:39:a7:f8:f5:38:ea:c3:12:
6e:bd:d1:42:0a:61:1b:9a:a1:14:f1:82:fe:37:3c:
93:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:DD:F2:DB:06:19:7A:53:3D:97:67:7B:05:D5:50:47:AE:BC:C9:EB
X509v3 Authority Key Identifier:
keyid:8F:AC:A1:A5:B1:70:15:E1:D1:63:DD:BD:51:A2:17:EB:BE:58:E4:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j6yhpbFwFeHRY929UaIX675Y5Gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/4b43b5-0d95-4d42-8068-480e27adc79a/1/qd3y2wYZelM9l2d7BdVQR668yes.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/4b43b5-0d95-4d42-8068-480e27adc79a/1/j6yhpbFwFeHRY929UaIX675Y5Gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.114.47.0/24
Signature Algorithm: sha256WithRSAEncryption
04:64:1c:8e:5d:7b:77:38:e4:c5:f4:95:05:c6:04:35:90:f9:
90:2d:72:62:6b:fc:c6:96:88:71:94:23:a5:8d:3b:13:6f:54:
6e:d5:7c:3a:6e:43:4b:35:5f:2c:be:34:69:61:fe:18:4e:21:
e8:62:47:be:64:23:90:92:0a:11:f9:b6:ae:e3:1e:1c:93:91:
5e:7d:f1:82:1d:ce:0e:54:5a:6f:0c:03:31:7d:91:c2:d0:ef:
de:5d:05:c5:45:50:4a:81:91:d1:74:c6:97:52:22:fb:41:b7:
12:89:2a:e5:1a:f2:35:4f:50:b8:2a:8a:cd:45:b1:63:05:94:
2b:fc:60:c9:cc:2a:64:bd:82:df:3f:da:06:05:be:8b:2b:17:
ca:94:24:20:99:7d:26:a2:f3:76:84:68:0f:e1:a5:f8:78:e8:
65:4f:06:a7:d2:2a:e0:9a:b2:cf:cb:aa:40:ed:3a:e9:1c:34:
b9:3b:dd:12:14:83:b4:e6:8f:89:21:43:42:06:33:6b:59:62:
29:56:07:6c:73:5d:3d:24:ed:f6:7d:5f:db:2c:0f:49:56:93:
5b:df:cc:71:df:fc:10:8c:a4:27:dd:74:de:23:09:c9:e7:9b:
54:f7:38:42:23:e0:e0:8c:05:f9:56:ce:66:b3:ab:cf:10:d6:
f2:9e:70:1a
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAgMtMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDhm
YWNhMWE1YjE3MDE1ZTFkMTYzZGRiZDUxYTIxN2ViYmU1OGU0NmIwHhcNMjIwMzA2
MDc1MTM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhhOWRkZjJkYjA2MTk3
YTUzM2Q5NzY3N2IwNWQ1NTA0N2FlYmNjOWViMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAugjXF/73k0sXeBgtBuy5XmIB3+zKkncFkVuYIj7GZhjgqzra
O9SqkSsTvLAHlaqrVOXplIzmb/pdLY0bKi+FDwp75klw5dwkv8S127NF8XrJ+Rs8
eyL+3KrbFsfaYBGnapzhh3p7J6BEV//oNW0Yude4RGRuSrK7W/UUVQAESkiDOCCB
hBspcfJ6kwIcMbY5vPwQOmlLe9kEswCEwxCFnosrUMs7okva+TS1WjGzXlIeD1FX
ewawpCBcC9+JF7OuL/esnRqCWKX35DqSgT9ZcHNfQGUWDiYqz6L4VZagfadbjTny
k4O1Oaf49TjqwxJuvdFCCmEbmqEU8YL+NzyTjQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFKnd8tsGGXpTPZdnewXVUEeuvMnrMB8GA1UdIwQYMBaAFI+soaWxcBXh0WPd
vVGiF+u+WORrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
ajZ5aHBiRndGZUhSWTkyOVVhSVg2NzVZNUdzLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8zYy80YjQzYjUtMGQ5NS00ZDQyLTgwNjgtNDgwZTI3YWRjNzlhLzEv
cWQzeTJ3WVplbE05bDJkN0JkVlFSNjY4eWVzLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy80
YjQzYjUtMGQ5NS00ZDQyLTgwNjgtNDgwZTI3YWRjNzlhLzEvajZ5aHBiRndGZUhS
WTkyOVVhSVg2NzVZNUdzLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2XIvMA0GCSqGSIb3DQEBCwUAA4IB
AQAEZByOXXt3OOTF9JUFxgQ1kPmQLXJia/zGlohxlCOljTsTb1Ru1Xw6bkNLNV8s
vjRpYf4YTiHoYke+ZCOQkgoR+bau4x4ck5FeffGCHc4OVFpvDAMxfZHC0O/eXQXF
RVBKgZHRdMaXUiL7QbcSiSrlGvI1T1C4KorNRbFjBZQr/GDJzCpkvYLfP9oGBb6L
KxfKlCQgmX0movN2hGgP4aX4eOhlTwan0irgmrLPy6pA7TrpHDS5O90SFIO05o+J
IUNCBjNrWWIpVgdsc109JO32fV/bLA9JVpNb38xx3/wQjKQn3XTeIwnJ55tU9zhC
I+DgjAX5Vs5ms6vPENbynnAa
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:52 2023 by rpki-client on console-fra.rpki-client.org