Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/c54214-52d5-46dc-9939-c1402d261432/1/u-qQSy_z2ebBVWVAofTWQIFOouc.roa
File: u-qQSy_z2ebBVWVAofTWQIFOouc.roa (raw, json)
Hash identifier: uEVWoS5k0zKkvch4KG+XQbYaaSWg4S9pXjow0nIV+ew=
Subject key identifier: BB:EA:90:4B:2F:F3:D9:E6:C1:55:65:40:A1:F4:D6:40:81:4E:A2:E7
Certificate issuer: /CN=1a885c37e747bce23ee9097e5ff7e983bcba0db4
Certificate serial: 018475BA738C5005D3BE90166B3542C1A7BF
Authority key identifier: 1A:88:5C:37:E7:47:BC:E2:3E:E9:09:7E:5F:F7:E9:83:BC:BA:0D:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GohcN-dHvOI-6Ql-X_fpg7y6DbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/c54214-52d5-46dc-9939-c1402d261432/1/u-qQSy_z2ebBVWVAofTWQIFOouc.roa
Signing time: Mon 14 Nov 2022 10:41:04 +0000
ROA not before: Mon 14 Nov 2022 10:41:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210163
IP address blocks: 194.180.44.0/24 maxlen: 24
194.180.46.0/24 maxlen: 24
194.180.47.0/24 maxlen: 24
194.180.45.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:75:ba:73:8c:50:05:d3:be:90:16:6b:35:42:c1:a7:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a885c37e747bce23ee9097e5ff7e983bcba0db4
Validity
Not Before: Nov 14 10:41:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bbea904b2ff3d9e6c1556540a1f4d640814ea2e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:af:09:c1:2b:41:3e:5e:ed:0d:b5:86:69:68:
7a:99:bd:f8:9f:cf:2b:c9:61:c2:c2:47:b8:8e:d2:
e8:29:db:05:d2:80:91:4a:fe:da:6a:c0:67:3b:76:
54:7a:b4:9c:26:81:26:f4:6c:fd:da:7b:a1:64:70:
46:48:38:08:1c:eb:68:94:59:95:3d:fe:33:d5:e6:
e8:1a:30:cf:87:0a:fd:b2:9b:4d:6b:be:b3:f6:80:
59:96:c8:3a:b7:77:8f:bd:b1:3d:46:7a:25:6e:81:
4c:50:e8:22:28:a0:fd:ce:79:09:d7:48:59:14:fb:
e1:3f:cf:97:3b:9f:a2:05:10:da:ba:24:5f:c2:f3:
cc:9f:03:81:ac:7a:a0:fd:da:60:63:b6:b0:e8:4a:
f2:ae:4e:78:fe:5c:26:a7:b8:cd:2f:f8:9f:64:38:
57:da:24:62:f8:48:88:4d:31:70:40:42:a0:82:ad:
5b:1b:0b:0c:49:1b:cd:02:ee:b8:65:5d:3d:7f:a5:
3f:b6:4e:68:c8:01:24:5b:16:3b:63:cf:5b:f0:6e:
3b:ff:03:a4:df:f3:c5:43:3f:84:d7:2e:0d:20:07:
4e:b6:ff:69:79:59:67:f0:7c:7e:21:d6:f0:27:63:
32:f4:b8:6c:e9:6b:d2:5a:55:31:f8:29:0e:8c:26:
c7:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:EA:90:4B:2F:F3:D9:E6:C1:55:65:40:A1:F4:D6:40:81:4E:A2:E7
X509v3 Authority Key Identifier:
keyid:1A:88:5C:37:E7:47:BC:E2:3E:E9:09:7E:5F:F7:E9:83:BC:BA:0D:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GohcN-dHvOI-6Ql-X_fpg7y6DbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/c54214-52d5-46dc-9939-c1402d261432/1/u-qQSy_z2ebBVWVAofTWQIFOouc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/c54214-52d5-46dc-9939-c1402d261432/1/GohcN-dHvOI-6Ql-X_fpg7y6DbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.180.44.0/22
Signature Algorithm: sha256WithRSAEncryption
8c:c2:65:12:bb:cb:ff:d2:6b:ee:0a:0a:05:eb:22:ef:bf:7c:
7f:fc:1a:dc:72:f1:65:ed:f0:0c:66:3b:c7:6f:6a:2e:c1:f2:
5f:46:a9:a8:1c:c1:d6:56:3c:94:42:24:c1:aa:c4:ac:63:48:
4e:44:b2:f1:2c:f5:2c:e3:1e:ef:71:0f:3c:6b:8e:fc:84:a3:
ee:a8:9d:61:41:58:ef:e1:a7:53:6a:53:01:d4:4a:f5:29:89:
c5:ed:e0:e7:53:5d:fc:13:01:f7:9b:b9:cc:b5:42:c8:e7:d2:
28:aa:94:dd:d1:4a:53:44:57:d5:ac:f6:a0:89:d1:f0:ff:4e:
e5:c3:29:69:bf:88:2d:c9:bc:d3:a3:2b:35:9d:e4:75:b3:3d:
44:29:0d:13:50:34:50:90:b6:48:e5:78:9f:d4:16:dd:27:d9:
0f:3e:37:3e:bc:9a:d5:ef:d7:3a:65:23:b2:7d:7c:1f:08:d1:
b4:91:a9:1d:15:0d:a0:87:d3:db:f9:5c:14:89:0a:d4:21:4e:
08:f4:10:08:0a:30:57:06:40:0d:1d:ed:15:e0:9f:f0:44:cc:
b1:53:03:bc:0e:a0:fa:bd:24:f8:22:b5:91:a6:7d:b7:64:f1:
44:b3:97:3d:16:df:d4:75:37:b6:0a:6e:b1:3d:0a:83:e2:5e:
1f:47:77:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYR1unOMUAXTvpAWazVCwae/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhODg1YzM3ZTc0N2JjZTIzZWU5MDk3ZTVmZjdlOTgzYmNi
YTBkYjQwHhcNMjIxMTE0MTA0MTA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmVhOTA0YjJmZjNkOWU2YzE1NTY1NDBhMWY0ZDY0MDgxNGVhMmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs68JwStBPl7tDbWGaWh6mb34n88r
yWHCwke4jtLoKdsF0oCRSv7aasBnO3ZUerScJoEm9Gz92nuhZHBGSDgIHOtolFmV
Pf4z1eboGjDPhwr9sptNa76z9oBZlsg6t3ePvbE9RnolboFMUOgiKKD9znkJ10hZ
FPvhP8+XO5+iBRDauiRfwvPMnwOBrHqg/dpgY7aw6Eryrk54/lwmp7jNL/ifZDhX
2iRi+EiITTFwQEKggq1bGwsMSRvNAu64ZV09f6U/tk5oyAEkWxY7Y89b8G47/wOk
3/PFQz+E1y4NIAdOtv9peVln8Hx+IdbwJ2My9Lhs6WvSWlUx+CkOjCbHxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLvqkEsv89nmwVVlQKH01kCBTqLnMB8GA1UdIwQY
MBaAFBqIXDfnR7ziPukJfl/36YO8ug20MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR29oY04tZEh2T0ktNlFsLVhfZnBnN3k2RGJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9jNTQyMTQtNTJkNS00NmRjLTk5Mzkt
YzE0MDJkMjYxNDMyLzEvdS1xUVN5X3oyZWJCVldWQW9mVFdRSUZPb3VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9jNTQyMTQtNTJkNS00NmRjLTk5MzktYzE0MDJkMjYxNDMy
LzEvR29oY04tZEh2T0ktNlFsLVhfZnBnN3k2RGJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwrQsMA0G
CSqGSIb3DQEBCwUAA4IBAQCMwmUSu8v/0mvuCgoF6yLvv3x//BrccvFl7fAMZjvH
b2ouwfJfRqmoHMHWVjyUQiTBqsSsY0hORLLxLPUs4x7vcQ88a478hKPuqJ1hQVjv
4adTalMB1Er1KYnF7eDnU138EwH3m7nMtULI59IoqpTd0UpTRFfVrPagidHw/07l
wylpv4gtybzToys1neR1sz1EKQ0TUDRQkLZI5Xif1BbdJ9kPPjc+vJrV79c6ZSOy
fXwfCNG0kakdFQ2gh9Pb+VwUiQrUIU4I9BAICjBXBkANHe0V4J/wRMyxUwO8DqD6
vST4IrWRpn23ZPFEs5c9Ft/UdTe2Cm6xPQqD4l4fR3fr
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:43 2023 by rpki-client on console-ams.rpki-client.org