Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/b329eb-fa5b-4fa8-b49b-f623304ed79a/1/zqbW9CHqV43knQKqBbEu4s_HOLg.roa
File: zqbW9CHqV43knQKqBbEu4s_HOLg.roa (raw, json)
Hash identifier: Mq1e21KtjdMxly6bLijTz5RNCOOR9/iP8aGF4WS/eZs=
Subject key identifier: CE:A6:D6:F4:21:EA:57:8D:E4:9D:02:AA:05:B1:2E:E2:CF:C7:38:B8
Certificate issuer: /CN=cd40d5ea59f80da61b4486bd999be112a1a35387
Certificate serial: AC3A
Authority key identifier: CD:40:D5:EA:59:F8:0D:A6:1B:44:86:BD:99:9B:E1:12:A1:A3:53:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zUDV6ln4DaYbRIa9mZvhEqGjU4c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/b329eb-fa5b-4fa8-b49b-f623304ed79a/1/zqbW9CHqV43knQKqBbEu4s_HOLg.roa
Signing time: Thu 13 Jan 2022 03:11:42 +0000
ROA not before: Thu 13 Jan 2022 03:11:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 38942
IP address blocks: 87.239.40.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44090 (0xac3a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd40d5ea59f80da61b4486bd999be112a1a35387
Validity
Not Before: Jan 13 03:11:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cea6d6f421ea578de49d02aa05b12ee2cfc738b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:70:8b:e1:40:58:d5:6e:70:9d:99:81:17:b9:
a6:63:d1:5b:13:d2:b8:78:46:04:86:87:b2:67:a6:
e4:f6:6f:dd:19:70:cd:4d:d7:08:a6:87:83:ae:96:
1c:6e:99:55:e9:e5:8e:30:b9:e4:e2:9f:85:ed:70:
66:8d:e4:f4:f2:06:90:73:e0:ed:52:de:e1:e7:a1:
85:96:e9:a1:92:11:f3:fb:30:e6:46:45:3a:44:d8:
96:40:b7:11:62:aa:0b:65:c4:f1:2a:e1:63:86:e4:
4d:32:74:d2:b7:a8:a0:47:a6:34:13:66:08:fa:94:
0f:9e:9a:53:e6:31:30:80:0d:63:10:bb:49:a9:a1:
f3:a3:81:71:6f:a6:ba:e9:5f:f6:df:ef:a8:2c:4f:
95:59:be:84:3b:f3:fd:e3:e0:22:21:4f:f1:45:ea:
f2:6c:50:04:d8:a0:99:12:43:95:ef:b1:32:9d:6e:
54:cc:fc:03:f4:11:89:79:81:d7:50:22:d5:cc:4f:
62:5c:b2:63:c4:68:53:a2:1c:d2:f1:85:e0:c8:6a:
1b:76:e5:1f:75:bb:d3:c0:0f:46:06:91:70:0c:68:
b8:74:54:37:bf:60:22:c5:ae:77:e3:f5:b4:fa:3b:
07:6a:42:10:d3:b2:b2:f4:d0:a0:dc:75:1e:24:e0:
ad:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:A6:D6:F4:21:EA:57:8D:E4:9D:02:AA:05:B1:2E:E2:CF:C7:38:B8
X509v3 Authority Key Identifier:
keyid:CD:40:D5:EA:59:F8:0D:A6:1B:44:86:BD:99:9B:E1:12:A1:A3:53:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zUDV6ln4DaYbRIa9mZvhEqGjU4c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/b329eb-fa5b-4fa8-b49b-f623304ed79a/1/zqbW9CHqV43knQKqBbEu4s_HOLg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/b329eb-fa5b-4fa8-b49b-f623304ed79a/1/zUDV6ln4DaYbRIa9mZvhEqGjU4c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.239.40.0/21
Signature Algorithm: sha256WithRSAEncryption
35:fa:5a:b8:e2:ca:53:a2:8e:93:e9:de:2e:e7:65:e0:14:f1:
ac:4e:d6:1b:20:0d:44:60:7e:33:5d:58:5d:dd:36:69:c2:1f:
ea:30:1b:89:02:3e:3d:55:e5:58:ee:dc:e2:af:b6:3f:68:ed:
7b:f8:cf:7a:2d:01:89:bb:8d:cc:b8:82:88:9d:8a:b7:d1:87:
4c:7a:e6:47:6e:a8:2f:08:d6:e9:a7:af:d0:e0:b7:4f:6a:3e:
26:29:eb:32:ae:86:06:8a:05:03:83:f4:09:9d:b0:49:4e:6c:
3f:2f:0c:9d:5d:73:54:da:67:3f:72:6e:b7:03:91:1e:8d:db:
92:cd:d1:92:85:de:95:52:ed:46:49:c6:e7:14:ed:f5:18:0d:
55:05:17:56:8e:e7:67:df:44:ef:a3:b8:2b:33:7d:1b:d0:3d:
6b:06:58:29:80:30:4c:9e:65:67:d4:18:11:34:5d:a3:d1:42:
fd:9e:b3:21:5e:09:58:0e:1d:18:6e:12:52:2b:e5:9c:47:c2:
39:7d:e6:15:14:b3:aa:d8:d2:46:52:35:6e:a5:41:f9:50:41:
b0:bc:34:f3:7f:b2:a0:ef:e4:82:8d:58:29:6c:5f:63:36:49:
d6:d5:76:d7:3b:d4:37:28:57:b3:e6:5e:4d:76:39:39:3e:3c:
8f:37:d5:f8
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAKw6MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNk
NDBkNWVhNTlmODBkYTYxYjQ0ODZiZDk5OWJlMTEyYTFhMzUzODcwHhcNMjIwMTEz
MDMxMTQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhjZWE2ZDZmNDIxZWE1
NzhkZTQ5ZDAyYWEwNWIxMmVlMmNmYzczOGI4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAyHCL4UBY1W5wnZmBF7mmY9FbE9K4eEYEhoeyZ6bk9m/dGXDN
TdcIpoeDrpYcbplV6eWOMLnk4p+F7XBmjeT08gaQc+DtUt7h56GFlumhkhHz+zDm
RkU6RNiWQLcRYqoLZcTxKuFjhuRNMnTSt6igR6Y0E2YI+pQPnppT5jEwgA1jELtJ
qaHzo4Fxb6a66V/23++oLE+VWb6EO/P94+AiIU/xRerybFAE2KCZEkOV77EynW5U
zPwD9BGJeYHXUCLVzE9iXLJjxGhTohzS8YXgyGobduUfdbvTwA9GBpFwDGi4dFQ3
v2Aixa534/W0+jsHakIQ07Ky9NCg3HUeJOCtnwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFM6m1vQh6leN5J0CqgWxLuLPxzi4MB8GA1UdIwQYMBaAFM1A1epZ+A2mG0SG
vZmb4RKho1OHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
elVEVjZsbjREYVliUklhOW1admhFcUdqVTRjLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC80NS9iMzI5ZWItZmE1Yi00ZmE4LWI0OWItZjYyMzMwNGVkNzlhLzEv
enFiVzlDSHFWNDNrblFLcUJiRXU0c19IT0xnLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9i
MzI5ZWItZmE1Yi00ZmE4LWI0OWItZjYyMzMwNGVkNzlhLzEvelVEVjZsbjREYVli
UklhOW1admhFcUdqVTRjLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDV+8oMA0GCSqGSIb3DQEBCwUAA4IB
AQA1+lq44spToo6T6d4u52XgFPGsTtYbIA1EYH4zXVhd3TZpwh/qMBuJAj49VeVY
7tzir7Y/aO17+M96LQGJu43MuIKInYq30YdMeuZHbqgvCNbpp6/Q4LdPaj4mKesy
roYGigUDg/QJnbBJTmw/LwydXXNU2mc/cm63A5EejduSzdGShd6VUu1GScbnFO31
GA1VBRdWjudn30Tvo7grM30b0D1rBlgpgDBMnmVn1BgRNF2j0UL9nrMhXglYDh0Y
bhJSK+WcR8I5feYVFLOq2NJGUjVupUH5UEGwvDTzf7Kg7+SCjVgpbF9jNknW1XbX
O9Q3KFez5l5Ndjk5PjyPN9X4
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:02 2023 by rpki-client on console-ams.rpki-client.org