Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/_QRfhcckx_NjrckSAN0fKUDzGGQ.roa
File: _QRfhcckx_NjrckSAN0fKUDzGGQ.roa (raw, json)
Hash identifier: GdZDw5cvO+DanggHrxdqG/BEiBTdyTjOXoWIMQE7674=
Subject key identifier: FD:04:5F:85:C7:24:C7:F3:63:AD:C9:12:00:DD:1F:29:40:F3:18:64
Certificate issuer: /CN=29be02dea0a086e9880f564c86872bbc597cc672
Certificate serial: 0184AE8351761A728DC8D7CFE0DA96567CA5
Authority key identifier: 29:BE:02:DE:A0:A0:86:E9:88:0F:56:4C:86:87:2B:BC:59:7C:C6:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kb4C3qCghumID1ZMhocrvFl8xnI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/_QRfhcckx_NjrckSAN0fKUDzGGQ.roa
Signing time: Fri 25 Nov 2022 11:19:12 +0000
ROA not before: Fri 25 Nov 2022 11:19:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51327
IP address blocks: 139.45.214.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ae:83:51:76:1a:72:8d:c8:d7:cf:e0:da:96:56:7c:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29be02dea0a086e9880f564c86872bbc597cc672
Validity
Not Before: Nov 25 11:19:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fd045f85c724c7f363adc91200dd1f2940f31864
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:7d:e9:4d:13:0e:d3:df:34:b9:25:08:c8:43:
74:76:a4:79:f3:4a:49:f8:ef:9e:6c:b3:74:e8:2b:
4e:b6:6d:67:21:42:97:e9:b8:22:69:f5:bb:33:82:
d9:0a:16:66:77:6d:0b:ec:c1:15:55:13:5d:f5:2f:
76:4e:99:7c:16:83:03:d9:63:a1:9b:a0:d4:4e:ef:
39:7e:ef:66:c1:7c:40:d5:d1:35:b9:05:cc:69:a0:
cb:32:ab:97:6f:f1:dc:0e:fe:43:d2:2f:5c:51:6c:
01:1c:af:4a:a1:05:02:a0:2c:9f:e4:68:7d:cb:fb:
cd:04:87:05:16:98:c5:0a:9c:67:41:0e:01:5f:14:
31:a9:20:7c:82:87:32:a8:c0:42:5f:ce:eb:69:a1:
0d:64:94:e3:b4:d9:49:a6:4e:e5:a5:3c:14:2b:f6:
db:d8:22:6e:5e:07:03:bc:14:e4:b1:79:16:23:e7:
a2:e8:60:e6:40:56:1a:5e:f3:ed:3b:ff:3d:4a:bf:
8b:09:78:ac:81:be:37:2a:e2:1b:55:92:c2:4c:66:
9d:2c:16:d4:7f:e6:32:aa:b9:93:e4:42:b7:09:a7:
40:23:b8:29:0c:7a:da:c6:86:4b:84:51:f6:92:32:
b8:69:a9:18:21:0b:28:94:98:4b:a0:26:77:c1:d1:
dd:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:04:5F:85:C7:24:C7:F3:63:AD:C9:12:00:DD:1F:29:40:F3:18:64
X509v3 Authority Key Identifier:
keyid:29:BE:02:DE:A0:A0:86:E9:88:0F:56:4C:86:87:2B:BC:59:7C:C6:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kb4C3qCghumID1ZMhocrvFl8xnI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/_QRfhcckx_NjrckSAN0fKUDzGGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/Kb4C3qCghumID1ZMhocrvFl8xnI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.45.214.0/23
Signature Algorithm: sha256WithRSAEncryption
55:38:98:d5:cc:6f:e3:fe:f1:b9:1b:9e:bc:f8:4a:ee:f2:75:
33:3c:72:0b:93:4c:53:79:be:ab:13:5e:ee:c5:ce:5c:86:2c:
8e:c0:27:10:09:02:66:eb:04:4c:6d:98:61:65:63:95:09:d7:
68:a9:d5:bc:f0:8b:ed:7e:13:22:f0:7f:2d:1e:ac:6c:cc:1c:
94:dd:c5:d4:c5:50:0b:ab:c5:32:9a:1a:f4:d6:8b:11:82:45:
e7:90:85:67:fa:e2:e8:e6:c9:b8:ac:ce:52:7e:4f:86:a4:a8:
da:8c:e6:cd:bc:bf:fc:9e:0a:0a:2c:03:d4:fb:b6:0b:f2:0b:
86:fa:93:3e:31:d1:d0:63:10:8f:df:61:c1:8a:85:5b:ec:2a:
77:aa:d8:4e:4d:90:ce:2f:62:0d:88:09:27:6a:7e:a9:ae:c9:
9a:e4:67:2e:c3:64:9e:b7:2d:d9:f3:87:8e:43:ed:bf:46:53:
a7:71:de:51:e3:41:96:57:a5:6e:c2:cf:e6:83:a4:20:67:ec:
c1:ee:40:83:a8:07:d6:6c:6a:a7:1f:72:97:f6:c2:03:51:3a:
cc:67:ca:81:4b:c3:34:53:fb:41:db:12:bb:88:96:13:5f:0a:
8b:a3:d0:2b:27:9d:8f:01:c0:02:51:83:c6:05:9a:04:b5:24:
70:dd:4b:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSug1F2GnKNyNfP4NqWVnylMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YmUwMmRlYTBhMDg2ZTk4ODBmNTY0Yzg2ODcyYmJjNTk3
Y2M2NzIwHhcNMjIxMTI1MTExOTEyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDA0NWY4NWM3MjRjN2YzNjNhZGM5MTIwMGRkMWYyOTQwZjMxODY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkX3pTRMO0980uSUIyEN0dqR580pJ
+O+ebLN06CtOtm1nIUKX6bgiafW7M4LZChZmd20L7MEVVRNd9S92Tpl8FoMD2WOh
m6DUTu85fu9mwXxA1dE1uQXMaaDLMquXb/HcDv5D0i9cUWwBHK9KoQUCoCyf5Gh9
y/vNBIcFFpjFCpxnQQ4BXxQxqSB8gocyqMBCX87raaENZJTjtNlJpk7lpTwUK/bb
2CJuXgcDvBTksXkWI+ei6GDmQFYaXvPtO/89Sr+LCXisgb43KuIbVZLCTGadLBbU
f+YyqrmT5EK3CadAI7gpDHraxoZLhFH2kjK4aakYIQsolJhLoCZ3wdHdAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP0EX4XHJMfzY63JEgDdHylA8xhkMB8GA1UdIwQY
MBaAFCm+At6goIbpiA9WTIaHK7xZfMZyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2I0QzNxQ2dodW1JRDFaTWhvY3J2Rmw4eG5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9lYTFjZmYtYWU4Zi00NzE5LTg5YjMt
MDAzYTE1NjhiZjNmLzEvX1FSZmhjY2t4X05qcmNrU0FOMGZLVUR6R0dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9lYTFjZmYtYWU4Zi00NzE5LTg5YjMtMDAzYTE1NjhiZjNm
LzEvS2I0QzNxQ2dodW1JRDFaTWhvY3J2Rmw4eG5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBiy3WMA0G
CSqGSIb3DQEBCwUAA4IBAQBVOJjVzG/j/vG5G568+Eru8nUzPHILk0xTeb6rE17u
xc5chiyOwCcQCQJm6wRMbZhhZWOVCddoqdW88IvtfhMi8H8tHqxszByU3cXUxVAL
q8Uymhr01osRgkXnkIVn+uLo5sm4rM5Sfk+GpKjajObNvL/8ngoKLAPU+7YL8guG
+pM+MdHQYxCP32HBioVb7Cp3qthOTZDOL2INiAknan6prsma5Gcuw2Sety3Z84eO
Q+2/RlOncd5R40GWV6Vuws/mg6QgZ+zB7kCDqAfWbGqnH3KX9sIDUTrMZ8qBS8M0
U/tB2xK7iJYTXwqLo9ArJ52PAcACUYPGBZoEtSRw3UsE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:17 2024 by rpki-client on console-fra.rpki-client.org