Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/qBFqyrqk-MShac0es06nazxnhms.roa
File: qBFqyrqk-MShac0es06nazxnhms.roa (raw, json)
Hash identifier: 5oLjI8RwM2XkB04zhkT81cSUKbs2q6iDMa0zf6zNVrE=
Subject key identifier: A8:11:6A:CA:BA:A4:F8:C4:A1:69:CD:1E:B3:4E:A7:6B:3C:67:86:6B
Certificate issuer: /CN=541fdc7a2f11a5766d3ad7bdf625ce5e119a8fdf
Certificate serial: 01847A5FB7CAA0A1049F837F019BFBEE23BC
Authority key identifier: 54:1F:DC:7A:2F:11:A5:76:6D:3A:D7:BD:F6:25:CE:5E:11:9A:8F:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VB_cei8RpXZtOte99iXOXhGaj98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/qBFqyrqk-MShac0es06nazxnhms.roa
Signing time: Tue 15 Nov 2022 08:20:04 +0000
ROA not before: Tue 15 Nov 2022 08:20:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 40676
IP address blocks: 185.101.171.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7a:5f:b7:ca:a0:a1:04:9f:83:7f:01:9b:fb:ee:23:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=541fdc7a2f11a5766d3ad7bdf625ce5e119a8fdf
Validity
Not Before: Nov 15 08:20:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a8116acabaa4f8c4a169cd1eb34ea76b3c67866b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a9:3d:17:49:52:3e:cb:fa:38:01:ce:74:d7:
62:8f:4a:c9:fa:26:6c:a1:2e:f5:44:23:bd:80:95:
67:cb:cf:67:44:b6:47:e8:6d:30:76:88:8b:24:dc:
8a:98:7c:71:57:85:df:1a:26:db:45:98:79:d2:f3:
46:87:29:b4:c8:00:6c:69:98:81:17:59:75:1c:7c:
5c:1a:0d:16:8e:5c:40:63:b0:83:43:20:02:66:cf:
7a:46:ac:dd:cc:66:d5:f2:10:3d:52:20:8b:6e:59:
86:91:cf:60:23:25:e7:98:30:62:60:0c:7a:1c:80:
6a:21:de:80:76:12:3a:af:6b:b8:0b:a6:9b:23:31:
c0:2d:f6:31:98:ec:70:f7:f6:9c:b5:25:2d:7b:99:
52:b2:12:6d:05:7c:60:e0:5f:5c:58:ad:8e:19:97:
4c:e2:87:68:c1:a8:15:80:eb:af:16:a9:e8:c0:0f:
dc:ab:2d:e5:1a:2b:46:df:e0:40:79:ce:b9:56:e2:
2e:d0:1c:c4:4f:f7:60:4e:66:53:aa:e7:b2:8a:3d:
c6:36:26:64:af:09:e1:c8:52:58:55:f2:7f:39:0d:
e0:9a:a6:cc:0c:14:1b:d9:e1:69:c4:26:59:89:51:
f5:24:2f:3d:04:55:0e:aa:76:9d:8b:40:14:87:53:
20:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:11:6A:CA:BA:A4:F8:C4:A1:69:CD:1E:B3:4E:A7:6B:3C:67:86:6B
X509v3 Authority Key Identifier:
keyid:54:1F:DC:7A:2F:11:A5:76:6D:3A:D7:BD:F6:25:CE:5E:11:9A:8F:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VB_cei8RpXZtOte99iXOXhGaj98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/qBFqyrqk-MShac0es06nazxnhms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/VB_cei8RpXZtOte99iXOXhGaj98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.101.171.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:2b:06:11:37:33:0c:9c:1f:9e:65:9b:95:62:6b:02:2f:0d:
62:e6:49:3f:c0:0e:2a:ca:63:ec:7a:0f:17:8d:1f:3c:9e:99:
42:09:64:15:36:cd:b6:2c:d3:59:cf:1c:28:62:bd:d1:58:14:
11:dc:55:f4:bd:0f:de:d0:9d:99:87:48:3f:60:95:51:13:99:
24:37:75:2c:df:e2:a0:de:d5:7b:1b:74:94:e2:35:56:9f:d8:
7a:58:94:c0:40:53:af:58:81:04:3d:76:67:5e:78:3c:df:1b:
54:a6:4a:53:06:cb:de:8b:03:0b:6a:9d:ce:53:27:96:38:4c:
d9:15:e7:5e:93:a0:24:a1:49:59:81:77:ec:b5:e3:5f:fb:eb:
e1:d8:0e:d8:34:49:93:97:78:ab:e8:14:ea:7f:fb:fa:51:45:
0f:15:16:bf:e5:2d:a3:56:71:f2:e9:9f:20:d3:46:95:0a:dc:
1f:70:50:19:9b:23:f1:a4:d3:0d:7f:3c:71:10:85:a5:0f:8c:
1c:b0:96:ac:6e:7c:89:20:5f:3c:c1:ea:17:7d:e7:db:71:aa:
f5:fc:b9:e2:f2:7c:85:50:04:f4:d9:d6:4f:c7:7d:77:2d:56:
75:c6:e0:de:b0:c8:77:d5:92:6f:34:4b:46:01:6d:7e:5f:c5:
64:8e:7c:31
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYR6X7fKoKEEn4N/AZv77iO8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MWZkYzdhMmYxMWE1NzY2ZDNhZDdiZGY2MjVjZTVlMTE5
YThmZGYwHhcNMjIxMTE1MDgyMDA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODExNmFjYWJhYTRmOGM0YTE2OWNkMWViMzRlYTc2YjNjNjc4NjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqk9F0lSPsv6OAHOdNdij0rJ+iZs
oS71RCO9gJVny89nRLZH6G0wdoiLJNyKmHxxV4XfGibbRZh50vNGhym0yABsaZiB
F1l1HHxcGg0WjlxAY7CDQyACZs96RqzdzGbV8hA9UiCLblmGkc9gIyXnmDBiYAx6
HIBqId6AdhI6r2u4C6abIzHALfYxmOxw9/actSUte5lSshJtBXxg4F9cWK2OGZdM
4odowagVgOuvFqnowA/cqy3lGitG3+BAec65VuIu0BzET/dgTmZTqueyij3GNiZk
rwnhyFJYVfJ/OQ3gmqbMDBQb2eFpxCZZiVH1JC89BFUOqnadi0AUh1Mg4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKgRasq6pPjEoWnNHrNOp2s8Z4ZrMB8GA1UdIwQY
MBaAFFQf3HovEaV2bTrXvfYlzl4Rmo/fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkJfY2VpOFJwWFp0T3RlOTlpWE9YaEdhajk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC84ZmFkNjctYmI2Yi00NzczLWI4MWUt
YzkwMGE4OWYyMGYxLzEvcUJGcXlycWstTVNoYWMwZXMwNm5henhuaG1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC84ZmFkNjctYmI2Yi00NzczLWI4MWUtYzkwMGE4OWYyMGYx
LzEvVkJfY2VpOFJwWFp0T3RlOTlpWE9YaEdhajk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWWrMA0G
CSqGSIb3DQEBCwUAA4IBAQC3KwYRNzMMnB+eZZuVYmsCLw1i5kk/wA4qymPseg8X
jR88nplCCWQVNs22LNNZzxwoYr3RWBQR3FX0vQ/e0J2Zh0g/YJVRE5kkN3Us3+Kg
3tV7G3SU4jVWn9h6WJTAQFOvWIEEPXZnXng83xtUpkpTBsveiwMLap3OUyeWOEzZ
Fedek6AkoUlZgXfsteNf++vh2A7YNEmTl3ir6BTqf/v6UUUPFRa/5S2jVnHy6Z8g
00aVCtwfcFAZmyPxpNMNfzxxEIWlD4wcsJasbnyJIF88weoXfefbcar1/Lni8nyF
UAT02dZPx313LVZ1xuDesMh31ZJvNEtGAW1+X8Vkjnwx
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:39 2023 by rpki-client on console-ams.rpki-client.org