Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/q_yao8AIJiNv3H3DVdD2Taoi_tw.roa
File: q_yao8AIJiNv3H3DVdD2Taoi_tw.roa (raw, json)
Hash identifier: tH06EEhXEQbJd0+CHjjtyrKKEdvwwzdMgft81Pxjpxg=
Subject key identifier: AB:FC:9A:A3:C0:08:26:23:6F:DC:7D:C3:55:D0:F6:4D:AA:22:FE:DC
Certificate issuer: /CN=95b30111b0b720a209f788c8b90f60380b465c2e
Certificate serial: 0185308C67FBE6DFCDEC0ABD7E144CA58AED
Authority key identifier: 95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/q_yao8AIJiNv3H3DVdD2Taoi_tw.roa
Signing time: Tue 20 Dec 2022 17:19:46 +0000
ROA not before: Tue 20 Dec 2022 17:19:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205262
IP address blocks: 89.40.74.0/24 maxlen: 24
37.122.216.0/22 maxlen: 24
185.205.252.0/22 maxlen: 24
185.84.204.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:30:8c:67:fb:e6:df:cd:ec:0a:bd:7e:14:4c:a5:8a:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95b30111b0b720a209f788c8b90f60380b465c2e
Validity
Not Before: Dec 20 17:19:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=abfc9aa3c00826236fdc7dc355d0f64daa22fedc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:57:e4:9c:58:bf:7b:43:cd:43:3f:ac:23:6f:
4b:87:00:0a:ab:20:98:29:23:fe:3c:d3:31:e1:b6:
74:02:f8:0b:e3:23:1c:6a:0e:04:38:f1:cd:d4:bb:
a7:fd:8d:dc:08:eb:46:c0:8e:81:f4:22:ac:ec:1e:
f0:5d:6c:de:48:ee:ab:43:aa:71:8b:5c:7a:d8:64:
de:f1:d7:8d:87:05:bf:31:0e:9d:f6:68:af:8e:8e:
a1:50:fa:c0:d3:cc:18:98:8f:3a:8b:05:b4:c7:04:
11:f8:92:1b:bf:02:f8:b6:5b:38:cf:31:2c:6a:99:
8b:c7:75:96:40:4b:37:4a:36:1a:3d:da:64:01:75:
14:8f:af:33:83:e8:06:8d:9f:c7:cc:81:cf:f0:6f:
d8:a5:34:9c:72:e0:8a:13:47:07:d9:9c:5f:17:7c:
57:96:62:e3:d0:15:67:5a:b1:1e:76:cc:30:94:d1:
a9:10:a2:76:9a:3f:10:59:2d:87:ec:70:77:f7:ef:
fe:64:e7:ea:06:06:ff:6b:65:a2:d8:cc:60:3f:31:
a9:94:41:3d:05:3c:62:66:53:67:b6:2d:c5:96:f8:
80:3c:67:b1:d8:8d:db:44:1d:30:be:ba:6f:ab:99:
56:ba:6c:a1:b2:e5:f7:17:2d:b7:b6:30:73:8d:5c:
2b:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:FC:9A:A3:C0:08:26:23:6F:DC:7D:C3:55:D0:F6:4D:AA:22:FE:DC
X509v3 Authority Key Identifier:
keyid:95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/q_yao8AIJiNv3H3DVdD2Taoi_tw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.122.216.0/22
89.40.74.0/24
185.84.204.0/22
185.205.252.0/22
Signature Algorithm: sha256WithRSAEncryption
25:81:0a:cb:d6:1d:f8:0e:a1:31:16:70:ae:af:24:b3:45:ea:
94:2f:d0:d5:18:da:9e:de:46:fa:d1:4f:87:cd:89:02:ac:e5:
b4:01:29:21:50:56:cb:c0:c6:5a:49:db:e8:d5:04:1b:c4:9f:
66:a4:c7:dd:b6:83:74:7a:18:69:53:d5:27:d1:79:80:9b:b8:
48:92:ae:12:e5:aa:04:d1:3b:82:1b:35:53:85:0b:49:63:93:
36:1c:50:bd:5d:68:0f:00:72:7a:ba:02:f2:51:dd:db:dc:5c:
0b:0f:24:d4:6c:4f:1c:8f:fc:4c:b1:80:ea:22:41:c1:d2:c2:
fa:aa:f4:6c:f4:b3:4f:f2:db:72:7a:50:f6:bf:0d:10:63:61:
36:8a:85:66:a9:db:00:9d:8b:82:58:42:02:59:02:64:ed:00:
08:37:1d:d8:14:a4:64:a8:b6:3b:65:bb:b5:a6:6a:b2:be:42:
a4:0d:58:84:e5:f1:09:45:b4:3e:a8:2c:d1:ad:b2:20:3e:ee:
d3:15:3a:38:b1:51:a2:55:75:4b:eb:ce:40:1c:b8:e2:a6:6c:
24:1f:be:2a:b1:0a:e0:c4:4e:90:20:84:f8:d6:49:d6:3d:06:
f1:31:8d:2a:67:ea:45:b7:33:2e:8f:a2:26:bc:2e:43:8d:02:
71:42:75:d6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYUwjGf75t/N7Aq9fhRMpYrtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YjMwMTExYjBiNzIwYTIwOWY3ODhjOGI5MGY2MDM4MGI0
NjVjMmUwHhcNMjIxMjIwMTcxOTQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmZjOWFhM2MwMDgyNjIzNmZkYzdkYzM1NWQwZjY0ZGFhMjJmZWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxlfknFi/e0PNQz+sI29LhwAKqyCY
KSP+PNMx4bZ0AvgL4yMcag4EOPHN1Lun/Y3cCOtGwI6B9CKs7B7wXWzeSO6rQ6px
i1x62GTe8deNhwW/MQ6d9mivjo6hUPrA08wYmI86iwW0xwQR+JIbvwL4tls4zzEs
apmLx3WWQEs3SjYaPdpkAXUUj68zg+gGjZ/HzIHP8G/YpTSccuCKE0cH2ZxfF3xX
lmLj0BVnWrEedswwlNGpEKJ2mj8QWS2H7HB39+/+ZOfqBgb/a2Wi2MxgPzGplEE9
BTxiZlNnti3FlviAPGex2I3bRB0wvrpvq5lWumyhsuX3Fy23tjBzjVwrwwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKv8mqPACCYjb9x9w1XQ9k2qIv7cMB8GA1UdIwQY
MBaAFJWzARGwtyCiCfeIyLkPYDgLRlwuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmIt
OTE2NDZiZjAxNTNkLzEvcV95YW84QUlKaU52M0gzRFZkRDJUYW9pX3R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmItOTE2NDZiZjAxNTNk
LzEvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCJXrYAwQA
WShKAwQCuVTMAwQCuc38MA0GCSqGSIb3DQEBCwUAA4IBAQAlgQrL1h34DqExFnCu
rySzReqUL9DVGNqe3kb60U+HzYkCrOW0ASkhUFbLwMZaSdvo1QQbxJ9mpMfdtoN0
ehhpU9Un0XmAm7hIkq4S5aoE0TuCGzVThQtJY5M2HFC9XWgPAHJ6ugLyUd3b3FwL
DyTUbE8cj/xMsYDqIkHB0sL6qvRs9LNP8ttyelD2vw0QY2E2ioVmqdsAnYuCWEIC
WQJk7QAINx3YFKRkqLY7Zbu1pmqyvkKkDViE5fEJRbQ+qCzRrbIgPu7TFTo4sVGi
VXVL685AHLjipmwkH74qsQrgxE6QIIT41knWPQbxMY0qZ+pFtzMuj6ImvC5DjQJx
QnXW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:18 2024 by rpki-client on console-fra.rpki-client.org