Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/bc3ff7-aa87-4297-adf0-240d1ffd09b8/1/Qm-taQGWQBV2yXk10dwc_sYJMj0.roa
File: Qm-taQGWQBV2yXk10dwc_sYJMj0.roa (raw, json)
Hash identifier: 4mTUL61M0S+gPiIBO+f5fuobpYsYqdBWPRLn1F2pOcM=
Subject key identifier: 42:6F:AD:69:01:96:40:15:76:C9:79:35:D1:DC:1C:FE:C6:09:32:3D
Certificate issuer: /CN=4116f0e9aff39a8b196c483e085de79f246d9fdd
Certificate serial: 0182BC51D47EAC1BC936FE816D98D83BC9EF
Authority key identifier: 41:16:F0:E9:AF:F3:9A:8B:19:6C:48:3E:08:5D:E7:9F:24:6D:9F:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QRbw6a_zmosZbEg-CF3nnyRtn90.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/bc3ff7-aa87-4297-adf0-240d1ffd09b8/1/Qm-taQGWQBV2yXk10dwc_sYJMj0.roa
Signing time: Sat 20 Aug 2022 17:34:15 +0000
ROA not before: Sat 20 Aug 2022 17:34:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209659
IP address blocks: 94.142.251.0/24 maxlen: 24
2a12:5bc0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:bc:51:d4:7e:ac:1b:c9:36:fe:81:6d:98:d8:3b:c9:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4116f0e9aff39a8b196c483e085de79f246d9fdd
Validity
Not Before: Aug 20 17:34:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=426fad690196401576c97935d1dc1cfec609323d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:57:0d:6c:29:20:8b:67:f4:0b:3d:25:04:21:
9a:c9:49:4f:84:35:d5:db:b0:21:e9:6b:95:b4:f0:
77:b9:52:47:aa:ee:d4:4b:8e:71:e3:57:4f:80:7f:
9a:47:11:1f:89:38:2b:c3:eb:27:27:32:f5:ba:3d:
3f:26:7e:b9:b9:3c:2c:a4:be:66:b6:50:7d:19:49:
5d:aa:02:1a:43:73:8e:0f:c9:23:21:0b:0e:11:5f:
1a:6e:62:2a:1e:10:ad:b1:48:79:ba:a0:19:ef:ed:
74:1e:82:e2:17:d0:27:fb:cc:40:04:cf:c7:ae:df:
d3:0d:63:7b:7b:7c:ac:f9:f9:fe:bf:4a:dc:c8:e4:
71:e7:3d:33:dc:f9:e6:5c:9a:6a:37:41:80:bd:87:
ca:d1:06:49:57:51:39:33:80:e0:29:82:eb:db:03:
56:d8:63:7b:c9:7e:07:91:c7:8f:e3:e6:71:3b:90:
8e:88:62:5d:f3:39:ae:bd:7d:d1:c5:b8:e1:0a:2e:
2f:dc:d8:c3:04:40:c7:00:16:ba:a8:86:7e:91:9d:
6e:38:cc:d9:66:0b:10:09:4f:8b:44:e3:a7:51:d5:
44:57:5f:77:06:df:d0:7d:27:f6:5f:15:d7:29:6e:
92:db:e5:bb:14:28:a5:da:15:4f:eb:8c:93:9e:b2:
c5:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:6F:AD:69:01:96:40:15:76:C9:79:35:D1:DC:1C:FE:C6:09:32:3D
X509v3 Authority Key Identifier:
keyid:41:16:F0:E9:AF:F3:9A:8B:19:6C:48:3E:08:5D:E7:9F:24:6D:9F:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QRbw6a_zmosZbEg-CF3nnyRtn90.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/bc3ff7-aa87-4297-adf0-240d1ffd09b8/1/Qm-taQGWQBV2yXk10dwc_sYJMj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/bc3ff7-aa87-4297-adf0-240d1ffd09b8/1/QRbw6a_zmosZbEg-CF3nnyRtn90.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.142.251.0/24
IPv6:
2a12:5bc0::/32
Signature Algorithm: sha256WithRSAEncryption
9b:e8:2c:a7:27:c4:f6:9d:ea:16:76:1e:a1:ca:ed:42:87:38:
c9:21:6a:2e:d8:df:ab:4c:53:b2:6c:01:e8:f5:9a:a4:7d:08:
fe:6d:33:61:2b:9e:77:ab:41:c6:84:6c:a1:39:f6:82:39:df:
03:83:67:e1:3e:cd:37:12:3c:c9:42:c8:91:ca:26:5c:45:49:
ba:d1:51:c6:75:38:d3:c1:ee:c9:f7:e3:18:70:80:b0:5d:ef:
f2:23:79:36:15:13:43:7c:99:37:96:d9:bf:b4:05:86:d1:77:
62:2f:bc:0c:e8:5e:3a:ea:74:7b:b2:72:d1:b1:32:c0:80:7f:
3d:d9:e9:32:42:cf:13:f6:70:7e:2f:7c:7b:a3:66:18:62:35:
6c:25:ba:f0:72:77:95:fd:46:e5:0f:7b:43:2d:c7:6b:e3:bd:
3d:9a:bd:1b:c4:c2:c3:a4:1a:86:b6:38:30:59:2c:43:b6:c1:
5a:26:c4:1f:29:8b:f3:9b:d9:a5:d1:1c:af:5b:f9:75:4a:a1:
6a:0f:73:64:3e:c9:66:e8:a6:28:d6:28:77:f2:af:77:df:60:
f0:a0:24:c0:bb:ea:b8:6a:73:29:e1:00:df:72:b3:d1:e4:70:
2c:da:ba:23:bb:68:1b:d5:74:7b:72:f3:a1:3a:5b:c2:99:c2:
2a:53:c9:74
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYK8UdR+rBvJNv6BbZjYO8nvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMTZmMGU5YWZmMzlhOGIxOTZjNDgzZTA4NWRlNzlmMjQ2
ZDlmZGQwHhcNMjIwODIwMTczNDE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjZmYWQ2OTAxOTY0MDE1NzZjOTc5MzVkMWRjMWNmZWM2MDkzMjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjFcNbCkgi2f0Cz0lBCGayUlPhDXV
27Ah6WuVtPB3uVJHqu7US45x41dPgH+aRxEfiTgrw+snJzL1uj0/Jn65uTwspL5m
tlB9GUldqgIaQ3OOD8kjIQsOEV8abmIqHhCtsUh5uqAZ7+10HoLiF9An+8xABM/H
rt/TDWN7e3ys+fn+v0rcyORx5z0z3PnmXJpqN0GAvYfK0QZJV1E5M4DgKYLr2wNW
2GN7yX4HkceP4+ZxO5COiGJd8zmuvX3RxbjhCi4v3NjDBEDHABa6qIZ+kZ1uOMzZ
ZgsQCU+LROOnUdVEV193Bt/QfSf2XxXXKW6S2+W7FCil2hVP64yTnrLFGQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEJvrWkBlkAVdsl5NdHcHP7GCTI9MB8GA1UdIwQY
MBaAFEEW8Omv85qLGWxIPghd558kbZ/dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVJidzZhX3ptb3NaYkVnLUNGM25ueVJ0bjkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9iYzNmZjctYWE4Ny00Mjk3LWFkZjAt
MjQwZDFmZmQwOWI4LzEvUW0tdGFRR1dRQlYyeVhrMTBkd2Nfc1lKTWowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9iYzNmZjctYWE4Ny00Mjk3LWFkZjAtMjQwZDFmZmQwOWI4
LzEvUVJidzZhX3ptb3NaYkVnLUNGM25ueVJ0bjkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAXo77MA0E
AgACMAcDBQAqElvAMA0GCSqGSIb3DQEBCwUAA4IBAQCb6CynJ8T2neoWdh6hyu1C
hzjJIWou2N+rTFOybAHo9ZqkfQj+bTNhK553q0HGhGyhOfaCOd8Dg2fhPs03EjzJ
QsiRyiZcRUm60VHGdTjTwe7J9+MYcICwXe/yI3k2FRNDfJk3ltm/tAWG0XdiL7wM
6F466nR7snLRsTLAgH892ekyQs8T9nB+L3x7o2YYYjVsJbrwcneV/UblD3tDLcdr
4709mr0bxMLDpBqGtjgwWSxDtsFaJsQfKYvzm9ml0RyvW/l1SqFqD3NkPslm6KYo
1ih38q9332DwoCTAu+q4anMp4QDfcrPR5HAs2roju2gb1XR7cvOhOlvCmcIqU8l0
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:06 2023 by rpki-client on console-ams.rpki-client.org