Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/193c71-c94a-416f-a186-416664f01a2c/1/QfGVJkRKwz57-LOmacOg2zLHfB0.roa
File: QfGVJkRKwz57-LOmacOg2zLHfB0.roa (raw, json)
Hash identifier: unVMgkyPYFfqlM0myqEmOy9NKwCak68zUft90LwGwXA=
Subject key identifier: 41:F1:95:26:44:4A:C3:3E:7B:F8:B3:A6:69:C3:A0:DB:32:C7:7C:1D
Certificate issuer: /CN=fb1157e81b7c9e43360a1cb50a31401175921808
Certificate serial: 018349B9F50E66E0F11D04C4D76E56C0C3EF
Authority key identifier: FB:11:57:E8:1B:7C:9E:43:36:0A:1C:B5:0A:31:40:11:75:92:18:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-xFX6Bt8nkM2Chy1CjFAEXWSGAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/193c71-c94a-416f-a186-416664f01a2c/1/QfGVJkRKwz57-LOmacOg2zLHfB0.roa
Signing time: Sat 17 Sep 2022 04:34:27 +0000
ROA not before: Sat 17 Sep 2022 04:34:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50225
IP address blocks: 193.108.104.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:49:b9:f5:0e:66:e0:f1:1d:04:c4:d7:6e:56:c0:c3:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb1157e81b7c9e43360a1cb50a31401175921808
Validity
Not Before: Sep 17 04:34:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=41f19526444ac33e7bf8b3a669c3a0db32c77c1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:37:ac:34:6f:67:c1:80:13:ee:2f:08:fd:d3:
12:50:8a:00:04:a4:19:44:26:25:f6:2f:3e:56:9f:
67:65:81:68:51:c2:02:8a:e1:a6:d3:4c:22:2b:7e:
31:0e:50:7f:61:b5:43:44:11:a2:ef:bb:84:c0:0c:
51:3e:0e:9a:77:2d:a5:38:ef:65:03:c8:7e:77:f7:
d1:51:1c:ea:11:65:c6:6d:4a:fa:1a:dc:f2:8e:25:
22:f0:ea:d0:c9:c1:cb:0f:36:d0:2a:30:1c:95:a0:
9b:66:ec:5e:3d:75:18:33:b4:f1:a0:f7:fc:4a:76:
04:c8:84:6d:85:44:dd:e3:1d:84:84:5b:a7:9c:49:
e7:24:3c:16:d3:0d:44:7d:96:84:82:f8:40:cd:b5:
db:c0:0d:e3:cf:81:69:16:5a:23:4f:8a:6a:61:9e:
d9:43:32:c6:d5:e7:57:f4:ea:59:5d:30:5e:c1:e8:
95:ff:28:83:57:8e:bb:d2:82:57:5c:16:eb:6d:0b:
2b:3c:a2:d2:09:30:0b:b0:47:dd:20:d5:04:4d:49:
4b:d4:fe:96:e1:be:bf:5a:fd:15:04:25:ce:28:8c:
1f:dd:47:b0:3b:6a:9b:2f:ab:28:ca:06:fc:c4:7f:
39:18:47:db:39:72:38:f0:7a:5a:86:5c:0d:79:33:
66:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:F1:95:26:44:4A:C3:3E:7B:F8:B3:A6:69:C3:A0:DB:32:C7:7C:1D
X509v3 Authority Key Identifier:
keyid:FB:11:57:E8:1B:7C:9E:43:36:0A:1C:B5:0A:31:40:11:75:92:18:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-xFX6Bt8nkM2Chy1CjFAEXWSGAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/193c71-c94a-416f-a186-416664f01a2c/1/QfGVJkRKwz57-LOmacOg2zLHfB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/193c71-c94a-416f-a186-416664f01a2c/1/1-xFX6Bt8nkM2Chy1CjFAEXWSGAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.108.104.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:98:0d:72:b9:66:14:69:4a:01:92:ac:00:74:45:4a:b1:4c:
5c:3d:1c:8f:ad:67:5c:cb:db:ed:1b:00:b4:8a:ba:aa:b7:aa:
db:99:fb:76:a8:56:18:35:03:7b:c3:54:86:73:0d:20:65:28:
0f:3b:8b:fa:cd:bd:e7:30:d3:ce:b7:c7:15:7a:7b:52:a9:66:
6a:41:94:99:d9:82:fe:b3:e6:29:8d:b3:d4:3c:ca:93:ba:d8:
bb:bf:00:e6:ac:02:9a:54:b9:d1:5f:b9:e9:c2:c3:a2:eb:50:
c1:77:28:e9:35:2f:a1:72:3d:47:8a:f4:97:99:5f:e4:42:96:
1e:b9:df:70:fe:b7:78:ed:1b:1a:19:33:86:0c:6c:66:df:2c:
54:f8:e6:d3:64:65:95:c5:61:fb:2c:d6:b1:8b:82:a6:ae:bc:
6d:cd:58:70:51:27:e4:96:cb:91:53:ed:85:91:7d:b5:9a:63:
c4:af:b0:09:da:74:e9:9e:34:2f:69:13:9d:3b:3b:6b:cf:2a:
57:0b:bb:08:27:f8:85:6f:3c:3f:ac:bf:8f:8c:a7:43:d0:14:
b8:c9:57:e4:7e:53:db:b5:c7:fb:36:45:18:dc:4e:d0:96:ed:
c5:e4:82:76:ef:46:e1:77:a6:c9:77:72:64:29:db:04:42:ae:
32:df:3d:53
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYNJufUOZuDxHQTE125WwMPvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMTE1N2U4MWI3YzllNDMzNjBhMWNiNTBhMzE0MDExNzU5
MjE4MDgwHhcNMjIwOTE3MDQzNDI3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWYxOTUyNjQ0NGFjMzNlN2JmOGIzYTY2OWMzYTBkYjMyYzc3YzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjesNG9nwYAT7i8I/dMSUIoABKQZ
RCYl9i8+Vp9nZYFoUcICiuGm00wiK34xDlB/YbVDRBGi77uEwAxRPg6ady2lOO9l
A8h+d/fRURzqEWXGbUr6GtzyjiUi8OrQycHLDzbQKjAclaCbZuxePXUYM7TxoPf8
SnYEyIRthUTd4x2EhFunnEnnJDwW0w1EfZaEgvhAzbXbwA3jz4FpFlojT4pqYZ7Z
QzLG1edX9OpZXTBeweiV/yiDV4670oJXXBbrbQsrPKLSCTALsEfdINUETUlL1P6W
4b6/Wv0VBCXOKIwf3UewO2qbL6soygb8xH85GEfbOXI48HpahlwNeTNmvQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFEHxlSZESsM+e/izpmnDoNsyx3wdMB8GA1UdIwQY
MBaAFPsRV+gbfJ5DNgoctQoxQBF1khgIMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS14Rlg2QnQ4bmtNMkNoeTFDakZBRVhXU0dBZy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTQvMTkzYzcxLWM5NGEtNDE2Zi1hMTg2
LTQxNjY2NGYwMWEyYy8xL1FmR1ZKa1JLd3o1Ny1MT21hY09nMnpMSGZCMC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTQvMTkzYzcxLWM5NGEtNDE2Zi1hMTg2LTQxNjY2NGYwMWEy
Yy8xLzEteEZYNkJ0OG5rTTJDaHkxQ2pGQUVYV1NHQWcuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADBbGgw
DQYJKoZIhvcNAQELBQADggEBAFuYDXK5ZhRpSgGSrAB0RUqxTFw9HI+tZ1zL2+0b
ALSKuqq3qtuZ+3aoVhg1A3vDVIZzDSBlKA87i/rNvecw0863xxV6e1KpZmpBlJnZ
gv6z5imNs9Q8ypO62Lu/AOasAppUudFfuenCw6LrUMF3KOk1L6FyPUeK9JeZX+RC
lh6533D+t3jtGxoZM4YMbGbfLFT45tNkZZXFYfss1rGLgqauvG3NWHBRJ+SWy5FT
7YWRfbWaY8SvsAnadOmeNC9pE507O2vPKlcLuwgn+IVvPD+sv4+Mp0PQFLjJV+R+
U9u1x/s2RRjcTtCW7cXkgnbvRuF3psl3cmQp2wRCrjLfPVM=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:13 2023 by rpki-client on console-ams.rpki-client.org