Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/qwwkxgCkdiaPgwJrq7i335kAAxc.roa
File: qwwkxgCkdiaPgwJrq7i335kAAxc.roa (raw, json)
Hash identifier: X7BYAplmbxuz/fMqO9R5ChOiAEkiCpvma50CvDYevsY=
Subject key identifier: AB:0C:24:C6:00:A4:76:26:8F:83:02:6B:AB:B8:B7:DF:99:00:03:17
Certificate issuer: /CN=4292b5da4b4ffeaf720649518fbaaa10c5cb2811
Certificate serial: 01847B7D5ED8FB5941FDF4350162773653C4
Authority key identifier: 42:92:B5:DA:4B:4F:FE:AF:72:06:49:51:8F:BA:AA:10:C5:CB:28:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QpK12ktP_q9yBklRj7qqEMXLKBE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/qwwkxgCkdiaPgwJrq7i335kAAxc.roa
Signing time: Tue 15 Nov 2022 13:32:04 +0000
ROA not before: Tue 15 Nov 2022 13:32:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 185.1.203.0/24 maxlen: 24
2001:7f8:10f::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7b:7d:5e:d8:fb:59:41:fd:f4:35:01:62:77:36:53:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4292b5da4b4ffeaf720649518fbaaa10c5cb2811
Validity
Not Before: Nov 15 13:32:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ab0c24c600a476268f83026babb8b7df99000317
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:bb:18:f7:2d:7b:ea:9c:3f:e2:97:8b:76:2d:
a9:2c:2f:7d:27:97:69:f2:ad:7e:cd:11:17:85:d7:
77:a6:70:fd:65:a0:be:54:45:14:57:da:dd:1a:78:
0a:b9:23:b5:f7:6c:7d:42:39:8a:61:bf:d6:27:ce:
5c:a5:da:b0:16:ea:96:f2:6f:c0:e4:c7:26:0a:09:
b7:dc:1f:3e:08:78:98:ff:26:b0:83:1b:6a:0e:e8:
42:d6:41:76:5f:09:cc:43:11:c0:cb:5b:08:4c:3b:
68:5a:e4:3c:bb:20:53:b4:78:e1:8f:0d:4c:9e:12:
29:16:17:ab:84:8e:36:7c:f3:4e:62:54:b9:ea:f5:
87:c7:96:c2:aa:45:16:2f:61:d9:9b:a6:43:5b:ad:
3c:80:ff:d7:9b:d7:c3:9c:ad:c6:60:64:92:ac:42:
1f:ee:ab:87:f9:6e:0d:88:d8:16:79:2b:3a:48:12:
bf:e5:bf:6a:83:32:08:34:24:5c:34:1a:d6:61:7a:
3d:18:dd:03:3f:78:45:2b:ed:b2:da:12:ab:05:20:
8f:8f:ba:2b:51:46:cc:f8:2b:4b:f7:c1:d5:f0:c2:
b7:13:59:2b:06:cb:54:49:48:a1:c8:28:a4:b0:4a:
9f:e2:6d:47:dd:44:61:1b:f0:d7:24:64:ea:dd:b6:
72:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:0C:24:C6:00:A4:76:26:8F:83:02:6B:AB:B8:B7:DF:99:00:03:17
X509v3 Authority Key Identifier:
keyid:42:92:B5:DA:4B:4F:FE:AF:72:06:49:51:8F:BA:AA:10:C5:CB:28:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpK12ktP_q9yBklRj7qqEMXLKBE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/qwwkxgCkdiaPgwJrq7i335kAAxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/QpK12ktP_q9yBklRj7qqEMXLKBE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.203.0/24
IPv6:
2001:7f8:10f::/48
Signature Algorithm: sha256WithRSAEncryption
9a:b1:66:d5:a3:ba:ef:26:e4:8c:e5:68:0b:f9:dc:bc:5b:09:
ff:49:38:14:eb:75:01:ff:77:53:06:64:d7:4f:a7:38:de:25:
cb:4e:a5:15:b9:03:22:9f:75:f1:8a:28:ad:89:98:e2:f0:74:
fc:21:0b:42:56:32:39:bb:4c:e5:00:55:7b:bf:ee:85:29:1d:
c3:e6:61:b9:ae:ac:7c:47:2c:f6:8d:6e:91:e0:e5:9c:46:1e:
99:3e:4c:d7:1b:da:d6:a8:bb:93:e0:80:e0:16:92:bc:00:09:
8e:e4:03:5c:48:15:4c:7b:ff:b2:19:9a:e1:85:f9:d8:78:e0:
93:a8:bb:0b:80:1b:67:b4:41:85:10:6f:bd:cf:88:e1:72:7a:
b7:a8:8b:61:e6:b6:9b:79:3c:1b:63:1f:bd:3c:88:03:7c:a3:
8c:2f:d5:cf:68:59:98:49:fe:2d:7b:a6:4f:c2:36:e4:cc:45:
05:d6:85:92:4e:3d:f5:83:a0:88:26:5f:9c:ce:f6:20:d1:04:
a3:3c:0c:43:1c:50:0a:84:1d:9d:88:e5:15:f1:18:b5:5c:b0:
95:98:04:14:d9:af:6d:ba:ee:0e:f0:14:e8:90:2e:0b:e2:31:
6b:89:08:c9:e7:8b:62:4b:ea:08:ff:84:fb:bc:55:01:7e:b0:
35:80:25:61
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYR7fV7Y+1lB/fQ1AWJ3NlPEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOTJiNWRhNGI0ZmZlYWY3MjA2NDk1MThmYmFhYTEwYzVj
YjI4MTEwHhcNMjIxMTE1MTMzMjA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjBjMjRjNjAwYTQ3NjI2OGY4MzAyNmJhYmI4YjdkZjk5MDAwMzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhrsY9y176pw/4peLdi2pLC99J5dp
8q1+zREXhdd3pnD9ZaC+VEUUV9rdGngKuSO192x9QjmKYb/WJ85cpdqwFuqW8m/A
5McmCgm33B8+CHiY/yawgxtqDuhC1kF2XwnMQxHAy1sITDtoWuQ8uyBTtHjhjw1M
nhIpFherhI42fPNOYlS56vWHx5bCqkUWL2HZm6ZDW608gP/Xm9fDnK3GYGSSrEIf
7quH+W4NiNgWeSs6SBK/5b9qgzIINCRcNBrWYXo9GN0DP3hFK+2y2hKrBSCPj7or
UUbM+CtL98HV8MK3E1krBstUSUihyCiksEqf4m1H3URhG/DXJGTq3bZyqQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKsMJMYApHYmj4MCa6u4t9+ZAAMXMB8GA1UdIwQY
MBaAFEKStdpLT/6vcgZJUY+6qhDFyygRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXBLMTJrdFBfcTl5QmtsUmo3cXFFTVhMS0JFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS80NTIyZmItYzFkYS00Y2NjLWE3Yzct
YTA0M2UxYjY3Yjk0LzEvcXd3a3hnQ2tkaWFQZ3dKcnE3aTMzNWtBQXhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS80NTIyZmItYzFkYS00Y2NjLWE3YzctYTA0M2UxYjY3Yjk0
LzEvUXBLMTJrdFBfcTl5QmtsUmo3cXFFTVhMS0JFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuQHLMA8E
AgACMAkDBwAgAQf4AQ8wDQYJKoZIhvcNAQELBQADggEBAJqxZtWjuu8m5IzlaAv5
3LxbCf9JOBTrdQH/d1MGZNdPpzjeJctOpRW5AyKfdfGKKK2JmOLwdPwhC0JWMjm7
TOUAVXu/7oUpHcPmYbmurHxHLPaNbpHg5ZxGHpk+TNcb2taou5PggOAWkrwACY7k
A1xIFUx7/7IZmuGF+dh44JOouwuAG2e0QYUQb73PiOFyereoi2Hmtpt5PBtjH708
iAN8o4wv1c9oWZhJ/i17pk/CNuTMRQXWhZJOPfWDoIgmX5zO9iDRBKM8DEMcUAqE
HZ2I5RXxGLVcsJWYBBTZr2267g7wFOiQLgviMWuJCMnni2JL6gj/hPu8VQF+sDWA
JWE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:15 2024 by rpki-client on console-ams.rpki-client.org