Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/QpL_acX16A8tfTPtbQZuJGfjo1A.roa
File: QpL_acX16A8tfTPtbQZuJGfjo1A.roa (raw, json)
Hash identifier: 670xZczJJM/VQcVYN6XCC5Pv3Iw8TG4n7nLVGPeUmow=
Subject key identifier: 42:92:FF:69:C5:F5:E8:0F:2D:7D:33:ED:6D:06:6E:24:67:E3:A3:50
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0184ED956041805812F4D3B760EEF8CA29B8
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/QpL_acX16A8tfTPtbQZuJGfjo1A.roa
Signing time: Wed 07 Dec 2022 17:15:00 +0000
ROA not before: Wed 07 Dec 2022 17:15:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 150445
IP address blocks: 64.137.126.0/24 maxlen: 24
64.137.75.0/24 maxlen: 24
64.137.84.0/24 maxlen: 24
64.137.90.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ed:95:60:41:80:58:12:f4:d3:b7:60:ee:f8:ca:29:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Dec 7 17:15:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4292ff69c5f5e80f2d7d33ed6d066e2467e3a350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:35:77:bc:c0:63:c1:38:86:db:b4:11:22:7b:
56:7d:31:10:47:56:62:3c:c0:2c:26:5c:07:6a:b3:
b0:96:35:dc:eb:59:16:52:75:36:18:e4:7d:e0:15:
3d:72:e3:d9:b3:12:1e:1c:54:78:2c:2a:bd:d6:93:
88:c7:c7:10:1b:8a:53:28:7b:cf:61:f5:ba:39:8c:
4f:c8:55:d2:1a:7b:b4:ca:c3:ca:3b:54:9e:2d:7b:
d8:57:e0:65:67:1b:f1:43:9f:b4:8b:83:cd:60:73:
32:49:29:e8:de:ae:cb:0b:80:de:14:85:1a:eb:8f:
b1:16:66:c6:23:f2:b3:be:72:32:58:c8:de:61:33:
59:f1:b9:8b:42:06:52:06:46:2e:30:47:34:58:6c:
1d:38:66:e7:fb:a1:f4:5e:14:6e:af:4b:d5:e8:ef:
d1:3e:06:3a:9b:e8:73:2f:82:11:d5:7c:51:46:93:
1d:c6:bf:05:44:cb:b5:87:7c:37:a5:ee:2e:19:00:
25:d2:b9:0d:3f:3b:99:3a:08:bb:10:b1:9c:eb:6d:
31:b0:6b:08:70:1b:8d:6e:b7:4c:7d:88:8b:62:2b:
8a:7c:1b:9d:bb:d9:75:82:22:cd:1e:7d:b2:cd:54:
b2:d2:36:e3:ba:86:ee:89:e1:e7:35:c3:68:bc:d8:
b0:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:92:FF:69:C5:F5:E8:0F:2D:7D:33:ED:6D:06:6E:24:67:E3:A3:50
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/QpL_acX16A8tfTPtbQZuJGfjo1A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.137.75.0/24
64.137.84.0/24
64.137.90.0/24
64.137.126.0/24
Signature Algorithm: sha256WithRSAEncryption
46:10:fc:f8:0f:db:a3:5a:5b:ce:74:c7:96:14:5f:c1:b9:ae:
89:0a:0f:6b:fd:05:92:af:b1:05:20:2a:58:2f:39:43:16:6a:
70:7f:f5:8a:89:c0:c2:a2:1a:54:98:d9:8b:a0:43:46:34:7b:
e2:bd:6f:8d:92:ed:6d:65:c8:66:2b:78:99:01:3f:19:32:38:
5f:43:38:01:95:e2:12:88:70:d3:8a:d8:fc:f6:a5:15:8e:c4:
57:ee:db:9a:36:31:9d:ae:67:88:5c:e4:b1:3f:5c:0b:f7:50:
0b:8d:72:d9:9e:1f:51:2e:05:2f:7c:46:ab:e3:77:87:c7:96:
d2:60:2b:2d:10:fb:be:7c:78:f9:2e:23:42:4f:8a:cb:76:62:
3b:bd:04:98:2d:86:c4:f1:df:79:77:e5:5a:d4:ca:14:e6:2b:
9d:f4:f8:28:a1:93:09:c4:31:4b:31:3d:b0:1c:e1:de:e5:95:
66:c3:40:da:3b:87:f6:de:0d:98:0c:30:a1:e9:b2:93:ef:4e:
29:e7:da:7a:92:4c:ed:71:e2:a4:a5:1f:dc:f6:24:54:60:8e:
25:6d:6a:5b:5a:5a:c8:6c:e5:72:2f:96:09:a2:b4:d6:dc:de:
c7:fe:ff:3c:31:4d:42:ae:6a:dd:45:e7:2c:0d:86:b1:57:4b:
de:5a:5a:33
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYTtlWBBgFgS9NO3YO74yim4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjIxMjA3MTcxNTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjkyZmY2OWM1ZjVlODBmMmQ3ZDMzZWQ2ZDA2NmUyNDY3ZTNhMzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhjV3vMBjwTiG27QRIntWfTEQR1Zi
PMAsJlwHarOwljXc61kWUnU2GOR94BU9cuPZsxIeHFR4LCq91pOIx8cQG4pTKHvP
YfW6OYxPyFXSGnu0ysPKO1SeLXvYV+BlZxvxQ5+0i4PNYHMySSno3q7LC4DeFIUa
64+xFmbGI/KzvnIyWMjeYTNZ8bmLQgZSBkYuMEc0WGwdOGbn+6H0XhRur0vV6O/R
PgY6m+hzL4IR1XxRRpMdxr8FRMu1h3w3pe4uGQAl0rkNPzuZOgi7ELGc620xsGsI
cBuNbrdMfYiLYiuKfBudu9l1giLNHn2yzVSy0jbjuobuieHnNcNovNiwpQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEKS/2nF9egPLX0z7W0GbiRn46NQMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvUXBMX2FjWDE2QTh0ZlRQdGJRWnVKR2ZqbzFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAQIlLAwQA
QIlUAwQAQIlaAwQAQIl+MA0GCSqGSIb3DQEBCwUAA4IBAQBGEPz4D9ujWlvOdMeW
FF/Bua6JCg9r/QWSr7EFICpYLzlDFmpwf/WKicDCohpUmNmLoENGNHvivW+Nku1t
ZchmK3iZAT8ZMjhfQzgBleISiHDTitj89qUVjsRX7tuaNjGdrmeIXOSxP1wL91AL
jXLZnh9RLgUvfEar43eHx5bSYCstEPu+fHj5LiNCT4rLdmI7vQSYLYbE8d95d+Va
1MoU5iud9PgooZMJxDFLMT2wHOHe5ZVmw0DaO4f23g2YDDCh6bKT704p59p6kkzt
ceKkpR/c9iRUYI4lbWpbWlrIbOVyL5YJorTW3N7H/v88MU1CrmrdRecsDYaxV0ve
Wloz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:03 2024 by rpki-client on console-fra.rpki-client.org