Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/qm9a3aMur-te1u_pCHqmLR8_nok.roa
File: qm9a3aMur-te1u_pCHqmLR8_nok.roa (raw, json)
Hash identifier: fbNCBXpWcvb/pEgnl9Vuk2U3kVr0g7ptWkbW6xciJ1E=
Subject key identifier: AA:6F:5A:DD:A3:2E:AF:EB:5E:D6:EF:E9:08:7A:A6:2D:1F:3F:9E:89
Certificate issuer: /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial: 0184E3F0A4F6CCC9B558B11CC4F060B77853
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/qm9a3aMur-te1u_pCHqmLR8_nok.roa
Signing time: Mon 05 Dec 2022 20:18:29 +0000
ROA not before: Mon 05 Dec 2022 20:18:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207279
IP address blocks: 188.191.106.0/24 maxlen: 24
188.191.108.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e3:f0:a4:f6:cc:c9:b5:58:b1:1c:c4:f0:60:b7:78:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Validity
Not Before: Dec 5 20:18:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aa6f5adda32eafeb5ed6efe9087aa62d1f3f9e89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:11:ae:f1:5b:a9:14:db:05:5b:96:45:f7:a3:
e5:4b:71:ec:fb:f9:b0:81:a4:26:26:74:1c:21:20:
db:4f:a7:48:93:a4:72:22:ab:d7:6d:a5:d3:5a:2b:
21:24:fc:82:0c:86:c8:d6:8b:d5:c1:2e:93:68:56:
09:63:c6:6a:ad:00:fa:e7:c9:ad:06:0e:1d:80:4a:
da:fc:63:1f:68:d3:de:da:df:f7:53:82:b7:59:50:
5f:30:0e:24:d8:4d:b2:e0:83:e5:05:4e:05:ac:11:
eb:26:c6:14:ea:c2:de:1b:9e:5e:68:1d:b2:ac:8f:
62:df:a1:c7:df:cf:29:24:c9:6f:fe:6f:04:68:a2:
67:12:d8:9e:67:48:f7:75:ce:5a:ac:1e:74:c5:79:
1e:af:93:76:9e:df:01:d2:d3:78:64:46:dc:f6:a9:
f9:2d:ac:1e:5f:7c:c0:5a:e1:93:14:40:ef:63:77:
b5:07:2e:4c:42:5e:05:cf:f6:a6:06:5b:1c:14:7d:
c0:3a:3e:67:40:bc:f8:55:b9:be:aa:09:0c:7b:18:
0f:e6:bc:06:61:75:d1:79:c6:7d:4d:e4:e0:e6:67:
d0:52:cb:8f:47:57:15:bd:65:4a:77:35:d8:b0:e6:
61:f3:dd:3c:aa:7c:e1:f2:1d:5f:43:ba:a0:c0:c7:
0f:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:6F:5A:DD:A3:2E:AF:EB:5E:D6:EF:E9:08:7A:A6:2D:1F:3F:9E:89
X509v3 Authority Key Identifier:
keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/qm9a3aMur-te1u_pCHqmLR8_nok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.191.106.0/24
188.191.108.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:45:fe:e4:1d:5b:02:3a:ad:51:c9:70:f1:41:a6:9e:75:d5:
cc:bc:36:11:5b:f2:3e:1b:e4:ae:45:01:23:41:4b:21:c6:e7:
93:35:01:a1:61:ca:20:25:be:20:c4:82:5e:9e:ef:fa:0a:b3:
dc:c8:95:ee:fc:7e:1c:86:77:00:ae:8e:81:6d:a8:e0:52:21:
55:82:ac:c5:4a:98:03:fd:80:31:60:22:dd:2f:37:81:19:23:
b4:e6:0c:dc:9f:c7:96:8b:de:27:1c:f0:c3:fb:ae:a0:74:71:
0c:e8:19:b4:cc:4e:32:d9:f3:df:4c:69:78:56:30:71:0b:ca:
b8:90:7d:ed:1d:11:2b:a3:b8:40:45:14:bd:7a:8d:16:08:48:
ef:5d:bf:e7:9c:e9:88:d5:2c:a7:43:bc:16:14:ae:e8:34:47:
84:ee:98:0a:af:4d:9e:02:7c:72:b5:0b:57:1b:9d:fd:b6:e8:
7d:9d:83:15:e6:73:e1:d9:50:67:37:30:83:25:c6:29:45:19:
ef:6f:45:a2:09:d1:5d:8b:a6:ba:62:ed:22:fc:31:14:01:ee:
c0:86:6b:29:30:f6:d2:75:f7:72:07:f2:f9:e1:8f:f0:aa:12:
6d:6c:ad:a9:d8:78:5a:5b:e6:56:b7:b6:1b:4c:06:87:d6:da:
15:de:1f:c0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYTj8KT2zMm1WLEcxPBgt3hTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjIxMjA1MjAxODI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTZmNWFkZGEzMmVhZmViNWVkNmVmZTkwODdhYTYyZDFmM2Y5ZTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxxGu8VupFNsFW5ZF96PlS3Hs+/mw
gaQmJnQcISDbT6dIk6RyIqvXbaXTWishJPyCDIbI1ovVwS6TaFYJY8ZqrQD658mt
Bg4dgEra/GMfaNPe2t/3U4K3WVBfMA4k2E2y4IPlBU4FrBHrJsYU6sLeG55eaB2y
rI9i36HH388pJMlv/m8EaKJnEtieZ0j3dc5arB50xXker5N2nt8B0tN4ZEbc9qn5
LaweX3zAWuGTFEDvY3e1By5MQl4Fz/amBlscFH3AOj5nQLz4Vbm+qgkMexgP5rwG
YXXRecZ9TeTg5mfQUsuPR1cVvWVKdzXYsOZh8908qnzh8h1fQ7qgwMcP3wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKpvWt2jLq/rXtbv6Qh6pi0fP56JMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvcW05YTNhTXVyLXRlMXVfcENIcW1MUjhfbm9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAvL9qAwQA
vL9sMA0GCSqGSIb3DQEBCwUAA4IBAQBrRf7kHVsCOq1RyXDxQaaeddXMvDYRW/I+
G+SuRQEjQUshxueTNQGhYcogJb4gxIJenu/6CrPcyJXu/H4chncAro6BbajgUiFV
gqzFSpgD/YAxYCLdLzeBGSO05gzcn8eWi94nHPDD+66gdHEM6Bm0zE4y2fPfTGl4
VjBxC8q4kH3tHREro7hARRS9eo0WCEjvXb/nnOmI1SynQ7wWFK7oNEeE7pgKr02e
AnxytQtXG539tuh9nYMV5nPh2VBnNzCDJcYpRRnvb0WiCdFdi6a6Yu0i/DEUAe7A
hmspMPbSdfdyB/L54Y/wqhJtbK2p2HhaW+ZWt7YbTAaH1toV3h/A
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:06 2024 by rpki-client on console-fra.rpki-client.org