Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/c1c1ce-ea59-4dcf-bccc-3e7cadd88c70/1/Q-Zp5IJn2oWll1Yg0V4cW1eqQVw.roa
File: Q-Zp5IJn2oWll1Yg0V4cW1eqQVw.roa (raw, json)
Hash identifier: yZ3D0iWOCVu5AuZ/Dl8Wckcm3zC95V+1Igrdn8fS+z4=
Subject key identifier: 43:E6:69:E4:82:67:DA:85:A5:97:56:20:D1:5E:1C:5B:57:AA:41:5C
Certificate issuer: /CN=7f50077d2dd8a67a1ae8b6abd6bbb3489028a5bb
Certificate serial: 094FDFF4
Authority key identifier: 7F:50:07:7D:2D:D8:A6:7A:1A:E8:B6:AB:D6:BB:B3:48:90:28:A5:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f1AHfS3Ypnoa6Lar1ruzSJAopbs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/c1c1ce-ea59-4dcf-bccc-3e7cadd88c70/1/Q-Zp5IJn2oWll1Yg0V4cW1eqQVw.roa
Signing time: Sat 01 Jan 2022 05:55:12 +0000
ROA not before: Sat 01 Jan 2022 05:55:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25354
IP address blocks: 194.69.254.0/24 maxlen: 24
194.0.34.0/24 maxlen: 24
194.0.33.0/24 maxlen: 24
2001:678:40::/48 maxlen: 48
2001:67c:21cc::/48 maxlen: 48
2001:678:44::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 156229620 (0x94fdff4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f50077d2dd8a67a1ae8b6abd6bbb3489028a5bb
Validity
Not Before: Jan 1 05:55:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=43e669e48267da85a5975620d15e1c5b57aa415c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:1a:ae:ed:d9:95:e1:89:d3:f4:92:75:13:49:
ee:30:e5:40:ef:3e:13:17:b6:d3:ce:c5:2e:e6:b7:
95:7b:69:76:7d:18:15:64:14:9b:13:0f:91:ce:18:
e0:fb:2a:d2:8f:09:0d:93:f5:b3:10:0f:4a:35:ce:
65:aa:61:25:24:09:39:a0:0e:df:82:37:de:15:57:
df:37:47:89:fe:a3:16:b0:9e:a3:5a:44:89:88:29:
92:5b:dd:05:f8:bf:46:ce:9b:d7:9e:0d:dc:8c:62:
08:a6:06:ed:11:39:9c:a7:9f:e7:85:01:4b:8f:f3:
1b:c0:ba:a2:43:5b:04:71:e4:91:05:35:4e:e2:55:
93:4d:5b:a8:be:aa:c3:6d:8f:5f:0c:d3:1c:f3:02:
74:44:2f:48:45:f7:85:61:3e:29:a1:2b:61:cb:77:
55:37:3f:d8:22:dc:c6:fb:1e:99:96:bf:1e:06:b0:
5c:47:8c:fa:53:c1:23:13:a6:31:e8:6b:bf:d0:81:
ef:5b:63:65:0b:d9:e6:ca:a2:a8:dd:9d:cd:85:e8:
87:6b:38:0b:66:0f:c3:0b:75:78:79:07:aa:b2:7f:
af:95:82:6c:a2:58:45:4c:e1:f4:d6:c7:9b:4a:f5:
0b:f2:4a:89:41:9d:bc:84:e7:79:4b:63:98:3a:80:
42:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:E6:69:E4:82:67:DA:85:A5:97:56:20:D1:5E:1C:5B:57:AA:41:5C
X509v3 Authority Key Identifier:
keyid:7F:50:07:7D:2D:D8:A6:7A:1A:E8:B6:AB:D6:BB:B3:48:90:28:A5:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1AHfS3Ypnoa6Lar1ruzSJAopbs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/c1c1ce-ea59-4dcf-bccc-3e7cadd88c70/1/Q-Zp5IJn2oWll1Yg0V4cW1eqQVw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/c1c1ce-ea59-4dcf-bccc-3e7cadd88c70/1/f1AHfS3Ypnoa6Lar1ruzSJAopbs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.33.0-194.0.34.255
194.69.254.0/24
IPv6:
2001:678:40::/48
2001:678:44::/48
2001:67c:21cc::/48
Signature Algorithm: sha256WithRSAEncryption
98:54:9e:be:fb:53:ca:60:d4:99:d5:31:ad:0b:b2:57:b9:27:
5d:8d:87:87:5b:06:bc:ed:b4:1c:d0:67:3f:ab:25:ae:db:59:
40:50:9a:62:a5:eb:fa:26:94:b5:bb:37:fb:d2:3c:5c:26:53:
c9:be:89:7a:9e:e6:aa:89:a7:02:16:5e:83:d2:17:37:41:4d:
45:6b:56:e7:26:7b:9f:47:87:47:a5:5c:96:c4:af:74:88:cc:
f4:9b:a1:f9:f8:52:8f:19:90:f4:2e:1b:26:ef:f1:36:eb:cb:
d1:83:0c:37:65:2e:b0:78:ce:47:87:6b:c2:47:4d:5b:2d:c3:
08:d3:5d:a8:61:03:bc:e8:c3:f8:11:fe:47:b2:fd:fd:27:53:
c2:1b:e1:8a:19:2c:1e:a8:c1:71:78:c9:c1:e2:0f:2f:47:fe:
cf:75:33:b2:77:0a:f9:36:da:8e:b3:12:96:0b:d9:9d:5a:83:
77:d0:f2:60:28:1c:4d:b7:d7:4b:9d:26:90:7e:5a:fa:f2:00:
f4:57:21:b8:e8:0f:eb:7b:7d:1f:a8:f5:ed:61:80:fa:42:49:
ac:70:0c:b6:bd:76:90:5f:e3:60:0b:06:ce:bc:f1:33:6f:4a:
76:26:6f:ea:c2:d7:53:ba:c1:35:aa:37:45:79:41:80:73:15:
64:7b:25:85
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgIECU/f9DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZjUwMDc3ZDJkZDhhNjdhMWFlOGI2YWJkNmJiYjM0ODkwMjhhNWJiMB4XDTIyMDEw
MTA1NTUxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDNlNjY5ZTQ4MjY3
ZGE4NWE1OTc1NjIwZDE1ZTFjNWI1N2FhNDE1YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMUaru3ZleGJ0/SSdRNJ7jDlQO8+Exe2087FLua3lXtpdn0Y
FWQUmxMPkc4Y4Psq0o8JDZP1sxAPSjXOZaphJSQJOaAO34I33hVX3zdHif6jFrCe
o1pEiYgpklvdBfi/Rs6b154N3IxiCKYG7RE5nKef54UBS4/zG8C6okNbBHHkkQU1
TuJVk01bqL6qw22PXwzTHPMCdEQvSEX3hWE+KaErYct3VTc/2CLcxvsemZa/Hgaw
XEeM+lPBIxOmMehrv9CB71tjZQvZ5sqiqN2dzYXoh2s4C2YPwwt1eHkHqrJ/r5WC
bKJYRUzh9NbHm0r1C/JKiUGdvITneUtjmDqAQpUCAwEAAaOCAjowggI2MB0GA1Ud
DgQWBBRD5mnkgmfahaWXViDRXhxbV6pBXDAfBgNVHSMEGDAWgBR/UAd9Ldimehro
tqvWu7NIkCiluzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2YxQUhmUzNZcG5vYTZMYXIxcnV6U0pBb3Bicy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWMvYzFjMWNlLWVhNTktNGRjZi1iY2NjLTNlN2NhZGQ4OGM3MC8x
L1EtWnA1SUpuMm9XbGwxWWcwVjRjVzFlcVFWdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWMv
YzFjMWNlLWVhNTktNGRjZi1iY2NjLTNlN2NhZGQ4OGM3MC8xL2YxQUhmUzNZcG5v
YTZMYXIxcnV6U0pBb3Bicy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBQ
BggrBgEFBQcBBwEB/wRBMD8wGgQCAAEwFDAMAwQAwgAhAwQAwgAiAwQAwkX+MCEE
AgACMBsDBwAgAQZ4AEADBwAgAQZ4AEQDBwAgAQZ8IcwwDQYJKoZIhvcNAQELBQAD
ggEBAJhUnr77U8pg1JnVMa0Lsle5J12Nh4dbBrzttBzQZz+rJa7bWUBQmmKl6/om
lLW7N/vSPFwmU8m+iXqe5qqJpwIWXoPSFzdBTUVrVucme59Hh0elXJbEr3SIzPSb
ofn4Uo8ZkPQuGybv8Tbry9GDDDdlLrB4zkeHa8JHTVstwwjTXahhA7zow/gR/key
/f0nU8Ib4YoZLB6owXF4ycHiDy9H/s91M7J3Cvk22o6zEpYL2Z1ag3fQ8mAoHE23
10udJpB+WvryAPRXIbjoD+t7fR+o9e1hgPpCSaxwDLa9dpBf42ALBs688TNvSnYm
b+rC11O6wTWqN0V5QYBzFWR7JYU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:06 2024 by rpki-client on console-ams.rpki-client.org