Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/qcDWzUBnIuTPHbfi_Mi1XEhmseY.roa
File: qcDWzUBnIuTPHbfi_Mi1XEhmseY.roa (raw, json)
Hash identifier: Bc25tKkOn9ykht2riIVTgqQQDquE8ltoW5wrcXyjh6U=
Subject key identifier: A9:C0:D6:CD:40:67:22:E4:CF:1D:B7:E2:FC:C8:B5:5C:48:66:B1:E6
Certificate issuer: /CN=4dd954d3c77c9c4e37eebf753d86f3dcf091d4a9
Certificate serial: 0182D5A88D5BA8DC8621D4242B196F9F55F7
Authority key identifier: 4D:D9:54:D3:C7:7C:9C:4E:37:EE:BF:75:3D:86:F3:DC:F0:91:D4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TdlU08d8nE437r91PYbz3PCR1Kk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/qcDWzUBnIuTPHbfi_Mi1XEhmseY.roa
Signing time: Thu 25 Aug 2022 15:39:29 +0000
ROA not before: Thu 25 Aug 2022 15:39:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58507
IP address blocks: 159.197.192.0/19 maxlen: 24
161.8.192.0/18 maxlen: 24
161.8.0.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:d5:a8:8d:5b:a8:dc:86:21:d4:24:2b:19:6f:9f:55:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd954d3c77c9c4e37eebf753d86f3dcf091d4a9
Validity
Not Before: Aug 25 15:39:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a9c0d6cd406722e4cf1db7e2fcc8b55c4866b1e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:eb:d0:4e:01:2e:d7:4a:a1:c5:0f:53:ac:73:
a4:e1:c2:13:7b:d1:c2:1c:76:f8:91:08:09:ce:24:
3a:cf:f2:74:bd:b8:eb:dd:8d:58:64:98:a9:de:91:
df:a0:ae:ab:b9:cd:10:d4:ce:ec:24:ac:31:d8:bf:
95:c3:a0:81:b0:a4:62:cd:cc:51:a3:f3:06:3c:71:
73:f0:ea:00:26:d1:dd:9b:b4:88:89:ee:d5:46:4c:
6a:46:e8:95:bb:6c:4c:0a:32:aa:5d:4d:94:f6:92:
a2:3d:8c:19:1d:52:10:f1:45:01:93:4f:ec:51:64:
9f:b1:6f:0d:8d:ab:01:cb:dd:00:8b:a0:c2:39:bf:
3a:35:1c:1c:af:14:74:a3:a1:45:45:01:94:3a:95:
fa:92:a5:7f:6f:44:fa:55:57:18:4a:dc:91:38:15:
d0:20:3d:dd:c7:a2:50:f0:38:ff:92:f3:9e:98:b2:
f7:9c:30:df:39:51:47:5d:52:c0:2a:74:08:a9:81:
88:3a:4d:66:fa:29:8e:55:90:9c:30:5c:b3:bc:fc:
f3:42:4d:f2:be:c2:a0:f6:a6:52:a3:eb:05:9c:49:
ef:9e:a2:ec:ab:a9:ba:d4:51:1c:2a:61:bd:5a:3a:
07:9c:ad:e5:cb:b2:1c:84:c6:aa:b3:0f:16:f5:11:
b8:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:C0:D6:CD:40:67:22:E4:CF:1D:B7:E2:FC:C8:B5:5C:48:66:B1:E6
X509v3 Authority Key Identifier:
keyid:4D:D9:54:D3:C7:7C:9C:4E:37:EE:BF:75:3D:86:F3:DC:F0:91:D4:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TdlU08d8nE437r91PYbz3PCR1Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/qcDWzUBnIuTPHbfi_Mi1XEhmseY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/TdlU08d8nE437r91PYbz3PCR1Kk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.197.192.0/19
161.8.0.0/18
161.8.192.0/18
Signature Algorithm: sha256WithRSAEncryption
40:54:0e:95:26:90:0a:ed:47:87:59:2a:0c:a3:6e:84:3f:a6:
ab:b2:03:c4:4f:4d:f6:f1:18:d7:df:a3:d1:ce:4a:67:59:4f:
f4:70:f2:8c:47:5d:a5:e9:04:1c:35:a4:ad:db:b7:3b:ea:8b:
07:98:62:c0:58:c6:ae:c6:d8:72:c8:0b:d2:a8:b4:e1:8e:0f:
9b:d1:74:ba:27:c7:f6:12:da:70:bd:50:ac:71:fd:39:d7:27:
dd:5b:43:3d:1d:c5:9c:b5:b9:39:38:46:c2:00:26:0b:bf:c1:
08:66:a9:03:01:08:72:9f:ff:80:8e:03:46:7a:63:8b:13:79:
d1:05:da:eb:04:15:c3:71:3d:f7:7c:70:ea:00:e1:7f:bf:34:
4e:16:94:f5:e4:5d:79:ed:9c:6b:51:9b:c4:b5:0e:6f:79:98:
91:37:7e:92:9a:99:b0:5f:4e:6c:f2:d6:b6:15:02:a1:c6:ed:
dc:22:ba:f6:0a:5f:0f:a2:95:55:42:61:c8:19:8d:52:3d:2e:
37:9e:8c:0f:2c:c6:2c:6e:80:6b:0e:fb:5a:97:0a:97:bf:a5:
9c:d0:9c:cb:59:f0:9f:d2:e1:be:97:c7:b9:c6:45:83:7b:7f:
83:4f:59:df:03:33:c5:cc:62:37:51:10:99:83:de:d3:51:67:
09:f3:90:a7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYLVqI1bqNyGIdQkKxlvn1X3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZDk1NGQzYzc3YzljNGUzN2VlYmY3NTNkODZmM2RjZjA5
MWQ0YTkwHhcNMjIwODI1MTUzOTI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWMwZDZjZDQwNjcyMmU0Y2YxZGI3ZTJmY2M4YjU1YzQ4NjZiMWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiuvQTgEu10qhxQ9TrHOk4cITe9HC
HHb4kQgJziQ6z/J0vbjr3Y1YZJip3pHfoK6ruc0Q1M7sJKwx2L+Vw6CBsKRizcxR
o/MGPHFz8OoAJtHdm7SIie7VRkxqRuiVu2xMCjKqXU2U9pKiPYwZHVIQ8UUBk0/s
UWSfsW8NjasBy90Ai6DCOb86NRwcrxR0o6FFRQGUOpX6kqV/b0T6VVcYStyROBXQ
ID3dx6JQ8Dj/kvOemLL3nDDfOVFHXVLAKnQIqYGIOk1m+imOVZCcMFyzvPzzQk3y
vsKg9qZSo+sFnEnvnqLsq6m61FEcKmG9WjoHnK3ly7IchMaqsw8W9RG4EwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKnA1s1AZyLkzx234vzItVxIZrHmMB8GA1UdIwQY
MBaAFE3ZVNPHfJxON+6/dT2G89zwkdSpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRsVTA4ZDhuRTQzN3I5MVBZYnozUENSMUtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC83YTJhOTktMTQ2Yy00NzgxLWEzMDIt
ZWI3YWFhNjgyOGJlLzEvcWNEV3pVQm5JdVRQSGJmaV9NaTFYRWhtc2VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC83YTJhOTktMTQ2Yy00NzgxLWEzMDItZWI3YWFhNjgyOGJl
LzEvVGRsVTA4ZDhuRTQzN3I5MVBZYnozUENSMUtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQFn8XAAwQG
oQgAAwQGoQjAMA0GCSqGSIb3DQEBCwUAA4IBAQBAVA6VJpAK7UeHWSoMo26EP6ar
sgPET0328RjX36PRzkpnWU/0cPKMR12l6QQcNaSt27c76osHmGLAWMauxthyyAvS
qLThjg+b0XS6J8f2EtpwvVCscf051yfdW0M9HcWctbk5OEbCACYLv8EIZqkDAQhy
n/+AjgNGemOLE3nRBdrrBBXDcT33fHDqAOF/vzROFpT15F157ZxrUZvEtQ5veZiR
N36SmpmwX05s8ta2FQKhxu3cIrr2Cl8PopVVQmHIGY1SPS43nowPLMYsboBrDvta
lwqXv6Wc0JzLWfCf0uG+l8e5xkWDe3+DT1nfAzPFzGI3URCZg97TUWcJ85Cn
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:14 2024 by rpki-client on console-ams.rpki-client.org