Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/70cb80-4e6d-46a5-b1b4-4e3f4d68f682/1/QGLkWc9He8xh8oqsz72r0jC9nzo.roa
File: QGLkWc9He8xh8oqsz72r0jC9nzo.roa (raw, json)
Hash identifier: 6ugpBevWYgFWmFTUVX2uHuiPiyTNI1cmvKyl/ZcLcA0=
Subject key identifier: 40:62:E4:59:CF:47:7B:CC:61:F2:8A:AC:CF:BD:AB:D2:30:BD:9F:3A
Certificate issuer: /CN=74267f3ecfcc61668e0501bca60ced6dd75d347c
Certificate serial: 05FBA802
Authority key identifier: 74:26:7F:3E:CF:CC:61:66:8E:05:01:BC:A6:0C:ED:6D:D7:5D:34:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dCZ_Ps_MYWaOBQG8pgztbdddNHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/70cb80-4e6d-46a5-b1b4-4e3f4d68f682/1/QGLkWc9He8xh8oqsz72r0jC9nzo.roa
Signing time: Sat 01 Jan 2022 02:56:43 +0000
ROA not before: Sat 01 Jan 2022 02:56:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50897
IP address blocks: 192.108.116.0/24 maxlen: 24
192.108.117.0/24 maxlen: 24
192.108.118.0/24 maxlen: 24
192.108.115.0/24 maxlen: 24
192.44.75.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100378626 (0x5fba802)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74267f3ecfcc61668e0501bca60ced6dd75d347c
Validity
Not Before: Jan 1 02:56:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4062e459cf477bcc61f28aaccfbdabd230bd9f3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:06:f7:07:76:ef:29:52:37:87:da:33:cc:88:
36:6f:51:6a:f1:9a:01:67:08:ce:0d:c4:eb:33:6e:
e7:ff:a5:99:55:5c:b6:61:0a:aa:04:a2:0f:95:62:
10:64:61:78:de:a5:17:00:84:e8:16:b4:d1:e3:14:
b8:ae:23:fa:1c:c5:9c:eb:ed:52:a1:11:96:e0:1b:
4a:21:7b:d7:50:5d:ee:00:00:4f:e2:24:bf:2e:39:
c3:9f:b6:d0:aa:cb:99:60:22:1f:aa:d2:ca:d5:33:
f1:8d:d5:ab:17:c7:93:bc:8e:d8:08:df:7f:f7:a2:
ff:82:11:04:d4:73:93:6d:5f:6f:4c:f5:44:c8:ae:
6b:c3:9a:43:51:76:db:2b:17:56:50:36:07:cc:c5:
5c:5c:99:e3:56:eb:71:8c:c8:bd:4a:39:23:43:0b:
91:ac:1e:41:26:74:7b:60:fb:f8:c2:f5:b4:07:cc:
a6:63:09:db:42:98:7c:eb:7c:e3:b2:87:05:d8:bf:
71:03:e3:5d:85:ac:1f:1f:94:fc:7d:b8:08:7f:64:
e4:10:8c:d1:a6:de:8f:da:1f:55:74:43:32:f6:b6:
f1:3a:97:4f:dc:fe:d6:6f:ea:3b:be:f3:03:e8:81:
d4:17:79:f6:41:4c:f2:27:4a:79:26:aa:6d:a9:86:
6f:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:62:E4:59:CF:47:7B:CC:61:F2:8A:AC:CF:BD:AB:D2:30:BD:9F:3A
X509v3 Authority Key Identifier:
keyid:74:26:7F:3E:CF:CC:61:66:8E:05:01:BC:A6:0C:ED:6D:D7:5D:34:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dCZ_Ps_MYWaOBQG8pgztbdddNHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/70cb80-4e6d-46a5-b1b4-4e3f4d68f682/1/QGLkWc9He8xh8oqsz72r0jC9nzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/70cb80-4e6d-46a5-b1b4-4e3f4d68f682/1/dCZ_Ps_MYWaOBQG8pgztbdddNHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.44.75.0/24
192.108.115.0-192.108.118.255
Signature Algorithm: sha256WithRSAEncryption
19:17:b8:17:c3:05:2e:19:1a:3b:b0:d3:d7:8a:56:0e:64:03:
49:bf:98:30:54:98:9d:3e:83:7c:e1:5d:fd:34:22:54:65:9a:
85:c9:7b:76:5a:74:35:ed:0c:1d:7d:ce:c7:fa:1c:f5:89:e0:
22:d1:fa:ee:6e:d6:d8:66:b4:c7:d8:fd:a8:f3:09:c0:47:6a:
3e:da:fd:2b:7e:db:30:af:55:ea:b9:c5:58:6e:ee:5b:90:90:
5b:1c:ae:ba:42:6a:5d:9b:aa:01:37:02:3e:83:88:38:b5:18:
3f:cd:ee:16:52:a2:df:16:91:20:23:b5:1a:42:01:d5:dd:b1:
37:a8:07:d4:9d:e2:4d:b3:1e:be:4b:f7:62:c5:46:eb:4e:f7:
1e:70:a3:dd:a7:58:86:07:1e:d5:2f:ec:cf:aa:85:b6:5a:b1:
33:4c:de:f6:90:28:3c:31:7b:ae:48:84:32:71:c6:16:4a:fa:
4b:c3:19:08:a8:e5:da:f9:4b:6a:fe:9e:a5:b5:2b:67:1d:75:
6d:98:a8:7e:e9:a6:c1:5d:35:b8:70:73:3f:7f:02:67:0c:75:
ab:21:38:d3:bd:56:22:d3:ea:2f:d4:c5:60:61:44:cb:89:8d:
87:ec:38:9d:55:e3:0a:c4:29:ef:1a:4c:a9:d4:49:7e:7d:e6:
48:df:f7:e2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEBfuoAjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDI2N2YzZWNmY2M2MTY2OGUwNTAxYmNhNjBjZWQ2ZGQ3NWQzNDdjMB4XDTIyMDEw
MTAyNTY0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDA2MmU0NTljZjQ3
N2JjYzYxZjI4YWFjY2ZiZGFiZDIzMGJkOWYzYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIgG9wd27ylSN4faM8yINm9RavGaAWcIzg3E6zNu5/+lmVVc
tmEKqgSiD5ViEGRheN6lFwCE6Ba00eMUuK4j+hzFnOvtUqERluAbSiF711Bd7gAA
T+Ikvy45w5+20KrLmWAiH6rSytUz8Y3VqxfHk7yO2Ajff/ei/4IRBNRzk21fb0z1
RMiua8OaQ1F22ysXVlA2B8zFXFyZ41brcYzIvUo5I0MLkaweQSZ0e2D7+ML1tAfM
pmMJ20KYfOt847KHBdi/cQPjXYWsHx+U/H24CH9k5BCM0abej9ofVXRDMva28TqX
T9z+1m/qO77zA+iB1Bd59kFM8idKeSaqbamGb8UCAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBRAYuRZz0d7zGHyiqzPvavSML2fOjAfBgNVHSMEGDAWgBR0Jn8+z8xhZo4F
AbymDO1t1100fDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RDWl9Qc19NWVdhT0JRRzhwZ3p0YmRkZE5Idy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjcvNzBjYjgwLTRlNmQtNDZhNS1iMWI0LTRlM2Y0ZDY4ZjY4Mi8x
L1FHTGtXYzlIZTh4aDhvcXN6NzJyMGpDOW56by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjcv
NzBjYjgwLTRlNmQtNDZhNS1iMWI0LTRlM2Y0ZDY4ZjY4Mi8xL2RDWl9Qc19NWVdh
T0JRRzhwZ3p0YmRkZE5Idy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFAMEAMAsSzAMAwQAwGxzAwQAwGx2MA0G
CSqGSIb3DQEBCwUAA4IBAQAZF7gXwwUuGRo7sNPXilYOZANJv5gwVJidPoN84V39
NCJUZZqFyXt2WnQ17Qwdfc7H+hz1ieAi0frubtbYZrTH2P2o8wnAR2o+2v0rftsw
r1XqucVYbu5bkJBbHK66Qmpdm6oBNwI+g4g4tRg/ze4WUqLfFpEgI7UaQgHV3bE3
qAfUneJNsx6+S/dixUbrTvcecKPdp1iGBx7VL+zPqoW2WrEzTN72kCg8MXuuSIQy
ccYWSvpLwxkIqOXa+Utq/p6ltStnHXVtmKh+6abBXTW4cHM/fwJnDHWrITjTvVYi
0+ov1MVgYUTLiY2H7DidVeMKxCnvGkyp1El+feZI3/fi
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:58 2023 by rpki-client on console-ams.rpki-client.org