Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/2098ac-c2de-4362-a255-acd72d2c6cb6/1/XjzQgAPAiqrZwrBXiA5YDxmXZRI.roa
File: XjzQgAPAiqrZwrBXiA5YDxmXZRI.roa (raw, json)
Hash identifier: 7PNWXs1/PpiPBpiKEFEE0zxor5/yp5WiiyNSU2Buw1Y=
Subject key identifier: 5E:3C:D0:80:03:C0:8A:AA:D9:C2:B0:57:88:0E:58:0F:19:97:65:12
Certificate issuer: /CN=400f942eb07335ca3e7fbd18f06c158db37cfd4b
Certificate serial: 0182EDBD5B2D78624208432C21294CD36058
Authority key identifier: 40:0F:94:2E:B0:73:35:CA:3E:7F:BD:18:F0:6C:15:8D:B3:7C:FD:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QA-ULrBzNco-f70Y8GwVjbN8_Us.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/2098ac-c2de-4362-a255-acd72d2c6cb6/1/XjzQgAPAiqrZwrBXiA5YDxmXZRI.roa
Signing time: Tue 30 Aug 2022 07:53:05 +0000
ROA not before: Tue 30 Aug 2022 07:53:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207697
IP address blocks: 193.22.137.0/24 maxlen: 24
193.22.138.0/24 maxlen: 24
193.22.139.0/24 maxlen: 24
193.22.136.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ed:bd:5b:2d:78:62:42:08:43:2c:21:29:4c:d3:60:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=400f942eb07335ca3e7fbd18f06c158db37cfd4b
Validity
Not Before: Aug 30 07:53:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5e3cd08003c08aaad9c2b057880e580f19976512
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:3b:86:1c:d0:e0:55:e5:1b:52:a1:c4:d5:7c:
08:75:fa:5f:0c:47:14:7b:1c:5a:ea:51:c1:cc:a3:
8d:82:bf:24:72:ce:e7:4c:4f:bf:f8:53:11:1c:10:
1b:fe:f0:3f:5d:77:1c:f0:aa:f4:82:83:8d:4b:b1:
0e:98:97:14:db:a3:1b:af:bd:c8:61:76:7c:05:92:
f7:7c:ed:e5:c9:87:1a:1b:8c:02:6b:e5:56:86:01:
4e:e7:11:c1:7a:0d:96:a0:af:da:80:0b:03:a1:98:
27:f7:d5:b0:0c:46:b7:1a:2c:04:f9:f1:70:c0:01:
1a:0b:09:c9:d1:61:36:cf:81:94:f8:90:c0:3a:0e:
f5:75:f7:83:55:28:75:9d:26:4d:1a:12:f7:f9:1f:
50:9f:21:6f:24:ae:d3:1f:57:62:ca:9c:d6:e3:da:
75:e1:e7:5a:d6:1f:d0:f8:ff:64:9d:1a:33:72:ef:
ee:dd:c0:16:fa:47:2f:7f:70:65:2d:ac:50:40:6b:
64:7b:35:09:d7:c2:c6:80:50:8b:6e:9b:55:87:b4:
21:14:8b:b3:72:61:f7:82:7e:0a:48:30:e0:57:41:
c7:1f:45:d3:3f:53:f9:71:23:bd:77:c2:5e:7b:e6:
ff:0e:59:cf:b9:bc:4e:2a:be:f3:b9:5b:6c:f4:16:
01:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:3C:D0:80:03:C0:8A:AA:D9:C2:B0:57:88:0E:58:0F:19:97:65:12
X509v3 Authority Key Identifier:
keyid:40:0F:94:2E:B0:73:35:CA:3E:7F:BD:18:F0:6C:15:8D:B3:7C:FD:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QA-ULrBzNco-f70Y8GwVjbN8_Us.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/2098ac-c2de-4362-a255-acd72d2c6cb6/1/XjzQgAPAiqrZwrBXiA5YDxmXZRI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/2098ac-c2de-4362-a255-acd72d2c6cb6/1/QA-ULrBzNco-f70Y8GwVjbN8_Us.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.22.136.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:fd:21:6c:b9:57:57:48:53:d4:22:0d:a3:f6:83:45:46:13:
ce:a7:f6:b2:c5:20:a5:58:7d:ba:ef:e7:08:de:e7:33:13:20:
11:16:9d:fd:0f:6b:a8:06:a4:71:50:3d:b8:0f:92:d7:93:e9:
12:8b:d0:e6:83:f2:51:81:a6:3c:d0:bc:e7:bc:d2:cd:0f:60:
b2:cb:c1:c7:ae:33:49:00:8a:71:28:48:db:f9:5a:59:64:97:
8d:33:fd:21:37:ae:41:9c:bf:05:b9:7c:d9:83:5d:e0:b8:0a:
fd:c2:8e:f1:cf:ad:bc:fa:c3:3c:58:5d:d8:d8:be:2f:f8:f3:
50:03:15:9a:9d:54:14:a6:01:00:c5:50:f2:c0:15:60:84:84:
15:47:2d:43:d6:06:44:81:9a:e0:5a:fb:2a:4a:0b:b2:4a:8f:
56:ee:44:17:e3:6b:7c:3c:e8:c2:4c:24:a5:22:a4:4b:42:70:
af:b3:13:b1:57:ef:d2:de:4d:9c:85:74:d3:fe:d4:1a:85:2d:
b3:86:6d:66:20:a4:cb:24:05:14:a2:f4:34:77:f6:3a:fd:53:
f0:bd:c8:bd:8e:13:8e:c1:5b:99:be:7c:a3:d6:87:54:e3:28:
9f:b4:71:9d:7e:61:ae:d7:7d:ac:17:4e:63:bc:b7:70:7f:5f:
52:f6:e6:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYLtvVsteGJCCEMsISlM02BYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMGY5NDJlYjA3MzM1Y2EzZTdmYmQxOGYwNmMxNThkYjM3
Y2ZkNGIwHhcNMjIwODMwMDc1MzA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTNjZDA4MDAzYzA4YWFhZDljMmIwNTc4ODBlNTgwZjE5OTc2NTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujuGHNDgVeUbUqHE1XwIdfpfDEcU
exxa6lHBzKONgr8kcs7nTE+/+FMRHBAb/vA/XXcc8Kr0goONS7EOmJcU26Mbr73I
YXZ8BZL3fO3lyYcaG4wCa+VWhgFO5xHBeg2WoK/agAsDoZgn99WwDEa3GiwE+fFw
wAEaCwnJ0WE2z4GU+JDAOg71dfeDVSh1nSZNGhL3+R9QnyFvJK7TH1diypzW49p1
4eda1h/Q+P9knRozcu/u3cAW+kcvf3BlLaxQQGtkezUJ18LGgFCLbptVh7QhFIuz
cmH3gn4KSDDgV0HHH0XTP1P5cSO9d8Jee+b/DlnPubxOKr7zuVts9BYBOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF480IADwIqq2cKwV4gOWA8Zl2USMB8GA1UdIwQY
MBaAFEAPlC6wczXKPn+9GPBsFY2zfP1LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUEtVUxyQnpOY28tZjcwWThHd1ZqYk44X1VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8yMDk4YWMtYzJkZS00MzYyLWEyNTUt
YWNkNzJkMmM2Y2I2LzEvWGp6UWdBUEFpcXJad3JCWGlBNVlEeG1YWlJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8yMDk4YWMtYzJkZS00MzYyLWEyNTUtYWNkNzJkMmM2Y2I2
LzEvUUEtVUxyQnpOY28tZjcwWThHd1ZqYk44X1VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwRaIMA0G
CSqGSIb3DQEBCwUAA4IBAQB8/SFsuVdXSFPUIg2j9oNFRhPOp/ayxSClWH267+cI
3uczEyARFp39D2uoBqRxUD24D5LXk+kSi9Dmg/JRgaY80LznvNLND2Cyy8HHrjNJ
AIpxKEjb+VpZZJeNM/0hN65BnL8FuXzZg13guAr9wo7xz628+sM8WF3Y2L4v+PNQ
AxWanVQUpgEAxVDywBVghIQVRy1D1gZEgZrgWvsqSguySo9W7kQX42t8POjCTCSl
IqRLQnCvsxOxV+/S3k2chXTT/tQahS2zhm1mIKTLJAUUovQ0d/Y6/VPwvci9jhOO
wVuZvnyj1odU4yiftHGdfmGu132sF05jvLdwf19S9ubH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:34 2024 by rpki-client on console-fra.rpki-client.org