Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/qy1hXaMvMLz-hASzL3VzmYU93Vc.roa
File: qy1hXaMvMLz-hASzL3VzmYU93Vc.roa (raw, json)
Hash identifier: ddzMAMi6vAm044Y7+jCgB12t/JxScR0l6xNdAyHVtTg=
Subject key identifier: AB:2D:61:5D:A3:2F:30:BC:FE:84:04:B3:2F:75:73:99:85:3D:DD:57
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 14CE4BA3
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/qy1hXaMvMLz-hASzL3VzmYU93Vc.roa
Signing time: Tue 03 May 2022 03:24:40 +0000
ROA not before: Tue 03 May 2022 03:24:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34078
IP address blocks: 188.214.238.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 349064099 (0x14ce4ba3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: May 3 03:24:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ab2d615da32f30bcfe8404b32f757399853ddd57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:2d:e5:6b:ff:19:24:ad:5e:6e:02:f9:90:f2:
54:f3:0f:41:0c:10:93:09:09:de:8d:50:86:2d:8b:
d4:6d:51:a6:6b:94:52:c2:f0:0b:44:d3:a0:08:a6:
08:7c:6c:80:df:d0:f9:f9:54:d3:20:7b:fb:71:5d:
c5:15:70:35:20:ff:18:c7:53:55:bf:ef:49:2e:62:
f6:ac:8f:4a:73:3f:7b:ad:b6:a4:1f:87:0d:2b:b0:
be:9b:bf:e0:38:26:88:1a:0c:83:ae:4c:ea:30:34:
f0:70:65:4c:df:14:c3:da:a2:c5:73:9c:75:bf:9f:
b1:0f:16:b5:f8:07:e4:aa:22:89:58:04:84:14:a1:
fa:27:ff:86:f8:72:79:dc:a7:c3:79:9c:3a:0b:95:
d3:22:95:5e:4f:e2:a6:ba:84:ec:bb:ec:b0:bc:52:
11:db:54:10:20:ba:52:4c:ec:8b:f7:cd:94:a8:33:
2f:2d:89:41:66:1d:9e:88:bf:d0:5a:01:f0:8b:c7:
2d:b1:d4:71:b9:d9:f8:ae:22:de:d1:8c:8d:9c:e3:
9d:1d:c7:1a:1c:49:18:d2:32:10:95:a0:78:9f:aa:
ab:5b:af:07:b8:26:2d:4c:46:5c:ab:33:75:98:20:
c0:71:46:09:a9:71:05:d7:59:24:b2:7e:b1:cb:ab:
0c:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:2D:61:5D:A3:2F:30:BC:FE:84:04:B3:2F:75:73:99:85:3D:DD:57
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/qy1hXaMvMLz-hASzL3VzmYU93Vc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.214.238.0/23
Signature Algorithm: sha256WithRSAEncryption
44:33:dc:cf:7f:3a:1d:57:fe:aa:7c:13:6d:23:83:72:98:3a:
ee:99:16:6c:22:72:9a:80:d0:19:25:04:1f:19:de:44:03:e6:
57:61:c3:b7:24:35:c7:2b:c5:6d:93:5a:af:3c:c0:b4:19:fa:
0e:e5:a6:a3:67:0e:0e:a8:e3:73:ec:c1:d5:9b:05:71:7a:50:
4e:f9:6d:77:32:c0:d6:d6:b6:b3:79:91:01:fb:ac:ed:52:21:
8f:a0:eb:f2:a2:35:23:26:0b:a6:75:ce:71:f3:89:b7:86:f2:
e3:34:ad:23:c0:00:39:c2:b6:a3:ba:e2:e6:7e:73:e9:f4:c2:
ab:d3:93:51:f1:02:45:2d:56:b8:aa:92:70:f1:ae:00:15:a0:
f5:2e:d7:6d:82:0f:8d:a1:a8:eb:53:a0:a5:eb:a5:9f:77:46:
e5:c6:b4:42:87:c7:49:85:23:89:00:89:52:8b:4e:52:f0:62:
2c:e3:ce:a2:77:d8:b8:ad:36:e3:db:22:7d:a0:ef:75:ca:aa:
e8:98:6c:4f:ce:da:73:ad:16:4f:37:3b:6e:c1:bc:d3:0d:48:
7c:3b:96:89:a2:e1:f4:12:54:9b:89:c2:9d:3d:00:f3:c2:f2:
e4:9b:6f:4f:66:b1:84:dd:bb:1d:c6:4c:2a:11:bf:8b:55:da:
75:b0:87:05
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFM5LozANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YWMzZGFhMWIxNDg1MGYyZTYxYzU5MmIyMTkxOTE1YTVlNjVhNDc4MB4XDTIyMDUw
MzAzMjQ0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWIyZDYxNWRhMzJm
MzBiY2ZlODQwNGIzMmY3NTczOTk4NTNkZGQ1NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALEt5Wv/GSStXm4C+ZDyVPMPQQwQkwkJ3o1Qhi2L1G1RpmuU
UsLwC0TToAimCHxsgN/Q+flU0yB7+3FdxRVwNSD/GMdTVb/vSS5i9qyPSnM/e622
pB+HDSuwvpu/4DgmiBoMg65M6jA08HBlTN8Uw9qixXOcdb+fsQ8WtfgH5KoiiVgE
hBSh+if/hvhyedynw3mcOguV0yKVXk/iprqE7LvssLxSEdtUECC6Ukzsi/fNlKgz
Ly2JQWYdnoi/0FoB8IvHLbHUcbnZ+K4i3tGMjZzjnR3HGhxJGNIyEJWgeJ+qq1uv
B7gmLUxGXKszdZggwHFGCalxBddZJLJ+scurDLsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSrLWFdoy8wvP6EBLMvdXOZhT3dVzAfBgNVHSMEGDAWgBQqw9qhsUhQ8uYc
WSshkZFaXmWkeDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tzUGFvYkZJVVBMbUhGa3JJWkdSV2w1bHBIZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzAvNDA1YmJkLTU5MTMtNGU5NS04ZTc1LWZlMDY1OTE3NmE1Ni8x
L3F5MWhYYU12TUx6LWhBU3pMM1Z6bVlVOTNWYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzAv
NDA1YmJkLTU5MTMtNGU5NS04ZTc1LWZlMDY1OTE3NmE1Ni8xL0tzUGFvYkZJVVBM
bUhGa3JJWkdSV2w1bHBIZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbzW7jANBgkqhkiG9w0BAQsFAAOC
AQEARDPcz386HVf+qnwTbSODcpg67pkWbCJymoDQGSUEHxneRAPmV2HDtyQ1xyvF
bZNarzzAtBn6DuWmo2cODqjjc+zB1ZsFcXpQTvltdzLA1ta2s3mRAfus7VIhj6Dr
8qI1IyYLpnXOcfOJt4by4zStI8AAOcK2o7ri5n5z6fTCq9OTUfECRS1WuKqScPGu
ABWg9S7XbYIPjaGo61Ogpeuln3dG5ca0QofHSYUjiQCJUotOUvBiLOPOonfYuK02
49sifaDvdcqq6JhsT87ac60WTzc7bsG80w1IfDuWiaLh9BJUm4nCnT0A88Ly5Jtv
T2axhN27HcZMKhG/i1XadbCHBQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:45 2023 by rpki-client on console-fra.rpki-client.org