Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/cf8f99-e581-4f5f-875f-df4e8c7364fe/1/qiR7vjZrNNtjkpTRw12FloCdAZE.roa
File: qiR7vjZrNNtjkpTRw12FloCdAZE.roa (raw, json)
Hash identifier: xgcAAhcyvfoQ9ZygcZlqhJ2YSNo0EFpMKiFoG7JHWX0=
Subject key identifier: AA:24:7B:BE:36:6B:34:DB:63:92:94:D1:C3:5D:85:96:80:9D:01:91
Certificate issuer: /CN=3096d7afbb8a5e315a5c489acea7dcb75aa65d04
Certificate serial: 1C2C2448
Authority key identifier: 30:96:D7:AF:BB:8A:5E:31:5A:5C:48:9A:CE:A7:DC:B7:5A:A6:5D:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MJbXr7uKXjFaXEiazqfct1qmXQQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/cf8f99-e581-4f5f-875f-df4e8c7364fe/1/qiR7vjZrNNtjkpTRw12FloCdAZE.roa
Signing time: Sat 01 Jan 2022 00:58:11 +0000
ROA not before: Sat 01 Jan 2022 00:58:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43817
IP address blocks: 185.167.20.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 472654920 (0x1c2c2448)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3096d7afbb8a5e315a5c489acea7dcb75aa65d04
Validity
Not Before: Jan 1 00:58:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aa247bbe366b34db639294d1c35d8596809d0191
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:22:df:36:9a:21:a8:84:83:d2:75:72:b4:58:
1c:54:fe:d2:f6:c3:37:c8:73:4e:00:bc:47:a0:5f:
32:ca:f8:49:d3:65:e3:89:d7:a1:89:88:95:d2:0a:
7b:4f:11:f1:04:b7:e4:4c:1c:61:3e:0f:1a:13:61:
9a:7a:32:35:8d:94:1a:a9:77:03:36:41:41:ef:80:
8c:b3:cd:9d:2d:f2:69:48:51:ee:18:f7:a5:07:fe:
02:2d:04:8c:a1:bf:cf:b8:79:b2:a4:53:63:73:a5:
d6:eb:31:67:ad:be:9c:92:b1:5d:de:30:a5:d0:9b:
44:21:4c:63:ac:bf:34:c4:d8:4a:59:e1:45:2f:1d:
66:76:b7:a5:49:3a:2e:2a:c6:b6:b5:89:a5:22:d9:
1c:5e:dd:73:98:8d:4a:18:0f:15:e7:df:fc:12:15:
2a:f4:26:4c:1f:9d:72:ba:7a:58:82:ff:42:5d:07:
d5:31:39:db:25:78:47:ca:90:55:1b:04:5c:8b:cf:
21:78:1e:04:db:8e:16:0e:7d:a7:cf:cd:cf:30:26:
a0:bd:81:08:ec:a0:f5:73:b3:5e:1b:f7:35:45:1e:
77:1b:d1:8e:cc:36:70:f4:76:9c:06:cd:e9:2e:b4:
d0:76:29:b2:1f:10:67:96:c2:8b:e0:04:2c:ef:c9:
21:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:24:7B:BE:36:6B:34:DB:63:92:94:D1:C3:5D:85:96:80:9D:01:91
X509v3 Authority Key Identifier:
keyid:30:96:D7:AF:BB:8A:5E:31:5A:5C:48:9A:CE:A7:DC:B7:5A:A6:5D:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MJbXr7uKXjFaXEiazqfct1qmXQQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/cf8f99-e581-4f5f-875f-df4e8c7364fe/1/qiR7vjZrNNtjkpTRw12FloCdAZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/cf8f99-e581-4f5f-875f-df4e8c7364fe/1/MJbXr7uKXjFaXEiazqfct1qmXQQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.167.20.0/22
Signature Algorithm: sha256WithRSAEncryption
50:b7:d0:6b:c8:62:ab:8c:e0:10:94:17:1e:93:29:f3:bd:7e:
6b:dd:40:f3:98:e1:24:5f:0a:0a:aa:a7:d5:ae:87:32:50:46:
16:22:5f:9f:9a:43:b2:93:90:ac:14:bc:4e:a5:a6:0f:eb:5d:
3f:2e:06:ac:76:9b:b8:10:d0:fd:67:57:e9:ec:cd:56:9c:f5:
42:5b:f5:cc:d8:01:ae:0c:78:21:d5:c2:65:88:d8:2a:28:94:
5e:d7:f0:f9:6c:f4:b5:23:98:e5:98:2f:0f:39:0e:ab:0d:5c:
32:72:80:52:b5:ca:3e:e8:f1:8b:6a:5e:61:9c:99:fe:1c:de:
24:ad:bc:e8:08:fe:2c:2c:83:44:3a:c0:0a:a2:3d:16:12:48:
41:26:f7:83:71:d3:cd:69:de:66:aa:dc:be:c0:77:6b:0e:7d:
5d:c5:43:5e:ee:d0:17:cc:dc:c1:74:16:ae:49:a3:6d:2f:24:
49:6d:ef:49:c7:28:ec:6b:4a:e9:14:db:e7:56:a2:78:d8:8e:
a3:f3:70:1a:ff:52:22:a9:e1:48:05:3e:80:4f:8d:89:3e:bc:
0d:b3:f4:86:3d:f4:bb:3e:32:30:0f:bc:c0:85:a0:7a:42:d2:
1c:27:91:6a:1b:1a:7e:33:a8:18:b7:a9:aa:bb:36:ff:f2:8a:
00:4b:d4:3b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEHCwkSDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MDk2ZDdhZmJiOGE1ZTMxNWE1YzQ4OWFjZWE3ZGNiNzVhYTY1ZDA0MB4XDTIyMDEw
MTAwNTgxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWEyNDdiYmUzNjZi
MzRkYjYzOTI5NGQxYzM1ZDg1OTY4MDlkMDE5MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMYi3zaaIaiEg9J1crRYHFT+0vbDN8hzTgC8R6BfMsr4SdNl
44nXoYmIldIKe08R8QS35EwcYT4PGhNhmnoyNY2UGql3AzZBQe+AjLPNnS3yaUhR
7hj3pQf+Ai0EjKG/z7h5sqRTY3Ol1usxZ62+nJKxXd4wpdCbRCFMY6y/NMTYSlnh
RS8dZna3pUk6LirGtrWJpSLZHF7dc5iNShgPFeff/BIVKvQmTB+dcrp6WIL/Ql0H
1TE52yV4R8qQVRsEXIvPIXgeBNuOFg59p8/NzzAmoL2BCOyg9XOzXhv3NUUedxvR
jsw2cPR2nAbN6S600HYpsh8QZ5bCi+AELO/JIQ0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSqJHu+Nms022OSlNHDXYWWgJ0BkTAfBgNVHSMEGDAWgBQwltevu4peMVpc
SJrOp9y3WqZdBDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01KYlhyN3VLWGpGYVhFaWF6cWZjdDFxbVhRUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzQvY2Y4Zjk5LWU1ODEtNGY1Zi04NzVmLWRmNGU4YzczNjRmZS8x
L3FpUjd2alpyTk50amtwVFJ3MTJGbG9DZEFaRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzQv
Y2Y4Zjk5LWU1ODEtNGY1Zi04NzVmLWRmNGU4YzczNjRmZS8xL01KYlhyN3VLWGpG
YVhFaWF6cWZjdDFxbVhRUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmnFDANBgkqhkiG9w0BAQsFAAOC
AQEAULfQa8hiq4zgEJQXHpMp871+a91A85jhJF8KCqqn1a6HMlBGFiJfn5pDspOQ
rBS8TqWmD+tdPy4GrHabuBDQ/WdX6ezNVpz1Qlv1zNgBrgx4IdXCZYjYKiiUXtfw
+Wz0tSOY5ZgvDzkOqw1cMnKAUrXKPujxi2peYZyZ/hzeJK286Aj+LCyDRDrACqI9
FhJIQSb3g3HTzWneZqrcvsB3aw59XcVDXu7QF8zcwXQWrkmjbS8kSW3vScco7GtK
6RTb51aieNiOo/NwGv9SIqnhSAU+gE+NiT68DbP0hj30uz4yMA+8wIWgekLSHCeR
ahsafjOoGLepqrs2//KKAEvUOw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:09 2024 by rpki-client on console-fra.rpki-client.org