Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/qGkLn4j_xIT3LdrTlqfSBvydXgg.roa
File: qGkLn4j_xIT3LdrTlqfSBvydXgg.roa (raw, json)
Hash identifier: Z3EBLDN6t6ixXg6YFdyZ4HCynn2Jq/GTfAYgY7jYy2k=
Subject key identifier: A8:69:0B:9F:88:FF:C4:84:F7:2D:DA:D3:96:A7:D2:06:FC:9D:5E:08
Certificate issuer: /CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Certificate serial: 08851B42
Authority key identifier: 1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/qGkLn4j_xIT3LdrTlqfSBvydXgg.roa
Signing time: Sat 01 Jan 2022 14:59:58 +0000
ROA not before: Sat 01 Jan 2022 14:59:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57679
IP address blocks: 31.40.159.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 142940994 (0x8851b42)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Validity
Not Before: Jan 1 14:59:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a8690b9f88ffc484f72ddad396a7d206fc9d5e08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:20:d3:17:19:b1:45:17:c6:6b:0c:c4:06:5f:
31:da:5e:3d:74:86:8d:76:3b:a5:be:32:17:27:85:
b7:c4:4b:e3:ab:87:de:93:f6:4d:ae:cb:6a:95:f5:
35:48:cf:ef:e9:f6:17:0c:be:3f:3e:71:5a:4e:f7:
cd:b6:f3:a2:cb:11:b3:1e:dd:ec:97:6e:47:ec:9d:
e1:b5:a2:8f:e0:92:81:53:f9:52:28:39:5e:be:a2:
47:44:80:34:44:de:d7:3a:4b:75:fb:32:3e:ea:5c:
4c:b9:81:1c:79:fd:e0:37:bd:3e:20:f7:69:fa:23:
23:89:c2:84:75:f7:d6:55:09:5f:ce:32:4f:42:fe:
98:eb:0a:e9:fc:c2:c6:94:fe:af:42:ba:e2:51:41:
e2:b3:6e:47:96:aa:64:aa:f4:65:77:ac:33:8f:3e:
81:d8:a4:dc:0e:71:57:d2:4c:ef:7e:7c:01:3d:f2:
83:d2:ce:7f:dc:ae:8c:c1:f0:b3:13:58:72:6a:4f:
4b:5b:9a:7e:3b:af:ea:40:11:a7:9d:42:44:bc:23:
84:0b:bd:41:b2:7d:e8:0f:02:3a:1d:9d:ac:37:13:
23:9a:93:50:83:c9:d6:4f:71:99:2c:5e:13:c2:79:
d2:bc:98:69:1b:53:3e:7a:a5:36:68:f7:ec:95:f8:
41:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:69:0B:9F:88:FF:C4:84:F7:2D:DA:D3:96:A7:D2:06:FC:9D:5E:08
X509v3 Authority Key Identifier:
keyid:1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/qGkLn4j_xIT3LdrTlqfSBvydXgg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/Hq9cLl7cGXg00H80WWKwdFvuZtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.159.0/24
Signature Algorithm: sha256WithRSAEncryption
10:cb:54:fe:fc:42:92:86:d7:a1:a0:3d:b2:e5:1d:7c:f7:26:
b6:dc:00:74:de:ba:0b:26:15:be:e5:2f:76:86:c7:ec:0c:58:
cb:82:aa:51:f0:ab:29:b4:a1:50:0b:56:9e:13:d2:0e:4c:3e:
28:46:f6:29:25:2e:2a:f6:af:e2:ce:86:0a:1e:ed:af:98:30:
37:b7:fb:2b:b4:89:90:04:24:92:1f:27:2b:1f:2c:d2:67:a1:
b1:a9:b4:3c:9a:bc:eb:b6:60:9c:4a:11:13:0c:38:1e:db:b7:
5f:40:74:83:68:c1:14:85:8b:77:3b:4a:17:16:5d:92:02:68:
37:a9:6f:93:aa:40:36:bb:a1:e3:5b:54:dc:18:56:44:40:9e:
85:4d:9b:9c:4f:04:ea:19:50:04:a5:74:e8:b0:fb:cb:bc:d0:
ac:ac:0a:ad:5f:1d:ef:e0:12:bf:43:0b:bc:e6:1b:9c:93:29:
a2:57:c4:04:74:d8:f1:8a:00:23:77:68:3a:d1:9e:08:dc:86:
13:0d:d3:78:5e:f5:af:41:c5:1a:2b:02:00:29:33:ff:5e:64:
95:ee:2b:43:a3:3d:29:35:65:48:ed:1f:87:ad:4e:8a:d5:3f:
75:ef:19:b8:d8:93:2b:a6:d9:fb:f9:86:87:87:55:9f:b0:8a:
93:b2:90:5e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECIUbQjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZWFmNWMyZTVlZGMxOTc4MzRkMDdmMzQ1OTYyYjA3NDViZWU2NmQ3MB4XDTIyMDEw
MTE0NTk1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTg2OTBiOWY4OGZm
YzQ4NGY3MmRkYWQzOTZhN2QyMDZmYzlkNWUwODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKQg0xcZsUUXxmsMxAZfMdpePXSGjXY7pb4yFyeFt8RL46uH
3pP2Ta7LapX1NUjP7+n2Fwy+Pz5xWk73zbbzossRsx7d7JduR+yd4bWij+CSgVP5
Uig5Xr6iR0SANETe1zpLdfsyPupcTLmBHHn94De9PiD3afojI4nChHX31lUJX84y
T0L+mOsK6fzCxpT+r0K64lFB4rNuR5aqZKr0ZXesM48+gdik3A5xV9JM7358AT3y
g9LOf9yujMHwsxNYcmpPS1uafjuv6kARp51CRLwjhAu9QbJ96A8COh2drDcTI5qT
UIPJ1k9xmSxeE8J50ryYaRtTPnqlNmj37JX4QaECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSoaQufiP/EhPct2tOWp9IG/J1eCDAfBgNVHSMEGDAWgBQer1wuXtwZeDTQ
fzRZYrB0W+5m1zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hxOWNMbDdjR1hnMDBIODBXV0t3ZEZ2dVp0Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzYvMWNmYjkyLTljMzEtNDY0Zi05MzgyLTRhMzRjMWJiYWIyYi8x
L3FHa0xuNGpfeElUM0xkclRscWZTQnZ5ZFhnZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzYv
MWNmYjkyLTljMzEtNDY0Zi05MzgyLTRhMzRjMWJiYWIyYi8xL0hxOWNMbDdjR1hn
MDBIODBXV0t3ZEZ2dVp0Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAB8onzANBgkqhkiG9w0BAQsFAAOC
AQEAEMtU/vxCkobXoaA9suUdfPcmttwAdN66CyYVvuUvdobH7AxYy4KqUfCrKbSh
UAtWnhPSDkw+KEb2KSUuKvav4s6GCh7tr5gwN7f7K7SJkAQkkh8nKx8s0mehsam0
PJq867ZgnEoREww4Htu3X0B0g2jBFIWLdztKFxZdkgJoN6lvk6pANruh41tU3BhW
RECehU2bnE8E6hlQBKV06LD7y7zQrKwKrV8d7+ASv0MLvOYbnJMpolfEBHTY8YoA
I3doOtGeCNyGEw3TeF71r0HFGisCACkz/15kle4rQ6M9KTVlSO0fh61OitU/de8Z
uNiTK6bZ+/mGh4dVn7CKk7KQXg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:41 2023 by rpki-client on console-ams.rpki-client.org