Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/qMkL1aByIQPamXmdii-hLbS4pX0.roa
File: qMkL1aByIQPamXmdii-hLbS4pX0.roa (raw, json)
Hash identifier: a1VvHp4aaahLDzjngxyaF/eqGmSmgS5fN4lRr1ck7Oo=
Subject key identifier: A8:C9:0B:D5:A0:72:21:03:DA:99:79:9D:8A:2F:A1:2D:B4:B8:A5:7D
Certificate issuer: /CN=4da84d247ce37cdccf06e1571d226a2b85677bcd
Certificate serial: 0183C5CE51F1846B2A7AD8B8C8885BB2A1F2
Authority key identifier: 4D:A8:4D:24:7C:E3:7C:DC:CF:06:E1:57:1D:22:6A:2B:85:67:7B:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TahNJHzjfNzPBuFXHSJqK4Vne80.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/qMkL1aByIQPamXmdii-hLbS4pX0.roa
Signing time: Tue 11 Oct 2022 06:49:36 +0000
ROA not before: Tue 11 Oct 2022 06:49:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212249
IP address blocks: 185.174.71.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c5:ce:51:f1:84:6b:2a:7a:d8:b8:c8:88:5b:b2:a1:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4da84d247ce37cdccf06e1571d226a2b85677bcd
Validity
Not Before: Oct 11 06:49:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a8c90bd5a0722103da99799d8a2fa12db4b8a57d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:7c:fd:7e:98:c2:c6:69:8a:93:72:cf:85:50:
d1:cb:a1:94:9f:d1:21:d5:ec:d4:b1:08:41:bf:ca:
73:fe:ac:98:b4:3a:e3:49:29:c3:6c:4a:1b:55:57:
e5:90:d6:95:86:21:9b:50:2b:63:20:df:7f:a9:cd:
0d:a6:e9:d0:da:92:22:84:0d:de:4b:41:8b:ca:af:
d7:a6:18:c8:fc:7f:4d:43:19:c9:bd:b7:ab:9f:0f:
d1:24:2c:85:e1:b9:b1:92:27:8e:cc:5e:f6:0f:b9:
8b:07:aa:e1:77:e6:9a:df:dd:34:3e:f3:36:b4:c4:
27:47:59:da:c8:b9:71:bf:35:5f:18:42:fb:3e:6a:
05:4c:af:76:79:e9:5b:e1:12:62:50:f8:18:d9:4c:
fa:8e:4e:5e:78:9e:18:5e:66:10:53:7d:19:6e:fe:
1a:eb:2d:44:41:05:9f:2f:1d:b3:4f:c7:a3:4f:a4:
23:52:60:85:75:42:d2:88:e5:42:00:d5:b3:eb:65:
39:69:0a:0d:50:c6:55:16:aa:47:e2:5b:34:dc:20:
17:42:77:c6:04:fa:5e:ca:2c:a4:3f:65:d4:80:bc:
fc:f7:df:3a:0a:37:a9:d0:5d:5f:88:4d:84:0b:91:
16:44:42:5d:6c:53:83:d9:50:c0:e4:4e:ae:aa:6a:
d0:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:C9:0B:D5:A0:72:21:03:DA:99:79:9D:8A:2F:A1:2D:B4:B8:A5:7D
X509v3 Authority Key Identifier:
keyid:4D:A8:4D:24:7C:E3:7C:DC:CF:06:E1:57:1D:22:6A:2B:85:67:7B:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TahNJHzjfNzPBuFXHSJqK4Vne80.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/qMkL1aByIQPamXmdii-hLbS4pX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/TahNJHzjfNzPBuFXHSJqK4Vne80.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.174.71.0/24
Signature Algorithm: sha256WithRSAEncryption
18:b5:ba:f6:8c:ec:76:b4:36:b4:85:92:94:fe:f8:ee:d7:18:
d3:b1:a6:51:a3:63:4f:6c:53:90:e2:04:11:03:4c:5c:32:b9:
1d:1c:1d:d0:88:9f:13:d4:2e:07:96:c6:45:08:cc:26:33:53:
22:29:0a:7b:c8:47:27:61:97:dc:3f:39:c3:49:28:b9:a0:fd:
f9:9c:a1:70:32:62:d7:f0:d3:ba:4b:9a:f0:cd:76:71:b5:94:
23:58:2e:c5:c0:1c:a6:ed:fb:fb:06:14:c1:bc:b6:90:3a:5d:
25:97:d0:83:cd:36:17:5e:29:29:fa:a3:38:15:c3:5d:e9:6d:
24:41:e2:b5:41:55:f8:d5:5b:43:dc:3f:11:8f:71:69:11:19:
32:a2:e5:d8:68:27:93:97:77:8e:e2:89:95:70:3f:34:a2:57:
b7:7a:86:a3:bd:7c:9d:71:d7:1b:a0:a4:59:dc:67:2c:ec:50:
e3:d1:eb:c1:51:bc:50:7a:68:22:50:61:08:6d:c9:fd:fe:03:
f9:4d:64:2b:12:71:74:c7:4c:5e:a5:31:6a:f6:c6:8d:e0:7e:
32:f4:3e:76:c6:93:07:56:f8:a8:0f:d0:b7:27:95:c8:da:f9:
01:9f:e9:06:5d:40:1a:e7:35:35:1d:12:bf:85:d0:9b:39:95:
0f:08:0f:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPFzlHxhGsqeti4yIhbsqHyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkYTg0ZDI0N2NlMzdjZGNjZjA2ZTE1NzFkMjI2YTJiODU2
NzdiY2QwHhcNMjIxMDExMDY0OTM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGM5MGJkNWEwNzIyMTAzZGE5OTc5OWQ4YTJmYTEyZGI0YjhhNTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiHz9fpjCxmmKk3LPhVDRy6GUn9Eh
1ezUsQhBv8pz/qyYtDrjSSnDbEobVVflkNaVhiGbUCtjIN9/qc0NpunQ2pIihA3e
S0GLyq/XphjI/H9NQxnJvbernw/RJCyF4bmxkieOzF72D7mLB6rhd+aa3900PvM2
tMQnR1nayLlxvzVfGEL7PmoFTK92eelb4RJiUPgY2Uz6jk5eeJ4YXmYQU30Zbv4a
6y1EQQWfLx2zT8ejT6QjUmCFdULSiOVCANWz62U5aQoNUMZVFqpH4ls03CAXQnfG
BPpeyiykP2XUgLz89986Cjep0F1fiE2EC5EWREJdbFOD2VDA5E6uqmrQHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKjJC9WgciED2pl5nYovoS20uKV9MB8GA1UdIwQY
MBaAFE2oTSR843zczwbhVx0iaiuFZ3vNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGFoTkpIempmTnpQQnVGWEhTSnFLNFZuZTgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC8yMTBmYmItYWE2ZS00OWM5LTkxOGIt
NTU1OGE4YjUzZTNkLzEvcU1rTDFhQnlJUVBhbVhtZGlpLWhMYlM0cFgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC8yMTBmYmItYWE2ZS00OWM5LTkxOGItNTU1OGE4YjUzZTNk
LzEvVGFoTkpIempmTnpQQnVGWEhTSnFLNFZuZTgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAua5HMA0G
CSqGSIb3DQEBCwUAA4IBAQAYtbr2jOx2tDa0hZKU/vju1xjTsaZRo2NPbFOQ4gQR
A0xcMrkdHB3QiJ8T1C4HlsZFCMwmM1MiKQp7yEcnYZfcPznDSSi5oP35nKFwMmLX
8NO6S5rwzXZxtZQjWC7FwBym7fv7BhTBvLaQOl0ll9CDzTYXXikp+qM4FcNd6W0k
QeK1QVX41VtD3D8Rj3FpERkyouXYaCeTl3eO4omVcD80ole3eoajvXydcdcboKRZ
3Gcs7FDj0evBUbxQemgiUGEIbcn9/gP5TWQrEnF0x0xepTFq9saN4H4y9D52xpMH
VvioD9C3J5XI2vkBn+kGXUAa5zU1HRK/hdCbOZUPCA93
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:09 2023 by rpki-client on console-fra.rpki-client.org