Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/d6c592-7d7e-49ae-b1d4-40d01a76e25e/1/JQxQ-YnHF8FHVF74MjcXFc_0Cnk.roa
File: JQxQ-YnHF8FHVF74MjcXFc_0Cnk.roa (raw, json)
Hash identifier: GCclkqB6+b2zg0fXo5bCHSiUQ+Q1BOZLVJkxFIIcm/Q=
Subject key identifier: 25:0C:50:F9:89:C7:17:C1:47:54:5E:F8:32:37:17:15:CF:F4:0A:79
Certificate issuer: /CN=1f65ccef140ff30e4d7da9bf70516a03f3cc0801
Certificate serial: 087F3CE9
Authority key identifier: 1F:65:CC:EF:14:0F:F3:0E:4D:7D:A9:BF:70:51:6A:03:F3:CC:08:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H2XM7xQP8w5Nfam_cFFqA_PMCAE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/d6c592-7d7e-49ae-b1d4-40d01a76e25e/1/JQxQ-YnHF8FHVF74MjcXFc_0Cnk.roa
Signing time: Sat 01 Jan 2022 12:04:34 +0000
ROA not before: Sat 01 Jan 2022 12:04:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209047
IP address blocks: 45.9.33.0/24 maxlen: 24
45.9.32.0/24 maxlen: 24
45.9.35.0/24 maxlen: 24
45.9.32.0/22 maxlen: 22
45.9.34.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 142556393 (0x87f3ce9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f65ccef140ff30e4d7da9bf70516a03f3cc0801
Validity
Not Before: Jan 1 12:04:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=250c50f989c717c147545ef832371715cff40a79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:03:27:73:4c:0e:8d:8a:55:73:83:e6:83:5b:
21:d9:64:96:34:03:8b:7c:2c:25:8d:64:c2:e0:82:
59:99:91:2e:24:a9:9d:4b:69:71:3e:ba:2f:95:0c:
f8:08:a7:21:c1:a5:de:d2:6d:ea:ef:3c:68:3f:81:
4b:71:43:81:94:39:ee:b0:93:15:65:25:4f:cc:d7:
97:4e:ac:ae:b9:50:3a:07:55:bf:f0:50:4e:22:a6:
df:16:3c:5e:79:1c:69:36:60:66:e3:f5:a1:54:88:
14:d8:4c:a3:db:35:8c:3e:5b:f7:ae:4c:e8:09:04:
68:84:45:84:f3:44:62:63:40:7c:32:e8:64:f7:f9:
12:15:d8:d3:b8:46:47:77:e3:5c:dc:a8:a5:84:22:
57:e4:27:de:3a:cd:4b:08:f1:70:68:58:9b:47:17:
ad:c2:f5:53:7e:62:c0:87:0a:fc:ba:70:48:7f:50:
8c:04:34:00:64:85:4e:a8:d8:45:8b:b5:d0:8d:bf:
06:1c:41:ee:32:4a:ae:63:9f:3a:a9:91:d6:de:ec:
a1:5b:b9:15:16:f3:19:5a:ad:b1:6d:63:d5:7c:31:
82:a2:42:81:3f:e0:f1:2d:80:1c:01:89:49:67:82:
30:52:a9:7a:be:f8:f2:5d:03:af:0f:e6:f8:cf:bf:
54:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:0C:50:F9:89:C7:17:C1:47:54:5E:F8:32:37:17:15:CF:F4:0A:79
X509v3 Authority Key Identifier:
keyid:1F:65:CC:EF:14:0F:F3:0E:4D:7D:A9:BF:70:51:6A:03:F3:CC:08:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H2XM7xQP8w5Nfam_cFFqA_PMCAE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d6c592-7d7e-49ae-b1d4-40d01a76e25e/1/JQxQ-YnHF8FHVF74MjcXFc_0Cnk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d6c592-7d7e-49ae-b1d4-40d01a76e25e/1/H2XM7xQP8w5Nfam_cFFqA_PMCAE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.32.0/22
Signature Algorithm: sha256WithRSAEncryption
06:75:ac:4b:5b:a6:5b:38:97:0f:08:fc:4f:b4:7b:ae:3c:15:
fd:a4:30:98:36:95:49:9c:aa:46:80:61:55:c4:5f:7f:cc:4f:
67:f3:de:7f:8c:b5:64:e6:ad:7d:05:85:1e:aa:a2:e1:ca:18:
79:ea:e5:8e:57:69:8b:83:7c:c6:90:3a:ee:e8:36:8e:d8:42:
3f:57:fa:1e:bf:0e:52:09:fd:70:24:18:75:3a:48:95:27:85:
cd:e6:f0:7b:5a:97:3f:46:7e:a3:12:cd:95:71:68:5e:64:12:
cd:31:ab:48:56:78:ff:2d:eb:6f:63:be:70:aa:e7:8c:db:ac:
34:05:f0:07:da:d7:6e:99:41:d3:38:02:83:6f:8a:6e:d2:b5:
c7:e0:f3:6e:50:93:2b:25:a5:bb:63:a3:d4:4b:29:77:5c:c6:
ea:a1:d8:e0:b9:7f:47:f7:0f:70:9b:03:5c:e6:d7:39:d1:b2:
e6:de:9d:15:3d:bb:83:99:aa:0a:92:35:4d:48:5a:af:8e:dd:
bb:9b:34:00:84:10:05:0d:1f:db:20:2f:6e:89:c8:be:c7:c5:
82:43:01:0f:0d:70:97:88:0b:6f:25:95:81:16:88:e8:7c:c8:
4c:d1:af:26:80:44:a3:10:7b:42:88:45:a1:9a:8a:e8:21:9b:
6b:26:52:4c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECH886TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZjY1Y2NlZjE0MGZmMzBlNGQ3ZGE5YmY3MDUxNmEwM2YzY2MwODAxMB4XDTIyMDEw
MTEyMDQzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjUwYzUwZjk4OWM3
MTdjMTQ3NTQ1ZWY4MzIzNzE3MTVjZmY0MGE3OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMMDJ3NMDo2KVXOD5oNbIdlkljQDi3wsJY1kwuCCWZmRLiSp
nUtpcT66L5UM+AinIcGl3tJt6u88aD+BS3FDgZQ57rCTFWUlT8zXl06srrlQOgdV
v/BQTiKm3xY8XnkcaTZgZuP1oVSIFNhMo9s1jD5b965M6AkEaIRFhPNEYmNAfDLo
ZPf5EhXY07hGR3fjXNyopYQiV+Qn3jrNSwjxcGhYm0cXrcL1U35iwIcK/LpwSH9Q
jAQ0AGSFTqjYRYu10I2/BhxB7jJKrmOfOqmR1t7soVu5FRbzGVqtsW1j1XwxgqJC
gT/g8S2AHAGJSWeCMFKper748l0Drw/m+M+/VE0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQlDFD5iccXwUdUXvgyNxcVz/QKeTAfBgNVHSMEGDAWgBQfZczvFA/zDk19
qb9wUWoD88wIATAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0gyWE03eFFQOHc1TmZhbV9jRkZxQV9QTUNBRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGQvZDZjNTkyLTdkN2UtNDlhZS1iMWQ0LTQwZDAxYTc2ZTI1ZS8x
L0pReFEtWW5IRjhGSFZGNzRNamNYRmNfMENuay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGQv
ZDZjNTkyLTdkN2UtNDlhZS1iMWQ0LTQwZDAxYTc2ZTI1ZS8xL0gyWE03eFFQOHc1
TmZhbV9jRkZxQV9QTUNBRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi0JIDANBgkqhkiG9w0BAQsFAAOC
AQEABnWsS1umWziXDwj8T7R7rjwV/aQwmDaVSZyqRoBhVcRff8xPZ/Pef4y1ZOat
fQWFHqqi4coYeerljldpi4N8xpA67ug2jthCP1f6Hr8OUgn9cCQYdTpIlSeFzebw
e1qXP0Z+oxLNlXFoXmQSzTGrSFZ4/y3rb2O+cKrnjNusNAXwB9rXbplB0zgCg2+K
btK1x+DzblCTKyWlu2Oj1Espd1zG6qHY4Ll/R/cPcJsDXObXOdGy5t6dFT27g5mq
CpI1TUhar47du5s0AIQQBQ0f2yAvbonIvsfFgkMBDw1wl4gLbyWVgRaI6HzITNGv
JoBEoxB7QohFoZqK6CGbayZSTA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:01 2023 by rpki-client on console-ams.rpki-client.org