Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/f7a87a-c184-4904-94e3-2685986f6d01/1/QjOAklipE7tVuuOwsD5gUj6MRuk.roa
File: QjOAklipE7tVuuOwsD5gUj6MRuk.roa (raw, json)
Hash identifier: vVFctKXMbR+WKJaPZGhwR5eHuW5h0102Ft6XEOPG2gc=
Subject key identifier: 42:33:80:92:58:A9:13:BB:55:BA:E3:B0:B0:3E:60:52:3E:8C:46:E9
Certificate issuer: /CN=e482fd07e20d406ea4152e492b000e554ebfcc80
Certificate serial: 037DE4F3
Authority key identifier: E4:82:FD:07:E2:0D:40:6E:A4:15:2E:49:2B:00:0E:55:4E:BF:CC:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5IL9B-INQG6kFS5JKwAOVU6_zIA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/f7a87a-c184-4904-94e3-2685986f6d01/1/QjOAklipE7tVuuOwsD5gUj6MRuk.roa
Signing time: Sat 01 Jan 2022 05:00:34 +0000
ROA not before: Sat 01 Jan 2022 05:00:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41625
IP address blocks: 89.31.240.0/21 maxlen: 21
89.31.242.0/24 maxlen: 24
2a00:8900::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58582259 (0x37de4f3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e482fd07e20d406ea4152e492b000e554ebfcc80
Validity
Not Before: Jan 1 05:00:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4233809258a913bb55bae3b0b03e60523e8c46e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:60:72:09:22:3e:de:0c:b3:6e:07:58:0a:22:
72:33:15:e4:5f:66:c3:06:11:40:c7:a9:e5:b8:7b:
72:66:78:cc:ef:d4:52:c2:be:e7:a1:68:df:4a:2b:
21:a1:61:04:bc:d4:2c:2a:80:1c:b3:51:5e:7e:a5:
d7:38:16:bc:89:47:1b:34:b1:9f:eb:11:95:64:f7:
d0:1d:18:38:2f:25:e0:da:e8:68:df:f3:8a:e7:e5:
e7:f4:64:6f:16:d0:09:48:63:5e:1f:9c:d8:27:d2:
10:e1:cc:51:2c:c3:d8:4c:ee:7c:60:98:b9:21:52:
7c:99:ce:98:e4:42:65:08:4e:97:7e:6a:53:00:d0:
07:d8:72:fd:10:87:84:f7:55:9a:8d:e1:6e:c3:8f:
39:51:6e:df:9f:78:94:24:14:e0:5b:7b:31:11:31:
76:ca:2c:9c:89:00:9d:69:45:a7:ab:16:0c:ba:0f:
90:cd:92:9f:ab:e1:95:97:a7:83:82:d4:af:9a:eb:
db:65:1b:3f:17:50:99:6d:c6:2d:79:39:86:02:31:
cf:06:f2:cc:fd:73:f0:59:6b:2e:01:64:e4:e1:28:
d9:02:2f:3b:94:a3:40:cf:78:8b:06:23:78:5c:1c:
78:d6:f6:08:a9:74:c1:55:e5:3c:42:45:6d:86:8d:
55:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:33:80:92:58:A9:13:BB:55:BA:E3:B0:B0:3E:60:52:3E:8C:46:E9
X509v3 Authority Key Identifier:
keyid:E4:82:FD:07:E2:0D:40:6E:A4:15:2E:49:2B:00:0E:55:4E:BF:CC:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5IL9B-INQG6kFS5JKwAOVU6_zIA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/f7a87a-c184-4904-94e3-2685986f6d01/1/QjOAklipE7tVuuOwsD5gUj6MRuk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/f7a87a-c184-4904-94e3-2685986f6d01/1/5IL9B-INQG6kFS5JKwAOVU6_zIA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.31.240.0/21
IPv6:
2a00:8900::/32
Signature Algorithm: sha256WithRSAEncryption
45:ff:81:bd:c5:53:b4:df:25:0c:b8:6b:b8:78:8d:f7:fe:11:
20:b9:d3:a6:19:f3:e2:77:77:fa:02:25:0a:eb:2e:6a:95:92:
e0:cf:bd:60:0c:e8:19:49:14:77:5f:ea:74:a7:26:e4:25:57:
18:3a:41:3c:a8:22:cb:e8:36:0b:d6:40:9a:45:15:54:10:dd:
5d:24:ad:e0:de:0b:a4:b7:e8:20:6e:2c:90:c8:84:98:f2:11:
36:c1:18:23:3a:ce:4d:e8:e0:53:3f:fb:7a:ff:82:51:d2:63:
d3:36:75:02:a5:63:96:68:3d:61:89:cb:7c:34:eb:52:58:3f:
d7:a3:60:3d:d1:58:f6:3a:35:52:35:f7:37:cd:4e:7e:94:b5:
0c:00:29:68:d6:ca:71:84:0d:1c:bd:a8:1a:1c:d5:63:15:eb:
8d:2a:98:22:66:9d:21:5c:50:66:b7:85:e0:52:47:45:8f:35:
85:2a:14:19:a7:f2:d5:a5:38:cb:fe:df:f8:b7:19:a7:a3:a6:
4c:10:3c:d8:70:24:63:0a:4a:72:fa:4f:76:48:7e:07:0b:b3:
d1:29:7c:37:3d:b0:d5:2c:db:02:fd:b2:d9:4a:59:51:c7:f9:
e5:d6:10:1a:06:dc:90:54:12:8d:62:a0:12:b8:a2:72:13:ba:
95:96:fe:a3
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEA33k8zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NDgyZmQwN2UyMGQ0MDZlYTQxNTJlNDkyYjAwMGU1NTRlYmZjYzgwMB4XDTIyMDEw
MTA1MDAzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDIzMzgwOTI1OGE5
MTNiYjU1YmFlM2IwYjAzZTYwNTIzZThjNDZlOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANJgcgkiPt4Ms24HWAoicjMV5F9mwwYRQMep5bh7cmZ4zO/U
UsK+56Fo30orIaFhBLzULCqAHLNRXn6l1zgWvIlHGzSxn+sRlWT30B0YOC8l4Nro
aN/ziufl5/RkbxbQCUhjXh+c2CfSEOHMUSzD2EzufGCYuSFSfJnOmORCZQhOl35q
UwDQB9hy/RCHhPdVmo3hbsOPOVFu3594lCQU4Ft7MRExdsosnIkAnWlFp6sWDLoP
kM2Sn6vhlZeng4LUr5rr22UbPxdQmW3GLXk5hgIxzwbyzP1z8FlrLgFk5OEo2QIv
O5SjQM94iwYjeFwceNb2CKl0wVXlPEJFbYaNVSsCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRCM4CSWKkTu1W647CwPmBSPoxG6TAfBgNVHSMEGDAWgBTkgv0H4g1AbqQV
LkkrAA5VTr/MgDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVJTDlCLUlOUUc2a0ZTNUpLd0FPVlU2X3pJQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGQvZjdhODdhLWMxODQtNDkwNC05NGUzLTI2ODU5ODZmNmQwMS8x
L1FqT0FrbGlwRTd0VnV1T3dzRDVnVWo2TVJ1ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGQv
ZjdhODdhLWMxODQtNDkwNC05NGUzLTI2ODU5ODZmNmQwMS8xLzVJTDlCLUlOUUc2
a0ZTNUpLd0FPVlU2X3pJQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEA1kf8DANBAIAAjAHAwUAKgCJADAN
BgkqhkiG9w0BAQsFAAOCAQEARf+BvcVTtN8lDLhruHiN9/4RILnTphnz4nd3+gIl
CusuapWS4M+9YAzoGUkUd1/qdKcm5CVXGDpBPKgiy+g2C9ZAmkUVVBDdXSSt4N4L
pLfoIG4skMiEmPIRNsEYIzrOTejgUz/7ev+CUdJj0zZ1AqVjlmg9YYnLfDTrUlg/
16NgPdFY9jo1UjX3N81OfpS1DAApaNbKcYQNHL2oGhzVYxXrjSqYImadIVxQZreF
4FJHRY81hSoUGafy1aU4y/7f+LcZp6OmTBA82HAkYwpKcvpPdkh+Bwuz0Sl8Nz2w
1SzbAv2y2UpZUcf55dYQGgbckFQSjWKgEriichO6lZb+ow==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:01 2023 by rpki-client on console-ams.rpki-client.org