Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/ecbe01-18ab-4fbd-9dc3-bcd52da15644/1/qh7FtXyLq5OB9JBxrcUGHiic1eo.roa
File: qh7FtXyLq5OB9JBxrcUGHiic1eo.roa (raw, json)
Hash identifier: tez/C2E5v/a2VLuXTfJv/3zVdz4yzTRF+i1EMe+8roQ=
Subject key identifier: AA:1E:C5:B5:7C:8B:AB:93:81:F4:90:71:AD:C5:06:1E:28:9C:D5:EA
Certificate issuer: /CN=31b5f0acae3652a53c71a074a2347ab6f17fd3f8
Certificate serial: 057B35A1
Authority key identifier: 31:B5:F0:AC:AE:36:52:A5:3C:71:A0:74:A2:34:7A:B6:F1:7F:D3:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MbXwrK42UqU8caB0ojR6tvF_0_g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/ecbe01-18ab-4fbd-9dc3-bcd52da15644/1/qh7FtXyLq5OB9JBxrcUGHiic1eo.roa
Signing time: Sat 01 Jan 2022 00:52:54 +0000
ROA not before: Sat 01 Jan 2022 00:52:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200312
IP address blocks: 194.156.140.0/22 maxlen: 27
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91960737 (0x57b35a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31b5f0acae3652a53c71a074a2347ab6f17fd3f8
Validity
Not Before: Jan 1 00:52:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aa1ec5b57c8bab9381f49071adc5061e289cd5ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:dd:bb:8c:62:45:a3:ef:53:73:da:eb:ce:a2:
ac:cf:15:c3:95:bd:28:57:b8:83:68:da:6c:7a:c8:
54:1f:b6:20:e0:95:d4:dd:d0:43:00:1c:2c:97:02:
88:ea:fc:1a:fa:60:bc:22:7c:63:4d:a5:e8:02:a0:
87:d8:ec:3d:11:81:74:0a:45:73:03:df:c5:b2:83:
24:be:36:1b:1d:32:39:22:b7:84:65:f5:39:33:d6:
95:87:31:c1:ba:01:66:c3:14:9e:bc:ff:6e:b9:39:
2b:ec:a2:1e:d3:86:b4:5d:79:fa:76:a6:55:d2:70:
44:b5:ed:32:f3:08:8b:de:d5:67:dc:50:86:4d:7a:
c5:76:2a:a1:06:8f:df:05:5f:dc:19:fe:a8:04:51:
ab:36:c5:98:b1:dc:fe:2c:86:30:2f:e1:a8:e2:0f:
af:31:a1:eb:6d:88:16:ea:cf:a7:1e:41:cd:61:84:
0c:66:cd:63:60:63:7c:4a:24:64:5b:7c:ef:43:61:
dc:9f:05:08:a2:36:57:bf:4e:40:01:a1:65:1b:a5:
4c:6c:67:c5:de:6f:18:8d:1b:54:94:8d:fb:54:bd:
48:07:38:83:e6:b1:29:81:d2:21:56:b4:8e:83:65:
94:af:ab:33:93:9c:7c:30:09:f0:be:da:44:f5:51:
82:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:1E:C5:B5:7C:8B:AB:93:81:F4:90:71:AD:C5:06:1E:28:9C:D5:EA
X509v3 Authority Key Identifier:
keyid:31:B5:F0:AC:AE:36:52:A5:3C:71:A0:74:A2:34:7A:B6:F1:7F:D3:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MbXwrK42UqU8caB0ojR6tvF_0_g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/ecbe01-18ab-4fbd-9dc3-bcd52da15644/1/qh7FtXyLq5OB9JBxrcUGHiic1eo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/ecbe01-18ab-4fbd-9dc3-bcd52da15644/1/MbXwrK42UqU8caB0ojR6tvF_0_g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.156.140.0/22
Signature Algorithm: sha256WithRSAEncryption
74:ca:00:a0:c5:0b:1f:47:97:a5:d4:fd:02:fe:ec:da:b9:9f:
24:e7:42:b3:75:c0:b5:35:66:01:e7:f7:b5:f5:a8:85:4e:68:
fd:87:5b:1b:b5:ca:45:1f:a9:f9:f6:57:9b:d6:14:d9:73:3d:
f6:c8:48:52:58:94:44:0c:35:e5:26:b0:5e:0b:a4:45:9f:c6:
43:b2:ce:e4:6f:54:38:42:6b:c0:5b:e4:88:a3:3b:55:44:bf:
50:df:ce:20:fb:f1:6c:96:30:f8:01:c4:c7:2a:a1:f2:c3:67:
39:e2:eb:65:db:11:67:46:59:63:41:ec:11:af:0e:cb:23:95:
e8:bc:49:5b:ed:b8:af:17:5e:b9:fb:a6:47:91:61:1e:7a:3e:
f7:b9:3e:ad:41:5a:ac:28:a6:9b:3d:98:52:15:35:1c:1c:76:
89:93:40:f9:48:79:af:28:66:98:6b:40:ce:89:c6:11:95:8a:
f4:85:a8:b6:89:45:29:4d:a7:65:ef:8c:7c:37:6a:e9:e4:8e:
e0:13:5f:69:51:03:cd:29:f5:ac:f7:9f:78:42:84:26:90:4b:
2c:15:93:19:6e:04:32:d3:d0:f2:a0:1a:fd:6f:26:c3:9e:83:
0e:86:71:88:9d:a3:96:ec:e0:ac:d6:22:7c:92:85:7c:9a:87:
9e:2b:5e:02
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBXs1oTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MWI1ZjBhY2FlMzY1MmE1M2M3MWEwNzRhMjM0N2FiNmYxN2ZkM2Y4MB4XDTIyMDEw
MTAwNTI1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWExZWM1YjU3Yzhi
YWI5MzgxZjQ5MDcxYWRjNTA2MWUyODljZDVlYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALndu4xiRaPvU3Pa686irM8Vw5W9KFe4g2jabHrIVB+2IOCV
1N3QQwAcLJcCiOr8GvpgvCJ8Y02l6AKgh9jsPRGBdApFcwPfxbKDJL42Gx0yOSK3
hGX1OTPWlYcxwboBZsMUnrz/brk5K+yiHtOGtF15+namVdJwRLXtMvMIi97VZ9xQ
hk16xXYqoQaP3wVf3Bn+qARRqzbFmLHc/iyGMC/hqOIPrzGh622IFurPpx5BzWGE
DGbNY2BjfEokZFt870Nh3J8FCKI2V79OQAGhZRulTGxnxd5vGI0bVJSN+1S9SAc4
g+axKYHSIVa0joNllK+rM5OcfDAJ8L7aRPVRgjECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSqHsW1fIurk4H0kHGtxQYeKJzV6jAfBgNVHSMEGDAWgBQxtfCsrjZSpTxx
oHSiNHq28X/T+DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01iWHdySzQyVXFVOGNhQjBvalI2dHZGXzBfZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWIvZWNiZTAxLTE4YWItNGZiZC05ZGMzLWJjZDUyZGExNTY0NC8x
L3FoN0Z0WHlMcTVPQjlKQnhyY1VHSGlpYzFlby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWIv
ZWNiZTAxLTE4YWItNGZiZC05ZGMzLWJjZDUyZGExNTY0NC8xL01iWHdySzQyVXFV
OGNhQjBvalI2dHZGXzBfZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsKcjDANBgkqhkiG9w0BAQsFAAOC
AQEAdMoAoMULH0eXpdT9Av7s2rmfJOdCs3XAtTVmAef3tfWohU5o/YdbG7XKRR+p
+fZXm9YU2XM99shIUliURAw15SawXgukRZ/GQ7LO5G9UOEJrwFvkiKM7VUS/UN/O
IPvxbJYw+AHExyqh8sNnOeLrZdsRZ0ZZY0HsEa8OyyOV6LxJW+24rxdeufumR5Fh
Hno+97k+rUFarCimmz2YUhU1HBx2iZNA+Uh5ryhmmGtAzonGEZWK9IWotolFKU2n
Ze+MfDdq6eSO4BNfaVEDzSn1rPefeEKEJpBLLBWTGW4EMtPQ8qAa/W8mw56DDoZx
iJ2jluzgrNYifJKFfJqHniteAg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:45 2024 by rpki-client on console-fra.rpki-client.org