Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/bf4679-7490-4446-b320-9ff6a387fcf6/1/QMRfQYzeemSNQ5EfYSRayqzwRao.roa
File: QMRfQYzeemSNQ5EfYSRayqzwRao.roa (raw, json)
Hash identifier: 3Zm4PtG3GdUhMUF73bYMK+juFvdfptOM8VScTok6UDg=
Subject key identifier: 40:C4:5F:41:8C:DE:7A:64:8D:43:91:1F:61:24:5A:CA:AC:F0:45:AA
Certificate issuer: /CN=d3b33bd01482071648d697737eaf91612b27fc27
Certificate serial: 02CC6167
Authority key identifier: D3:B3:3B:D0:14:82:07:16:48:D6:97:73:7E:AF:91:61:2B:27:FC:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07M70BSCBxZI1pdzfq-RYSsn_Cc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/bf4679-7490-4446-b320-9ff6a387fcf6/1/QMRfQYzeemSNQ5EfYSRayqzwRao.roa
Signing time: Sat 01 Jan 2022 07:53:19 +0000
ROA not before: Sat 01 Jan 2022 07:53:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49340
IP address blocks: 91.211.144.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46948711 (0x2cc6167)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b33bd01482071648d697737eaf91612b27fc27
Validity
Not Before: Jan 1 07:53:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=40c45f418cde7a648d43911f61245acaacf045aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:3b:ee:39:f0:ea:26:ed:67:d8:67:88:6b:1a:
b5:d9:49:6f:c6:68:ed:89:ad:1c:8b:d9:5d:32:b4:
a3:7a:75:40:3a:22:be:4b:84:9c:57:5d:71:7a:fb:
9d:91:58:07:67:a3:5f:21:28:3e:00:ae:61:b1:46:
27:0c:62:75:88:be:f9:07:9d:9d:78:1b:50:04:3e:
37:6a:63:c1:9d:8b:bb:92:c5:f2:78:85:83:bb:38:
53:4e:d5:34:82:c1:2c:e8:7c:d5:fa:84:1f:87:c2:
f7:25:4b:c4:1b:0a:1c:31:44:ab:71:ab:73:af:5d:
05:8a:85:91:f1:0a:bf:d9:93:0c:6f:f6:8f:ab:47:
e7:5a:8c:0f:9c:ce:8a:ac:bd:28:9a:37:fb:88:a2:
dc:33:b4:70:aa:1b:2b:37:b5:e2:3e:7f:4d:fd:56:
02:58:56:81:5f:c4:9f:b5:06:f8:7e:de:f2:1d:bb:
db:17:0a:68:83:8c:6a:98:3a:02:90:67:c3:35:6a:
21:10:46:93:e9:32:7f:98:b3:96:35:0f:62:68:5c:
73:fe:51:73:02:f8:03:96:22:40:5b:ab:fc:a6:d2:
b3:12:a1:c7:e6:f5:95:39:42:59:16:91:0f:00:ca:
ec:30:77:d9:04:7c:dd:43:44:d9:a1:4e:91:6b:d1:
a4:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:C4:5F:41:8C:DE:7A:64:8D:43:91:1F:61:24:5A:CA:AC:F0:45:AA
X509v3 Authority Key Identifier:
keyid:D3:B3:3B:D0:14:82:07:16:48:D6:97:73:7E:AF:91:61:2B:27:FC:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07M70BSCBxZI1pdzfq-RYSsn_Cc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/bf4679-7490-4446-b320-9ff6a387fcf6/1/QMRfQYzeemSNQ5EfYSRayqzwRao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/bf4679-7490-4446-b320-9ff6a387fcf6/1/07M70BSCBxZI1pdzfq-RYSsn_Cc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.211.144.0/22
Signature Algorithm: sha256WithRSAEncryption
0d:4f:6c:fc:a6:b2:a3:d1:7b:e2:12:c5:34:9b:76:b2:61:6f:
41:b6:64:c1:53:41:fc:21:b7:ca:b7:fe:f6:17:79:01:89:02:
4d:c6:9d:22:78:84:1e:58:20:d5:cd:78:15:f9:6e:81:cd:49:
05:fb:b5:42:e3:f2:e1:31:23:cd:08:c1:c0:ac:7a:85:52:3e:
5c:39:be:50:36:70:c0:3a:3b:58:2e:bd:4b:15:eb:c2:7d:a6:
c1:bb:8e:28:2f:8b:b3:f4:a2:42:48:4b:0d:cd:a5:39:24:76:
d1:05:c0:94:1b:22:5c:78:6c:85:bd:b2:50:41:ae:b3:8f:52:
70:63:f7:fc:c3:07:bb:8e:88:99:51:a0:14:b7:0e:97:2a:15:
4b:25:67:31:7e:28:fe:3d:59:ae:1c:94:18:a9:cb:7f:d8:9a:
57:10:cb:f3:ce:2b:7c:d8:07:df:1c:4a:d8:67:64:36:b2:df:
1a:87:7d:fb:da:94:2e:3e:54:6a:be:d5:b7:c0:23:af:82:61:
16:ac:d0:80:89:7c:ad:82:28:50:47:7a:1a:49:ec:86:6a:f6:
0a:ec:c5:8b:75:c0:05:31:0e:e0:13:69:4f:43:fa:87:4d:37:
c4:1a:77:7d:36:07:4f:7e:f1:19:f1:b3:6f:fd:21:4e:d0:c5:
69:09:bd:2b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAsxhZzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
M2IzM2JkMDE0ODIwNzE2NDhkNjk3NzM3ZWFmOTE2MTJiMjdmYzI3MB4XDTIyMDEw
MTA3NTMxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDBjNDVmNDE4Y2Rl
N2E2NDhkNDM5MTFmNjEyNDVhY2FhY2YwNDVhYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIs77jnw6ibtZ9hniGsatdlJb8Zo7YmtHIvZXTK0o3p1QDoi
vkuEnFddcXr7nZFYB2ejXyEoPgCuYbFGJwxidYi++QednXgbUAQ+N2pjwZ2Lu5LF
8niFg7s4U07VNILBLOh81fqEH4fC9yVLxBsKHDFEq3Grc69dBYqFkfEKv9mTDG/2
j6tH51qMD5zOiqy9KJo3+4ii3DO0cKobKze14j5/Tf1WAlhWgV/En7UG+H7e8h27
2xcKaIOMapg6ApBnwzVqIRBGk+kyf5izljUPYmhcc/5RcwL4A5YiQFur/KbSsxKh
x+b1lTlCWRaRDwDK7DB32QR83UNE2aFOkWvRpKMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRAxF9BjN56ZI1DkR9hJFrKrPBFqjAfBgNVHSMEGDAWgBTTszvQFIIHFkjW
l3N+r5FhKyf8JzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzA3TTcwQlNDQnhaSTFwZHpmcS1SWVNzbl9DYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTcvYmY0Njc5LTc0OTAtNDQ0Ni1iMzIwLTlmZjZhMzg3ZmNmNi8x
L1FNUmZRWXplZW1TTlE1RWZZU1JheXF6d1Jhby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTcv
YmY0Njc5LTc0OTAtNDQ0Ni1iMzIwLTlmZjZhMzg3ZmNmNi8xLzA3TTcwQlNDQnha
STFwZHpmcS1SWVNzbl9DYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlvTkDANBgkqhkiG9w0BAQsFAAOC
AQEADU9s/Kayo9F74hLFNJt2smFvQbZkwVNB/CG3yrf+9hd5AYkCTcadIniEHlgg
1c14Fflugc1JBfu1QuPy4TEjzQjBwKx6hVI+XDm+UDZwwDo7WC69SxXrwn2mwbuO
KC+Ls/SiQkhLDc2lOSR20QXAlBsiXHhshb2yUEGus49ScGP3/MMHu46ImVGgFLcO
lyoVSyVnMX4o/j1ZrhyUGKnLf9iaVxDL884rfNgH3xxK2GdkNrLfGod9+9qULj5U
ar7Vt8Ajr4JhFqzQgIl8rYIoUEd6Gknshmr2CuzFi3XABTEO4BNpT0P6h003xBp3
fTYHT37xGfGzb/0hTtDFaQm9Kw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:52 2023 by rpki-client on console-fra.rpki-client.org