Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/Q-N9fUpH5RxLxs4vLeDMtUXjDW4.roa
File: Q-N9fUpH5RxLxs4vLeDMtUXjDW4.roa (raw, json)
Hash identifier: A/Ujigj4RyV/+Unqj4Ox255i7UXru7FGjOZg/nINxhU=
Subject key identifier: 43:E3:7D:7D:4A:47:E5:1C:4B:C6:CE:2F:2D:E0:CC:B5:45:E3:0D:6E
Certificate issuer: /CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Certificate serial: 018383617FAE0406EB30C13A1BCC46BB2840
Authority key identifier: 32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/Q-N9fUpH5RxLxs4vLeDMtUXjDW4.roa
Signing time: Wed 28 Sep 2022 09:15:48 +0000
ROA not before: Wed 28 Sep 2022 09:15:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 37.44.228.0/22 maxlen: 24
192.145.52.0/22 maxlen: 24
193.219.99.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:83:61:7f:ae:04:06:eb:30:c1:3a:1b:cc:46:bb:28:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Validity
Not Before: Sep 28 09:15:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=43e37d7d4a47e51c4bc6ce2f2de0ccb545e30d6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:0f:65:8a:da:b4:16:9e:8c:49:00:19:fc:08:
4e:33:14:b1:d4:d7:97:47:e4:45:cd:16:e3:25:f0:
a2:c4:60:98:0c:83:02:dc:3c:fd:8e:d7:d3:5b:b6:
42:e5:35:17:54:87:62:88:25:bb:e0:06:9c:a5:d3:
d5:bc:b0:03:7a:14:e7:0d:12:9a:fe:61:55:18:6c:
47:e0:0b:ab:26:06:9f:3d:d6:dd:70:74:f5:af:f7:
ca:38:58:3e:d9:28:5c:b9:b0:20:f6:de:2b:bc:81:
01:87:69:ec:cf:af:60:32:e0:bb:e3:f8:60:7b:8a:
d6:5d:f1:4c:9a:ef:17:58:a0:68:70:0a:35:d5:b9:
18:2e:60:57:09:2f:2e:bb:d0:3d:41:cd:98:30:b0:
17:ea:de:75:ec:56:aa:9e:a6:7e:4c:d5:de:31:37:
7f:c0:59:c8:ba:5c:e4:0c:c9:c3:48:0b:9c:39:5e:
d8:04:7b:53:75:00:d6:80:40:c5:63:a4:27:54:6f:
e3:fb:e3:bf:81:db:b4:32:2c:db:69:f2:93:ab:2d:
ee:35:9a:96:ef:0f:23:c5:1d:f9:1b:a5:37:d5:3e:
64:ff:9b:aa:88:76:53:74:05:6c:63:58:42:f6:c0:
53:fa:f4:4a:09:d1:d2:08:9f:5a:a5:e1:9f:aa:78:
36:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:E3:7D:7D:4A:47:E5:1C:4B:C6:CE:2F:2D:E0:CC:B5:45:E3:0D:6E
X509v3 Authority Key Identifier:
keyid:32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/Q-N9fUpH5RxLxs4vLeDMtUXjDW4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.228.0/22
192.145.52.0/22
193.219.99.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:b7:2a:a2:ea:99:8d:fd:b9:42:da:86:5c:9b:a0:88:6f:3f:
b1:4c:d5:b2:65:0a:40:88:99:9d:79:60:3e:03:32:62:a0:30:
b9:36:16:86:6f:0f:ec:0d:e6:7c:92:cc:ba:b8:98:7f:87:03:
e6:68:4e:13:08:ef:88:19:d9:ed:d3:e5:82:de:2f:c9:cc:3e:
b4:ba:0b:ab:3b:b0:2b:ab:b2:4c:6b:33:f1:70:64:9a:14:77:
86:7c:e0:f9:df:c0:5a:fc:3b:79:6d:fb:e9:c6:ce:1b:b1:9b:
33:5f:fa:6a:3f:b6:bb:bd:7c:67:b5:c7:48:dd:46:90:ed:f7:
de:5d:d4:ac:67:70:46:22:d0:5a:98:82:17:f7:f0:98:95:25:
6c:f9:1d:4d:e9:2d:6c:60:6d:b2:ab:42:b7:89:27:06:17:20:
16:b6:6f:8a:ad:af:09:60:c2:cf:4b:8b:61:b0:a3:5e:b2:42:
a5:d2:0c:70:19:44:60:d5:89:4f:c4:ed:88:93:41:72:ff:3c:
16:ea:e4:48:6f:ad:e1:7d:fa:39:7b:1c:3a:aa:cf:ca:36:a7:
a6:a8:25:4e:b8:03:01:e9:5b:6f:ac:fd:d5:d8:a9:97:9c:d2:
75:c0:83:b9:e7:7e:d1:e3:cb:5a:4c:d2:a8:70:d2:9c:e9:f4:
8c:f5:ad:27
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYODYX+uBAbrMME6G8xGuyhAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNjM3ODdmZDBmOTRiMzc4MTNlZWYxNmJjODEzNzQyM2Vl
M2ZlZjMwHhcNMjIwOTI4MDkxNTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2UzN2Q3ZDRhNDdlNTFjNGJjNmNlMmYyZGUwY2NiNTQ1ZTMwZDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgA9litq0Fp6MSQAZ/AhOMxSx1NeX
R+RFzRbjJfCixGCYDIMC3Dz9jtfTW7ZC5TUXVIdiiCW74AacpdPVvLADehTnDRKa
/mFVGGxH4AurJgafPdbdcHT1r/fKOFg+2ShcubAg9t4rvIEBh2nsz69gMuC74/hg
e4rWXfFMmu8XWKBocAo11bkYLmBXCS8uu9A9Qc2YMLAX6t517FaqnqZ+TNXeMTd/
wFnIulzkDMnDSAucOV7YBHtTdQDWgEDFY6QnVG/j++O/gdu0MizbafKTqy3uNZqW
7w8jxR35G6U31T5k/5uqiHZTdAVsY1hC9sBT+vRKCdHSCJ9apeGfqng2jQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEPjfX1KR+UcS8bOLy3gzLVF4w1uMB8GA1UdIwQY
MBaAFDJjeH/Q+Us3gT7vFryBN0I+4/7zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2Qt
NTk1ZTBiZjVjNjEzLzEvUS1OOWZVcEg1UnhMeHM0dkxlRE10VVhqRFc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2QtNTk1ZTBiZjVjNjEz
LzEvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCJSzkAwQC
wJE0AwQAwdtjMA0GCSqGSIb3DQEBCwUAA4IBAQALtyqi6pmN/blC2oZcm6CIbz+x
TNWyZQpAiJmdeWA+AzJioDC5NhaGbw/sDeZ8ksy6uJh/hwPmaE4TCO+IGdnt0+WC
3i/JzD60ugurO7Arq7JMazPxcGSaFHeGfOD538Ba/Dt5bfvpxs4bsZszX/pqP7a7
vXxntcdI3UaQ7ffeXdSsZ3BGItBamIIX9/CYlSVs+R1N6S1sYG2yq0K3iScGFyAW
tm+Kra8JYMLPS4thsKNeskKl0gxwGURg1YlPxO2Ik0Fy/zwW6uRIb63hffo5exw6
qs/KNqemqCVOuAMB6VtvrP3V2KmXnNJ1wIO5537R48taTNKocNKc6fSM9a0n
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:19 2023 by rpki-client on console-ams.rpki-client.org