Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/b862d3-6844-46f7-bd98-83bc797278e2/1/bqia5R6Bb6xUS7x8LontYMaKoB4.roa
File: bqia5R6Bb6xUS7x8LontYMaKoB4.roa (raw, json)
Hash identifier: KEgvtZt/CSwdi6PU76QJt7lI7kPu274x0Ad9Xm1fRE8=
Subject key identifier: 6E:A8:9A:E5:1E:81:6F:AC:54:4B:BC:7C:2E:89:ED:60:C6:8A:A0:1E
Certificate issuer: /CN=f3b2805d8776eedeb7aa4cbe5af568cdb2629fc2
Certificate serial: 01A9C8FD
Authority key identifier: F3:B2:80:5D:87:76:EE:DE:B7:AA:4C:BE:5A:F5:68:CD:B2:62:9F:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/87KAXYd27t63qky-WvVozbJin8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/b862d3-6844-46f7-bd98-83bc797278e2/1/bqia5R6Bb6xUS7x8LontYMaKoB4.roa
Signing time: Fri 15 Apr 2022 05:54:11 +0000
ROA not before: Fri 15 Apr 2022 05:54:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49999
IP address blocks: 178.255.219.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27904253 (0x1a9c8fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3b2805d8776eedeb7aa4cbe5af568cdb2629fc2
Validity
Not Before: Apr 15 05:54:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6ea89ae51e816fac544bbc7c2e89ed60c68aa01e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:f3:18:2d:41:93:b4:14:b3:06:04:f0:95:b8:
df:7f:32:eb:6d:ff:c2:0d:1d:b2:e7:a7:93:ee:cd:
3a:22:16:9c:fc:df:13:98:4a:cc:2d:6f:fa:5e:5d:
8c:4c:08:29:f9:92:1f:74:2b:c6:b4:4c:1d:25:7d:
c4:a2:43:33:5b:2f:08:f9:89:46:77:c9:1d:0b:1a:
70:e4:f3:41:6f:00:8a:63:b0:37:6a:f5:e4:f5:df:
87:28:70:d1:bd:74:3d:77:f7:f4:a6:65:45:a6:6e:
45:a7:e7:2b:d6:2e:d3:29:3a:75:fc:50:30:41:65:
20:ef:74:56:87:65:09:07:b7:83:03:4b:61:6e:ae:
3f:fd:07:3d:63:3c:5b:2e:00:4c:10:f7:b0:03:05:
7c:93:29:a8:91:14:df:1e:32:82:27:96:ed:f3:8d:
61:52:54:81:5a:2c:1e:99:99:56:98:fc:95:9c:25:
ff:39:bb:f5:77:ef:02:ca:43:7a:b6:77:d3:92:de:
f5:61:c5:0a:20:60:24:18:32:32:fb:eb:62:d9:cf:
c5:0b:33:21:08:50:91:35:77:2c:fe:cc:28:3c:94:
88:54:d6:56:a8:f7:ef:68:1b:e8:e5:6d:69:bc:1d:
83:d5:b1:43:0d:3b:8a:73:7a:88:fd:24:b8:82:c4:
a3:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:A8:9A:E5:1E:81:6F:AC:54:4B:BC:7C:2E:89:ED:60:C6:8A:A0:1E
X509v3 Authority Key Identifier:
keyid:F3:B2:80:5D:87:76:EE:DE:B7:AA:4C:BE:5A:F5:68:CD:B2:62:9F:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/87KAXYd27t63qky-WvVozbJin8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/b862d3-6844-46f7-bd98-83bc797278e2/1/bqia5R6Bb6xUS7x8LontYMaKoB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/b862d3-6844-46f7-bd98-83bc797278e2/1/87KAXYd27t63qky-WvVozbJin8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.255.219.0/24
Signature Algorithm: sha256WithRSAEncryption
32:63:e1:0a:f8:af:7e:07:38:f4:6f:b7:66:7f:f6:75:24:bf:
a2:cf:c0:60:49:ed:fd:46:c5:89:ac:5b:9a:0a:7d:7d:67:f2:
70:1c:f3:42:1b:cf:76:4c:5c:76:b7:82:d5:74:26:11:7f:8b:
03:cf:bb:9c:c2:df:8f:02:b1:f8:e3:b4:6e:41:08:c0:f4:fa:
d0:ec:66:1b:b2:d8:3a:e7:a8:a2:16:04:14:b4:9f:3b:bc:85:
db:be:b3:c8:d7:31:05:e1:f3:b6:f6:d5:0c:c6:92:43:4a:57:
19:03:1e:09:07:b2:14:95:c9:37:4d:02:1f:b3:84:cb:13:f7:
5b:e4:ea:2b:98:76:cb:f7:39:0e:05:11:21:8e:fd:79:8e:38:
b3:d7:1a:ec:06:02:4b:a1:bd:4d:bf:e6:e2:10:de:fa:d9:82:
7c:28:26:ee:43:da:e0:18:a4:4a:cb:7f:92:77:78:b1:c9:80:
b7:3f:9a:ee:c9:fa:4f:7b:91:49:b8:ed:c0:0c:31:38:aa:e4:
44:e4:66:7d:e3:e8:71:b3:c6:75:6e:f0:31:a0:df:b3:85:5d:
30:2b:c6:55:72:f2:df:0c:a5:d0:ee:4c:cc:a5:2e:0a:0d:97:
59:c0:c2:f0:36:5c:46:fe:3f:73:4e:fc:79:47:dc:a5:4f:05:
9a:31:90:d7
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAanI/TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
M2IyODA1ZDg3NzZlZWRlYjdhYTRjYmU1YWY1NjhjZGIyNjI5ZmMyMB4XDTIyMDQx
NTA1NTQxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmVhODlhZTUxZTgx
NmZhYzU0NGJiYzdjMmU4OWVkNjBjNjhhYTAxZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKjzGC1Bk7QUswYE8JW4338y623/wg0dsuenk+7NOiIWnPzf
E5hKzC1v+l5djEwIKfmSH3QrxrRMHSV9xKJDM1svCPmJRnfJHQsacOTzQW8AimOw
N2r15PXfhyhw0b10PXf39KZlRaZuRafnK9Yu0yk6dfxQMEFlIO90VodlCQe3gwNL
YW6uP/0HPWM8Wy4ATBD3sAMFfJMpqJEU3x4ygieW7fONYVJUgVosHpmZVpj8lZwl
/zm79XfvAspDerZ305Le9WHFCiBgJBgyMvvrYtnPxQszIQhQkTV3LP7MKDyUiFTW
Vqj372gb6OVtabwdg9WxQw07inN6iP0kuILEo1kCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRuqJrlHoFvrFRLvHwuie1gxoqgHjAfBgNVHSMEGDAWgBTzsoBdh3bu3req
TL5a9WjNsmKfwjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
Lzg3S0FYWWQyN3Q2M3FreS1XdlZvemJKaW44SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjQvYjg2MmQzLTY4NDQtNDZmNy1iZDk4LTgzYmM3OTcyNzhlMi8x
L2JxaWE1UjZCYjZ4VVM3eDhMb250WU1hS29CNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjQv
Yjg2MmQzLTY4NDQtNDZmNy1iZDk4LTgzYmM3OTcyNzhlMi8xLzg3S0FYWWQyN3Q2
M3FreS1XdlZvemJKaW44SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALL/2zANBgkqhkiG9w0BAQsFAAOC
AQEAMmPhCvivfgc49G+3Zn/2dSS/os/AYEnt/UbFiaxbmgp9fWfycBzzQhvPdkxc
dreC1XQmEX+LA8+7nMLfjwKx+OO0bkEIwPT60OxmG7LYOueoohYEFLSfO7yF276z
yNcxBeHztvbVDMaSQ0pXGQMeCQeyFJXJN00CH7OEyxP3W+TqK5h2y/c5DgURIY79
eY44s9ca7AYCS6G9Tb/m4hDe+tmCfCgm7kPa4BikSst/knd4scmAtz+a7sn6T3uR
SbjtwAwxOKrkRORmfePocbPGdW7wMaDfs4VdMCvGVXLy3wyl0O5MzKUuCg2XWcDC
8DZcRv4/c078eUfcpU8FmjGQ1w==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:34 2023 by rpki-client on console-fra.rpki-client.org