Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/a2ffd9-745d-4e7d-b2b2-75033f8f7210/1/QHsob2rFGHKuJyZiaXn_noax9dg.roa
File: QHsob2rFGHKuJyZiaXn_noax9dg.roa (raw, json)
Hash identifier: 4NEE5S19xtfLOHQvUraDM6W5G26W99DcwWH/JFUXG0c=
Subject key identifier: 40:7B:28:6F:6A:C5:18:72:AE:27:26:62:69:79:FF:9E:86:B1:F5:D8
Certificate issuer: /CN=fe3b0385260ac66f21c43f5ab78bac682e8ce54f
Certificate serial: 14191DD8
Authority key identifier: FE:3B:03:85:26:0A:C6:6F:21:C4:3F:5A:B7:8B:AC:68:2E:8C:E5:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_jsDhSYKxm8hxD9at4usaC6M5U8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/a2ffd9-745d-4e7d-b2b2-75033f8f7210/1/QHsob2rFGHKuJyZiaXn_noax9dg.roa
Signing time: Sat 01 Jan 2022 14:04:59 +0000
ROA not before: Sat 01 Jan 2022 14:04:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9121
IP address blocks: 37.140.208.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 337190360 (0x14191dd8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe3b0385260ac66f21c43f5ab78bac682e8ce54f
Validity
Not Before: Jan 1 14:04:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=407b286f6ac51872ae2726626979ff9e86b1f5d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:e8:5a:a2:c9:79:5c:80:c2:4c:cb:e8:17:dc:
44:c9:ce:83:a9:be:f1:b4:93:46:03:2a:6f:38:7a:
55:c6:0e:5b:b5:18:fb:30:1a:93:3f:e6:6c:bf:6f:
03:4e:ba:2b:12:d9:f5:11:b4:2c:33:c1:78:06:e4:
5d:5e:1b:f3:37:07:18:7d:12:cd:6b:68:d0:f9:b6:
62:94:52:7f:c7:06:c2:27:b5:90:35:35:6c:2b:57:
a6:bf:f0:ba:00:26:7f:68:72:b6:b9:39:f7:8c:10:
14:db:ed:3b:5e:f5:37:d9:68:e6:ea:1c:d2:cd:40:
e9:85:d3:6c:36:e7:6f:f2:10:0f:68:98:40:2b:4f:
e2:e3:03:f3:7c:dc:c0:66:ea:e0:e3:ee:43:eb:6d:
93:41:96:3d:d4:3c:d7:8f:f7:85:01:59:d9:9e:c3:
fa:c9:09:ce:0d:66:80:c0:12:d8:6a:39:8f:32:e4:
b9:02:66:fb:d7:2c:fd:b7:51:6d:46:e1:db:af:fe:
5a:9b:a9:b0:39:d0:38:20:46:66:d6:49:41:03:30:
f7:2a:41:f2:42:00:2f:3e:18:c7:d6:16:8e:96:a2:
1a:04:2f:59:ac:fe:63:c4:12:ad:52:7a:90:44:66:
5c:ec:bc:05:00:b7:3c:11:cc:fe:fd:58:75:2b:41:
cd:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:7B:28:6F:6A:C5:18:72:AE:27:26:62:69:79:FF:9E:86:B1:F5:D8
X509v3 Authority Key Identifier:
keyid:FE:3B:03:85:26:0A:C6:6F:21:C4:3F:5A:B7:8B:AC:68:2E:8C:E5:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_jsDhSYKxm8hxD9at4usaC6M5U8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/a2ffd9-745d-4e7d-b2b2-75033f8f7210/1/QHsob2rFGHKuJyZiaXn_noax9dg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/a2ffd9-745d-4e7d-b2b2-75033f8f7210/1/_jsDhSYKxm8hxD9at4usaC6M5U8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.140.208.0/23
Signature Algorithm: sha256WithRSAEncryption
b4:ec:9d:23:ed:83:32:87:76:83:06:63:d1:e1:71:c2:3e:33:
97:c1:1b:bd:40:e1:4d:70:48:49:f0:7d:aa:c5:41:0d:df:b3:
89:af:bc:72:be:76:19:f3:05:b6:f4:e2:f7:3c:ae:08:ac:2b:
86:5a:c2:da:2a:fd:f4:0b:0a:20:83:61:1c:6c:16:24:07:5e:
f6:1a:b0:97:0c:a7:87:ed:c6:cb:22:b5:31:21:8c:70:39:bc:
b5:49:81:3f:34:c7:00:65:92:8c:73:0d:df:82:3b:89:36:ca:
f1:3f:85:97:2d:8f:ed:97:5d:85:7c:d9:d3:d7:c5:d7:0f:80:
05:d4:8c:58:b9:ec:9c:c5:e9:c7:24:f0:77:b9:2b:0f:b0:39:
b3:87:cc:94:04:c8:a4:66:a0:bd:df:c4:e9:5c:c9:97:60:11:
33:61:f3:e6:91:a8:22:4e:85:86:e6:a2:98:63:2e:a9:ee:f4:
fa:20:69:45:a9:af:27:c8:df:13:64:a5:1c:d5:51:ea:8b:b5:
0b:91:f1:30:ae:72:0d:62:58:38:e6:7b:e1:88:96:43:d7:d6:
ad:68:0b:42:82:c3:97:41:12:b8:01:60:26:db:ee:3a:32:5b:
22:56:58:e0:50:9d:78:35:84:99:22:f6:61:43:79:90:62:5e:
97:cf:05:ab
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFBkd2DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZTNiMDM4NTI2MGFjNjZmMjFjNDNmNWFiNzhiYWM2ODJlOGNlNTRmMB4XDTIyMDEw
MTE0MDQ1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDA3YjI4NmY2YWM1
MTg3MmFlMjcyNjYyNjk3OWZmOWU4NmIxZjVkODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALboWqLJeVyAwkzL6BfcRMnOg6m+8bSTRgMqbzh6VcYOW7UY
+zAakz/mbL9vA066KxLZ9RG0LDPBeAbkXV4b8zcHGH0SzWto0Pm2YpRSf8cGwie1
kDU1bCtXpr/wugAmf2hytrk594wQFNvtO171N9lo5uoc0s1A6YXTbDbnb/IQD2iY
QCtP4uMD83zcwGbq4OPuQ+ttk0GWPdQ814/3hQFZ2Z7D+skJzg1mgMAS2Go5jzLk
uQJm+9cs/bdRbUbh26/+WpupsDnQOCBGZtZJQQMw9ypB8kIALz4Yx9YWjpaiGgQv
Waz+Y8QSrVJ6kERmXOy8BQC3PBHM/v1YdStBzUMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRAeyhvasUYcq4nJmJpef+ehrH12DAfBgNVHSMEGDAWgBT+OwOFJgrGbyHE
P1q3i6xoLozlTzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19qc0RoU1lLeG04aHhEOWF0NHVzYUM2TTVVOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjkvYTJmZmQ5LTc0NWQtNGU3ZC1iMmIyLTc1MDMzZjhmNzIxMC8x
L1FIc29iMnJGR0hLdUp5WmlhWG5fbm9heDlkZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjkv
YTJmZmQ5LTc0NWQtNGU3ZC1iMmIyLTc1MDMzZjhmNzIxMC8xL19qc0RoU1lLeG04
aHhEOWF0NHVzYUM2TTVVOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEASWM0DANBgkqhkiG9w0BAQsFAAOC
AQEAtOydI+2DMod2gwZj0eFxwj4zl8EbvUDhTXBISfB9qsVBDd+zia+8cr52GfMF
tvTi9zyuCKwrhlrC2ir99AsKIINhHGwWJAde9hqwlwynh+3GyyK1MSGMcDm8tUmB
PzTHAGWSjHMN34I7iTbK8T+Fly2P7ZddhXzZ09fF1w+ABdSMWLnsnMXpxyTwd7kr
D7A5s4fMlATIpGagvd/E6VzJl2ARM2Hz5pGoIk6FhuaimGMuqe70+iBpRamvJ8jf
E2SlHNVR6ou1C5HxMK5yDWJYOOZ74YiWQ9fWrWgLQoLDl0ESuAFgJtvuOjJbIlZY
4FCdeDWEmSL2YUN5kGJel88Fqw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:45 2023 by rpki-client on console-ams.rpki-client.org