Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/4e20a3-eb59-4392-bdfb-9a5f8ec64c70/1/QGv5a5q1cLVehG77jWmuOUdAyqQ.roa
File: QGv5a5q1cLVehG77jWmuOUdAyqQ.roa (raw, json)
Hash identifier: Fm3y4ryOB/mb/ADaZF87j43pyA8/LWFqU05v8PAN/HI=
Subject key identifier: 40:6B:F9:6B:9A:B5:70:B5:5E:84:6E:FB:8D:69:AE:39:47:40:CA:A4
Certificate issuer: /CN=52f55e7a7e70b1018f03c4278d348b4bdcc142b1
Certificate serial: B0D760
Authority key identifier: 52:F5:5E:7A:7E:70:B1:01:8F:03:C4:27:8D:34:8B:4B:DC:C1:42:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UvVeen5wsQGPA8QnjTSLS9zBQrE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/4e20a3-eb59-4392-bdfb-9a5f8ec64c70/1/QGv5a5q1cLVehG77jWmuOUdAyqQ.roa
Signing time: Sat 01 Jan 2022 06:57:08 +0000
ROA not before: Sat 01 Jan 2022 06:57:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 217.119.131.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11589472 (0xb0d760)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52f55e7a7e70b1018f03c4278d348b4bdcc142b1
Validity
Not Before: Jan 1 06:57:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=406bf96b9ab570b55e846efb8d69ae394740caa4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:b0:13:c1:e4:cb:b7:16:87:35:c2:50:e7:72:
b5:01:72:8e:2c:64:09:ff:22:27:16:5e:fd:7e:f6:
0f:13:c9:cc:1a:32:c0:e2:54:10:c9:da:55:a2:d3:
1e:79:3c:2a:62:97:cd:07:e5:32:14:a5:60:5f:db:
3a:e4:b3:aa:97:da:da:57:92:5c:f6:c3:11:0f:c6:
5f:1a:91:20:e7:95:bf:56:a4:db:70:43:e0:f2:78:
03:31:08:3e:41:8d:ea:1c:75:3a:08:5f:56:b0:9a:
74:ab:6b:aa:5a:70:ac:2c:9d:00:62:49:2d:90:ec:
f1:a3:f6:74:f1:53:d0:c5:65:f5:44:78:b2:c2:35:
cb:93:70:6d:68:b8:72:aa:8e:58:75:09:7d:d8:50:
0a:1b:b8:92:b7:79:20:32:23:f8:89:af:0e:7d:e7:
77:df:93:23:33:8b:97:e2:d1:52:6a:e6:95:df:83:
fa:4b:62:7a:da:4e:5b:0c:b8:4d:82:7e:36:dc:d8:
9e:84:0d:9b:ab:cd:44:7d:2c:26:45:98:f7:24:fe:
8a:67:8b:14:04:fb:ea:9b:c7:53:01:1e:68:1f:bd:
f2:78:29:6e:5d:10:84:56:50:95:43:d7:ad:2f:0c:
53:ff:1b:2a:86:9f:56:4f:6d:ba:cd:49:39:d3:aa:
0a:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:6B:F9:6B:9A:B5:70:B5:5E:84:6E:FB:8D:69:AE:39:47:40:CA:A4
X509v3 Authority Key Identifier:
keyid:52:F5:5E:7A:7E:70:B1:01:8F:03:C4:27:8D:34:8B:4B:DC:C1:42:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UvVeen5wsQGPA8QnjTSLS9zBQrE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/4e20a3-eb59-4392-bdfb-9a5f8ec64c70/1/QGv5a5q1cLVehG77jWmuOUdAyqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/4e20a3-eb59-4392-bdfb-9a5f8ec64c70/1/UvVeen5wsQGPA8QnjTSLS9zBQrE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.119.131.0/24
Signature Algorithm: sha256WithRSAEncryption
c4:1f:2e:29:ec:d6:ce:f6:28:82:0c:f5:3d:e4:55:3f:24:63:
b7:5f:25:77:75:bb:89:fa:0c:71:19:8d:1e:e8:21:7e:ac:50:
64:08:73:fb:dc:f5:eb:b4:0b:28:0c:40:b2:9f:83:0e:40:74:
e9:48:05:44:ad:6a:6e:9c:29:73:a4:df:07:3f:33:9f:93:b9:
b0:2f:cb:01:bb:d6:c9:f9:85:b9:60:3f:8a:60:59:34:e7:07:
37:2e:1f:8f:20:7a:0a:32:d2:65:ba:a1:3b:c5:ad:7c:83:99:
86:ee:b7:cf:33:52:8d:90:74:1d:11:38:ab:f0:fb:4e:be:11:
ee:e5:95:5b:b7:ce:7c:86:5f:62:c0:26:bd:21:07:b5:47:c0:
a7:f6:4a:9e:a2:d0:d3:f3:98:57:e7:f5:a8:74:07:51:70:a1:
6d:4e:1e:08:e0:c1:6c:09:ba:6d:30:fb:99:a6:61:ea:d4:f8:
2e:06:27:16:58:34:61:23:f8:6e:a7:62:21:b8:6a:5c:98:96:
16:9a:ab:99:b0:f0:13:f0:f0:1d:b9:37:6d:c9:73:62:ae:7c:
16:db:85:b7:79:1c:00:29:48:79:ec:d1:40:a0:58:d9:aa:93:
e0:dc:4e:71:17:8c:7a:a5:2c:17:cc:2a:6e:8d:3c:54:5f:03:
bb:4b:bb:76
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEALDXYDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MmY1NWU3YTdlNzBiMTAxOGYwM2M0Mjc4ZDM0OGI0YmRjYzE0MmIxMB4XDTIyMDEw
MTA2NTcwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDA2YmY5NmI5YWI1
NzBiNTVlODQ2ZWZiOGQ2OWFlMzk0NzQwY2FhNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK6wE8Hky7cWhzXCUOdytQFyjixkCf8iJxZe/X72DxPJzBoy
wOJUEMnaVaLTHnk8KmKXzQflMhSlYF/bOuSzqpfa2leSXPbDEQ/GXxqRIOeVv1ak
23BD4PJ4AzEIPkGN6hx1OghfVrCadKtrqlpwrCydAGJJLZDs8aP2dPFT0MVl9UR4
ssI1y5NwbWi4cqqOWHUJfdhQChu4krd5IDIj+ImvDn3nd9+TIzOLl+LRUmrmld+D
+ktietpOWwy4TYJ+NtzYnoQNm6vNRH0sJkWY9yT+imeLFAT76pvHUwEeaB+98ngp
bl0QhFZQlUPXrS8MU/8bKoafVk9tus1JOdOqCmsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRAa/lrmrVwtV6EbvuNaa45R0DKpDAfBgNVHSMEGDAWgBRS9V56fnCxAY8D
xCeNNItL3MFCsTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1V2VmVlbjV3c1FHUEE4UW5qVFNMUzl6QlFyRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmEvNGUyMGEzLWViNTktNDM5Mi1iZGZiLTlhNWY4ZWM2NGM3MC8x
L1FHdjVhNXExY0xWZWhHNzdqV211T1VkQXlxUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmEv
NGUyMGEzLWViNTktNDM5Mi1iZGZiLTlhNWY4ZWM2NGM3MC8xL1V2VmVlbjV3c1FH
UEE4UW5qVFNMUzl6QlFyRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANl3gzANBgkqhkiG9w0BAQsFAAOC
AQEAxB8uKezWzvYoggz1PeRVPyRjt18ld3W7ifoMcRmNHughfqxQZAhz+9z167QL
KAxAsp+DDkB06UgFRK1qbpwpc6TfBz8zn5O5sC/LAbvWyfmFuWA/imBZNOcHNy4f
jyB6CjLSZbqhO8WtfIOZhu63zzNSjZB0HRE4q/D7Tr4R7uWVW7fOfIZfYsAmvSEH
tUfAp/ZKnqLQ0/OYV+f1qHQHUXChbU4eCODBbAm6bTD7maZh6tT4LgYnFlg0YSP4
bqdiIbhqXJiWFpqrmbDwE/DwHbk3bclzYq58FtuFt3kcAClIeezRQKBY2aqT4NxO
cReMeqUsF8wqbo08VF8Du0u7dg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:47 2023 by rpki-client on console-ams.rpki-client.org