Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/41e9b0-62e7-4718-b966-1f9ae055646f/1/sqfNtxWnd49iHEwErmrE8tdNWkc.roa
File: sqfNtxWnd49iHEwErmrE8tdNWkc.roa (raw, json)
Hash identifier: mJBCo03Byt9ljeP2a8XgLh3ibpS0IQHlKpIeXU5FtNo=
Subject key identifier: B2:A7:CD:B7:15:A7:77:8F:62:1C:4C:04:AE:6A:C4:F2:D7:4D:5A:47
Certificate issuer: /CN=8aa1fe9a4c03d015aec974e2d29709a979eb82f1
Certificate serial: 872889
Authority key identifier: 8A:A1:FE:9A:4C:03:D0:15:AE:C9:74:E2:D2:97:09:A9:79:EB:82:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iqH-mkwD0BWuyXTi0pcJqXnrgvE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/41e9b0-62e7-4718-b966-1f9ae055646f/1/sqfNtxWnd49iHEwErmrE8tdNWkc.roa
Signing time: Thu 06 Jan 2022 16:01:32 +0000
ROA not before: Thu 06 Jan 2022 16:01:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 33309
IP address blocks: 185.241.46.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8857737 (0x872889)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8aa1fe9a4c03d015aec974e2d29709a979eb82f1
Validity
Not Before: Jan 6 16:01:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b2a7cdb715a7778f621c4c04ae6ac4f2d74d5a47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:18:10:47:16:51:d4:47:dd:9c:f9:cf:b6:23:
d9:1e:d7:dc:f2:fe:f3:cb:3a:39:17:fa:b1:08:33:
a6:ef:5f:a7:1a:1c:f4:51:ea:54:d9:38:5f:0b:6e:
0e:58:fc:2b:8a:8c:df:74:7e:88:52:b9:fc:cc:19:
99:97:c2:76:8f:c9:f8:8c:2f:1c:25:96:72:6f:5b:
b1:a0:55:f9:e5:c1:c8:56:57:dc:2b:8c:2e:90:94:
0b:f5:8e:38:ff:42:3d:f6:d4:39:92:c4:84:d1:5c:
35:99:6a:ff:b7:0c:aa:26:bf:2c:a7:28:5c:b5:22:
87:24:2c:0d:54:af:85:d5:99:4f:bf:39:ad:81:d3:
cb:01:c5:5a:64:f6:fd:76:75:cd:bc:a0:46:69:ad:
ba:1b:10:74:e8:17:9b:9a:94:44:ec:a8:f1:d2:57:
c7:56:76:41:ce:28:60:83:15:d4:13:2c:20:8f:f1:
70:39:88:44:37:54:65:fe:b3:7e:53:ec:53:32:2b:
be:66:71:8b:0a:48:35:65:e4:cd:e1:b1:1d:b2:16:
79:05:88:2c:8e:f1:9b:ff:32:48:0f:df:c6:41:59:
f1:2f:ab:2c:33:6e:2e:ad:b1:81:0c:1f:e6:b9:5e:
22:d2:ec:e2:7b:c1:4a:68:b3:ae:f7:b8:af:19:3e:
ce:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:A7:CD:B7:15:A7:77:8F:62:1C:4C:04:AE:6A:C4:F2:D7:4D:5A:47
X509v3 Authority Key Identifier:
keyid:8A:A1:FE:9A:4C:03:D0:15:AE:C9:74:E2:D2:97:09:A9:79:EB:82:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iqH-mkwD0BWuyXTi0pcJqXnrgvE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/41e9b0-62e7-4718-b966-1f9ae055646f/1/sqfNtxWnd49iHEwErmrE8tdNWkc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/41e9b0-62e7-4718-b966-1f9ae055646f/1/iqH-mkwD0BWuyXTi0pcJqXnrgvE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.241.46.0/24
Signature Algorithm: sha256WithRSAEncryption
35:bf:c2:4c:59:38:78:db:f9:3e:52:a0:86:13:9e:fa:4c:c1:
f0:6b:68:f3:da:ae:fc:7f:f5:a2:be:b4:22:c5:75:94:ec:7f:
35:9a:e6:67:55:87:ab:6c:84:6b:60:90:cf:88:c7:ca:7d:7d:
86:55:c9:63:12:59:d4:d7:eb:8a:ce:d6:27:96:bf:de:1c:9f:
63:4a:dd:01:5f:6b:08:9e:9f:0d:f2:e8:b8:d6:29:8d:89:9c:
84:af:44:d1:b0:3c:73:c9:45:f8:0d:0f:c3:c9:87:d6:c6:3b:
cb:33:ea:df:ff:5b:01:53:b1:30:97:05:f8:c4:38:62:7e:9e:
37:e2:86:15:01:d8:0f:cd:48:19:bf:85:9b:ee:7d:09:f9:44:
b1:d5:70:e1:01:28:db:d9:77:95:cf:3d:25:c0:5c:6b:a0:f1:
0a:56:3a:14:39:94:9a:3d:18:68:37:8c:7c:17:8e:31:df:aa:
19:46:18:81:0f:db:2e:a4:15:0f:30:f9:51:84:06:b0:b9:bb:
51:a2:04:a0:a2:f7:19:f5:84:a2:4f:17:27:20:1b:55:9e:f9:
87:cd:b8:35:2f:41:16:a0:47:d8:c4:3b:b1:03:88:71:f7:44:
99:ef:87:54:5c:9a:2a:ec:52:ca:a7:dc:0b:83:6c:d5:49:48:
bc:36:9e:fb
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAIcoiTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YWExZmU5YTRjMDNkMDE1YWVjOTc0ZTJkMjk3MDlhOTc5ZWI4MmYxMB4XDTIyMDEw
NjE2MDEzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjJhN2NkYjcxNWE3
Nzc4ZjYyMWM0YzA0YWU2YWM0ZjJkNzRkNWE0NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL4YEEcWUdRH3Zz5z7Yj2R7X3PL+88s6ORf6sQgzpu9fpxoc
9FHqVNk4XwtuDlj8K4qM33R+iFK5/MwZmZfCdo/J+IwvHCWWcm9bsaBV+eXByFZX
3CuMLpCUC/WOOP9CPfbUOZLEhNFcNZlq/7cMqia/LKcoXLUihyQsDVSvhdWZT785
rYHTywHFWmT2/XZ1zbygRmmtuhsQdOgXm5qUROyo8dJXx1Z2Qc4oYIMV1BMsII/x
cDmIRDdUZf6zflPsUzIrvmZxiwpINWXkzeGxHbIWeQWILI7xm/8ySA/fxkFZ8S+r
LDNuLq2xgQwf5rleItLs4nvBSmizrve4rxk+zicCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSyp823Fad3j2IcTASuasTy101aRzAfBgNVHSMEGDAWgBSKof6aTAPQFa7J
dOLSlwmpeeuC8TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lxSC1ta3dEMEJXdXlYVGkwcGNKcVhucmd2RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmIvNDFlOWIwLTYyZTctNDcxOC1iOTY2LTFmOWFlMDU1NjQ2Zi8x
L3NxZk50eFduZDQ5aUhFd0VybXJFOHRkTldrYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmIv
NDFlOWIwLTYyZTctNDcxOC1iOTY2LTFmOWFlMDU1NjQ2Zi8xL2lxSC1ta3dEMEJX
dXlYVGkwcGNKcVhucmd2RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnxLjANBgkqhkiG9w0BAQsFAAOC
AQEANb/CTFk4eNv5PlKghhOe+kzB8Gto89qu/H/1or60IsV1lOx/NZrmZ1WHq2yE
a2CQz4jHyn19hlXJYxJZ1Nfris7WJ5a/3hyfY0rdAV9rCJ6fDfLouNYpjYmchK9E
0bA8c8lF+A0Pw8mH1sY7yzPq3/9bAVOxMJcF+MQ4Yn6eN+KGFQHYD81IGb+Fm+59
CflEsdVw4QEo29l3lc89JcBca6DxClY6FDmUmj0YaDeMfBeOMd+qGUYYgQ/bLqQV
DzD5UYQGsLm7UaIEoKL3GfWEok8XJyAbVZ75h824NS9BFqBH2MQ7sQOIcfdEme+H
VFyaKuxSyqfcC4Ns1UlIvDae+w==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:54 2023 by rpki-client on console-fra.rpki-client.org