Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/QaFL2BG0MmtOxeCiEx1fVHn4CCM.roa
File: QaFL2BG0MmtOxeCiEx1fVHn4CCM.roa (raw, json)
Hash identifier: xfzAUt9cPCn1gF3h2o+fQxH1pSWVWilxmDGG7ck8qwI=
Subject key identifier: 41:A1:4B:D8:11:B4:32:6B:4E:C5:E0:A2:13:1D:5F:54:79:F8:08:23
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018498E2460FC1861A73C5CBC943AA5DFA9F
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/QaFL2BG0MmtOxeCiEx1fVHn4CCM.roa
Signing time: Mon 21 Nov 2022 06:31:16 +0000
ROA not before: Mon 21 Nov 2022 06:31:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 142299
IP address blocks: 45.141.26.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:98:e2:46:0f:c1:86:1a:73:c5:cb:c9:43:aa:5d:fa:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Nov 21 06:31:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=41a14bd811b4326b4ec5e0a2131d5f5479f80823
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:9a:a4:02:f7:33:79:4a:52:01:ea:c1:7b:8f:
83:6b:73:21:74:65:fe:92:8c:62:b2:9a:a4:ad:0a:
86:7c:2b:c3:02:c7:a1:72:46:02:72:6a:8c:ef:f7:
73:d7:27:47:ce:43:3e:45:2d:f8:b5:50:fc:ee:e2:
5a:e7:4a:c7:6d:cf:29:85:fc:e6:21:95:56:11:9e:
85:9c:60:0a:46:8f:c8:20:41:c0:a3:df:2e:7a:ba:
29:3b:03:ed:2e:84:be:ed:89:a1:17:b8:e4:0a:52:
d5:98:5f:02:58:ce:e0:8c:6d:89:bb:e4:c4:84:1d:
c5:b7:f5:15:1e:89:0f:7e:05:48:7a:b8:0e:03:90:
94:a5:c3:1b:90:12:fe:6a:97:7c:0f:f8:97:e8:22:
8b:c0:53:44:fe:8d:0b:e0:f5:0b:92:bf:a3:ed:a2:
ae:09:ad:f0:01:79:bd:04:18:03:5d:f5:ed:13:69:
a3:60:e1:fc:1b:ff:bc:bb:7a:29:2e:65:3d:de:49:
5f:c8:de:81:29:5f:2b:91:e0:6e:27:b0:2f:2f:6c:
1f:31:84:2d:ee:67:23:00:cd:24:5e:c6:89:7c:e1:
7c:53:ba:80:30:d2:64:0f:fb:da:fc:92:d6:4e:91:
f9:f7:d6:d7:ec:7e:c9:e9:57:f2:e8:07:2f:02:58:
30:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:A1:4B:D8:11:B4:32:6B:4E:C5:E0:A2:13:1D:5F:54:79:F8:08:23
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/QaFL2BG0MmtOxeCiEx1fVHn4CCM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.26.0/23
Signature Algorithm: sha256WithRSAEncryption
71:64:18:bd:7a:00:ea:d8:86:22:0a:d4:3c:c9:61:40:bc:67:
07:fa:e3:66:20:f7:13:b1:47:64:be:2f:af:14:da:6e:4b:43:
4e:98:d0:0b:f5:e9:17:e4:49:07:35:2b:39:96:24:68:7d:81:
d8:f1:15:f2:2c:7f:4f:9e:cf:76:b5:ea:b5:a7:d9:ba:ff:09:
da:3a:d5:8f:72:de:63:75:31:b1:a9:8b:75:80:72:83:36:38:
81:c3:54:3c:87:4c:74:76:da:e8:c9:d7:81:4b:21:2b:ef:26:
0d:e7:8c:35:12:50:65:8d:61:58:c5:72:b3:24:72:f7:63:0c:
57:eb:ee:24:49:b7:b6:1c:3c:f8:34:cc:85:a5:e7:1a:da:c6:
bf:60:5f:13:e0:5e:eb:a1:06:6c:8d:a4:99:3a:8a:3b:e1:62:
ee:49:d0:86:4a:9f:72:b3:31:04:97:43:6a:ca:4f:00:c9:01:
47:2c:77:06:bf:8d:85:5c:51:22:29:17:04:92:44:95:2a:78:
80:0c:9c:fa:19:6e:cf:bd:d2:f0:23:fc:1a:c4:07:0d:76:0b:
14:fa:68:09:7f:7e:93:f7:09:c0:50:c7:79:29:cc:49:ce:52:
0c:85:81:0a:d2:a5:73:03:5e:48:4e:e0:1e:6d:9c:ec:49:0b:
b9:7f:eb:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSY4kYPwYYac8XLyUOqXfqfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjIxMTIxMDYzMTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWExNGJkODExYjQzMjZiNGVjNWUwYTIxMzFkNWY1NDc5ZjgwODIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5qkAvczeUpSAerBe4+Da3MhdGX+
koxispqkrQqGfCvDAsehckYCcmqM7/dz1ydHzkM+RS34tVD87uJa50rHbc8phfzm
IZVWEZ6FnGAKRo/IIEHAo98ueropOwPtLoS+7YmhF7jkClLVmF8CWM7gjG2Ju+TE
hB3Ft/UVHokPfgVIergOA5CUpcMbkBL+apd8D/iX6CKLwFNE/o0L4PULkr+j7aKu
Ca3wAXm9BBgDXfXtE2mjYOH8G/+8u3opLmU93klfyN6BKV8rkeBuJ7AvL2wfMYQt
7mcjAM0kXsaJfOF8U7qAMNJkD/va/JLWTpH599bX7H7J6Vfy6AcvAlgwoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEGhS9gRtDJrTsXgohMdX1R5+AgjMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvUWFGTDJCRzBNbXRPeGVDaUV4MWZWSG40Q0NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLY0aMA0G
CSqGSIb3DQEBCwUAA4IBAQBxZBi9egDq2IYiCtQ8yWFAvGcH+uNmIPcTsUdkvi+v
FNpuS0NOmNAL9ekX5EkHNSs5liRofYHY8RXyLH9Pns92teq1p9m6/wnaOtWPct5j
dTGxqYt1gHKDNjiBw1Q8h0x0dtroydeBSyEr7yYN54w1ElBljWFYxXKzJHL3YwxX
6+4kSbe2HDz4NMyFpeca2sa/YF8T4F7roQZsjaSZOoo74WLuSdCGSp9yszEEl0Nq
yk8AyQFHLHcGv42FXFEiKRcEkkSVKniADJz6GW7PvdLwI/waxAcNdgsU+mgJf36T
9wnAUMd5KcxJzlIMhYEK0qVzA15ITuAebZzsSQu5f+tI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:10 2024 by rpki-client on console-ams.rpki-client.org