Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Qg6hrLGDWLwACcRVKC75QS7Mu-8.roa
File: Qg6hrLGDWLwACcRVKC75QS7Mu-8.roa (raw, json)
Hash identifier: dmA4xSGMcvnOImYGRzAe5kWDqBo0+C+MzibLIVY6Yf0=
Subject key identifier: 42:0E:A1:AC:B1:83:58:BC:00:09:C4:55:28:2E:F9:41:2E:CC:BB:EF
Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial: 3A11B516
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Qg6hrLGDWLwACcRVKC75QS7Mu-8.roa
Signing time: Sat 01 Jan 2022 14:00:45 +0000
ROA not before: Sat 01 Jan 2022 14:00:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206937
IP address blocks: 157.25.150.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 974238998 (0x3a11b516)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Validity
Not Before: Jan 1 14:00:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=420ea1acb18358bc0009c455282ef9412eccbbef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b4:c1:50:6f:07:43:98:6b:62:6d:d2:ea:9f:
fd:aa:0d:58:a8:b0:83:14:e4:9c:08:e3:94:40:e5:
27:67:41:f6:e8:4e:ec:40:37:06:72:da:8f:d3:9b:
2b:96:0d:7f:12:d4:2c:ad:47:38:53:ba:bc:80:22:
e3:d6:d8:f5:88:4e:20:7a:e6:90:17:fe:f1:1e:6d:
45:ed:39:d0:15:f0:4a:77:d2:15:5e:77:50:38:c1:
f7:5e:3a:5d:bb:56:10:dd:cb:4f:b4:9f:1c:4d:d5:
bb:aa:7c:7f:3d:95:e4:47:11:7e:ed:90:85:23:56:
6d:ae:d6:fe:87:3a:ed:aa:6a:44:52:c2:bd:0a:c7:
6e:1c:c3:95:9d:19:a1:d0:9d:ff:23:bf:79:22:50:
14:81:42:00:c5:04:ec:6b:a9:bc:7a:47:af:73:04:
76:d7:75:94:fc:98:99:90:b1:5e:f1:d6:82:19:f4:
c1:c9:e5:8b:84:6c:aa:4f:d2:ce:65:f3:c0:c1:98:
a6:c2:78:41:eb:01:87:8e:c5:aa:f2:32:2b:5c:1c:
18:5e:82:0c:04:bd:cd:82:1c:1e:29:9d:1d:80:8b:
d4:d8:d7:a1:c4:5b:ee:c4:42:0d:d9:d7:47:f1:73:
f8:b3:9d:69:17:80:28:78:a8:90:fe:58:3c:ec:a5:
e9:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:0E:A1:AC:B1:83:58:BC:00:09:C4:55:28:2E:F9:41:2E:CC:BB:EF
X509v3 Authority Key Identifier:
keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Qg6hrLGDWLwACcRVKC75QS7Mu-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.25.150.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:cb:bc:af:02:2b:0c:ef:5d:4c:d8:7d:6a:b0:93:d8:6e:fc:
14:50:73:f0:cb:6a:c0:b4:7f:b8:0e:37:ee:74:82:b1:48:21:
7e:76:49:40:fa:f8:4c:6d:1d:d4:65:dd:d9:30:dc:92:25:61:
74:c0:6c:e8:93:2f:75:75:b1:58:cb:2f:1b:e4:d7:e3:81:9e:
64:53:ae:8e:1a:65:8e:09:df:b1:02:a9:11:12:f5:9d:9b:44:
47:cc:42:bb:87:31:39:9c:af:b2:b3:38:fa:15:18:0e:b0:c4:
b8:78:50:b8:4d:a9:ac:7f:07:a5:5a:91:06:d6:3c:73:04:ac:
9e:68:7f:a1:14:a0:9c:f9:96:38:2f:a1:4f:e0:ec:6c:7a:af:
50:cd:a5:9d:d8:43:21:43:92:2f:74:af:c8:b5:7e:d7:e3:a7:
97:b8:4b:16:75:c0:ae:a3:58:2b:5f:7a:5e:2b:fa:a6:09:83:
43:86:a2:6e:96:37:90:bc:43:fd:9f:c0:ad:e0:34:b5:58:87:
18:04:0a:1a:95:48:65:9b:9f:27:21:38:2b:89:fb:ef:2c:0e:
a8:6d:79:9f:28:24:52:24:97:34:98:6d:05:2b:56:6a:cc:a2:
fe:a6:43:50:65:5d:18:f6:a2:7b:f7:d5:b7:5f:eb:58:c2:f5:
5f:52:0d:e8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEOhG1FjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YWNhNjNkZjI0OGI3YWRmM2RkZDA3ZThjMmQzZWVkZDAyY2VmOTMzMB4XDTIyMDEw
MTE0MDA0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDIwZWExYWNiMTgz
NThiYzAwMDljNDU1MjgyZWY5NDEyZWNjYmJlZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKm0wVBvB0OYa2Jt0uqf/aoNWKiwgxTknAjjlEDlJ2dB9uhO
7EA3BnLaj9ObK5YNfxLULK1HOFO6vIAi49bY9YhOIHrmkBf+8R5tRe050BXwSnfS
FV53UDjB9146XbtWEN3LT7SfHE3Vu6p8fz2V5EcRfu2QhSNWba7W/oc67apqRFLC
vQrHbhzDlZ0ZodCd/yO/eSJQFIFCAMUE7GupvHpHr3MEdtd1lPyYmZCxXvHWghn0
wcnli4Rsqk/SzmXzwMGYpsJ4QesBh47FqvIyK1wcGF6CDAS9zYIcHimdHYCL1NjX
ocRb7sRCDdnXR/Fz+LOdaReAKHiokP5YPOyl6bsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRCDqGssYNYvAAJxFUoLvlBLsy77zAfBgNVHSMEGDAWgBQaymPfJIt63z3d
B+jC0+7dAs75MzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dzcGozeVNMZXQ4OTNRZm93dFB1M1FMTy1UTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvMWY2NDU4LWRjNzUtNGFkZC1hZTcyLTkxZTMxODRiYjBhYi8x
L1FnNmhyTEdEV0x3QUNjUlZLQzc1UVM3TXUtOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
MWY2NDU4LWRjNzUtNGFkZC1hZTcyLTkxZTMxODRiYjBhYi8xL0dzcGozeVNMZXQ4
OTNRZm93dFB1M1FMTy1UTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJ0ZljANBgkqhkiG9w0BAQsFAAOC
AQEAasu8rwIrDO9dTNh9arCT2G78FFBz8MtqwLR/uA437nSCsUghfnZJQPr4TG0d
1GXd2TDckiVhdMBs6JMvdXWxWMsvG+TX44GeZFOujhpljgnfsQKpERL1nZtER8xC
u4cxOZyvsrM4+hUYDrDEuHhQuE2prH8HpVqRBtY8cwSsnmh/oRSgnPmWOC+hT+Ds
bHqvUM2lndhDIUOSL3SvyLV+1+Onl7hLFnXArqNYK196Xiv6pgmDQ4aibpY3kLxD
/Z/AreA0tViHGAQKGpVIZZufJyE4K4n77ywOqG15nygkUiSXNJhtBStWasyi/qZD
UGVdGPaie/fVt1/rWML1X1IN6A==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:09 2023 by rpki-client on console-fra.rpki-client.org