Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/dQmlpVcjZecmlkzciLLGBrVO_iE.roa
File: dQmlpVcjZecmlkzciLLGBrVO_iE.roa (raw, json)
Hash identifier: IYIqemlokm9bwDTQhhEJW7XrbR8ur5lIoJk/gXyJ6WM=
Subject key identifier: 75:09:A5:A5:57:23:65:E7:26:96:4C:DC:88:B2:C6:06:B5:4E:FE:21
Certificate issuer: /CN=f04eb204f358004788224e2fb18e4d5e74bebf8d
Certificate serial: 01842DA6B0B97C516E3CE04906EA18E7E9B5
Authority key identifier: F0:4E:B2:04:F3:58:00:47:88:22:4E:2F:B1:8E:4D:5E:74:BE:BF:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/dQmlpVcjZecmlkzciLLGBrVO_iE.roa
Signing time: Mon 31 Oct 2022 10:46:49 +0000
ROA not before: Mon 31 Oct 2022 10:46:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56381
IP address blocks: 141.98.136.0/23 maxlen: 24
2a09:11c0:1000::/36 maxlen: 36
2a09:11c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:2d:a6:b0:b9:7c:51:6e:3c:e0:49:06:ea:18:e7:e9:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04eb204f358004788224e2fb18e4d5e74bebf8d
Validity
Not Before: Oct 31 10:46:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7509a5a5572365e726964cdc88b2c606b54efe21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:42:cb:0e:5a:df:16:d8:0f:2f:96:90:b9:78:
bd:90:e7:29:95:6f:96:34:04:c7:48:89:00:67:4c:
c9:10:61:00:f8:f7:4f:21:ed:b2:8c:77:11:55:d8:
6a:02:51:60:13:4c:74:7f:bd:fd:0c:b3:34:f8:eb:
99:32:08:39:83:0a:02:9d:c0:a3:73:b5:7b:2a:6e:
fa:f7:52:e8:66:5f:4d:4f:8c:5e:ad:86:8a:3c:40:
e6:0e:84:c0:67:e8:fc:ef:ae:d5:a1:d1:33:2d:6b:
fe:87:98:d5:d7:9a:24:dd:00:75:d5:f8:86:33:31:
62:af:08:b8:1f:f7:77:62:86:6a:b2:8b:16:d9:78:
ad:e6:5f:f6:46:37:5e:d8:b0:b5:fb:ca:8e:b5:a0:
79:7c:de:af:60:c0:54:43:59:32:a0:e4:7b:d7:06:
88:e5:e0:87:85:e8:4f:21:32:31:de:1e:70:d8:19:
19:0c:ef:39:ea:6c:5e:be:ff:83:78:fa:ac:14:36:
e1:bd:f1:10:f8:c4:40:7e:99:5e:d3:16:4e:d7:81:
ee:c0:41:93:df:a2:82:62:3b:2b:be:a2:3f:dc:f3:
02:d8:87:99:55:ee:6a:93:99:da:af:2a:6a:77:4c:
42:3c:d4:b6:b8:9c:ec:05:a4:21:5d:0d:f5:c1:62:
06:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:09:A5:A5:57:23:65:E7:26:96:4C:DC:88:B2:C6:06:B5:4E:FE:21
X509v3 Authority Key Identifier:
keyid:F0:4E:B2:04:F3:58:00:47:88:22:4E:2F:B1:8E:4D:5E:74:BE:BF:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/dQmlpVcjZecmlkzciLLGBrVO_iE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/8E6yBPNYAEeIIk4vsY5NXnS-v40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.98.136.0/23
IPv6:
2a09:11c0::/48
2a09:11c0:1000::/36
Signature Algorithm: sha256WithRSAEncryption
7e:52:fa:28:3f:bd:bd:99:55:99:36:9a:b9:6f:38:41:a2:ba:
cc:a5:94:59:2b:d6:34:59:c9:99:f8:cf:84:3f:eb:82:bc:30:
45:28:7b:aa:a5:de:e1:60:20:44:d5:5e:dc:87:17:1c:4a:02:
28:8a:1e:d3:a9:e7:b6:b9:e9:41:c3:33:9b:10:f3:df:46:6f:
9a:2e:56:2c:39:8a:0c:87:8d:0c:cb:68:97:c1:e8:3b:00:13:
df:89:f7:5d:34:63:2b:2f:0e:f5:35:bc:7e:14:30:78:f6:e6:
db:1d:9b:47:5a:06:7f:f8:a9:16:f2:4d:86:8e:f1:d6:f8:04:
10:c6:b9:b4:94:19:c0:c7:ce:1f:ed:b3:3c:90:ef:e8:86:10:
80:2a:60:3a:ac:fe:85:bc:b7:74:f7:8b:9a:06:bb:38:6a:9d:
e4:5e:53:58:a3:dd:63:0e:61:3e:0e:70:09:31:08:bd:0d:14:
f3:e4:42:5a:85:0f:77:e2:b3:bd:f7:97:c0:57:1b:77:97:51:
71:6e:ce:5a:0f:c8:c0:e1:d3:24:31:14:26:f6:dc:ef:4f:99:
64:36:2a:c5:91:56:b5:ef:39:ba:f9:29:a8:88:ba:13:d2:4d:
d9:c9:34:ba:3b:da:c3:21:76:8a:81:d5:61:ad:26:31:3a:b3:
a8:50:e7:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYQtprC5fFFuPOBJBuoY5+m1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGViMjA0ZjM1ODAwNDc4ODIyNGUyZmIxOGU0ZDVlNzRi
ZWJmOGQwHhcNMjIxMDMxMTA0NjQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTA5YTVhNTU3MjM2NWU3MjY5NjRjZGM4OGIyYzYwNmI1NGVmZTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhkLLDlrfFtgPL5aQuXi9kOcplW+W
NATHSIkAZ0zJEGEA+PdPIe2yjHcRVdhqAlFgE0x0f739DLM0+OuZMgg5gwoCncCj
c7V7Km7691LoZl9NT4xerYaKPEDmDoTAZ+j8767VodEzLWv+h5jV15ok3QB11fiG
MzFirwi4H/d3YoZqsosW2Xit5l/2Rjde2LC1+8qOtaB5fN6vYMBUQ1kyoOR71waI
5eCHhehPITIx3h5w2BkZDO856mxevv+DePqsFDbhvfEQ+MRAfple0xZO14HuwEGT
36KCYjsrvqI/3PMC2IeZVe5qk5narypqd0xCPNS2uJzsBaQhXQ31wWIGXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHUJpaVXI2XnJpZM3Iiyxga1Tv4hMB8GA1UdIwQY
MBaAFPBOsgTzWABHiCJOL7GOTV50vr+NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEU2eUJQTllBRWVJSWs0dnNZNU5YblMtdjQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS85YWI0MmEtZGY5Mi00ZTQyLTllMzMt
NWM1ODkyYWZhNDg3LzEvZFFtbHBWY2paZWNtbGt6Y2lMTEdCclZPX2lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS85YWI0MmEtZGY5Mi00ZTQyLTllMzMtNWM1ODkyYWZhNDg3
LzEvOEU2eUJQTllBRWVJSWs0dnNZNU5YblMtdjQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAMBAIAATAGAwQBjWKIMBcE
AgACMBEDBwAqCRHAAAADBgQqCRHAEDANBgkqhkiG9w0BAQsFAAOCAQEAflL6KD+9
vZlVmTaauW84QaK6zKWUWSvWNFnJmfjPhD/rgrwwRSh7qqXe4WAgRNVe3IcXHEoC
KIoe06nntrnpQcMzmxDz30Zvmi5WLDmKDIeNDMtol8HoOwAT34n3XTRjKy8O9TW8
fhQwePbm2x2bR1oGf/ipFvJNho7x1vgEEMa5tJQZwMfOH+2zPJDv6IYQgCpgOqz+
hby3dPeLmga7OGqd5F5TWKPdYw5hPg5wCTEIvQ0U8+RCWoUPd+KzvfeXwFcbd5dR
cW7OWg/IwOHTJDEUJvbc70+ZZDYqxZFWte85uvkpqIi6E9JN2ck0ujvawyF2ioHV
Ya0mMTqzqFDnMg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:12 2024 by rpki-client on console-ams.rpki-client.org