Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/qK1iqnWLw0pAhC5-XtjLI_gIxkY.roa
File: qK1iqnWLw0pAhC5-XtjLI_gIxkY.roa (raw, json)
Hash identifier: 7IQQ75ZDSXqB/JG8xJJWwzv4ZG3YcgmaSARibuSesRk=
Subject key identifier: A8:AD:62:AA:75:8B:C3:4A:40:84:2E:7E:5E:D8:CB:23:F8:08:C6:46
Certificate issuer: /CN=dc4e453affe895b6452b84027437c5c00fd37067
Certificate serial: 01849FE59D4D1AC3E2132122D75674CFF141
Authority key identifier: DC:4E:45:3A:FF:E8:95:B6:45:2B:84:02:74:37:C5:C0:0F:D3:70:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3E5FOv_olbZFK4QCdDfFwA_TcGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/qK1iqnWLw0pAhC5-XtjLI_gIxkY.roa
Signing time: Tue 22 Nov 2022 15:12:16 +0000
ROA not before: Tue 22 Nov 2022 15:12:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44451
IP address blocks: 93.92.8.0/21 maxlen: 21
94.247.48.0/21 maxlen: 21
37.46.16.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9f:e5:9d:4d:1a:c3:e2:13:21:22:d7:56:74:cf:f1:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc4e453affe895b6452b84027437c5c00fd37067
Validity
Not Before: Nov 22 15:12:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a8ad62aa758bc34a40842e7e5ed8cb23f808c646
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:84:08:45:e2:91:1a:b3:2f:97:c3:44:d4:55:
40:30:85:6a:a4:70:13:58:a1:2f:cd:e2:aa:ca:34:
83:dd:74:b2:12:ac:3b:63:4f:a8:6e:09:f0:81:9c:
9d:0b:e1:4c:ba:8a:14:1f:c2:75:b5:ef:35:7f:12:
ba:4e:61:d4:bd:2f:c1:29:d6:d8:30:04:c4:c8:67:
dd:f0:be:a7:61:d0:2f:d2:b5:44:dd:6c:af:01:8e:
02:db:6f:38:13:30:80:c9:ba:5f:e7:12:03:87:b1:
bd:13:32:9c:49:d1:b8:4c:57:81:62:8e:4a:90:4f:
20:3e:41:1d:16:0f:45:c6:b2:e4:48:37:45:00:a8:
04:6d:e4:c0:38:00:16:1c:b3:73:13:4d:9f:42:31:
b3:8f:39:f3:3d:38:27:e6:33:0e:be:c2:8e:b0:27:
06:6d:65:76:4f:ff:9e:fe:ff:34:ef:f7:51:b2:0d:
1a:f5:88:5f:e9:1a:52:04:da:35:fa:25:85:69:f3:
1a:91:35:32:60:4a:ae:e7:10:ba:ff:08:05:f7:b3:
f6:3f:a9:9f:ab:86:8f:a2:55:00:f3:91:97:88:a2:
f2:78:64:9f:98:73:c8:6c:10:65:61:2d:f5:f0:76:
62:c3:78:4b:69:20:a4:2f:7a:b3:bd:41:e2:33:58:
f4:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:AD:62:AA:75:8B:C3:4A:40:84:2E:7E:5E:D8:CB:23:F8:08:C6:46
X509v3 Authority Key Identifier:
keyid:DC:4E:45:3A:FF:E8:95:B6:45:2B:84:02:74:37:C5:C0:0F:D3:70:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3E5FOv_olbZFK4QCdDfFwA_TcGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/qK1iqnWLw0pAhC5-XtjLI_gIxkY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/3E5FOv_olbZFK4QCdDfFwA_TcGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.16.0/21
93.92.8.0/21
94.247.48.0/21
Signature Algorithm: sha256WithRSAEncryption
30:81:87:78:36:66:94:26:02:6b:c0:8f:8c:ce:33:29:54:45:
31:da:cf:be:36:b0:42:08:1d:d3:5f:27:d3:3c:e7:27:50:a2:
fb:b3:a0:12:58:50:d9:5e:49:52:52:90:22:be:bb:50:7b:e4:
67:a5:5c:7f:38:b0:f1:63:d3:24:3b:c8:64:58:97:c7:e4:ed:
ff:9f:3c:53:aa:d2:51:dc:53:45:3e:5c:ea:bc:3e:10:95:5c:
c2:90:29:b5:50:4b:9b:65:ba:24:ab:3c:64:6c:e4:c5:ef:0c:
f8:9e:c2:f0:b4:13:a7:86:8a:dd:63:aa:8e:5a:e2:35:95:f2:
d0:65:dd:32:08:12:97:20:ae:38:2e:07:3c:ad:28:37:3a:7b:
e0:35:0d:69:f3:94:f7:8a:2b:03:db:1c:85:80:17:2c:f7:5e:
87:64:91:7f:d9:c7:77:8b:23:23:3c:79:c0:fe:d5:cd:a9:87:
1b:bb:05:e4:aa:a9:7d:a0:de:16:e3:36:78:e1:ef:51:f1:ed:
0a:a5:01:be:a5:f3:ab:b1:2f:a3:53:57:63:5a:4a:1d:43:dd:
37:2e:b7:c6:43:95:83:f7:4d:1d:3e:ae:3b:1c:f4:23:91:d7:
44:74:38:5d:e8:2a:d0:df:5b:17:19:b1:a4:92:42:dc:44:0c:
a0:70:4c:ab
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYSf5Z1NGsPiEyEi11Z0z/FBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNGU0NTNhZmZlODk1YjY0NTJiODQwMjc0MzdjNWMwMGZk
MzcwNjcwHhcNMjIxMTIyMTUxMjE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGFkNjJhYTc1OGJjMzRhNDA4NDJlN2U1ZWQ4Y2IyM2Y4MDhjNjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiYQIReKRGrMvl8NE1FVAMIVqpHAT
WKEvzeKqyjSD3XSyEqw7Y0+obgnwgZydC+FMuooUH8J1te81fxK6TmHUvS/BKdbY
MATEyGfd8L6nYdAv0rVE3WyvAY4C2284EzCAybpf5xIDh7G9EzKcSdG4TFeBYo5K
kE8gPkEdFg9FxrLkSDdFAKgEbeTAOAAWHLNzE02fQjGzjznzPTgn5jMOvsKOsCcG
bWV2T/+e/v807/dRsg0a9Yhf6RpSBNo1+iWFafMakTUyYEqu5xC6/wgF97P2P6mf
q4aPolUA85GXiKLyeGSfmHPIbBBlYS318HZiw3hLaSCkL3qzvUHiM1j0UwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKitYqp1i8NKQIQufl7YyyP4CMZGMB8GA1UdIwQY
MBaAFNxORTr/6JW2RSuEAnQ3xcAP03BnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0U1Rk92X29sYlpGSzRRQ2REZkZ3QV9UY0djLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS81OGU2NTUtZTcxMy00NWQyLTk1OGEt
MTgyMjg2N2UxNTk2LzEvcUsxaXFuV0x3MHBBaEM1LVh0akxJX2dJeGtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS81OGU2NTUtZTcxMy00NWQyLTk1OGEtMTgyMjg2N2UxNTk2
LzEvM0U1Rk92X29sYlpGSzRRQ2REZkZ3QV9UY0djLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDJS4QAwQD
XVwIAwQDXvcwMA0GCSqGSIb3DQEBCwUAA4IBAQAwgYd4NmaUJgJrwI+MzjMpVEUx
2s++NrBCCB3TXyfTPOcnUKL7s6ASWFDZXklSUpAivrtQe+RnpVx/OLDxY9MkO8hk
WJfH5O3/nzxTqtJR3FNFPlzqvD4QlVzCkCm1UEubZbokqzxkbOTF7wz4nsLwtBOn
hordY6qOWuI1lfLQZd0yCBKXIK44Lgc8rSg3OnvgNQ1p85T3iisD2xyFgBcs916H
ZJF/2cd3iyMjPHnA/tXNqYcbuwXkqql9oN4W4zZ44e9R8e0KpQG+pfOrsS+jU1dj
WkodQ903LrfGQ5WD900dPq47HPQjkddEdDhd6CrQ31sXGbGkkkLcRAygcEyr
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:47 2023 by rpki-client on console-ams.rpki-client.org