Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/NQDFiNtU29dqEWZLoQRWRYtTQRs.roa
File: NQDFiNtU29dqEWZLoQRWRYtTQRs.roa (raw, json)
Hash identifier: 3MRIPFQ14fkcuXSPzPn8AfHFlX26Zr5EY7Ds2xK29Xs=
Subject key identifier: 35:00:C5:88:DB:54:DB:D7:6A:11:66:4B:A1:04:56:45:8B:53:41:1B
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 08AB3599
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/NQDFiNtU29dqEWZLoQRWRYtTQRs.roa
Signing time: Sat 01 Jan 2022 11:04:13 +0000
ROA not before: Sat 01 Jan 2022 11:04:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 46450
IP address blocks: 162.218.95.0/24 maxlen: 24
63.246.150.0/24 maxlen: 24
94.154.177.0/24 maxlen: 24
94.154.183.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 145438105 (0x8ab3599)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Jan 1 11:04:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3500c588db54dbd76a11664ba10456458b53411b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:03:77:61:3d:3b:86:10:ff:96:4c:2d:49:80:
5f:bc:7a:f4:3c:e7:78:4b:fc:63:cc:26:93:10:1a:
46:b5:52:b0:41:3f:d8:71:e7:1d:3d:64:66:a5:ea:
64:a0:5c:6f:92:30:33:93:8b:14:64:95:f9:ea:bb:
77:5e:e9:72:5f:88:fc:2a:d8:49:6e:57:38:1d:20:
d7:9b:ba:f9:8e:45:d9:60:73:c8:bb:23:a2:58:3c:
db:1d:ed:24:98:d5:0f:b1:bd:8d:84:3e:f6:83:ee:
37:12:b3:15:5b:80:ac:e2:16:9e:bd:43:90:9a:20:
a9:03:fc:23:9f:07:c0:79:3b:de:4b:f7:a4:81:cc:
57:db:b2:6d:42:ad:0c:1c:49:e2:7a:a9:9b:b7:b0:
9e:5c:ad:d6:70:5d:c5:dd:dd:48:7e:31:b3:2f:b1:
c3:66:02:44:2d:28:03:8e:01:ed:59:19:8c:bd:66:
a9:c8:2e:2b:92:d6:f1:4b:df:73:8e:58:e6:b7:f4:
7d:91:cb:fc:23:30:2e:5a:3b:34:28:77:ed:f4:08:
8a:17:61:95:f0:c3:ae:ad:0d:08:ac:fc:b2:7b:82:
40:67:9c:21:60:be:f0:7b:17:25:90:ea:e0:ca:e3:
d3:48:6e:3c:1d:cc:4b:9f:54:2d:7b:e2:de:aa:75:
58:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:00:C5:88:DB:54:DB:D7:6A:11:66:4B:A1:04:56:45:8B:53:41:1B
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/NQDFiNtU29dqEWZLoQRWRYtTQRs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
63.246.150.0/24
94.154.177.0/24
94.154.183.0/24
162.218.95.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:a6:f3:f2:3f:5f:1c:c2:ae:d0:fe:3a:40:1c:d1:65:b3:b5:
bd:93:59:3b:3a:64:ac:0a:40:fb:28:01:bd:0a:e1:48:43:8c:
72:7e:50:5d:71:d9:b3:66:05:ba:36:5f:fa:3c:26:bf:e8:ea:
7a:91:fe:d4:09:b5:1c:6c:34:84:ba:a6:02:c1:48:94:a5:4d:
2f:8d:19:4f:28:8e:bd:75:77:82:c6:60:7b:2d:f0:97:46:da:
95:83:b4:a9:c9:64:97:f2:39:a5:35:74:3d:9b:4f:bb:64:95:
93:03:92:3f:23:24:a1:2e:dc:3a:a0:69:9e:9e:01:d1:4b:a4:
ad:4e:bf:83:c4:5c:b8:df:7a:06:d6:33:69:f7:83:55:e4:00:
22:dc:5f:a6:55:02:ed:f4:92:2e:bc:a4:8f:91:73:35:3d:01:
2b:93:5a:ad:c7:24:c8:77:5f:60:10:dd:0e:37:9e:ee:74:d9:
ab:b6:be:0a:f8:92:ad:25:df:18:48:2c:93:7a:1f:19:09:ee:
c7:88:34:4e:35:e5:ca:b5:ea:bb:15:7f:60:f1:cf:12:d5:de:
66:9b:7b:05:8e:ff:80:c0:74:e0:da:e5:71:4b:97:db:a9:2e:
d7:2b:a5:5b:9a:e4:9f:04:74:9c:60:2e:55:58:67:25:27:e4:
64:06:f4:89
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIECKs1mTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MmI3OGY2NjgyZmMzOWM1NWI0MWQ0OGY4MGI4ODM4ZDVkMmRiZjA3MB4XDTIyMDEw
MTExMDQxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzUwMGM1ODhkYjU0
ZGJkNzZhMTE2NjRiYTEwNDU2NDU4YjUzNDExYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALMDd2E9O4YQ/5ZMLUmAX7x69DzneEv8Y8wmkxAaRrVSsEE/
2HHnHT1kZqXqZKBcb5IwM5OLFGSV+eq7d17pcl+I/CrYSW5XOB0g15u6+Y5F2WBz
yLsjolg82x3tJJjVD7G9jYQ+9oPuNxKzFVuArOIWnr1DkJogqQP8I58HwHk73kv3
pIHMV9uybUKtDBxJ4nqpm7ewnlyt1nBdxd3dSH4xsy+xw2YCRC0oA44B7VkZjL1m
qcguK5LW8Uvfc45Y5rf0fZHL/CMwLlo7NCh37fQIihdhlfDDrq0NCKz8snuCQGec
IWC+8HsXJZDq4Mrj00huPB3MS59ULXvi3qp1WN0CAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBQ1AMWI21Tb12oRZkuhBFZFi1NBGzAfBgNVHSMEGDAWgBRyt49mgvw5xVtB
1I+AuIONXS2/BzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NyZVBab0w4T2NWYlFkU1BnTGlEalYwdHZ3Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2EvM2M0YjhhLWJmYzctNDFlOS05OWUxLWYzZTUwNmFlYWEwMS8x
L05RREZpTnRVMjlkcUVXWkxvUVJXUll0VFFScy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Ev
M2M0YjhhLWJmYzctNDFlOS05OWUxLWYzZTUwNmFlYWEwMS8xL2NyZVBab0w4T2NW
YlFkU1BnTGlEalYwdHZ3Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAD/2lgMEAF6asQMEAF6atwMEAKLa
XzANBgkqhkiG9w0BAQsFAAOCAQEAfKbz8j9fHMKu0P46QBzRZbO1vZNZOzpkrApA
+ygBvQrhSEOMcn5QXXHZs2YFujZf+jwmv+jqepH+1Am1HGw0hLqmAsFIlKVNL40Z
TyiOvXV3gsZgey3wl0balYO0qclkl/I5pTV0PZtPu2SVkwOSPyMkoS7cOqBpnp4B
0UukrU6/g8RcuN96BtYzafeDVeQAItxfplUC7fSSLrykj5FzNT0BK5NarcckyHdf
YBDdDjee7nTZq7a+CviSrSXfGEgsk3ofGQnux4g0TjXlyrXquxV/YPHPEtXeZpt7
BY7/gMB04NrlcUuX26ku1yulW5rknwR0nGAuVVhnJSfkZAb0iQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:49 2023 by rpki-client on console-ams.rpki-client.org