Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/qUe6O890iL7X4sWmDNNkASUUfVo.roa
File: qUe6O890iL7X4sWmDNNkASUUfVo.roa (raw, json)
Hash identifier: 3gNP100ZeximlOYPFtgyFVEFUXWj3upm6tjv6pQY4QI=
Subject key identifier: A9:47:BA:3B:CF:74:88:BE:D7:E2:C5:A6:0C:D3:64:01:25:14:7D:5A
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 0184B00ECDD0E7B8D07380695CD602A263F5
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/qUe6O890iL7X4sWmDNNkASUUfVo.roa
Signing time: Fri 25 Nov 2022 18:31:10 +0000
ROA not before: Fri 25 Nov 2022 18:31:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 46450
IP address blocks: 162.218.95.0/24 maxlen: 24
63.246.150.0/24 maxlen: 24
94.154.183.0/24 maxlen: 24
2a07:c6c0:9::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:b0:0e:cd:d0:e7:b8:d0:73:80:69:5c:d6:02:a2:63:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Nov 25 18:31:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a947ba3bcf7488bed7e2c5a60cd3640125147d5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:fc:36:a6:40:ef:75:82:5d:49:91:db:58:c3:
ae:aa:45:9c:c3:77:8f:ec:b6:5d:2d:4b:4a:0e:6e:
d9:66:18:ef:21:31:e3:99:7f:d5:52:d5:f2:2b:63:
18:e0:6e:74:bb:08:71:99:f8:b1:3a:24:99:d9:6d:
5f:a3:09:3a:d2:b5:ee:75:77:c9:8d:34:0d:ce:fc:
10:de:ed:2f:1c:93:b3:b0:95:ce:d9:a1:57:5f:82:
8c:ed:d4:80:64:c2:e6:36:cd:8e:08:97:16:90:85:
d1:2b:20:f0:a6:7a:f7:ca:bf:ee:00:f3:ff:85:a3:
b8:21:14:fa:46:ea:5d:a5:63:ed:be:0b:5e:4b:f8:
5e:93:d6:32:5f:78:1d:01:10:66:1f:4d:4d:71:1b:
ee:4d:8a:06:76:dc:58:90:cc:83:5d:1d:07:54:86:
ba:cd:f2:ea:e7:06:ed:54:05:8c:65:dd:18:67:6b:
6d:9c:47:63:c7:bd:e5:cc:44:6e:13:ae:90:4a:ef:
da:f3:f5:e2:75:5f:a5:32:cf:f9:65:be:54:12:35:
0d:64:89:be:ee:06:84:bd:ff:7d:b4:15:50:d1:33:
95:c1:15:3f:89:2f:bf:d4:96:15:ed:d9:79:8f:5c:
51:85:9a:6a:2f:82:73:ba:0f:ba:9d:92:47:44:77:
1f:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:47:BA:3B:CF:74:88:BE:D7:E2:C5:A6:0C:D3:64:01:25:14:7D:5A
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/qUe6O890iL7X4sWmDNNkASUUfVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
63.246.150.0/24
94.154.183.0/24
162.218.95.0/24
IPv6:
2a07:c6c0:9::/48
Signature Algorithm: sha256WithRSAEncryption
2c:a0:c6:24:fb:3e:fd:9c:cf:b0:0b:04:47:8c:83:48:bf:56:
8c:f9:88:ac:bd:8f:cd:22:58:79:05:b7:3a:99:6f:ee:3e:f4:
61:9f:ea:a0:4c:30:37:a9:1a:d7:71:db:d6:ac:21:76:af:7d:
2c:9b:ff:48:08:c4:95:61:d4:9a:74:3c:18:dc:c4:30:75:42:
c4:80:ce:57:ee:b3:08:06:76:fb:d1:31:91:68:80:44:65:7e:
1b:c3:57:bb:a0:8b:5b:a6:ea:b0:8c:5e:13:12:05:00:14:46:
30:c6:e1:c7:fb:4a:ba:8a:3f:7f:ac:66:7c:98:f5:cb:c0:57:
0a:49:5a:15:b6:bf:5b:41:60:d6:2c:fc:66:2a:4e:28:c3:bf:
06:08:7d:8b:33:e2:1d:8e:c8:6d:3d:36:e0:14:39:b7:bb:f9:
9c:c6:f1:45:74:7d:b1:af:2d:48:6c:77:36:a3:e0:17:42:4c:
f1:61:17:28:22:5d:cc:79:ae:2c:01:05:37:f4:eb:6a:82:a5:
03:04:56:c8:7f:df:59:c4:9e:d6:1a:e1:1e:5c:cf:ea:54:90:
75:f0:37:9b:d9:a5:ab:1c:de:05:69:32:ff:b6:26:13:84:c3:
90:e9:b9:6f:71:4c:56:72:ac:fc:4c:e2:d3:9b:50:c5:71:ed:
fa:8f:e5:5c
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYSwDs3Q57jQc4BpXNYComP1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjIxMTI1MTgzMTEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTQ3YmEzYmNmNzQ4OGJlZDdlMmM1YTYwY2QzNjQwMTI1MTQ3ZDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvw2pkDvdYJdSZHbWMOuqkWcw3eP
7LZdLUtKDm7ZZhjvITHjmX/VUtXyK2MY4G50uwhxmfixOiSZ2W1fowk60rXudXfJ
jTQNzvwQ3u0vHJOzsJXO2aFXX4KM7dSAZMLmNs2OCJcWkIXRKyDwpnr3yr/uAPP/
haO4IRT6RupdpWPtvgteS/hek9YyX3gdARBmH01NcRvuTYoGdtxYkMyDXR0HVIa6
zfLq5wbtVAWMZd0YZ2ttnEdjx73lzERuE66QSu/a8/XidV+lMs/5Zb5UEjUNZIm+
7gaEvf99tBVQ0TOVwRU/iS+/1JYV7dl5j1xRhZpqL4Jzug+6nZJHRHcf+QIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFKlHujvPdIi+1+LFpgzTZAElFH1aMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvcVVlNk84OTBpTDdYNHNXbUROTmtBU1VVZlZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAP/aWAwQA
Xpq3AwQAotpfMA8EAgACMAkDBwAqB8bAAAkwDQYJKoZIhvcNAQELBQADggEBACyg
xiT7Pv2cz7ALBEeMg0i/Voz5iKy9j80iWHkFtzqZb+4+9GGf6qBMMDepGtdx29as
IXavfSyb/0gIxJVh1Jp0PBjcxDB1QsSAzlfuswgGdvvRMZFogERlfhvDV7ugi1um
6rCMXhMSBQAURjDG4cf7SrqKP3+sZnyY9cvAVwpJWhW2v1tBYNYs/GYqTijDvwYI
fYsz4h2OyG09NuAUObe7+ZzG8UV0fbGvLUhsdzaj4BdCTPFhFygiXcx5riwBBTf0
62qCpQMEVsh/31nEntYa4R5cz+pUkHXwN5vZpasc3gVpMv+2JhOEw5DpuW9xTFZy
rPxM4tObUMVx7fqP5Vw=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:49 2023 by rpki-client on console-ams.rpki-client.org