Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/d4c891-4bc0-4a3e-8457-44276f604233/1/QN3F0EbEwdhVdhHB7Sj95a1WQmk.roa
File: QN3F0EbEwdhVdhHB7Sj95a1WQmk.roa (raw, json)
Hash identifier: BMCgNfNng/n7kIdJmg2GXOLGcQ+/dh9rPAcNsluKdqg=
Subject key identifier: 40:DD:C5:D0:46:C4:C1:D8:55:76:11:C1:ED:28:FD:E5:AD:56:42:69
Certificate issuer: /CN=3b54fa60b327a0803dc85e970a9b76a4514ceb5e
Certificate serial: 018355A79818FA2D1DBA62075638655B855F
Authority key identifier: 3B:54:FA:60:B3:27:A0:80:3D:C8:5E:97:0A:9B:76:A4:51:4C:EB:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O1T6YLMnoIA9yF6XCpt2pFFM614.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/d4c891-4bc0-4a3e-8457-44276f604233/1/QN3F0EbEwdhVdhHB7Sj95a1WQmk.roa
Signing time: Mon 19 Sep 2022 12:09:50 +0000
ROA not before: Mon 19 Sep 2022 12:09:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9121
IP address blocks: 62.106.71.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:55:a7:98:18:fa:2d:1d:ba:62:07:56:38:65:5b:85:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b54fa60b327a0803dc85e970a9b76a4514ceb5e
Validity
Not Before: Sep 19 12:09:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=40ddc5d046c4c1d8557611c1ed28fde5ad564269
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c9:23:1f:a9:ec:25:bc:66:98:29:47:01:d2:
a0:1d:81:50:15:c0:db:bd:f6:7c:6a:40:80:67:08:
64:c1:b3:07:d2:f4:3c:42:6c:00:b0:d4:9f:7e:3e:
e7:1c:74:3c:b0:d1:09:b4:3f:89:4b:89:68:be:bc:
57:ea:89:92:a0:61:4a:7c:b6:48:ff:c9:5b:05:af:
af:87:0e:23:9d:2c:5e:b4:57:5e:9e:ff:50:7f:95:
61:cb:9c:8a:9c:72:36:89:44:e1:b1:4c:6b:f8:2e:
9a:cc:76:54:90:9f:85:a0:fd:a6:c1:a6:4d:ea:bd:
98:91:11:da:bd:ef:63:23:c4:fb:1d:2d:33:e6:21:
3b:58:36:ff:44:f9:75:e6:c0:81:30:cf:42:ea:00:
5b:cd:af:39:5d:18:2c:88:05:37:14:da:c9:53:75:
87:2a:66:87:a0:42:bb:80:c8:70:0e:56:47:c4:f7:
a8:d3:42:9d:30:b0:0c:ad:fa:1b:65:5e:ed:06:3f:
a3:ea:05:76:df:97:97:b6:ef:8d:7b:ac:cc:72:15:
c9:95:48:aa:77:10:14:53:d9:99:9e:e5:ae:91:34:
96:b5:ad:33:7e:ca:9f:af:20:e6:d8:7d:e0:e2:cc:
82:82:91:50:d2:52:e1:83:e6:f6:4e:bf:48:5c:4f:
7d:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:DD:C5:D0:46:C4:C1:D8:55:76:11:C1:ED:28:FD:E5:AD:56:42:69
X509v3 Authority Key Identifier:
keyid:3B:54:FA:60:B3:27:A0:80:3D:C8:5E:97:0A:9B:76:A4:51:4C:EB:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O1T6YLMnoIA9yF6XCpt2pFFM614.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/d4c891-4bc0-4a3e-8457-44276f604233/1/QN3F0EbEwdhVdhHB7Sj95a1WQmk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/d4c891-4bc0-4a3e-8457-44276f604233/1/O1T6YLMnoIA9yF6XCpt2pFFM614.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.106.71.0/24
Signature Algorithm: sha256WithRSAEncryption
03:04:34:5a:11:99:22:31:55:90:2c:ce:b0:94:31:fe:d9:75:
68:b6:75:bd:7e:00:55:69:ae:ff:ef:67:16:f9:28:0d:24:2f:
73:5d:27:8c:08:5f:13:02:62:06:a9:02:0e:4e:77:57:25:10:
48:c9:5b:9b:85:fd:3e:4b:90:37:bc:d5:24:9e:99:31:6a:87:
cb:13:c6:76:e3:55:57:70:50:2e:94:a5:df:53:e5:8b:83:30:
30:ac:99:2a:07:c9:94:30:93:d2:7c:95:62:05:7c:a8:43:ec:
bb:b3:0a:26:55:89:e7:c7:3a:6b:aa:c3:46:e2:20:1d:e4:c8:
1f:27:09:c0:c6:fc:7b:86:07:eb:57:53:c9:c0:12:f3:76:89:
46:8a:b7:a4:7b:a4:22:e8:bf:de:1d:58:43:65:73:90:48:32:
18:39:11:4b:90:cd:b1:a8:28:88:dc:e6:3a:07:ee:69:0c:3f:
8a:af:7e:c3:ad:87:a7:6e:6c:f6:91:51:6e:c8:97:cf:76:cb:
47:b9:36:f3:d6:f6:cd:93:03:0b:2f:4f:1c:51:21:d3:a7:77:
5a:21:75:6f:40:b4:26:5e:64:cc:98:63:1b:e8:ba:2e:7c:ef:
ec:2c:99:1a:a6:0a:4e:48:37:42:ca:5d:34:a2:df:fb:eb:f5:
5d:24:66:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYNVp5gY+i0dumIHVjhlW4VfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNTRmYTYwYjMyN2EwODAzZGM4NWU5NzBhOWI3NmE0NTE0
Y2ViNWUwHhcNMjIwOTE5MTIwOTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGRkYzVkMDQ2YzRjMWQ4NTU3NjExYzFlZDI4ZmRlNWFkNTY0MjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMkjH6nsJbxmmClHAdKgHYFQFcDb
vfZ8akCAZwhkwbMH0vQ8QmwAsNSffj7nHHQ8sNEJtD+JS4lovrxX6omSoGFKfLZI
/8lbBa+vhw4jnSxetFdenv9Qf5Vhy5yKnHI2iUThsUxr+C6azHZUkJ+FoP2mwaZN
6r2YkRHave9jI8T7HS0z5iE7WDb/RPl15sCBMM9C6gBbza85XRgsiAU3FNrJU3WH
KmaHoEK7gMhwDlZHxPeo00KdMLAMrfobZV7tBj+j6gV235eXtu+Ne6zMchXJlUiq
dxAUU9mZnuWukTSWta0zfsqfryDm2H3g4syCgpFQ0lLhg+b2Tr9IXE99QQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEDdxdBGxMHYVXYRwe0o/eWtVkJpMB8GA1UdIwQY
MBaAFDtU+mCzJ6CAPchelwqbdqRRTOteMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzFUNllMTW5vSUE5eUY2WENwdDJwRkZNNjE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9kNGM4OTEtNGJjMC00YTNlLTg0NTct
NDQyNzZmNjA0MjMzLzEvUU4zRjBFYkV3ZGhWZGhIQjdTajk1YTFXUW1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9kNGM4OTEtNGJjMC00YTNlLTg0NTctNDQyNzZmNjA0MjMz
LzEvTzFUNllMTW5vSUE5eUY2WENwdDJwRkZNNjE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPmpHMA0G
CSqGSIb3DQEBCwUAA4IBAQADBDRaEZkiMVWQLM6wlDH+2XVotnW9fgBVaa7/72cW
+SgNJC9zXSeMCF8TAmIGqQIOTndXJRBIyVubhf0+S5A3vNUknpkxaofLE8Z241VX
cFAulKXfU+WLgzAwrJkqB8mUMJPSfJViBXyoQ+y7swomVYnnxzprqsNG4iAd5Mgf
JwnAxvx7hgfrV1PJwBLzdolGireke6Qi6L/eHVhDZXOQSDIYORFLkM2xqCiI3OY6
B+5pDD+Kr37DrYenbmz2kVFuyJfPdstHuTbz1vbNkwMLL08cUSHTp3daIXVvQLQm
XmTMmGMb6LoufO/sLJkapgpOSDdCyl00ot/76/VdJGYG
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:02 2023 by rpki-client on console-fra.rpki-client.org