Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/c42b37-d448-4cf3-bfec-1692fc8bba15/1/dqr8P-zKkbCOU7wn4RtALhkJ7k0.roa
File: dqr8P-zKkbCOU7wn4RtALhkJ7k0.roa (raw, json)
Hash identifier: PRAgkf5Xf2oPkHRi4FloIZwe/WFDmlEC0hEGfreaQ2Q=
Subject key identifier: 76:AA:FC:3F:EC:CA:91:B0:8E:53:BC:27:E1:1B:40:2E:19:09:EE:4D
Certificate issuer: /CN=115604ba895e8fb3b49a2c78088e9ff2ff970a08
Certificate serial: 1018240C
Authority key identifier: 11:56:04:BA:89:5E:8F:B3:B4:9A:2C:78:08:8E:9F:F2:FF:97:0A:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EVYEuolej7O0mix4CI6f8v-XCgg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/c42b37-d448-4cf3-bfec-1692fc8bba15/1/dqr8P-zKkbCOU7wn4RtALhkJ7k0.roa
Signing time: Sat 01 Jan 2022 05:05:46 +0000
ROA not before: Sat 01 Jan 2022 05:05:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2200
IP address blocks: 161.3.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 270017548 (0x1018240c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=115604ba895e8fb3b49a2c78088e9ff2ff970a08
Validity
Not Before: Jan 1 05:05:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=76aafc3fecca91b08e53bc27e11b402e1909ee4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:29:dd:b2:63:49:ba:70:35:e7:57:e9:0a:3b:
bc:4d:c6:2d:81:1d:97:de:46:b5:9e:5e:1a:a9:fb:
35:0b:dd:74:b1:f7:89:39:30:4c:96:1a:42:b5:ef:
fd:b8:ed:94:ff:ed:26:46:06:f3:57:47:51:1e:48:
ad:cb:21:6c:3a:d3:34:51:26:57:02:b9:6d:8c:2d:
36:2a:a5:47:54:db:c8:f8:c3:be:be:b3:87:3d:86:
14:75:76:dd:fa:b7:4a:d0:2a:b8:30:c8:61:19:2c:
1d:d5:80:28:30:e0:0f:59:74:29:e2:83:cc:cc:78:
60:87:62:68:fd:2e:c9:e7:95:78:85:a4:0f:41:e9:
c8:d9:46:c9:8b:f7:69:ab:02:a8:2d:c2:85:b4:d1:
4d:db:9c:3a:ec:1e:e4:e2:5d:ac:c1:55:7b:9f:cf:
3c:04:fe:27:e3:82:eb:a4:cc:8a:47:c8:1b:90:ab:
bf:aa:51:c8:13:7a:0f:87:3f:b9:09:61:9b:6f:61:
69:aa:0b:12:0a:e4:02:75:95:c5:62:15:af:bb:22:
63:54:fa:f5:e1:b9:ff:89:85:fa:e2:ee:38:65:96:
fb:93:31:9a:83:54:22:fe:ba:68:67:fe:59:9f:d3:
4b:32:f3:b8:80:a3:4d:64:2d:25:3b:6b:90:4b:a5:
b4:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:AA:FC:3F:EC:CA:91:B0:8E:53:BC:27:E1:1B:40:2E:19:09:EE:4D
X509v3 Authority Key Identifier:
keyid:11:56:04:BA:89:5E:8F:B3:B4:9A:2C:78:08:8E:9F:F2:FF:97:0A:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EVYEuolej7O0mix4CI6f8v-XCgg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/c42b37-d448-4cf3-bfec-1692fc8bba15/1/dqr8P-zKkbCOU7wn4RtALhkJ7k0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/c42b37-d448-4cf3-bfec-1692fc8bba15/1/EVYEuolej7O0mix4CI6f8v-XCgg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
161.3.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1f:23:98:07:85:1c:7b:dd:a5:1f:89:50:6c:c2:80:52:bf:10:
38:37:cf:7b:14:c5:14:55:96:b8:89:d8:1d:51:31:56:cf:1e:
8c:28:53:aa:1b:14:29:0b:63:cd:dd:2f:ea:ef:4e:0e:72:5c:
18:a5:9b:09:bf:5f:e0:32:cc:7f:3f:6f:69:d5:fc:2e:8c:ab:
73:12:bb:06:41:f1:c5:23:cf:c1:02:c3:50:c8:22:92:9a:85:
4c:53:14:7b:e1:7f:4b:7d:b3:cc:4f:1c:12:a2:b4:66:ab:28:
75:f0:fb:69:e5:b5:05:de:87:ff:63:4f:38:59:8c:ed:e4:21:
c5:28:91:82:79:71:b7:ec:74:2c:79:73:17:8c:ea:e6:26:5d:
71:d7:54:2e:6c:35:5a:be:41:77:3f:5b:08:a6:ac:ab:4b:6a:
7d:94:d3:0f:dc:0d:0b:37:93:ed:f8:cd:55:73:b7:e1:3a:17:
09:d5:92:72:0f:1b:9f:38:f7:3c:98:6b:3c:8b:c8:ab:77:ea:
58:0b:61:b8:bc:d9:34:68:ff:e1:78:89:84:63:bf:8b:00:c0:
74:7f:56:da:a2:5a:fa:a1:dc:21:89:56:c0:39:b1:7f:a1:e7:
82:66:29:48:ee:d6:79:9b:c0:ea:51:79:5b:18:20:63:55:f1:
9a:19:50:dd
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIEEBgkDDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MTU2MDRiYTg5NWU4ZmIzYjQ5YTJjNzgwODhlOWZmMmZmOTcwYTA4MB4XDTIyMDEw
MTA1MDU0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzZhYWZjM2ZlY2Nh
OTFiMDhlNTNiYzI3ZTExYjQwMmUxOTA5ZWU0ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALIp3bJjSbpwNedX6Qo7vE3GLYEdl95GtZ5eGqn7NQvddLH3
iTkwTJYaQrXv/bjtlP/tJkYG81dHUR5IrcshbDrTNFEmVwK5bYwtNiqlR1TbyPjD
vr6zhz2GFHV23fq3StAquDDIYRksHdWAKDDgD1l0KeKDzMx4YIdiaP0uyeeVeIWk
D0HpyNlGyYv3aasCqC3ChbTRTducOuwe5OJdrMFVe5/PPAT+J+OC66TMikfIG5Cr
v6pRyBN6D4c/uQlhm29haaoLEgrkAnWVxWIVr7siY1T69eG5/4mF+uLuOGWW+5Mx
moNUIv66aGf+WZ/TSzLzuICjTWQtJTtrkEultEUCAwEAAaOCAggwggIEMB0GA1Ud
DgQWBBR2qvw/7MqRsI5TvCfhG0AuGQnuTTAfBgNVHSMEGDAWgBQRVgS6iV6Ps7Sa
LHgIjp/y/5cKCDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VWWUV1b2xlajdPMG1peDRDSTZmOHYtWENnZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2UvYzQyYjM3LWQ0NDgtNGNmMy1iZmVjLTE2OTJmYzhiYmExNS8x
L2RxcjhQLXpLa2JDT1U3d240UnRBTGhrSjdrMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Uv
YzQyYjM3LWQ0NDgtNGNmMy1iZmVjLTE2OTJmYzhiYmExNS8xL0VWWUV1b2xlajdP
MG1peDRDSTZmOHYtWENnZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAe
BggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAKEDMA0GCSqGSIb3DQEBCwUAA4IB
AQAfI5gHhRx73aUfiVBswoBSvxA4N897FMUUVZa4idgdUTFWzx6MKFOqGxQpC2PN
3S/q704OclwYpZsJv1/gMsx/P29p1fwujKtzErsGQfHFI8/BAsNQyCKSmoVMUxR7
4X9LfbPMTxwSorRmqyh18Ptp5bUF3of/Y084WYzt5CHFKJGCeXG37HQseXMXjOrm
Jl1x11QubDVavkF3P1sIpqyrS2p9lNMP3A0LN5Pt+M1Vc7fhOhcJ1ZJyDxufOPc8
mGs8i8ird+pYC2G4vNk0aP/heImEY7+LAMB0f1baolr6odwhiVbAObF/oeeCZilI
7tZ5m8DqUXlbGCBjVfGaGVDd
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:10 2023 by rpki-client on console-fra.rpki-client.org