Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/e7a772-8b39-430d-b192-a1b8bc5b2cd7/1/CQl1Eq-7ydQSHkgoz1clWfce2t0.roa
File: CQl1Eq-7ydQSHkgoz1clWfce2t0.roa (raw, json)
Hash identifier: 9BOdD1iqdsATbP403dG+MZ1bmNiaBGs9o4y5VXlZbAg=
Subject key identifier: 09:09:75:12:AF:BB:C9:D4:12:1E:48:28:CF:57:25:59:F7:1E:DA:DD
Certificate issuer: /CN=de0af7d83c5eeb0d434ad753c6a5f47549698b37
Certificate serial: 17AFFA4A
Authority key identifier: DE:0A:F7:D8:3C:5E:EB:0D:43:4A:D7:53:C6:A5:F4:75:49:69:8B:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3gr32Dxe6w1DStdTxqX0dUlpizc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/e7a772-8b39-430d-b192-a1b8bc5b2cd7/1/CQl1Eq-7ydQSHkgoz1clWfce2t0.roa
Signing time: Sat 01 Jan 2022 15:04:43 +0000
ROA not before: Sat 01 Jan 2022 15:04:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47543
IP address blocks: 194.26.148.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 397408842 (0x17affa4a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de0af7d83c5eeb0d434ad753c6a5f47549698b37
Validity
Not Before: Jan 1 15:04:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=09097512afbbc9d4121e4828cf572559f71edadd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:c5:f6:02:61:2a:ee:11:c3:3f:bf:50:f2:2d:
24:7f:70:8d:ec:e9:ab:dc:3a:47:51:52:63:c2:e7:
94:e7:aa:68:86:ba:15:ee:5d:88:86:e5:98:43:dd:
70:83:ff:52:f5:66:34:88:b5:72:9d:2c:d9:73:2f:
38:af:0a:a4:33:af:55:53:a0:47:f1:4d:b9:2c:3b:
e5:f5:28:37:2d:84:10:60:d1:3d:b4:91:ec:b4:e2:
6c:6a:2e:bd:5c:45:d8:4b:1c:56:2b:51:14:49:1f:
8d:3d:63:9f:1e:1f:f4:aa:c6:01:95:be:6a:4d:6d:
25:8b:e3:c2:63:92:80:c7:2c:16:b1:13:b3:30:cf:
86:5f:64:f6:9f:da:24:20:43:a9:c9:84:6a:72:5c:
0e:d0:43:f1:85:e7:5a:b3:27:9b:5d:aa:91:e9:7e:
aa:94:67:7f:9c:46:21:13:4a:7c:bc:d4:ed:b5:ed:
61:a7:64:cd:2e:a8:e8:b0:bf:09:df:04:cd:34:07:
70:64:db:58:1e:9e:79:0f:f5:3e:01:48:16:a7:d6:
a4:ca:72:b6:72:d8:6d:c2:39:63:4d:25:1f:18:24:
f9:ab:fe:b4:03:e4:b1:b6:fb:ba:03:b9:78:2c:ad:
51:1b:67:b2:d3:56:7e:57:e3:b7:30:97:67:8c:c1:
6a:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:09:75:12:AF:BB:C9:D4:12:1E:48:28:CF:57:25:59:F7:1E:DA:DD
X509v3 Authority Key Identifier:
keyid:DE:0A:F7:D8:3C:5E:EB:0D:43:4A:D7:53:C6:A5:F4:75:49:69:8B:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3gr32Dxe6w1DStdTxqX0dUlpizc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/e7a772-8b39-430d-b192-a1b8bc5b2cd7/1/CQl1Eq-7ydQSHkgoz1clWfce2t0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/e7a772-8b39-430d-b192-a1b8bc5b2cd7/1/3gr32Dxe6w1DStdTxqX0dUlpizc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.26.148.0/24
Signature Algorithm: sha256WithRSAEncryption
36:00:a1:89:1b:5a:ac:2b:78:8e:7d:80:2f:eb:83:f3:84:c5:
1b:eb:bf:92:89:5c:43:d0:6e:f3:60:35:36:26:ee:55:b7:c3:
79:38:e5:12:63:ee:72:c0:d0:17:97:91:22:3d:d4:04:b8:0e:
d8:bb:af:64:83:3a:b9:93:0d:cc:42:5e:f1:3c:dc:71:ac:f9:
d1:b1:d3:da:2d:74:5c:bb:2d:53:af:ab:bd:ba:a1:2d:b2:7c:
87:c8:f0:ed:52:fa:11:6f:af:04:9c:94:38:d6:3e:74:25:99:
50:d1:0c:07:19:99:2d:f1:cb:5d:22:db:12:77:3a:89:ac:d5:
96:2b:5d:13:f9:b0:9b:69:72:a5:1c:8c:5f:b4:0b:3b:72:b4:
ff:8a:97:fe:47:ab:5a:85:df:9f:6f:43:17:03:df:15:5a:d0:
09:de:c7:b7:b1:a9:3f:77:6d:0c:92:e4:c0:c4:cf:67:4a:42:
e0:0f:31:df:27:d8:d4:5a:48:41:95:be:d5:b0:02:1c:a2:fc:
01:34:59:1b:81:a6:9a:22:50:13:44:4b:5b:83:e3:88:3a:12:
36:b8:6f:2d:ae:ea:1d:5b:b0:ea:20:8b:98:44:e6:d1:3a:0f:
2d:f6:f9:4a:fc:f3:be:db:da:ff:79:4b:4e:7d:4d:8e:38:d3:
c7:f6:21:e8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEF6/6SjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZTBhZjdkODNjNWVlYjBkNDM0YWQ3NTNjNmE1ZjQ3NTQ5Njk4YjM3MB4XDTIyMDEw
MTE1MDQ0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDkwOTc1MTJhZmJi
YzlkNDEyMWU0ODI4Y2Y1NzI1NTlmNzFlZGFkZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKPF9gJhKu4Rwz+/UPItJH9wjezpq9w6R1FSY8LnlOeqaIa6
Fe5diIblmEPdcIP/UvVmNIi1cp0s2XMvOK8KpDOvVVOgR/FNuSw75fUoNy2EEGDR
PbSR7LTibGouvVxF2EscVitRFEkfjT1jnx4f9KrGAZW+ak1tJYvjwmOSgMcsFrET
szDPhl9k9p/aJCBDqcmEanJcDtBD8YXnWrMnm12qkel+qpRnf5xGIRNKfLzU7bXt
YadkzS6o6LC/Cd8EzTQHcGTbWB6eeQ/1PgFIFqfWpMpytnLYbcI5Y00lHxgk+av+
tAPksbb7ugO5eCytURtnstNWflfjtzCXZ4zBao0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQJCXUSr7vJ1BIeSCjPVyVZ9x7a3TAfBgNVHSMEGDAWgBTeCvfYPF7rDUNK
11PGpfR1SWmLNzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNncjMyRHhlNncxRFN0ZFR4cVgwZFVscGl6Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvZTdhNzcyLThiMzktNDMwZC1iMTkyLWExYjhiYzViMmNkNy8x
L0NRbDFFcS03eWRRU0hrZ296MWNsV2ZjZTJ0MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
ZTdhNzcyLThiMzktNDMwZC1iMTkyLWExYjhiYzViMmNkNy8xLzNncjMyRHhlNncx
RFN0ZFR4cVgwZFVscGl6Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMIalDANBgkqhkiG9w0BAQsFAAOC
AQEANgChiRtarCt4jn2AL+uD84TFG+u/kolcQ9Bu82A1NibuVbfDeTjlEmPucsDQ
F5eRIj3UBLgO2LuvZIM6uZMNzEJe8Tzccaz50bHT2i10XLstU6+rvbqhLbJ8h8jw
7VL6EW+vBJyUONY+dCWZUNEMBxmZLfHLXSLbEnc6iazVlitdE/mwm2lypRyMX7QL
O3K0/4qX/kerWoXfn29DFwPfFVrQCd7Ht7GpP3dtDJLkwMTPZ0pC4A8x3yfY1FpI
QZW+1bACHKL8ATRZG4GmmiJQE0RLW4PjiDoSNrhvLa7qHVuw6iCLmETm0ToPLfb5
Svzzvtva/3lLTn1NjjjTx/Yh6A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:40 2024 by rpki-client on console-ams.rpki-client.org