Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/f0751d-d7b3-4701-a326-2148082c3533/1/pcK1lkdMoOH8LVBdQf8UUDXDDCY.roa
File: pcK1lkdMoOH8LVBdQf8UUDXDDCY.roa (raw, json)
Hash identifier: g7DQwp5Beu56rgd38b/wn+8yaOwZj2zzMzsQTaVhr7E=
Subject key identifier: A5:C2:B5:96:47:4C:A0:E1:FC:2D:50:5D:41:FF:14:50:35:C3:0C:26
Certificate issuer: /CN=406400d71d7edeb0eb305d4982ecf520b0f44e77
Certificate serial: 0185625F77342BA2ABA5A42AFF1F30132B42
Authority key identifier: 40:64:00:D7:1D:7E:DE:B0:EB:30:5D:49:82:EC:F5:20:B0:F4:4E:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QGQA1x1-3rDrMF1Jguz1ILD0Tnc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/f0751d-d7b3-4701-a326-2148082c3533/1/pcK1lkdMoOH8LVBdQf8UUDXDDCY.roa
Signing time: Fri 30 Dec 2022 09:31:41 +0000
ROA not before: Fri 30 Dec 2022 09:31:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210018
IP address blocks: 194.124.148.0/23 maxlen: 23
194.124.150.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:62:5f:77:34:2b:a2:ab:a5:a4:2a:ff:1f:30:13:2b:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=406400d71d7edeb0eb305d4982ecf520b0f44e77
Validity
Not Before: Dec 30 09:31:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a5c2b596474ca0e1fc2d505d41ff145035c30c26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:fd:a0:92:82:5f:e8:b7:06:8c:cd:eb:7c:24:
36:6d:db:ce:c6:03:38:af:09:c0:48:ad:d4:fc:68:
2f:c5:66:46:eb:0b:29:53:30:31:6b:1b:b0:0c:4e:
e9:50:98:45:44:42:66:25:40:0a:59:d0:65:b0:8c:
4c:aa:97:78:ba:19:b6:f6:06:f6:6f:90:25:1b:9c:
de:96:30:7e:10:af:ba:9b:58:fa:32:fb:e9:67:48:
f4:8f:b4:cf:25:03:99:6c:94:ee:0b:4f:8e:8d:36:
c4:7a:4e:86:63:4f:f1:bb:84:88:9a:e3:62:cd:f7:
fc:bb:d9:89:07:f6:c0:3d:95:a1:81:fc:90:b6:e2:
26:c2:c4:bb:2f:a6:aa:ae:0f:4c:3c:f0:22:4b:e5:
36:af:14:59:17:5f:0b:0c:b3:22:3a:d1:8e:19:65:
d2:d2:94:ab:37:04:dd:23:ed:17:46:da:7f:21:5f:
d4:ca:99:2c:f4:93:3f:d5:08:0e:73:3f:cd:eb:5e:
62:45:d5:49:3f:45:12:8f:3b:76:4c:a9:4f:d4:a8:
da:f9:32:59:ec:18:83:7f:b6:a8:1c:1d:4c:a7:94:
fb:8f:4d:b1:1c:d7:f3:62:62:b2:31:aa:4c:5f:e9:
eb:1c:0c:7e:21:3b:63:39:50:77:db:f3:f7:9b:cb:
d4:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:C2:B5:96:47:4C:A0:E1:FC:2D:50:5D:41:FF:14:50:35:C3:0C:26
X509v3 Authority Key Identifier:
keyid:40:64:00:D7:1D:7E:DE:B0:EB:30:5D:49:82:EC:F5:20:B0:F4:4E:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QGQA1x1-3rDrMF1Jguz1ILD0Tnc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/f0751d-d7b3-4701-a326-2148082c3533/1/pcK1lkdMoOH8LVBdQf8UUDXDDCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/f0751d-d7b3-4701-a326-2148082c3533/1/QGQA1x1-3rDrMF1Jguz1ILD0Tnc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.124.148.0/22
Signature Algorithm: sha256WithRSAEncryption
68:b0:3d:d6:75:39:2a:5f:38:f9:a7:9c:5e:fe:e1:fa:06:ba:
5b:79:24:d5:aa:32:0f:4e:3d:7f:b3:da:bc:2d:22:87:58:99:
2d:ad:25:50:c0:87:10:2e:35:e0:aa:d6:13:63:8e:64:4b:78:
d0:b5:42:cc:14:b5:3b:47:e1:82:10:b1:fa:3c:c8:6c:80:b6:
5f:14:a2:bc:68:15:e2:c5:e0:48:bb:39:ab:bf:92:90:10:d0:
81:c6:81:88:26:16:2b:78:08:0a:1a:b1:e0:ac:18:c1:92:ae:
dd:9b:b3:98:b9:ef:c1:36:a4:c1:0c:b8:64:21:93:8a:80:cd:
19:ad:ff:35:6a:ba:32:26:30:f4:c4:5d:a0:70:cb:bd:00:eb:
84:cb:c4:4f:11:39:1c:4d:15:57:07:3b:e5:d5:5f:b0:77:90:
4c:f4:9a:d3:29:45:21:90:58:8f:21:d2:81:1a:10:28:54:a1:
c7:3e:46:b9:b3:20:6a:55:a4:3e:b9:22:25:cd:d6:b9:9e:39:
48:1f:5c:9d:45:1b:1d:55:6f:eb:5a:28:dd:13:8a:4c:7a:bb:
ea:3d:6b:17:af:2d:59:44:50:0c:87:b2:30:fa:9a:fb:64:31:
88:ef:da:5b:03:33:2a:95:7f:99:74:aa:cf:b1:75:d1:76:42:
d9:63:4a:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYViX3c0K6KrpaQq/x8wEytCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNjQwMGQ3MWQ3ZWRlYjBlYjMwNWQ0OTgyZWNmNTIwYjBm
NDRlNzcwHhcNMjIxMjMwMDkzMTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWMyYjU5NjQ3NGNhMGUxZmMyZDUwNWQ0MWZmMTQ1MDM1YzMwYzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnv2gkoJf6LcGjM3rfCQ2bdvOxgM4
rwnASK3U/GgvxWZG6wspUzAxaxuwDE7pUJhFREJmJUAKWdBlsIxMqpd4uhm29gb2
b5AlG5zeljB+EK+6m1j6MvvpZ0j0j7TPJQOZbJTuC0+OjTbEek6GY0/xu4SImuNi
zff8u9mJB/bAPZWhgfyQtuImwsS7L6aqrg9MPPAiS+U2rxRZF18LDLMiOtGOGWXS
0pSrNwTdI+0XRtp/IV/Uypks9JM/1QgOcz/N615iRdVJP0USjzt2TKlP1Kja+TJZ
7BiDf7aoHB1Mp5T7j02xHNfzYmKyMapMX+nrHAx+ITtjOVB32/P3m8vUBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKXCtZZHTKDh/C1QXUH/FFA1wwwmMB8GA1UdIwQY
MBaAFEBkANcdft6w6zBdSYLs9SCw9E53MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUdRQTF4MS0zckRyTUYxSmd1ejFJTEQwVG5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9mMDc1MWQtZDdiMy00NzAxLWEzMjYt
MjE0ODA4MmMzNTMzLzEvcGNLMWxrZE1vT0g4TFZCZFFmOFVVRFhERENZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9mMDc1MWQtZDdiMy00NzAxLWEzMjYtMjE0ODA4MmMzNTMz
LzEvUUdRQTF4MS0zckRyTUYxSmd1ejFJTEQwVG5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwnyUMA0G
CSqGSIb3DQEBCwUAA4IBAQBosD3WdTkqXzj5p5xe/uH6BrpbeSTVqjIPTj1/s9q8
LSKHWJktrSVQwIcQLjXgqtYTY45kS3jQtULMFLU7R+GCELH6PMhsgLZfFKK8aBXi
xeBIuzmrv5KQENCBxoGIJhYreAgKGrHgrBjBkq7dm7OYue/BNqTBDLhkIZOKgM0Z
rf81aroyJjD0xF2gcMu9AOuEy8RPETkcTRVXBzvl1V+wd5BM9JrTKUUhkFiPIdKB
GhAoVKHHPka5syBqVaQ+uSIlzda5njlIH1ydRRsdVW/rWijdE4pMervqPWsXry1Z
RFAMh7Iw+pr7ZDGI79pbAzMqlX+ZdKrPsXXRdkLZY0p4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:40 2024 by rpki-client on console-ams.rpki-client.org