Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/c35dcd-3103-4ea0-a8c5-866f1d2327aa/1/qmAG2laGZxc-U1wfVbtL8m4sapc.roa
File: qmAG2laGZxc-U1wfVbtL8m4sapc.roa (raw, json)
Hash identifier: CIVgEd6OTxaLvgb1Iz4yq5RO41mMUju1PJYxe+AJGSo=
Subject key identifier: AA:60:06:DA:56:86:67:17:3E:53:5C:1F:55:BB:4B:F2:6E:2C:6A:97
Certificate issuer: /CN=2c4344722645da25ece3b17c7a83762ed42dda52
Certificate serial: 187F28FB
Authority key identifier: 2C:43:44:72:26:45:DA:25:EC:E3:B1:7C:7A:83:76:2E:D4:2D:DA:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LENEciZF2iXs47F8eoN2LtQt2lI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/c35dcd-3103-4ea0-a8c5-866f1d2327aa/1/qmAG2laGZxc-U1wfVbtL8m4sapc.roa
Signing time: Sat 01 Jan 2022 01:01:14 +0000
ROA not before: Sat 01 Jan 2022 01:01:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202078
IP address blocks: 185.54.40.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 410986747 (0x187f28fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c4344722645da25ece3b17c7a83762ed42dda52
Validity
Not Before: Jan 1 01:01:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aa6006da568667173e535c1f55bb4bf26e2c6a97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:47:6f:36:3c:83:f8:57:08:46:f6:3f:cd:22:
24:3e:dd:25:d8:7e:ae:d6:64:21:a7:94:a2:5a:b5:
9b:38:e0:36:0e:f6:0e:10:2d:5c:ad:18:33:c5:2c:
78:e1:26:da:88:34:65:dd:fa:22:19:fa:c4:8c:7a:
c7:63:b6:10:71:f9:b1:f4:d5:07:b0:75:8a:2b:20:
67:88:0c:ef:b1:d8:ba:64:99:7f:54:71:77:0a:2a:
7e:ef:f9:20:d6:9d:5e:08:16:fc:0c:50:60:e3:21:
95:0c:eb:f4:c3:00:b9:3a:de:87:2f:d2:37:ae:04:
9a:82:90:6c:b5:c4:88:cd:c1:2d:f1:0c:22:78:e1:
aa:f4:3a:80:07:70:f0:1e:26:73:03:ef:e5:40:68:
61:88:68:6b:76:67:c5:b6:6d:28:01:0f:8e:63:42:
70:d1:d5:23:1a:98:42:5c:08:7b:fb:f1:e3:55:a9:
06:aa:85:89:23:ab:f3:f5:1d:e9:0e:71:69:67:19:
d1:ca:04:d7:86:9a:e5:0d:8c:65:82:16:6d:44:13:
c8:f3:5d:a4:e8:ad:49:cd:1a:88:4c:b5:18:48:bc:
f8:8d:67:c6:85:47:83:de:fc:0f:64:51:d4:a8:b8:
fc:65:37:30:7c:6b:1f:38:fc:c0:42:ae:1c:d2:4e:
7c:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:60:06:DA:56:86:67:17:3E:53:5C:1F:55:BB:4B:F2:6E:2C:6A:97
X509v3 Authority Key Identifier:
keyid:2C:43:44:72:26:45:DA:25:EC:E3:B1:7C:7A:83:76:2E:D4:2D:DA:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LENEciZF2iXs47F8eoN2LtQt2lI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/c35dcd-3103-4ea0-a8c5-866f1d2327aa/1/qmAG2laGZxc-U1wfVbtL8m4sapc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/c35dcd-3103-4ea0-a8c5-866f1d2327aa/1/LENEciZF2iXs47F8eoN2LtQt2lI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.54.40.0/22
Signature Algorithm: sha256WithRSAEncryption
a2:4d:a0:72:47:0c:8c:d4:8a:7b:ff:d3:5a:d2:0b:69:1d:9b:
70:f9:1d:db:82:c0:3f:8c:3b:9f:ae:89:30:be:c5:46:6e:a9:
5a:96:60:09:6b:c3:bd:ab:cd:6a:e9:bf:b3:6e:1d:ee:27:4b:
eb:7f:d9:95:3c:6a:96:91:4c:d9:df:55:d0:bd:db:ed:fc:7d:
36:87:35:1a:c1:25:6e:f1:9e:44:23:36:ce:38:29:19:0b:de:
b7:af:ba:f1:77:65:e8:9b:fb:f7:9a:58:f9:91:eb:ef:02:4f:
ee:77:0c:76:cc:7f:55:bf:e8:55:e9:20:b4:43:92:6d:e9:68:
fb:3d:ac:c8:6a:69:9e:c2:82:4c:c2:a4:71:9a:46:4a:ff:03:
f4:91:9f:8f:0e:89:8f:6e:3b:f1:bb:47:fe:2d:54:24:d7:ab:
7a:56:1c:cb:e1:68:bf:5e:cd:2c:60:45:3c:f5:1b:ac:84:e8:
95:49:ed:7f:71:c1:ad:c8:ca:0f:15:b2:c6:f0:7a:98:02:a5:
5a:16:41:42:df:c7:0d:26:72:f4:2d:7f:cf:15:6e:af:f1:38:
c2:2f:ac:4c:46:8d:54:bd:a7:92:a6:28:39:2a:c4:3d:31:c7:
df:e2:4b:40:9c:aa:36:73:c1:a8:df:b3:38:50:ab:66:bb:35:
e4:6c:72:e6
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGH8o+zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YzQzNDQ3MjI2NDVkYTI1ZWNlM2IxN2M3YTgzNzYyZWQ0MmRkYTUyMB4XDTIyMDEw
MTAxMDExNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWE2MDA2ZGE1Njg2
NjcxNzNlNTM1YzFmNTViYjRiZjI2ZTJjNmE5NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMJHbzY8g/hXCEb2P80iJD7dJdh+rtZkIaeUolq1mzjgNg72
DhAtXK0YM8UseOEm2og0Zd36Ihn6xIx6x2O2EHH5sfTVB7B1iisgZ4gM77HYumSZ
f1Rxdwoqfu/5INadXggW/AxQYOMhlQzr9MMAuTrehy/SN64EmoKQbLXEiM3BLfEM
InjhqvQ6gAdw8B4mcwPv5UBoYYhoa3ZnxbZtKAEPjmNCcNHVIxqYQlwIe/vx41Wp
BqqFiSOr8/Ud6Q5xaWcZ0coE14aa5Q2MZYIWbUQTyPNdpOitSc0aiEy1GEi8+I1n
xoVHg978D2RR1Ki4/GU3MHxrHzj8wEKuHNJOfNcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSqYAbaVoZnFz5TXB9Vu0vybixqlzAfBgNVHSMEGDAWgBQsQ0RyJkXaJezj
sXx6g3Yu1C3aUjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xFTkVjaVpGMmlYczQ3Rjhlb04yTHRRdDJsSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDIvYzM1ZGNkLTMxMDMtNGVhMC1hOGM1LTg2NmYxZDIzMjdhYS8x
L3FtQUcybGFHWnhjLVUxd2ZWYnRMOG00c2FwYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDIv
YzM1ZGNkLTMxMDMtNGVhMC1hOGM1LTg2NmYxZDIzMjdhYS8xL0xFTkVjaVpGMmlY
czQ3Rjhlb04yTHRRdDJsSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArk2KDANBgkqhkiG9w0BAQsFAAOC
AQEAok2gckcMjNSKe//TWtILaR2bcPkd24LAP4w7n66JML7FRm6pWpZgCWvDvavN
aum/s24d7idL63/ZlTxqlpFM2d9V0L3b7fx9Noc1GsElbvGeRCM2zjgpGQvet6+6
8Xdl6Jv795pY+ZHr7wJP7ncMdsx/Vb/oVekgtEOSbelo+z2syGppnsKCTMKkcZpG
Sv8D9JGfjw6Jj2478btH/i1UJNerelYcy+Fov17NLGBFPPUbrITolUntf3HBrcjK
DxWyxvB6mAKlWhZBQt/HDSZy9C1/zxVur/E4wi+sTEaNVL2nkqYoOSrEPTHH3+JL
QJyqNnPBqN+zOFCrZrs15Gxy5g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:04 2024 by rpki-client on console-fra.rpki-client.org