Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/bbb30b-2688-4a6e-b2a2-1399a282227a/1/QNulR0bSbzbihsAMETOIr7gDVR4.roa
File: QNulR0bSbzbihsAMETOIr7gDVR4.roa (raw, json)
Hash identifier: gyAnofZ11GVwgQlT17LyD086PntWbqkKgJ/odLMvvxQ=
Subject key identifier: 40:DB:A5:47:46:D2:6F:36:E2:86:C0:0C:11:33:88:AF:B8:03:55:1E
Certificate issuer: /CN=9a5550e908a9b9688c29aac9895353dea836c45a
Certificate serial: 0182B1F0F94E16C36B53D0D153D58A1F0884
Authority key identifier: 9A:55:50:E9:08:A9:B9:68:8C:29:AA:C9:89:53:53:DE:A8:36:C4:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mlVQ6QipuWiMKarJiVNT3qg2xFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/bbb30b-2688-4a6e-b2a2-1399a282227a/1/QNulR0bSbzbihsAMETOIr7gDVR4.roa
Signing time: Thu 18 Aug 2022 17:12:15 +0000
ROA not before: Thu 18 Aug 2022 17:12:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 19551
IP address blocks: 149.126.72.0/21 maxlen: 24
149.126.75.178/32 maxlen: 32
185.11.124.0/22 maxlen: 24
149.126.75.177/32 maxlen: 32
2a02:e980::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:b1:f0:f9:4e:16:c3:6b:53:d0:d1:53:d5:8a:1f:08:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a5550e908a9b9688c29aac9895353dea836c45a
Validity
Not Before: Aug 18 17:12:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=40dba54746d26f36e286c00c113388afb803551e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:6f:b2:f0:59:78:85:5f:f6:ed:aa:50:ab:3a:
5d:4b:cd:6b:79:ae:ae:6e:67:f4:5f:e0:83:c5:56:
5c:27:4a:a4:0a:5a:a2:cc:a1:54:98:a2:2e:e8:fd:
16:d1:49:7c:73:7e:f2:df:f0:12:e4:c7:2e:7d:bb:
94:6d:72:a7:30:d7:4f:e3:2c:43:d0:42:5e:da:34:
dc:b3:ba:5e:81:58:bb:a8:6f:df:85:88:37:eb:b7:
78:47:25:5d:08:51:07:fd:4e:e7:81:20:48:e1:55:
e0:56:ad:cd:af:1a:a2:37:4f:af:c8:74:72:f6:00:
aa:65:fb:79:b1:f5:32:e5:15:34:ee:03:a0:29:31:
6c:1b:de:e3:de:4a:30:af:ab:48:b4:f4:a9:0f:d1:
71:e4:59:e8:a9:8f:16:31:62:fc:7f:fc:6d:39:1a:
fd:98:77:e0:56:f9:6b:59:9a:13:5b:03:77:99:a0:
f7:3a:8f:7a:d2:15:18:a3:c0:e7:08:7d:d0:1c:16:
df:2c:8c:75:fb:51:25:bd:5d:fc:aa:4f:8c:07:2d:
74:33:2e:6d:6d:17:52:34:1b:35:1a:6a:b3:3a:d1:
19:78:b8:ec:df:f1:1d:dc:e3:ff:39:df:09:41:43:
91:95:a4:0f:5d:ac:36:7c:50:0c:bf:a8:41:42:29:
92:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:DB:A5:47:46:D2:6F:36:E2:86:C0:0C:11:33:88:AF:B8:03:55:1E
X509v3 Authority Key Identifier:
keyid:9A:55:50:E9:08:A9:B9:68:8C:29:AA:C9:89:53:53:DE:A8:36:C4:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mlVQ6QipuWiMKarJiVNT3qg2xFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/bbb30b-2688-4a6e-b2a2-1399a282227a/1/QNulR0bSbzbihsAMETOIr7gDVR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/bbb30b-2688-4a6e-b2a2-1399a282227a/1/mlVQ6QipuWiMKarJiVNT3qg2xFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.126.72.0/21
185.11.124.0/22
IPv6:
2a02:e980::/29
Signature Algorithm: sha256WithRSAEncryption
11:e3:6c:bb:ee:1b:ae:94:7c:46:5a:29:86:0d:4e:3c:02:76:
f0:a8:c0:80:e1:07:5d:90:ee:39:c6:6d:25:56:99:12:ff:c8:
e8:73:0d:92:8f:6a:d0:7f:3a:ec:ab:dd:84:8a:dd:b9:12:37:
c5:8b:04:a4:62:ec:96:63:4d:27:3f:0f:22:69:3f:be:38:d2:
0e:4b:6c:9c:d8:8c:0f:15:3d:98:2f:50:65:55:20:8c:24:03:
30:4c:37:bb:a7:cb:3d:a4:86:b2:72:9e:81:bd:74:95:fa:b3:
e1:a9:63:d8:4a:d0:4e:bb:97:00:c2:07:a4:80:40:5a:16:58:
a0:54:b1:11:5a:ef:f5:ed:c8:82:37:83:c3:6b:75:96:07:94:
91:ef:78:28:d8:f8:21:37:ae:0a:81:88:6d:f0:40:d7:8d:9b:
86:a0:cf:ce:0e:20:a0:92:98:84:c0:47:65:a0:e8:6e:7f:ab:
08:7d:f1:2f:63:7d:ab:9a:9d:fb:78:ca:b6:2f:a9:b1:7d:c4:
c9:1c:bd:a0:4f:d4:06:c7:62:ac:89:70:91:57:23:95:dd:74:
79:0a:20:39:0e:a7:29:53:2b:e2:de:14:69:b0:2c:0c:14:99:
2b:88:39:e0:bc:98:ea:dd:67:7c:54:97:27:7e:44:da:34:b4:
20:ca:9a:5e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYKx8PlOFsNrU9DRU9WKHwiEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhNTU1MGU5MDhhOWI5Njg4YzI5YWFjOTg5NTM1M2RlYTgz
NmM0NWEwHhcNMjIwODE4MTcxMjE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGRiYTU0NzQ2ZDI2ZjM2ZTI4NmMwMGMxMTMzODhhZmI4MDM1NTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2+y8Fl4hV/27apQqzpdS81rea6u
bmf0X+CDxVZcJ0qkClqizKFUmKIu6P0W0Ul8c37y3/AS5McufbuUbXKnMNdP4yxD
0EJe2jTcs7pegVi7qG/fhYg367d4RyVdCFEH/U7ngSBI4VXgVq3NrxqiN0+vyHRy
9gCqZft5sfUy5RU07gOgKTFsG97j3kowr6tItPSpD9Fx5FnoqY8WMWL8f/xtORr9
mHfgVvlrWZoTWwN3maD3Oo960hUYo8DnCH3QHBbfLIx1+1ElvV38qk+MBy10My5t
bRdSNBs1GmqzOtEZeLjs3/Ed3OP/Od8JQUORlaQPXaw2fFAMv6hBQimSFQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEDbpUdG0m824obADBEziK+4A1UeMB8GA1UdIwQY
MBaAFJpVUOkIqblojCmqyYlTU96oNsRaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWxWUTZRaXB1V2lNS2FySmlWTlQzcWcyeEZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iYmIzMGItMjY4OC00YTZlLWIyYTIt
MTM5OWEyODIyMjdhLzEvUU51bFIwYlNiemJpaHNBTUVUT0lyN2dEVlI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iYmIzMGItMjY4OC00YTZlLWIyYTItMTM5OWEyODIyMjdh
LzEvbWxWUTZRaXB1V2lNS2FySmlWTlQzcWcyeEZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDlX5IAwQC
uQt8MA0EAgACMAcDBQMqAumAMA0GCSqGSIb3DQEBCwUAA4IBAQAR42y77huulHxG
WimGDU48AnbwqMCA4QddkO45xm0lVpkS/8jocw2Sj2rQfzrsq92Eit25EjfFiwSk
YuyWY00nPw8iaT++ONIOS2yc2IwPFT2YL1BlVSCMJAMwTDe7p8s9pIaycp6BvXSV
+rPhqWPYStBOu5cAwgekgEBaFligVLERWu/17ciCN4PDa3WWB5SR73go2PghN64K
gYht8EDXjZuGoM/ODiCgkpiEwEdloOhuf6sIffEvY32rmp37eMq2L6mxfcTJHL2g
T9QGx2KsiXCRVyOV3XR5CiA5DqcpUyvi3hRpsCwMFJkriDngvJjq3Wd8VJcnfkTa
NLQgyppe
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:11 2024 by rpki-client on console-ams.rpki-client.org