Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/QXdBUfWrBw79ymW61q-wA2j6lIA.roa
File: QXdBUfWrBw79ymW61q-wA2j6lIA.roa (raw, json)
Hash identifier: /1DK788m2R/OOZuBI/u9h0wMKjFACVVxJZtu44embUw=
Subject key identifier: 41:77:41:51:F5:AB:07:0E:FD:CA:65:BA:D6:AF:B0:03:68:FA:94:80
Certificate issuer: /CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
Certificate serial: 018502593849B8B4422D2E9EB0E873D8FFB1
Authority key identifier: AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/QXdBUfWrBw79ymW61q-wA2j6lIA.roa
Signing time: Sun 11 Dec 2022 18:01:19 +0000
ROA not before: Sun 11 Dec 2022 18:01:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50810
IP address blocks: 128.65.164.0/22 maxlen: 22
128.65.172.0/22 maxlen: 22
128.65.168.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:02:59:38:49:b8:b4:42:2d:2e:9e:b0:e8:73:d8:ff:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
Validity
Not Before: Dec 11 18:01:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=41774151f5ab070efdca65bad6afb00368fa9480
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:5c:ad:9a:a7:88:d9:38:d8:36:8a:d2:a5:d7:
0b:df:df:bb:a4:d7:26:4f:33:69:c9:62:16:84:49:
a2:66:9e:34:b0:91:6a:5b:27:5c:73:4f:15:74:69:
09:5b:8f:ba:b5:2c:fb:4d:92:51:71:84:09:8a:06:
fd:7e:fd:2f:3f:6b:12:9b:4a:84:66:78:0a:da:dc:
80:fc:ba:45:df:95:30:9c:6c:40:73:9e:56:1e:5c:
40:3c:4e:8a:74:43:5f:6d:66:60:d5:62:12:16:d5:
a8:d1:1c:73:98:cc:14:36:8c:4c:83:b3:42:1f:0c:
bf:bb:ba:1c:4a:5e:54:a8:c4:0c:31:61:55:8d:8e:
56:56:01:8b:72:53:e7:cd:96:ea:9a:61:c1:6a:1f:
20:b9:ec:46:97:31:0b:92:35:3c:fb:28:9a:f9:87:
f4:4b:0c:ed:5a:dd:0f:9e:ba:36:75:53:89:a2:47:
e4:9f:f1:49:b2:22:58:dd:ad:cc:b0:0e:f8:a5:2d:
02:ef:c8:21:d5:3f:c0:92:7a:ff:c9:3a:90:d7:df:
fa:48:6d:fd:21:f4:6f:93:92:a9:66:c1:48:ad:a2:
7f:4a:bc:5c:2c:ca:f7:dd:8c:05:26:1b:ba:e2:7e:
dc:dd:2b:3f:ed:2a:cf:90:b2:e0:ef:3b:05:c5:d0:
02:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:77:41:51:F5:AB:07:0E:FD:CA:65:BA:D6:AF:B0:03:68:FA:94:80
X509v3 Authority Key Identifier:
keyid:AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/QXdBUfWrBw79ymW61q-wA2j6lIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/ry8uht18yRAWWP-NWlJBRF_NHWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.65.164.0-128.65.175.255
Signature Algorithm: sha256WithRSAEncryption
6a:3a:dc:c7:46:8a:af:41:e2:62:c7:51:7b:3e:95:22:96:9f:
34:51:de:e3:5a:ad:7c:a4:54:78:e9:e5:59:50:7c:5f:e3:b5:
35:d7:4d:fa:a5:84:a7:b1:65:ce:26:1d:1e:a9:fd:84:9f:e4:
19:28:fe:bb:7a:73:64:92:36:e7:2d:de:3c:2a:dd:e5:10:23:
41:78:09:39:94:43:76:a3:92:8e:1b:39:7f:78:57:8b:20:7e:
9b:c6:ec:b7:05:d5:64:60:3b:41:94:81:85:6d:4a:18:d6:40:
90:75:17:79:a2:41:b3:59:c4:a2:86:96:c9:14:7d:1c:14:bd:
2b:c0:15:34:bd:6a:0f:5e:ee:0e:bc:ad:e8:ec:49:28:21:81:
cf:e8:53:a5:0a:bb:1d:4e:8b:d2:a6:37:e9:27:77:07:f6:c7:
37:34:c6:a2:db:37:1b:f3:df:ad:61:6f:41:fc:10:33:4c:33:
03:70:1c:35:b2:3a:97:4a:91:6f:9a:fb:1d:51:14:3c:df:d3:
ca:47:36:5a:1b:00:24:fa:d9:ba:50:f1:5f:fd:29:82:8c:3c:
24:5e:9d:34:0a:f3:d1:e2:2e:fa:e2:29:13:50:97:0e:9d:99:
b1:f4:bd:07:31:73:df:15:78:cd:2c:55:61:e7:71:25:83:56:
b8:31:b8:5b
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYUCWThJuLRCLS6esOhz2P+xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMmYyZTg2ZGQ3Y2M5MTAxNjU4ZmY4ZDVhNTI0MTQ0NWZj
ZDFkNmEwHhcNMjIxMjExMTgwMTE5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTc3NDE1MWY1YWIwNzBlZmRjYTY1YmFkNmFmYjAwMzY4ZmE5NDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFytmqeI2TjYNorSpdcL39+7pNcm
TzNpyWIWhEmiZp40sJFqWydcc08VdGkJW4+6tSz7TZJRcYQJigb9fv0vP2sSm0qE
ZngK2tyA/LpF35UwnGxAc55WHlxAPE6KdENfbWZg1WISFtWo0RxzmMwUNoxMg7NC
Hwy/u7ocSl5UqMQMMWFVjY5WVgGLclPnzZbqmmHBah8guexGlzELkjU8+yia+Yf0
SwztWt0Pnro2dVOJokfkn/FJsiJY3a3MsA74pS0C78gh1T/Aknr/yTqQ19/6SG39
IfRvk5KpZsFIraJ/SrxcLMr33YwFJhu64n7c3Ss/7SrPkLLg7zsFxdACZwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFEF3QVH1qwcO/cplutavsANo+pSAMB8GA1UdIwQY
MBaAFK8vLobdfMkQFlj/jVpSQURfzR1qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnk4dWh0MTh5UkFXV1AtTldsSkJSRl9OSFdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9lMDhiOGUtYmYyMi00MzVjLThiMWYt
NDZiYjdhZWMxZjMwLzEvUVhkQlVmV3JCdzc5eW1XNjFxLXdBMmo2bElBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9lMDhiOGUtYmYyMi00MzVjLThiMWYtNDZiYjdhZWMxZjMw
LzEvcnk4dWh0MTh5UkFXV1AtTldsSkJSRl9OSFdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAKAQaQD
BASAQaAwDQYJKoZIhvcNAQELBQADggEBAGo63MdGiq9B4mLHUXs+lSKWnzRR3uNa
rXykVHjp5VlQfF/jtTXXTfqlhKexZc4mHR6p/YSf5Bko/rt6c2SSNuct3jwq3eUQ
I0F4CTmUQ3ajko4bOX94V4sgfpvG7LcF1WRgO0GUgYVtShjWQJB1F3miQbNZxKKG
lskUfRwUvSvAFTS9ag9e7g68rejsSSghgc/oU6UKux1Oi9KmN+kndwf2xzc0xqLb
Nxvz361hb0H8EDNMMwNwHDWyOpdKkW+a+x1RFDzf08pHNlobACT62bpQ8V/9KYKM
PCRenTQK89HiLvriKRNQlw6dmbH0vQcxc98VeM0sVWHncSWDVrgxuFs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:24 2024 by rpki-client on console-ams.rpki-client.org