Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/qs9FmBGkPIUiLKgTfqx7H4p2fYA.roa
File: qs9FmBGkPIUiLKgTfqx7H4p2fYA.roa (raw, json)
Hash identifier: /zQZIfGE1mAm3yXIQTW6dp+3qhhSET6AsmUQ72gwOzs=
Subject key identifier: AA:CF:45:98:11:A4:3C:85:22:2C:A8:13:7E:AC:7B:1F:8A:76:7D:80
Certificate issuer: /CN=d9d63156c1836f16c3b430effbb72ac69932ea9b
Certificate serial: 0184528970A45BFB99F40B8903FB0F9EA09B
Authority key identifier: D9:D6:31:56:C1:83:6F:16:C3:B4:30:EF:FB:B7:2A:C6:99:32:EA:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2dYxVsGDbxbDtDDv-7cqxpky6ps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/qs9FmBGkPIUiLKgTfqx7H4p2fYA.roa
Signing time: Mon 07 Nov 2022 14:40:49 +0000
ROA not before: Mon 07 Nov 2022 14:40:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9009
IP address blocks: 185.240.128.0/22 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:52:89:70:a4:5b:fb:99:f4:0b:89:03:fb:0f:9e:a0:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9d63156c1836f16c3b430effbb72ac69932ea9b
Validity
Not Before: Nov 7 14:40:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aacf459811a43c85222ca8137eac7b1f8a767d80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e4:a9:0e:bd:00:9a:8e:e0:f1:f9:0e:7c:cc:
60:9e:fd:32:91:de:ca:55:67:96:62:3f:f7:24:a5:
f2:35:f6:b7:d6:29:58:77:b3:6c:49:bb:84:ac:2d:
d2:ca:b5:d0:37:ce:71:8f:36:72:9e:1d:f3:d3:c9:
9d:67:ae:05:65:52:51:2c:f8:9d:69:d0:b1:21:77:
92:a9:8a:2e:b8:e0:af:3c:ca:13:bf:bf:a2:98:aa:
81:9a:bc:70:73:0b:c0:12:2e:99:79:58:58:e7:41:
f7:4a:29:02:d4:c4:62:50:6c:b9:91:26:b5:c3:24:
9a:b6:69:d8:08:4c:62:59:1b:a0:48:e2:46:cf:87:
1a:39:49:65:03:72:6d:84:5a:e1:47:71:a3:cd:c7:
bc:ff:09:54:80:b6:f8:72:6e:9d:84:e7:dd:cc:59:
dc:99:9f:7f:ce:18:a3:d9:4c:ae:59:ab:5d:04:8d:
cf:16:eb:56:c7:44:a3:c1:6f:fd:e1:23:f3:fd:8e:
91:64:49:95:b3:4e:cd:ec:69:8b:d0:e6:b2:14:22:
ee:1e:c6:a6:43:1a:f5:b5:91:be:76:e4:5c:70:4c:
2c:0a:1d:78:ef:4b:e4:c0:56:4d:6f:88:40:35:9a:
50:d1:64:07:b5:08:f1:9d:b5:b0:cb:31:7e:4d:9f:
5c:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:CF:45:98:11:A4:3C:85:22:2C:A8:13:7E:AC:7B:1F:8A:76:7D:80
X509v3 Authority Key Identifier:
keyid:D9:D6:31:56:C1:83:6F:16:C3:B4:30:EF:FB:B7:2A:C6:99:32:EA:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2dYxVsGDbxbDtDDv-7cqxpky6ps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/qs9FmBGkPIUiLKgTfqx7H4p2fYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/2dYxVsGDbxbDtDDv-7cqxpky6ps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.240.128.0/22
Signature Algorithm: sha256WithRSAEncryption
25:54:b8:b3:ea:bb:28:0f:31:6e:75:ef:f0:30:fe:b8:22:ac:
1d:e4:14:be:52:72:95:0f:5a:ae:1f:80:08:0a:8c:e5:21:b4:
a1:d9:68:d7:66:4c:9e:2e:11:cf:76:a3:2c:8c:bf:a8:ab:6c:
d2:cf:14:b0:e0:7e:ba:8a:fe:bd:8d:f5:16:63:75:31:09:56:
da:bd:98:d8:95:6e:2f:c6:47:2c:bd:2b:f5:f9:54:2a:fa:f1:
bc:62:a3:88:d0:52:b8:09:13:b9:c1:e5:28:16:0e:33:c9:28:
ae:17:71:17:e6:b2:28:05:d6:02:96:ca:b0:c7:f7:11:da:2c:
e1:92:21:80:5b:4e:c6:02:6a:1b:df:f7:85:f3:de:dc:5b:4e:
84:25:c6:0e:bc:5d:f7:ce:a7:da:44:25:6b:06:60:8f:e8:6f:
57:ca:7b:9c:4b:9e:59:41:04:52:73:b2:4b:52:0a:ae:8c:b8:
1d:62:58:a0:33:f2:dc:5d:8e:7c:6a:59:b5:4e:5f:6a:3d:29:
f3:4b:66:90:03:f0:59:48:c7:9e:e2:a3:86:ef:57:ed:f9:4b:
0b:e5:7a:e3:be:e2:dc:19:79:d0:ff:a1:c4:3d:ba:fd:61:7a:
73:b4:7c:e2:7b:94:ea:c3:e6:af:72:af:bc:39:af:87:6c:8a:
ae:8f:af:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYRSiXCkW/uZ9AuJA/sPnqCbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZDYzMTU2YzE4MzZmMTZjM2I0MzBlZmZiYjcyYWM2OTkz
MmVhOWIwHhcNMjIxMTA3MTQ0MDQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWNmNDU5ODExYTQzYzg1MjIyY2E4MTM3ZWFjN2IxZjhhNzY3ZDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuuSpDr0Amo7g8fkOfMxgnv0ykd7K
VWeWYj/3JKXyNfa31ilYd7NsSbuErC3SyrXQN85xjzZynh3z08mdZ64FZVJRLPid
adCxIXeSqYouuOCvPMoTv7+imKqBmrxwcwvAEi6ZeVhY50H3SikC1MRiUGy5kSa1
wySatmnYCExiWRugSOJGz4caOUllA3JthFrhR3Gjzce8/wlUgLb4cm6dhOfdzFnc
mZ9/zhij2UyuWatdBI3PFutWx0SjwW/94SPz/Y6RZEmVs07N7GmL0OayFCLuHsam
Qxr1tZG+duRccEwsCh1470vkwFZNb4hANZpQ0WQHtQjxnbWwyzF+TZ9c8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKrPRZgRpDyFIiyoE36sex+Kdn2AMB8GA1UdIwQY
MBaAFNnWMVbBg28Ww7Qw7/u3KsaZMuqbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmRZeFZzR0RieGJEdEREdi03Y3F4cGt5NnBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy84ZjQ2YmUtMDI4Yi00ZDAzLWE5NzMt
ZmRhMDExZTVjOTcyLzEvcXM5Rm1CR2tQSVVpTEtnVGZxeDdINHAyZllBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy84ZjQ2YmUtMDI4Yi00ZDAzLWE5NzMtZmRhMDExZTVjOTcy
LzEvMmRZeFZzR0RieGJEdEREdi03Y3F4cGt5NnBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufCAMA0G
CSqGSIb3DQEBCwUAA4IBAQAlVLiz6rsoDzFude/wMP64Iqwd5BS+UnKVD1quH4AI
CozlIbSh2WjXZkyeLhHPdqMsjL+oq2zSzxSw4H66iv69jfUWY3UxCVbavZjYlW4v
xkcsvSv1+VQq+vG8YqOI0FK4CRO5weUoFg4zySiuF3EX5rIoBdYClsqwx/cR2izh
kiGAW07GAmob3/eF897cW06EJcYOvF33zqfaRCVrBmCP6G9XynucS55ZQQRSc7JL
UgqujLgdYligM/LcXY58alm1Tl9qPSnzS2aQA/BZSMee4qOG71ft+UsL5XrjvuLc
GXnQ/6HEPbr9YXpztHzie5Tqw+avcq+8Oa+HbIquj6/2
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:42 2023 by rpki-client on console-fra.rpki-client.org