Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/539171-574b-4451-b6d4-57f9bc6a5c30/1/qXwZ7qpjR52GAklkeEzd97cqZeY.roa
File: qXwZ7qpjR52GAklkeEzd97cqZeY.roa (raw, json)
Hash identifier: j7ygGg48HdjXxDxh7DC71EgvDApnCrcxyFiJx5ct93o=
Subject key identifier: A9:7C:19:EE:AA:63:47:9D:86:02:49:64:78:4C:DD:F7:B7:2A:65:E6
Certificate issuer: /CN=c7485e29f118c01be86c19e668facfa485de718c
Certificate serial: 01844852B191160BAD3BF9ED291280BE7F0E
Authority key identifier: C7:48:5E:29:F1:18:C0:1B:E8:6C:19:E6:68:FA:CF:A4:85:DE:71:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x0heKfEYwBvobBnmaPrPpIXecYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/539171-574b-4451-b6d4-57f9bc6a5c30/1/qXwZ7qpjR52GAklkeEzd97cqZeY.roa
Signing time: Sat 05 Nov 2022 15:04:49 +0000
ROA not before: Sat 05 Nov 2022 15:04:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44472
IP address blocks: 86.111.52.0/23 maxlen: 24
2a12:c440::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:48:52:b1:91:16:0b:ad:3b:f9:ed:29:12:80:be:7f:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7485e29f118c01be86c19e668facfa485de718c
Validity
Not Before: Nov 5 15:04:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a97c19eeaa63479d86024964784cddf7b72a65e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:c9:f6:a3:b6:06:01:26:f9:2b:e3:2e:87:3d:
44:2e:49:63:bc:7c:cf:0a:86:8a:d6:24:9c:f4:d3:
af:b0:35:11:7a:9f:a9:0b:a9:22:e9:28:39:3a:3a:
b4:39:50:2a:8d:b1:15:0c:a9:f2:61:38:69:9c:4a:
a8:f7:00:88:77:b4:45:f2:ca:94:4d:37:2c:81:f2:
c3:2c:89:9e:1f:29:de:74:4d:b1:49:b1:98:03:ba:
2b:4a:87:05:cf:16:14:8a:68:e1:86:a1:22:3c:1b:
79:99:5e:75:63:80:d7:5c:42:60:d0:85:ce:50:19:
d8:95:ca:86:67:4a:0d:6d:2a:78:64:af:63:59:6c:
ff:86:30:a7:b1:97:65:2a:4c:27:f5:e1:f9:7e:8f:
82:cd:7f:d8:a7:32:b1:ef:47:bc:ef:61:72:6a:18:
6e:1b:d8:28:a9:ea:55:38:28:93:e3:8f:6e:af:42:
6c:9b:ee:c4:fe:08:08:de:f9:4a:cd:30:6f:7b:ce:
7a:20:b4:0a:3b:19:82:9d:bd:24:bf:ba:89:5c:bd:
3c:26:6f:53:61:39:fc:cd:04:f1:fe:29:d9:33:b4:
30:5e:45:51:f5:6b:44:1e:23:ff:f9:1f:2b:71:84:
19:d5:cc:5a:0c:98:6a:c1:8a:69:e6:b6:bd:40:d4:
ae:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:7C:19:EE:AA:63:47:9D:86:02:49:64:78:4C:DD:F7:B7:2A:65:E6
X509v3 Authority Key Identifier:
keyid:C7:48:5E:29:F1:18:C0:1B:E8:6C:19:E6:68:FA:CF:A4:85:DE:71:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0heKfEYwBvobBnmaPrPpIXecYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/539171-574b-4451-b6d4-57f9bc6a5c30/1/qXwZ7qpjR52GAklkeEzd97cqZeY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/539171-574b-4451-b6d4-57f9bc6a5c30/1/x0heKfEYwBvobBnmaPrPpIXecYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.111.52.0/23
IPv6:
2a12:c440::/29
Signature Algorithm: sha256WithRSAEncryption
83:f9:2b:ef:44:13:50:bb:d4:ec:54:e6:ca:1c:3c:6a:51:a7:
5f:96:a4:88:bc:dc:17:59:dc:40:26:56:2a:74:13:48:d8:31:
c1:6a:92:e4:e5:16:3e:0e:e6:ce:f3:de:bf:1f:50:58:6f:08:
f9:bc:73:6d:0c:72:9a:80:6e:04:09:34:a5:f1:02:9b:c6:36:
d0:50:f2:7d:44:d4:9a:db:d5:ca:6a:68:1d:b7:e8:6d:d1:b3:
23:b8:02:74:82:a7:6d:1d:4f:ce:12:32:15:49:35:0c:d5:c1:
ec:56:d9:0e:57:4f:fb:cc:47:77:fd:ac:19:ac:aa:dc:fa:05:
70:d7:cd:c8:03:65:eb:1c:c8:71:a3:06:28:79:7d:12:b3:cd:
ab:de:82:ea:95:ff:fd:8a:47:a1:48:01:f7:ee:fc:3b:75:b6:
dd:b8:e7:66:7c:5b:d3:97:91:62:f2:2d:36:85:07:65:46:7a:
29:3c:62:a5:ac:1c:c1:9b:08:a4:81:ff:45:c4:67:0d:de:93:
aa:81:f0:3b:0f:00:7d:b5:53:a1:87:40:1d:f9:68:78:c7:48:
fa:9e:ba:f4:1f:48:a6:b9:16:53:91:d1:d6:1f:7c:13:fb:8b:
68:d4:b4:77:59:f5:0a:bc:32:22:41:8a:b4:ab:20:d8:b3:50:
c6:1a:c4:7f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYRIUrGRFgutO/ntKRKAvn8OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NDg1ZTI5ZjExOGMwMWJlODZjMTllNjY4ZmFjZmE0ODVk
ZTcxOGMwHhcNMjIxMTA1MTUwNDQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTdjMTllZWFhNjM0NzlkODYwMjQ5NjQ3ODRjZGRmN2I3MmE2NWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6sn2o7YGASb5K+Muhz1ELkljvHzP
CoaK1iSc9NOvsDURep+pC6ki6Sg5Ojq0OVAqjbEVDKnyYThpnEqo9wCId7RF8sqU
TTcsgfLDLImeHynedE2xSbGYA7orSocFzxYUimjhhqEiPBt5mV51Y4DXXEJg0IXO
UBnYlcqGZ0oNbSp4ZK9jWWz/hjCnsZdlKkwn9eH5fo+CzX/YpzKx70e872Fyahhu
G9goqepVOCiT449ur0Jsm+7E/ggI3vlKzTBve856ILQKOxmCnb0kv7qJXL08Jm9T
YTn8zQTx/inZM7QwXkVR9WtEHiP/+R8rcYQZ1cxaDJhqwYpp5ra9QNSuCQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKl8Ge6qY0edhgJJZHhM3fe3KmXmMB8GA1UdIwQY
MBaAFMdIXinxGMAb6GwZ5mj6z6SF3nGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDBoZUtmRVl3QnZvYkJubWFQclBwSVhlY1l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC81MzkxNzEtNTc0Yi00NDUxLWI2ZDQt
NTdmOWJjNmE1YzMwLzEvcVh3WjdxcGpSNTJHQWtsa2VFemQ5N2NxWmVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC81MzkxNzEtNTc0Yi00NDUxLWI2ZDQtNTdmOWJjNmE1YzMw
LzEveDBoZUtmRVl3QnZvYkJubWFQclBwSVhlY1l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBVm80MA0E
AgACMAcDBQMqEsRAMA0GCSqGSIb3DQEBCwUAA4IBAQCD+SvvRBNQu9TsVObKHDxq
UadflqSIvNwXWdxAJlYqdBNI2DHBapLk5RY+DubO896/H1BYbwj5vHNtDHKagG4E
CTSl8QKbxjbQUPJ9RNSa29XKamgdt+ht0bMjuAJ0gqdtHU/OEjIVSTUM1cHsVtkO
V0/7zEd3/awZrKrc+gVw183IA2XrHMhxowYoeX0Ss82r3oLqlf/9ikehSAH37vw7
dbbduOdmfFvTl5Fi8i02hQdlRnopPGKlrBzBmwikgf9FxGcN3pOqgfA7DwB9tVOh
h0Ad+Wh4x0j6nrr0H0imuRZTkdHWH3wT+4to1LR3WfUKvDIiQYq0qyDYs1DGGsR/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:58 2024 by rpki-client on console-ams.rpki-client.org