Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/QiSwhW1RAbwME7P0XDnY5pwbxWk.roa
File: QiSwhW1RAbwME7P0XDnY5pwbxWk.roa (raw, json)
Hash identifier: o+9RUxEnsgxXZUdQJ0XHtKsodny4IiiAz+nfeIkr6mg=
Subject key identifier: 42:24:B0:85:6D:51:01:BC:0C:13:B3:F4:5C:39:D8:E6:9C:1B:C5:69
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 42D8D333
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/QiSwhW1RAbwME7P0XDnY5pwbxWk.roa
Signing time: Fri 28 Jan 2022 08:59:22 +0000
ROA not before: Fri 28 Jan 2022 08:59:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1882
IP address blocks: 192.36.42.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1121506099 (0x42d8d333)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 28 08:59:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4224b0856d5101bc0c13b3f45c39d8e69c1bc569
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:57:2c:06:cb:2d:b9:84:ea:d1:9e:a8:10:48:
0a:e8:4f:b7:e3:e5:26:31:c3:11:a0:0b:0f:43:52:
7e:0f:82:90:00:94:f6:80:aa:fe:f8:b6:b5:92:61:
f1:20:cd:bd:72:7c:cf:99:46:34:be:72:40:b8:d1:
45:fb:27:f6:62:c7:30:aa:25:a7:96:27:94:7f:91:
e1:af:3f:e3:7b:7a:3f:57:d8:71:45:04:d3:64:73:
1f:aa:67:79:45:02:57:9a:ee:e8:fc:2e:80:0d:e6:
ef:16:8c:ae:c6:48:02:aa:ed:65:fd:d6:ae:2e:1c:
ad:d8:a0:2e:51:cd:2b:57:b9:de:9a:6e:7a:5c:ee:
6c:15:01:71:50:5b:72:87:c1:d9:3c:e6:e9:60:40:
2d:fa:08:a7:b3:9c:83:bf:53:4b:c5:35:46:29:c9:
21:27:b5:b8:5a:51:43:60:69:c4:fa:ec:cb:4b:0b:
0c:a2:1a:4f:d7:0b:b1:d5:3c:f8:49:f3:5a:5c:07:
80:9f:c6:37:c6:2d:5e:37:ba:4f:ca:ce:7b:21:c9:
0e:9a:96:79:af:a3:34:49:59:a4:fc:c1:6a:77:24:
6c:d1:1d:22:50:a2:bb:b1:28:29:b2:35:f7:61:44:
45:80:94:4d:fc:b1:29:f6:e0:71:87:50:a4:21:3a:
2a:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:24:B0:85:6D:51:01:BC:0C:13:B3:F4:5C:39:D8:E6:9C:1B:C5:69
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/QiSwhW1RAbwME7P0XDnY5pwbxWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.42.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:c9:11:ea:40:e4:11:cf:7e:08:32:53:16:f8:43:33:95:6e:
14:c5:ca:bb:b6:7c:ad:57:81:21:10:be:aa:5d:5b:d5:88:4e:
09:d8:5a:f5:53:2d:c5:e8:2b:46:79:c4:02:3d:78:4e:fe:11:
b3:78:55:63:3e:e7:bb:28:2c:3f:a8:6f:fe:02:57:02:ea:20:
11:9a:4f:c8:5f:0f:a9:fd:44:00:46:f1:2e:f4:ce:64:5d:e0:
fb:d2:51:3e:83:5d:b6:24:07:aa:ac:6f:af:3f:31:7c:3c:dd:
2e:9d:81:8d:56:4d:6d:f5:ca:93:0a:8f:fe:6a:fa:5d:54:39:
9f:68:a8:32:af:92:cb:7b:99:6e:6f:90:20:ab:41:d0:9b:40:
51:fd:a9:8d:14:68:3b:62:07:10:ec:b0:70:14:7d:b7:f8:86:
69:a0:bb:0c:8e:91:35:27:3a:6f:b7:ca:f5:e9:03:99:13:62:
4c:ee:ab:83:7a:46:5e:74:b3:01:39:18:2b:1f:01:cb:cd:2a:
0b:f3:38:ed:17:82:40:e9:53:92:cc:01:16:af:72:00:0c:28:
de:c4:de:6c:f2:2f:ab:e6:1f:95:e3:07:6f:00:7a:aa:5f:e1:
4e:87:d6:6a:8c:76:dc:86:71:68:ff:1a:b9:1d:d9:00:30:54:
ac:96:bb:6d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEQtjTMzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MTM1YzdmNTcxZWVmZWI2NzQwNGFiNmM0NWZkNDc1NTUxYWRhZjFiMB4XDTIyMDEy
ODA4NTkyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDIyNGIwODU2ZDUx
MDFiYzBjMTNiM2Y0NWMzOWQ4ZTY5YzFiYzU2OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALtXLAbLLbmE6tGeqBBICuhPt+PlJjHDEaALD0NSfg+CkACU
9oCq/vi2tZJh8SDNvXJ8z5lGNL5yQLjRRfsn9mLHMKolp5YnlH+R4a8/43t6P1fY
cUUE02RzH6pneUUCV5ru6PwugA3m7xaMrsZIAqrtZf3Wri4crdigLlHNK1e53ppu
elzubBUBcVBbcofB2Tzm6WBALfoIp7Ocg79TS8U1RinJISe1uFpRQ2BpxPrsy0sL
DKIaT9cLsdU8+EnzWlwHgJ/GN8YtXje6T8rOeyHJDpqWea+jNElZpPzBanckbNEd
IlCiu7EoKbI192FERYCUTfyxKfbgcYdQpCE6KtMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRCJLCFbVEBvAwTs/RcOdjmnBvFaTAfBgNVHSMEGDAWgBQhNcf1ce7+tnQE
q2xF/UdVUa2vGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lUWEg5WEh1X3JaMEJLdHNSZjFIVlZHdHJ4cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDkvNjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8x
L1FpU3doVzFSQWJ3TUU3UDBYRG5ZNXB3YnhXay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkv
NjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8xL0lUWEg5WEh1X3Ja
MEJLdHNSZjFIVlZHdHJ4cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMAkKjANBgkqhkiG9w0BAQsFAAOC
AQEApckR6kDkEc9+CDJTFvhDM5VuFMXKu7Z8rVeBIRC+ql1b1YhOCdha9VMtxegr
RnnEAj14Tv4Rs3hVYz7nuygsP6hv/gJXAuogEZpPyF8Pqf1EAEbxLvTOZF3g+9JR
PoNdtiQHqqxvrz8xfDzdLp2BjVZNbfXKkwqP/mr6XVQ5n2ioMq+Sy3uZbm+QIKtB
0JtAUf2pjRRoO2IHEOywcBR9t/iGaaC7DI6RNSc6b7fK9ekDmRNiTO6rg3pGXnSz
ATkYKx8By80qC/M47ReCQOlTkswBFq9yAAwo3sTebPIvq+YfleMHbwB6ql/hTofW
aox23IZxaP8auR3ZADBUrJa7bQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:38 2023 by rpki-client on console-ams.rpki-client.org