Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/7a7dc1-e168-4d47-b46d-40ea80892f03/1/QG72oj4vUQwLKuhghG8fVUoLieQ.roa
File: QG72oj4vUQwLKuhghG8fVUoLieQ.roa (raw, json)
Hash identifier: wSgodR3PIMVA1qDJi5eNAaR/LTAPAoguJGLmb3IZemk=
Subject key identifier: 40:6E:F6:A2:3E:2F:51:0C:0B:2A:E8:60:84:6F:1F:55:4A:0B:89:E4
Certificate issuer: /CN=59d36a21e9b368d748bab8c77bebdde2c227c6c3
Certificate serial: 018941865AB2DB02B490CDC6D5439B60B033
Authority key identifier: 59:D3:6A:21:E9:B3:68:D7:48:BA:B8:C7:7B:EB:DD:E2:C2:27:C6:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WdNqIemzaNdIurjHe-vd4sInxsM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/7a7dc1-e168-4d47-b46d-40ea80892f03/1/QG72oj4vUQwLKuhghG8fVUoLieQ.roa
Signing time: Mon 10 Jul 2023 20:37:51 +0000
ROA not before: Mon 10 Jul 2023 20:37:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202261
IP address blocks: 194.147.137.0/24 maxlen: 24
194.147.136.0/24 maxlen: 24
2a07:e480:100::/48 maxlen: 48
2a07:e480::/48 maxlen: 48
2a07:e480:101::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:41:86:5a:b2:db:02:b4:90:cd:c6:d5:43:9b:60:b0:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59d36a21e9b368d748bab8c77bebdde2c227c6c3
Validity
Not Before: Jul 10 20:37:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=406ef6a23e2f510c0b2ae860846f1f554a0b89e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:98:76:db:9e:5e:15:0d:fd:88:9e:32:96:65:
5b:ba:6b:af:8a:c5:25:c7:b4:1f:2c:34:6c:b6:84:
5d:4c:d7:33:d8:1b:11:89:c8:4a:2c:20:e9:b7:7a:
90:01:83:e5:09:47:c3:dd:1c:e8:94:a1:55:4e:09:
c3:8b:24:29:f5:0a:e0:1a:29:1a:06:87:05:45:be:
de:ec:3b:07:9f:c0:ff:bb:74:27:06:ac:b6:04:d7:
02:af:42:0e:45:b5:12:01:f8:65:50:18:e7:5e:11:
ea:1b:0f:b2:6f:f9:7c:54:25:95:3f:0c:7b:93:79:
34:f9:ec:35:8a:57:4f:72:04:8a:e0:16:84:11:48:
81:79:45:2b:f9:06:52:3e:d0:ba:8c:5e:b5:23:01:
81:5c:24:ea:1c:b7:67:fd:e5:b5:1e:a5:8f:66:0e:
eb:5e:25:fd:45:ba:8c:27:1a:ed:94:b2:35:d4:70:
95:64:63:19:c6:ab:bd:b8:c6:49:1f:36:53:f3:e3:
22:30:73:c3:68:a2:9b:50:74:06:5c:f7:3f:a2:1f:
71:2d:03:b1:a1:34:d0:74:aa:48:f0:97:89:a9:e9:
7d:ee:d5:10:13:d1:18:15:06:37:bf:71:c5:7b:4d:
57:98:54:2a:88:c6:75:19:3e:a7:25:df:e3:f9:f2:
fa:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:6E:F6:A2:3E:2F:51:0C:0B:2A:E8:60:84:6F:1F:55:4A:0B:89:E4
X509v3 Authority Key Identifier:
keyid:59:D3:6A:21:E9:B3:68:D7:48:BA:B8:C7:7B:EB:DD:E2:C2:27:C6:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WdNqIemzaNdIurjHe-vd4sInxsM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/7a7dc1-e168-4d47-b46d-40ea80892f03/1/QG72oj4vUQwLKuhghG8fVUoLieQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/7a7dc1-e168-4d47-b46d-40ea80892f03/1/WdNqIemzaNdIurjHe-vd4sInxsM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.147.136.0/23
IPv6:
2a07:e480::/48
2a07:e480:100::/47
Signature Algorithm: sha256WithRSAEncryption
90:86:11:d4:16:10:0a:08:59:42:76:54:cc:63:e8:83:e6:e0:
7a:39:75:09:98:e3:f5:57:65:91:14:6d:5e:3b:a0:bd:9c:a0:
d5:76:de:83:79:e5:ac:09:49:33:48:de:03:5d:1e:7f:df:ae:
81:b7:db:0b:dc:11:ec:c6:c5:05:61:5d:06:1a:91:30:e5:1e:
30:99:4b:0a:f4:89:94:0e:71:cc:b7:8a:d3:3c:aa:48:21:f9:
30:80:c8:e3:60:b3:35:08:4d:a2:5e:e9:c5:3a:cf:53:e1:3e:
bc:e4:03:4b:3b:fb:2d:e7:a2:cc:cb:23:d7:b0:21:46:2d:ba:
ed:6c:53:02:64:ce:96:12:40:58:a5:ed:5f:8a:55:76:16:2a:
8e:75:4f:d9:22:c1:01:be:b0:66:26:b8:59:c0:08:84:82:fc:
fc:dd:33:c6:63:09:57:d4:72:6a:15:bd:6d:ba:f0:07:91:87:
e1:78:27:89:cd:db:33:ea:86:53:86:9b:73:c6:4c:50:c4:84:
40:a5:a2:60:8a:c3:f5:24:11:36:7e:42:98:f5:ba:43:43:d8:
94:cb:8c:51:f6:06:9e:55:bc:ad:ce:54:85:c2:bd:fc:6e:6a:
b1:ae:f4:e5:66:e3:47:aa:2e:52:80:04:34:dc:34:be:43:d0:
91:1f:84:b1
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYlBhlqy2wK0kM3G1UObYLAzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5ZDM2YTIxZTliMzY4ZDc0OGJhYjhjNzdiZWJkZGUyYzIy
N2M2YzMwHhcNMjMwNzEwMjAzNzUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDZlZjZhMjNlMmY1MTBjMGIyYWU4NjA4NDZmMWY1NTRhMGI4OWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhJh2255eFQ39iJ4ylmVbumuvisUl
x7QfLDRstoRdTNcz2BsRichKLCDpt3qQAYPlCUfD3RzolKFVTgnDiyQp9QrgGika
BocFRb7e7DsHn8D/u3QnBqy2BNcCr0IORbUSAfhlUBjnXhHqGw+yb/l8VCWVPwx7
k3k0+ew1ildPcgSK4BaEEUiBeUUr+QZSPtC6jF61IwGBXCTqHLdn/eW1HqWPZg7r
XiX9RbqMJxrtlLI11HCVZGMZxqu9uMZJHzZT8+MiMHPDaKKbUHQGXPc/oh9xLQOx
oTTQdKpI8JeJqel97tUQE9EYFQY3v3HFe01XmFQqiMZ1GT6nJd/j+fL6XQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFEBu9qI+L1EMCyroYIRvH1VKC4nkMB8GA1UdIwQY
MBaAFFnTaiHps2jXSLq4x3vr3eLCJ8bDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2ROcUllbXphTmRJdXJqSGUtdmQ0c0lueHNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS83YTdkYzEtZTE2OC00ZDQ3LWI0NmQt
NDBlYTgwODkyZjAzLzEvUUc3Mm9qNHZVUXdMS3VoZ2hHOGZWVW9MaWVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS83YTdkYzEtZTE2OC00ZDQ3LWI0NmQtNDBlYTgwODkyZjAz
LzEvV2ROcUllbXphTmRJdXJqSGUtdmQ0c0lueHNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQBwpOIMBgE
AgACMBIDBwAqB+SAAAADBwEqB+SAAQAwDQYJKoZIhvcNAQELBQADggEBAJCGEdQW
EAoIWUJ2VMxj6IPm4Ho5dQmY4/VXZZEUbV47oL2coNV23oN55awJSTNI3gNdHn/f
roG32wvcEezGxQVhXQYakTDlHjCZSwr0iZQOccy3itM8qkgh+TCAyONgszUITaJe
6cU6z1PhPrzkA0s7+y3noszLI9ewIUYtuu1sUwJkzpYSQFil7V+KVXYWKo51T9ki
wQG+sGYmuFnACISC/PzdM8ZjCVfUcmoVvW268AeRh+F4J4nN2zPqhlOGm3PGTFDE
hEClomCKw/UkETZ+Qpj1ukND2JTLjFH2Bp5VvK3OVIXCvfxuarGu9OVm40eqLlKA
BDTcNL5D0JEfhLE=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:13:01 2025 by rpki-client