Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/69194a-45a0-48ef-99bf-8e04887c0abf/1/QkZkm18UJUHIP_BGrapp6bJzUP0.roa
File: QkZkm18UJUHIP_BGrapp6bJzUP0.roa (raw, json)
Hash identifier: 1Lv/rayfA/NknaNtDXhlDVwNEGNOEgB3NtrK5+efQNI=
Subject key identifier: 42:46:64:9B:5F:14:25:41:C8:3F:F0:46:AD:AA:69:E9:B2:73:50:FD
Certificate issuer: /CN=f9e0257d067ef8b85f620c67220cf977ddde3994
Certificate serial: 16170470
Authority key identifier: F9:E0:25:7D:06:7E:F8:B8:5F:62:0C:67:22:0C:F9:77:DD:DE:39:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-eAlfQZ--LhfYgxnIgz5d93eOZQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/69194a-45a0-48ef-99bf-8e04887c0abf/1/QkZkm18UJUHIP_BGrapp6bJzUP0.roa
Signing time: Sat 01 Jan 2022 14:03:50 +0000
ROA not before: Sat 01 Jan 2022 14:03:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41884
IP address blocks: 195.200.72.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 370607216 (0x16170470)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f9e0257d067ef8b85f620c67220cf977ddde3994
Validity
Not Before: Jan 1 14:03:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4246649b5f142541c83ff046adaa69e9b27350fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:0c:f0:9c:ab:08:7b:ab:2a:b6:e6:90:ec:c0:
2e:51:38:3f:f0:3f:05:48:3e:52:90:51:ee:70:58:
56:26:fa:be:32:de:85:b4:d8:17:ec:6c:b8:c9:84:
9c:80:fd:9d:a0:6e:91:b6:5a:b6:6d:29:5d:52:87:
7a:ea:e0:99:d8:9f:4e:27:66:60:8a:17:6c:9e:53:
a7:40:29:f2:66:ad:5c:40:51:6e:45:8e:08:0f:d2:
38:60:c6:b6:09:b0:72:2d:cc:a0:3c:00:50:02:6e:
b0:1f:4a:cc:dd:e0:51:6e:c3:0d:03:c7:4b:18:e3:
a0:cc:25:7c:b9:f0:91:a5:e2:f5:7b:25:76:c3:b4:
f1:6c:4f:e2:cb:b1:33:1d:94:46:c4:e7:30:ca:c0:
c6:30:23:e5:77:5c:eb:bd:8a:44:57:cc:9b:c5:0e:
02:e5:22:f8:3e:9a:80:43:b5:3e:c5:c4:d0:09:cf:
e3:5a:77:8b:f6:6a:ba:63:42:d3:db:c1:8a:a9:7d:
01:b8:6a:0c:35:71:45:13:0c:06:53:90:db:0b:03:
94:01:8e:1d:05:88:0d:bb:f5:e4:de:86:af:7e:4f:
a4:ae:c0:49:ab:62:d1:dd:f8:56:52:3f:5d:c9:0c:
cb:62:c9:02:66:5f:49:63:21:84:0c:51:9b:43:37:
c4:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:46:64:9B:5F:14:25:41:C8:3F:F0:46:AD:AA:69:E9:B2:73:50:FD
X509v3 Authority Key Identifier:
keyid:F9:E0:25:7D:06:7E:F8:B8:5F:62:0C:67:22:0C:F9:77:DD:DE:39:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-eAlfQZ--LhfYgxnIgz5d93eOZQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/69194a-45a0-48ef-99bf-8e04887c0abf/1/QkZkm18UJUHIP_BGrapp6bJzUP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/69194a-45a0-48ef-99bf-8e04887c0abf/1/1-eAlfQZ--LhfYgxnIgz5d93eOZQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.200.72.0/23
Signature Algorithm: sha256WithRSAEncryption
05:47:3e:cb:a7:0f:be:ce:be:e7:65:27:db:5c:34:58:21:06:
49:56:ab:54:13:35:66:32:18:06:94:52:4c:9c:71:6e:ab:f9:
d9:4d:a5:23:b7:62:48:85:bb:f7:da:94:29:d6:70:ca:09:65:
2c:1e:aa:ca:68:78:ae:64:8c:af:0e:2f:aa:bd:8e:4c:05:b7:
f5:56:ef:4e:5a:9c:0a:c0:d0:dc:68:38:04:14:92:fe:3b:3a:
7d:c3:1c:e9:ad:52:93:3a:03:30:be:b4:38:8a:d7:4c:56:9d:
77:4a:ad:c5:c8:90:1f:43:0f:57:0e:ed:f6:d9:75:7d:eb:86:
f2:3b:2d:4e:ab:b0:31:b8:3c:6e:19:bd:3f:4d:7d:ec:d6:0b:
e8:bd:81:35:15:c0:bc:cb:34:66:19:92:5a:ec:0a:dc:d5:41:
1b:ba:30:16:01:c6:d1:a1:82:00:06:1d:22:b4:9d:91:a7:a3:
20:9a:4f:06:39:13:c7:b0:57:34:56:8b:1e:07:cf:d0:d1:65:
9b:15:3a:27:71:e1:66:fd:d7:db:3c:fa:7e:79:e7:a9:8f:9e:
a8:fa:11:a6:87:bc:78:8e:4a:74:10:65:b1:d0:8b:67:4a:ac:
6d:c5:2f:06:a7:f5:6c:fd:ce:de:6e:a8:5b:c3:69:24:20:2c:
36:0a:9b:12
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEFhcEcDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
OWUwMjU3ZDA2N2VmOGI4NWY2MjBjNjcyMjBjZjk3N2RkZGUzOTk0MB4XDTIyMDEw
MTE0MDM1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDI0NjY0OWI1ZjE0
MjU0MWM4M2ZmMDQ2YWRhYTY5ZTliMjczNTBmZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALEM8JyrCHurKrbmkOzALlE4P/A/BUg+UpBR7nBYVib6vjLe
hbTYF+xsuMmEnID9naBukbZatm0pXVKHeurgmdifTidmYIoXbJ5Tp0Ap8matXEBR
bkWOCA/SOGDGtgmwci3MoDwAUAJusB9KzN3gUW7DDQPHSxjjoMwlfLnwkaXi9Xsl
dsO08WxP4suxMx2URsTnMMrAxjAj5Xdc672KRFfMm8UOAuUi+D6agEO1PsXE0AnP
41p3i/ZqumNC09vBiql9AbhqDDVxRRMMBlOQ2wsDlAGOHQWIDbv15N6Gr35PpK7A
Sati0d34VlI/XckMy2LJAmZfSWMhhAxRm0M3xEcCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBRCRmSbXxQlQcg/8EatqmnpsnNQ/TAfBgNVHSMEGDAWgBT54CV9Bn74uF9i
DGciDPl33d45lDAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtZUFsZlFaLS1MaGZZZ3huSWd6NWQ5M2VPWlEuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL2ViLzY5MTk0YS00NWEwLTQ4ZWYtOTliZi04ZTA0ODg3YzBhYmYv
MS9Ra1prbTE4VUpVSElQX0JHcmFwcDZiSnpVUDAucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Vi
LzY5MTk0YS00NWEwLTQ4ZWYtOTliZi04ZTA0ODg3YzBhYmYvMS8xLWVBbGZRWi0t
TGhmWWd4bklnejVkOTNlT1pRLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw8hIMA0GCSqGSIb3DQEBCwUA
A4IBAQAFRz7Lpw++zr7nZSfbXDRYIQZJVqtUEzVmMhgGlFJMnHFuq/nZTaUjt2JI
hbv32pQp1nDKCWUsHqrKaHiuZIyvDi+qvY5MBbf1Vu9OWpwKwNDcaDgEFJL+Ozp9
wxzprVKTOgMwvrQ4itdMVp13Sq3FyJAfQw9XDu322XV964byOy1Oq7AxuDxuGb0/
TX3s1gvovYE1FcC8yzRmGZJa7Arc1UEbujAWAcbRoYIABh0itJ2Rp6Mgmk8GORPH
sFc0VoseB8/Q0WWbFTonceFm/dfbPPp+eeepj56o+hGmh7x4jkp0EGWx0ItnSqxt
xS8Gp/Vs/c7ebqhbw2kkICw2CpsS
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:55 2023 by rpki-client on console-fra.rpki-client.org