Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/8c1323-afcc-4b44-9881-06308a44856d/1/Q9_RaZfIeI8X3nE9uG9n2idewO4.roa
File: Q9_RaZfIeI8X3nE9uG9n2idewO4.roa (raw, json)
Hash identifier: VivpbyAsHeon3UxFIzLoA27Q56KXUICRXM1vKe5V4t0=
Subject key identifier: 43:DF:D1:69:97:C8:78:8F:17:DE:71:3D:B8:6F:67:DA:27:5E:C0:EE
Certificate issuer: /CN=2cb035707202d4013a4479be5112d7fa227b7275
Certificate serial: 05588941
Authority key identifier: 2C:B0:35:70:72:02:D4:01:3A:44:79:BE:51:12:D7:FA:22:7B:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LLA1cHIC1AE6RHm-URLX-iJ7cnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/8c1323-afcc-4b44-9881-06308a44856d/1/Q9_RaZfIeI8X3nE9uG9n2idewO4.roa
Signing time: Sat 01 Jan 2022 02:53:39 +0000
ROA not before: Sat 01 Jan 2022 02:53:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200020
IP address blocks: 194.62.131.0/24 maxlen: 24
194.62.129.0/24 maxlen: 24
2a0d:8c40::/29 maxlen: 29
2001:67c:608::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89688385 (0x5588941)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2cb035707202d4013a4479be5112d7fa227b7275
Validity
Not Before: Jan 1 02:53:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=43dfd16997c8788f17de713db86f67da275ec0ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:aa:fd:72:84:6d:e8:fb:80:02:4c:de:65:f1:
50:6f:3c:33:88:29:00:f4:0a:a4:e0:9b:4d:c4:a7:
a3:d7:79:a8:da:98:ae:6e:cb:05:8a:a8:5c:b6:48:
c9:8e:db:b4:3c:01:72:f4:35:16:dc:52:e1:c7:3f:
95:d1:c7:a2:8a:05:d7:ce:be:31:25:85:fb:7f:83:
50:e6:a5:d3:7c:0c:dd:56:e6:9c:2d:9b:75:dd:f7:
cc:ca:a4:bc:56:8c:e8:db:b8:a7:43:d4:ff:a2:97:
12:c7:d7:14:9d:85:cf:f1:4c:fd:d6:6f:d4:a5:14:
1b:fb:2f:34:22:67:e8:02:92:6d:82:8c:ba:3b:e1:
fd:05:a0:3f:57:87:79:e3:5d:c1:17:1b:0f:45:66:
37:ce:68:a2:b2:91:04:41:49:b5:0b:53:d1:eb:1c:
30:06:a4:66:2b:5e:6f:93:8c:b0:75:eb:e6:1f:d3:
55:ec:76:63:8e:81:fc:49:e4:20:8a:ae:bb:f0:0b:
99:2e:23:05:a7:05:db:72:74:55:79:e3:cc:82:86:
8d:02:1e:60:02:97:cc:f6:46:8d:9b:7f:bd:d4:15:
69:b8:87:99:30:98:c2:b9:35:56:d6:4e:f1:53:41:
1b:9a:e0:f3:8c:04:ab:3e:dd:de:6a:8e:00:4c:ab:
d2:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:DF:D1:69:97:C8:78:8F:17:DE:71:3D:B8:6F:67:DA:27:5E:C0:EE
X509v3 Authority Key Identifier:
keyid:2C:B0:35:70:72:02:D4:01:3A:44:79:BE:51:12:D7:FA:22:7B:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LLA1cHIC1AE6RHm-URLX-iJ7cnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/8c1323-afcc-4b44-9881-06308a44856d/1/Q9_RaZfIeI8X3nE9uG9n2idewO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/8c1323-afcc-4b44-9881-06308a44856d/1/LLA1cHIC1AE6RHm-URLX-iJ7cnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.62.129.0/24
194.62.131.0/24
IPv6:
2001:67c:608::/48
2a0d:8c40::/29
Signature Algorithm: sha256WithRSAEncryption
73:a4:20:af:8d:76:51:29:34:61:1e:ef:d3:60:8a:1b:20:49:
25:65:e2:6b:c9:60:94:24:a5:83:99:a3:74:f0:18:04:8b:5f:
8c:1c:a9:4d:20:12:94:db:fc:78:69:ac:5b:39:89:a6:bf:ba:
5e:63:28:45:cf:13:9c:82:6d:5e:f4:c1:bb:e1:05:16:2f:e8:
c6:74:50:25:53:1a:40:c9:9e:df:78:09:ac:e7:02:02:24:b0:
fb:eb:2e:e0:96:7a:3f:d6:fa:ac:1d:14:1f:b9:c5:8a:ff:17:
88:00:39:a4:cf:3e:80:2a:4f:d7:16:8c:51:64:7e:0f:e2:35:
36:d7:0b:67:81:5a:da:88:8c:ee:b3:b9:4f:57:7a:51:1a:80:
db:46:db:0f:11:ce:f7:25:f9:34:0f:c4:98:93:d0:5c:e2:75:
c3:cc:34:a5:5e:54:42:b8:91:68:f5:2d:c3:00:33:14:66:e5:
b6:00:c5:f1:26:b2:0c:03:4f:81:ac:a8:ef:78:a8:c6:03:a9:
21:8f:66:13:3e:3c:39:23:1d:31:85:3b:e0:de:39:c8:e2:22:
e0:ab:66:18:8c:c2:fd:66:8b:25:32:3a:0b:f1:eb:88:81:dd:
7b:c0:ee:17:04:17:ab:23:d2:91:a6:83:ed:a1:6a:db:08:7b:
c8:ad:08:d3
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEBViJQTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
Y2IwMzU3MDcyMDJkNDAxM2E0NDc5YmU1MTEyZDdmYTIyN2I3Mjc1MB4XDTIyMDEw
MTAyNTMzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDNkZmQxNjk5N2M4
Nzg4ZjE3ZGU3MTNkYjg2ZjY3ZGEyNzVlYzBlZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKSq/XKEbej7gAJM3mXxUG88M4gpAPQKpOCbTcSno9d5qNqY
rm7LBYqoXLZIyY7btDwBcvQ1FtxS4cc/ldHHoooF186+MSWF+3+DUOal03wM3Vbm
nC2bdd33zMqkvFaM6Nu4p0PU/6KXEsfXFJ2Fz/FM/dZv1KUUG/svNCJn6AKSbYKM
ujvh/QWgP1eHeeNdwRcbD0VmN85oorKRBEFJtQtT0escMAakZiteb5OMsHXr5h/T
Vex2Y46B/EnkIIquu/ALmS4jBacF23J0VXnjzIKGjQIeYAKXzPZGjZt/vdQVabiH
mTCYwrk1VtZO8VNBG5rg84wEqz7d3mqOAEyr0lECAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBRD39Fpl8h4jxfecT24b2faJ17A7jAfBgNVHSMEGDAWgBQssDVwcgLUATpE
eb5REtf6IntydTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xMQTFjSElDMUFFNlJIbS1VUkxYLWlKN2NuVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjEvOGMxMzIzLWFmY2MtNGI0NC05ODgxLTA2MzA4YTQ0ODU2ZC8x
L1E5X1JhWmZJZUk4WDNuRTl1RzluMmlkZXdPNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjEv
OGMxMzIzLWFmY2MtNGI0NC05ODgxLTA2MzA4YTQ0ODU2ZC8xL0xMQTFjSElDMUFF
NlJIbS1VUkxYLWlKN2NuVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwEgQCAAEwDAMEAMI+gQMEAMI+gzAWBAIAAjAQAwcA
IAEGfAYIAwUDKg2MQDANBgkqhkiG9w0BAQsFAAOCAQEAc6Qgr412USk0YR7v02CK
GyBJJWXia8lglCSlg5mjdPAYBItfjBypTSASlNv8eGmsWzmJpr+6XmMoRc8TnIJt
XvTBu+EFFi/oxnRQJVMaQMme33gJrOcCAiSw++su4JZ6P9b6rB0UH7nFiv8XiAA5
pM8+gCpP1xaMUWR+D+I1NtcLZ4Fa2oiM7rO5T1d6URqA20bbDxHO9yX5NA/EmJPQ
XOJ1w8w0pV5UQriRaPUtwwAzFGbltgDF8SayDANPgayo73ioxgOpIY9mEz48OSMd
MYU74N45yOIi4KtmGIzC/WaLJTI6C/HriIHde8DuFwQXqyPSkaaD7aFq2wh7yK0I
0w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:17 2024 by rpki-client on console-fra.rpki-client.org