Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/nqa1Xj2FltI7_kwilXbOqvWlcc8.roa
File: nqa1Xj2FltI7_kwilXbOqvWlcc8.roa (raw, json)
Hash identifier: 4He/Ka8a5T/DHBvamnUHpfsdJiN2r4FmNjtHKja94fI=
Subject key identifier: 9E:A6:B5:5E:3D:85:96:D2:3B:FE:4C:22:95:76:CE:AA:F5:A5:71:CF
Certificate issuer: /CN=3b7ec9423bf90c81d22d94841c10357a54260379
Certificate serial: 0A2D8FE3
Authority key identifier: 3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/nqa1Xj2FltI7_kwilXbOqvWlcc8.roa
Signing time: Sat 01 Jan 2022 14:59:16 +0000
ROA not before: Sat 01 Jan 2022 14:59:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57844
IP address blocks: 85.239.48.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 170758115 (0xa2d8fe3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b7ec9423bf90c81d22d94841c10357a54260379
Validity
Not Before: Jan 1 14:59:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9ea6b55e3d8596d23bfe4c229576ceaaf5a571cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:81:07:99:3f:bb:87:9c:2d:1d:67:09:d4:1e:
36:e2:6a:3a:6e:68:cb:62:24:7a:2b:d9:25:c9:8f:
cc:16:36:11:31:6d:99:14:31:36:2b:c2:36:2b:40:
62:7a:1e:e8:0b:13:77:09:95:b0:25:03:60:6e:31:
cc:27:67:8c:64:c2:72:71:5a:b4:39:06:e1:41:68:
e2:d9:22:e1:0e:4b:d7:35:09:49:a5:27:c8:76:60:
8f:3c:c7:81:cf:28:3e:1b:8e:26:ce:76:1e:e7:56:
8b:a5:2d:5c:66:cb:75:f8:ac:b7:00:11:e7:c2:77:
0d:aa:d1:28:69:2a:54:f0:08:0b:ac:0b:f4:8b:0c:
18:80:a2:32:5b:16:11:3f:8e:ea:3c:11:87:81:8c:
1b:2a:77:63:d6:d3:81:f9:02:71:f0:64:28:5c:94:
d5:34:00:cd:c1:a5:53:a7:01:0a:9b:fc:88:f2:d6:
1e:6d:2c:39:72:36:5c:16:a9:7c:87:74:63:59:cf:
af:10:56:01:7b:87:0c:1b:b7:84:69:13:e6:b9:9c:
1b:9e:6e:c1:00:d3:05:af:20:99:0e:ef:2a:11:42:
c1:f6:8b:35:54:07:fb:b4:a7:10:bd:29:fa:fe:ae:
e9:0c:28:fb:9c:5d:29:00:61:00:65:6b:86:f0:14:
61:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:A6:B5:5E:3D:85:96:D2:3B:FE:4C:22:95:76:CE:AA:F5:A5:71:CF
X509v3 Authority Key Identifier:
keyid:3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/nqa1Xj2FltI7_kwilXbOqvWlcc8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/O37JQjv5DIHSLZSEHBA1elQmA3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.48.0/20
Signature Algorithm: sha256WithRSAEncryption
67:d1:e1:cd:9f:f6:b3:11:c7:82:aa:3a:e7:66:c5:40:e9:ea:
52:aa:ab:12:10:10:63:70:64:47:00:16:13:af:27:7a:83:fb:
f8:e4:48:e1:82:17:1f:cb:91:43:19:db:44:37:a0:22:e0:6d:
f2:5b:35:64:51:4a:a3:99:dc:2c:44:91:dc:5e:8c:a9:25:aa:
91:4c:b3:02:00:8f:d5:5c:80:0f:eb:17:33:67:6e:76:83:92:
80:5b:09:08:dd:03:90:bb:4c:54:29:6b:01:18:e7:32:f0:ee:
06:c2:64:8d:63:34:35:85:f8:46:c3:eb:0d:fe:53:11:c4:6b:
2c:6c:f3:91:0d:26:5c:f0:8b:ec:0f:40:2c:be:98:7f:0c:ed:
02:a4:ad:a0:c7:d9:22:1c:9d:91:2c:60:4f:ad:3d:8c:d4:68:
22:ed:d6:fe:a8:03:2e:80:30:bd:83:4f:1d:5f:a1:87:4c:15:
8a:bf:74:79:96:6c:64:79:72:a3:29:a4:ef:f8:d8:35:46:5a:
fa:f5:7d:58:71:86:b8:e4:78:83:7e:d0:1a:7e:da:c8:c4:b6:
5e:a0:b4:89:84:da:ae:05:14:3c:64:85:fe:a1:ef:03:28:bc:
57:bd:bb:d2:31:4f:e0:4e:8c:a7:40:b7:6c:4d:d9:b8:aa:b9:
b3:e0:c8:c0
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECi2P4zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjdlYzk0MjNiZjkwYzgxZDIyZDk0ODQxYzEwMzU3YTU0MjYwMzc5MB4XDTIyMDEw
MTE0NTkxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWVhNmI1NWUzZDg1
OTZkMjNiZmU0YzIyOTU3NmNlYWFmNWE1NzFjZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALaBB5k/u4ecLR1nCdQeNuJqOm5oy2IkeivZJcmPzBY2ETFt
mRQxNivCNitAYnoe6AsTdwmVsCUDYG4xzCdnjGTCcnFatDkG4UFo4tki4Q5L1zUJ
SaUnyHZgjzzHgc8oPhuOJs52HudWi6UtXGbLdfistwAR58J3DarRKGkqVPAIC6wL
9IsMGICiMlsWET+O6jwRh4GMGyp3Y9bTgfkCcfBkKFyU1TQAzcGlU6cBCpv8iPLW
Hm0sOXI2XBapfId0Y1nPrxBWAXuHDBu3hGkT5rmcG55uwQDTBa8gmQ7vKhFCwfaL
NVQH+7SnEL0p+v6u6Qwo+5xdKQBhAGVrhvAUYbECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSeprVePYWW0jv+TCKVds6q9aVxzzAfBgNVHSMEGDAWgBQ7fslCO/kMgdIt
lIQcEDV6VCYDeTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08zN0pRanY1RElIU0xaU0VIQkExZWxRbUEzay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjMvOGVhNDdmLWVmZjMtNDYyNy05NGVkLTFkMTBmM2M3MGJiNC8x
L25xYTFYajJGbHRJN19rd2lsWGJPcXZXbGNjOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjMv
OGVhNDdmLWVmZjMtNDYyNy05NGVkLTFkMTBmM2M3MGJiNC8xL08zN0pRanY1RElI
U0xaU0VIQkExZWxRbUEzay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBFXvMDANBgkqhkiG9w0BAQsFAAOC
AQEAZ9HhzZ/2sxHHgqo652bFQOnqUqqrEhAQY3BkRwAWE68neoP7+ORI4YIXH8uR
QxnbRDegIuBt8ls1ZFFKo5ncLESR3F6MqSWqkUyzAgCP1VyAD+sXM2dudoOSgFsJ
CN0DkLtMVClrARjnMvDuBsJkjWM0NYX4RsPrDf5TEcRrLGzzkQ0mXPCL7A9ALL6Y
fwztAqStoMfZIhydkSxgT609jNRoIu3W/qgDLoAwvYNPHV+hh0wVir90eZZsZHly
oymk7/jYNUZa+vV9WHGGuOR4g37QGn7ayMS2XqC0iYTargUUPGSF/qHvAyi8V727
0jFP4E6Mp0C3bE3ZuKq5s+DIwA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:31 2024 by rpki-client on console-fra.rpki-client.org