Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/f0b6ba-8675-491c-8593-724949b460e9/1/QCrCM-1DjHi11sk6euHQcdE-h2I.roa
File: QCrCM-1DjHi11sk6euHQcdE-h2I.roa (raw, json)
Hash identifier: qsCT9jToHcQMduEOu8IhbIsHgLLrPWwOCDeSspfOLfA=
Subject key identifier: 40:2A:C2:33:ED:43:8C:78:B5:D6:C9:3A:7A:E1:D0:71:D1:3E:87:62
Certificate issuer: /CN=38f9c54f19193e06548163f895c3a46b9f8bfbb5
Certificate serial: 0F98F534
Authority key identifier: 38:F9:C5:4F:19:19:3E:06:54:81:63:F8:95:C3:A4:6B:9F:8B:FB:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OPnFTxkZPgZUgWP4lcOka5-L-7U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/f0b6ba-8675-491c-8593-724949b460e9/1/QCrCM-1DjHi11sk6euHQcdE-h2I.roa
Signing time: Sat 01 Jan 2022 06:56:26 +0000
ROA not before: Sat 01 Jan 2022 06:56:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29247
IP address blocks: 62.103.103.0/24 maxlen: 24
195.167.65.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 261682484 (0xf98f534)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38f9c54f19193e06548163f895c3a46b9f8bfbb5
Validity
Not Before: Jan 1 06:56:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=402ac233ed438c78b5d6c93a7ae1d071d13e8762
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:88:b0:d3:d6:c0:b2:a9:ba:1c:a4:3d:53:ff:
0e:9f:62:9e:b5:1f:11:3d:a1:eb:ff:b0:df:76:49:
61:9a:b9:54:67:ee:03:5f:6a:11:ac:a9:90:5e:83:
95:42:eb:46:db:ae:a4:29:84:e6:2e:9d:7b:83:e2:
9d:14:f9:af:dd:db:10:5f:25:3f:03:c4:96:0c:53:
b7:7a:ad:e1:31:ec:32:99:99:a7:51:16:78:b8:cf:
29:01:b5:6e:3d:45:31:24:a6:98:8d:cc:6b:65:74:
3b:c7:97:3c:58:d6:8b:4b:0d:4d:91:84:89:ba:a3:
07:10:ff:23:40:35:92:48:28:27:43:d1:a0:bf:a8:
0e:aa:ea:49:cc:09:c1:79:8a:aa:d5:d9:40:67:08:
53:70:79:6c:06:b8:a5:0f:bd:cf:3d:c7:7e:de:69:
ad:59:78:e0:dc:40:7c:43:03:3d:8e:89:8f:cf:c3:
ee:3b:25:3a:78:01:2b:fd:a6:2b:96:a1:80:8c:53:
4c:51:1e:4a:54:6d:47:c4:a1:04:89:0e:45:3b:9f:
1b:08:8d:97:07:dd:a4:34:f0:06:7c:19:b6:ae:27:
3f:65:3b:65:88:7d:4e:45:5d:7d:55:b1:d1:e8:cd:
9d:c6:8d:fe:ae:ac:ea:d2:3d:bc:88:d7:4e:59:eb:
8f:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:2A:C2:33:ED:43:8C:78:B5:D6:C9:3A:7A:E1:D0:71:D1:3E:87:62
X509v3 Authority Key Identifier:
keyid:38:F9:C5:4F:19:19:3E:06:54:81:63:F8:95:C3:A4:6B:9F:8B:FB:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OPnFTxkZPgZUgWP4lcOka5-L-7U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/f0b6ba-8675-491c-8593-724949b460e9/1/QCrCM-1DjHi11sk6euHQcdE-h2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/f0b6ba-8675-491c-8593-724949b460e9/1/OPnFTxkZPgZUgWP4lcOka5-L-7U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.103.103.0/24
195.167.65.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:9c:82:42:a6:f1:f6:9d:1c:28:e0:25:02:42:86:be:b9:81:
5b:18:ec:7b:c9:2c:5d:1f:f6:d7:77:f3:6c:08:be:60:ad:8f:
8a:e5:ce:55:d4:3b:db:92:1e:b6:7f:8a:2a:67:98:13:a2:ce:
db:cc:5c:45:e1:52:23:29:3f:c7:cc:14:51:d9:ac:42:1d:9b:
e0:be:6b:28:66:56:e7:e3:b0:cc:8d:1e:98:b2:ec:a6:d9:a8:
93:91:b0:35:11:7e:a0:7e:b9:42:89:42:97:81:b7:1e:72:b8:
d3:eb:98:98:a7:7c:19:8f:6e:10:a2:3e:79:55:b1:be:53:98:
54:ce:f1:94:ad:8f:da:bd:90:2a:ce:f3:c3:b6:71:04:33:a8:
d6:85:c5:62:a8:b5:60:e0:11:b6:c2:80:1c:a9:bf:19:76:6b:
9a:4b:b2:b1:37:6b:4c:7b:c4:5b:2b:a3:84:d1:66:b3:ba:ee:
27:62:5e:dc:bc:9b:6a:00:51:c0:9d:1c:ef:7a:d4:53:ba:e1:
72:75:55:ff:eb:c5:3a:cd:b9:c9:ac:40:3f:e4:ae:01:ba:d9:
4b:7c:de:70:c3:55:d8:82:3f:af:fc:32:8d:94:a2:85:29:90:
05:60:ef:31:99:16:9e:f6:97:cc:0b:64:89:d9:ed:fc:71:2f:
cc:9e:5a:47
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIED5j1NDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
OGY5YzU0ZjE5MTkzZTA2NTQ4MTYzZjg5NWMzYTQ2YjlmOGJmYmI1MB4XDTIyMDEw
MTA2NTYyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDAyYWMyMzNlZDQz
OGM3OGI1ZDZjOTNhN2FlMWQwNzFkMTNlODc2MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALSIsNPWwLKpuhykPVP/Dp9inrUfET2h6/+w33ZJYZq5VGfu
A19qEaypkF6DlULrRtuupCmE5i6de4PinRT5r93bEF8lPwPElgxTt3qt4THsMpmZ
p1EWeLjPKQG1bj1FMSSmmI3Ma2V0O8eXPFjWi0sNTZGEibqjBxD/I0A1kkgoJ0PR
oL+oDqrqScwJwXmKqtXZQGcIU3B5bAa4pQ+9zz3Hft5prVl44NxAfEMDPY6Jj8/D
7jslOngBK/2mK5ahgIxTTFEeSlRtR8ShBIkORTufGwiNlwfdpDTwBnwZtq4nP2U7
ZYh9TkVdfVWx0ejNncaN/q6s6tI9vIjXTlnrj2sCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRAKsIz7UOMeLXWyTp64dBx0T6HYjAfBgNVHSMEGDAWgBQ4+cVPGRk+BlSB
Y/iVw6Rrn4v7tTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09QbkZUeGtaUGdaVWdXUDRsY09rYTUtTC03VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDUvZjBiNmJhLTg2NzUtNDkxYy04NTkzLTcyNDk0OWI0NjBlOS8x
L1FDckNNLTFEakhpMTFzazZldUhRY2RFLWgySS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDUv
ZjBiNmJhLTg2NzUtNDkxYy04NTkzLTcyNDk0OWI0NjBlOS8xL09QbkZUeGtaUGda
VWdXUDRsY09rYTUtTC03VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAD5nZwMEAMOnQTANBgkqhkiG9w0B
AQsFAAOCAQEAXZyCQqbx9p0cKOAlAkKGvrmBWxjse8ksXR/213fzbAi+YK2PiuXO
VdQ725Ietn+KKmeYE6LO28xcReFSIyk/x8wUUdmsQh2b4L5rKGZW5+OwzI0emLLs
ptmok5GwNRF+oH65QolCl4G3HnK40+uYmKd8GY9uEKI+eVWxvlOYVM7xlK2P2r2Q
Ks7zw7ZxBDOo1oXFYqi1YOARtsKAHKm/GXZrmkuysTdrTHvEWyujhNFms7ruJ2Je
3LybagBRwJ0c73rUU7rhcnVV/+vFOs25yaxAP+SuAbrZS3zecMNV2II/r/wyjZSi
hSmQBWDvMZkWnvaXzAtkidnt/HEvzJ5aRw==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:32 2023 by rpki-client on console.sobornost.net