Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/qETdQotiv0iJNPZkoqc9iB3fwNI.roa
File: qETdQotiv0iJNPZkoqc9iB3fwNI.roa (raw, json)
Hash identifier: eCuqYrLrV/CylCHMK7dKrX5uoAw75vnrF8Diz7BR208=
Subject key identifier: A8:44:DD:42:8B:62:BF:48:89:34:F6:64:A2:A7:3D:88:1D:DF:C0:D2
Certificate issuer: /CN=4b48cf146b4c73d274096d705708d24b729329f8
Certificate serial: 1C484D09
Authority key identifier: 4B:48:CF:14:6B:4C:73:D2:74:09:6D:70:57:08:D2:4B:72:93:29:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/qETdQotiv0iJNPZkoqc9iB3fwNI.roa
Signing time: Mon 25 Apr 2022 10:06:23 +0000
ROA not before: Mon 25 Apr 2022 10:06:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34305
IP address blocks: 85.12.32.0/20 maxlen: 20
85.12.48.0/21 maxlen: 21
185.91.28.0/24 maxlen: 24
91.148.236.0/22 maxlen: 24
195.200.84.0/24 maxlen: 24
195.200.85.0/24 maxlen: 24
91.148.240.0/20 maxlen: 24
193.138.220.0/24 maxlen: 24
85.12.58.0/23 maxlen: 24
85.12.60.0/22 maxlen: 22
91.148.194.0/23 maxlen: 23
91.148.193.0/24 maxlen: 24
91.148.196.0/22 maxlen: 22
91.148.200.0/21 maxlen: 21
91.148.208.0/20 maxlen: 20
2a01:788:aaac::/48 maxlen: 48
2a01:788::/32 maxlen: 48
2a01:788:1000::/48 maxlen: 48
2a01:788:aaab::/48 maxlen: 48
2a01:788:aaaa::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 474500361 (0x1c484d09)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b48cf146b4c73d274096d705708d24b729329f8
Validity
Not Before: Apr 25 10:06:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a844dd428b62bf488934f664a2a73d881ddfc0d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:36:56:5e:ad:2c:19:89:29:06:a9:eb:1a:cb:
c4:ab:4a:de:77:a6:22:98:8d:f7:96:d3:f9:94:47:
17:72:e2:af:b4:54:42:ac:79:30:fa:ea:09:3d:dd:
3e:83:de:bd:59:8a:fb:0c:33:40:3e:b0:39:ff:ac:
02:98:31:49:40:b0:63:ce:7a:14:ef:1d:80:b7:c4:
bb:e4:83:d2:75:a0:95:e2:58:f3:bf:89:27:7b:cf:
ff:05:f4:06:39:48:56:0c:a0:94:46:bb:4a:d8:56:
8e:79:09:ee:1b:85:ac:85:b5:d5:eb:2d:32:17:93:
dd:c2:ba:94:b5:29:f1:3e:05:fa:52:60:01:a2:ab:
8a:b7:cc:54:e4:c4:2a:9f:43:3c:13:ce:29:12:ab:
54:75:66:0b:ce:f6:aa:40:9f:9b:2c:6b:18:e2:ec:
01:ee:d1:c5:b8:bf:34:8b:d9:4f:18:b8:96:b0:a8:
eb:0b:c2:46:25:4c:63:53:95:25:48:07:f5:20:3b:
87:92:40:3b:35:25:39:b7:f2:9a:83:ca:73:5c:5a:
a8:37:d5:91:2d:4b:89:30:48:1f:8e:c0:08:38:ac:
c8:13:07:f4:da:23:be:10:15:cf:c9:2e:cf:88:7b:
7a:93:3f:38:82:5f:f8:40:63:ff:36:c0:5e:1d:ed:
cd:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:44:DD:42:8B:62:BF:48:89:34:F6:64:A2:A7:3D:88:1D:DF:C0:D2
X509v3 Authority Key Identifier:
keyid:4B:48:CF:14:6B:4C:73:D2:74:09:6D:70:57:08:D2:4B:72:93:29:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/qETdQotiv0iJNPZkoqc9iB3fwNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/S0jPFGtMc9J0CW1wVwjSS3KTKfg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.12.32.0-85.12.55.255
85.12.58.0-85.12.63.255
91.148.193.0-91.148.223.255
91.148.236.0-91.148.255.255
185.91.28.0/24
193.138.220.0/24
195.200.84.0/23
IPv6:
2a01:788::/32
Signature Algorithm: sha256WithRSAEncryption
2d:ea:d8:bd:1c:b0:50:eb:7b:af:89:3c:f7:d8:b2:48:b1:c9:
ff:fd:da:2f:5d:53:b3:e5:1f:e4:44:c5:0f:cd:bf:d6:d0:af:
9e:ae:0b:87:e6:16:f1:5b:eb:e8:10:63:80:bc:cb:c1:81:9c:
4e:15:1d:75:6f:f7:17:b1:76:05:df:64:2d:7d:66:90:66:6c:
b5:67:99:27:c0:17:0e:02:ca:5c:b1:c4:3d:2c:ef:c6:9a:2a:
65:9e:a2:2d:88:92:8c:08:1f:22:96:e7:87:59:0f:7d:8c:88:
55:f4:61:74:23:48:6f:a1:31:c5:39:59:88:f1:b4:58:c7:f0:
8a:74:5e:7e:b1:07:38:fa:c0:e3:ad:91:ff:c6:e1:76:ed:16:
a9:ae:f6:b8:ea:75:de:22:97:be:4f:3b:2b:2d:f6:ea:ff:e5:
bb:12:49:7b:7a:db:ce:71:10:07:8f:1d:ce:9e:e7:a0:ca:83:
a3:25:56:0b:47:04:12:2c:72:9c:a2:1e:93:fd:13:43:3c:ef:
cb:cd:d2:6d:50:71:d1:c6:54:b3:06:95:f1:11:e3:f7:f9:98:
6c:9a:34:ee:88:d0:a5:c4:a0:2f:95:74:10:b7:3e:9a:e4:b8:
60:09:33:d3:ab:44:4d:27:0c:8e:4d:a7:6b:24:5a:80:83:ca:
c5:92:7d:7d
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIEHEhNCTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YjQ4Y2YxNDZiNGM3M2QyNzQwOTZkNzA1NzA4ZDI0YjcyOTMyOWY4MB4XDTIyMDQy
NTEwMDYyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTg0NGRkNDI4YjYy
YmY0ODg5MzRmNjY0YTJhNzNkODgxZGRmYzBkMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAME2Vl6tLBmJKQap6xrLxKtK3nemIpiN95bT+ZRHF3Lir7RU
Qqx5MPrqCT3dPoPevVmK+wwzQD6wOf+sApgxSUCwY856FO8dgLfEu+SD0nWgleJY
87+JJ3vP/wX0BjlIVgyglEa7SthWjnkJ7huFrIW11estMheT3cK6lLUp8T4F+lJg
AaKrirfMVOTEKp9DPBPOKRKrVHVmC872qkCfmyxrGOLsAe7Rxbi/NIvZTxi4lrCo
6wvCRiVMY1OVJUgH9SA7h5JAOzUlObfymoPKc1xaqDfVkS1LiTBIH47ACDisyBMH
9NojvhAVz8kuz4h7epM/OIJf+EBj/zbAXh3tzXECAwEAAaOCAlswggJXMB0GA1Ud
DgQWBBSoRN1Ci2K/SIk09mSipz2IHd/A0jAfBgNVHSMEGDAWgBRLSM8Ua0xz0nQJ
bXBXCNJLcpMp+DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1MwalBGR3RNYzlKMENXMXdWd2pTUzNLVEtmZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjYvM2JiYjUyLTM5M2UtNDc2Mi1hNzBjLTY0YTZhMDViOTkwNS8x
L3FFVGRRb3RpdjBpSk5QWmtvcWM5aUIzZndOSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjYv
M2JiYjUyLTM5M2UtNDc2Mi1hNzBjLTY0YTZhMDViOTkwNS8xL1MwalBGR3RNYzlK
MENXMXdWd2pTUzNLVEtmZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBx
BggrBgEFBQcBBwEB/wRiMGAwTwQCAAEwSTAMAwQFVQwgAwQDVQwwMAwDBAFVDDoD
BAZVDAAwDAMEAFuUwQMEBVuUwDALAwQCW5TsAwMAW5QDBAC5WxwDBADBitwDBAHD
yFQwDQQCAAIwBwMFACoBB4gwDQYJKoZIhvcNAQELBQADggEBAC3q2L0csFDre6+J
PPfYskixyf/92i9dU7PlH+RExQ/Nv9bQr56uC4fmFvFb6+gQY4C8y8GBnE4VHXVv
9xexdgXfZC19ZpBmbLVnmSfAFw4CylyxxD0s78aaKmWeoi2IkowIHyKW54dZD32M
iFX0YXQjSG+hMcU5WYjxtFjH8Ip0Xn6xBzj6wOOtkf/G4XbtFqmu9rjqdd4il75P
Oyst9ur/5bsSSXt6285xEAePHc6e56DKg6MlVgtHBBIscpyiHpP9E0M878vN0m1Q
cdHGVLMGlfER4/f5mGyaNO6I0KXEoC+VdBC3PprkuGAJM9OrRE0nDI5Np2skWoCD
ysWSfX0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:47 2024 by rpki-client on console-ams.rpki-client.org