Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/36e6f0-eb2c-4cf8-8565-b363bb6caa02/1/bqz02Uj2s6M84ADttWbbwdCaXwM.roa
File: bqz02Uj2s6M84ADttWbbwdCaXwM.roa (raw, json)
Hash identifier: Q3hethSjA7+KmrxB7cMAc9sq03GI9uh/2EFP/lio+8w=
Subject key identifier: 6E:AC:F4:D9:48:F6:B3:A3:3C:E0:00:ED:B5:66:DB:C1:D0:9A:5F:03
Certificate issuer: /CN=fa23aeb6a5d9a34b83607777776fb8764fb76f00
Certificate serial: 0E46AF2E
Authority key identifier: FA:23:AE:B6:A5:D9:A3:4B:83:60:77:77:77:6F:B8:76:4F:B7:6F:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-iOutqXZo0uDYHd3d2-4dk-3bwA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/36e6f0-eb2c-4cf8-8565-b363bb6caa02/1/bqz02Uj2s6M84ADttWbbwdCaXwM.roa
Signing time: Sat 01 Jan 2022 02:54:41 +0000
ROA not before: Sat 01 Jan 2022 02:54:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61200
IP address blocks: 185.16.21.0/24 maxlen: 24
185.16.20.0/22 maxlen: 22
185.16.20.0/24 maxlen: 24
185.16.20.0/23 maxlen: 23
185.16.23.0/24 maxlen: 24
185.16.22.0/23 maxlen: 23
185.16.22.0/24 maxlen: 24
2a03:cbc0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 239513390 (0xe46af2e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa23aeb6a5d9a34b83607777776fb8764fb76f00
Validity
Not Before: Jan 1 02:54:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6eacf4d948f6b3a33ce000edb566dbc1d09a5f03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:1a:c8:a7:45:5b:40:1e:b5:aa:40:74:56:66:
db:51:0a:c3:c1:c3:88:8a:3b:e4:70:af:51:c5:94:
96:f8:e6:bf:af:49:3b:a1:bb:5f:ad:8e:f2:39:ee:
74:82:4e:5c:d5:45:8f:ca:ef:de:51:4c:b1:3c:fb:
87:fb:51:44:56:7e:ed:5a:b4:30:8e:8d:8f:ea:27:
18:ab:91:7b:55:24:4d:02:ce:60:e2:83:8e:01:1b:
17:8f:a3:ac:97:d1:2a:e1:93:b6:29:56:4b:1a:54:
27:5c:63:55:fc:7d:7c:18:f9:a6:82:a1:86:2b:5c:
ab:9e:ca:10:a3:a9:07:42:40:b6:99:a0:90:2e:9e:
be:59:c8:cf:13:86:47:0e:1c:4e:bb:d4:3e:99:62:
b3:84:2e:db:bc:12:ee:a6:c6:7f:f4:94:7d:b1:4e:
b3:88:82:e8:03:7d:79:39:5a:63:c9:f1:37:2d:a0:
3f:fb:a6:3f:71:30:14:06:99:af:d3:4f:cd:58:d0:
5d:0e:9c:82:76:1e:33:b9:08:02:37:cd:a4:03:29:
85:b0:26:f6:b5:1a:01:8c:97:13:a8:bf:8c:04:18:
a0:64:ef:9e:c1:22:99:d3:6e:a8:ad:e1:ff:14:c8:
7e:86:c3:f9:49:c2:ba:00:72:b1:a2:38:2c:bc:db:
47:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:AC:F4:D9:48:F6:B3:A3:3C:E0:00:ED:B5:66:DB:C1:D0:9A:5F:03
X509v3 Authority Key Identifier:
keyid:FA:23:AE:B6:A5:D9:A3:4B:83:60:77:77:77:6F:B8:76:4F:B7:6F:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-iOutqXZo0uDYHd3d2-4dk-3bwA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/36e6f0-eb2c-4cf8-8565-b363bb6caa02/1/bqz02Uj2s6M84ADttWbbwdCaXwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/36e6f0-eb2c-4cf8-8565-b363bb6caa02/1/1-iOutqXZo0uDYHd3d2-4dk-3bwA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.16.20.0/22
IPv6:
2a03:cbc0::/29
Signature Algorithm: sha256WithRSAEncryption
95:65:84:04:7b:bb:7a:a9:a2:ef:f2:9b:7d:34:91:de:0e:5f:
db:95:14:66:c1:07:f3:c9:43:47:1a:cf:5b:f3:fb:34:c8:9c:
47:dc:be:8c:c0:67:82:0b:f1:58:bb:d6:4f:41:d5:b2:7c:a3:
82:f4:7e:ef:04:02:68:88:5e:4a:d5:a6:66:59:99:bf:c8:31:
99:98:44:82:f8:39:8c:2d:dc:b8:95:63:b9:87:c2:f7:37:f1:
d7:10:80:26:6e:bd:2c:97:97:f9:03:6a:a7:3b:6e:18:f9:c9:
b1:40:25:53:db:55:cf:be:e7:be:6c:4b:c1:68:cf:e5:78:4d:
33:ee:74:d8:f0:5f:34:a0:7d:fa:7e:7f:26:d8:60:9b:78:08:
d2:f7:e9:2e:02:c8:5a:89:46:a3:33:e9:a9:df:5e:5b:66:d5:
af:9b:36:b5:2e:dc:70:8b:a9:fe:be:4e:1e:bc:1e:28:b4:b3:
ed:21:8c:1d:06:ab:a4:5f:58:00:11:a9:b7:93:db:c3:91:91:
cc:b9:fb:43:fe:5f:92:41:f8:53:ff:01:ef:85:10:94:04:2f:
fc:14:82:bf:b0:b2:77:38:35:8d:12:e9:0d:0f:c6:de:a3:39:
b8:98:13:f6:17:63:28:0f:0d:98:59:7c:a7:ba:94:0c:9d:52:
c8:79:25:8b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEDkavLjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YTIzYWViNmE1ZDlhMzRiODM2MDc3Nzc3NzZmYjg3NjRmYjc2ZjAwMB4XDTIyMDEw
MTAyNTQ0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmVhY2Y0ZDk0OGY2
YjNhMzNjZTAwMGVkYjU2NmRiYzFkMDlhNWYwMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANAayKdFW0AetapAdFZm21EKw8HDiIo75HCvUcWUlvjmv69J
O6G7X62O8jnudIJOXNVFj8rv3lFMsTz7h/tRRFZ+7Vq0MI6Nj+onGKuRe1UkTQLO
YOKDjgEbF4+jrJfRKuGTtilWSxpUJ1xjVfx9fBj5poKhhitcq57KEKOpB0JAtpmg
kC6evlnIzxOGRw4cTrvUPplis4Qu27wS7qbGf/SUfbFOs4iC6AN9eTlaY8nxNy2g
P/umP3EwFAaZr9NPzVjQXQ6cgnYeM7kIAjfNpAMphbAm9rUaAYyXE6i/jAQYoGTv
nsEimdNuqK3h/xTIfobD+UnCugBysaI4LLzbR60CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBRurPTZSPazozzgAO21ZtvB0JpfAzAfBgNVHSMEGDAWgBT6I662pdmjS4Ng
d3d3b7h2T7dvADAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtaU91dHFYWm8wdURZSGQzZDItNGRrLTNid0EuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzJjLzM2ZTZmMC1lYjJjLTRjZjgtODU2NS1iMzYzYmI2Y2FhMDIv
MS9icXowMlVqMnM2TTg0QUR0dFdiYndkQ2FYd00ucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzJj
LzM2ZTZmMC1lYjJjLTRjZjgtODU2NS1iMzYzYmI2Y2FhMDIvMS8xLWlPdXRxWFpv
MHVEWUhkM2QyLTRkay0zYndBLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuRAUMA0EAgACMAcDBQMqA8vA
MA0GCSqGSIb3DQEBCwUAA4IBAQCVZYQEe7t6qaLv8pt9NJHeDl/blRRmwQfzyUNH
Gs9b8/s0yJxH3L6MwGeCC/FYu9ZPQdWyfKOC9H7vBAJoiF5K1aZmWZm/yDGZmESC
+DmMLdy4lWO5h8L3N/HXEIAmbr0sl5f5A2qnO24Y+cmxQCVT21XPvue+bEvBaM/l
eE0z7nTY8F80oH36fn8m2GCbeAjS9+kuAshaiUajM+mp315bZtWvmza1Ltxwi6n+
vk4evB4otLPtIYwdBqukX1gAEam3k9vDkZHMuftD/l+SQfhT/wHvhRCUBC/8FIK/
sLJ3ODWNEukND8beozm4mBP2F2MoDw2YWXynupQMnVLIeSWL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:47 2024 by rpki-client on console-fra.rpki-client.org