Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/1QQ52XQy-aQXy19c90nYZyupPPs.roa
File: 1QQ52XQy-aQXy19c90nYZyupPPs.roa (raw, json)
Hash identifier: 8W54LxgAIdQ4I/I0rcN0WKrRZF9ZLy2DwuGoWAxtOto=
Subject key identifier: D5:04:39:D9:74:32:F9:A4:17:CB:5F:5C:F7:49:D8:67:2B:A9:3C:FB
Certificate issuer: /CN=33c342c06aacc359d39439ff58defa8ea1875748
Certificate serial: 0E392974
Authority key identifier: 33:C3:42:C0:6A:AC:C3:59:D3:94:39:FF:58:DE:FA:8E:A1:87:57:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M8NCwGqsw1nTlDn_WN76jqGHV0g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/1QQ52XQy-aQXy19c90nYZyupPPs.roa
Signing time: Wed 20 Apr 2022 06:37:52 +0000
ROA not before: Wed 20 Apr 2022 06:37:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42870
IP address blocks: 217.22.169.0/24 maxlen: 24
217.22.168.0/22 maxlen: 22
217.22.168.0/24 maxlen: 24
217.22.171.0/24 maxlen: 24
217.22.170.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 238627188 (0xe392974)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33c342c06aacc359d39439ff58defa8ea1875748
Validity
Not Before: Apr 20 06:37:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d50439d97432f9a417cb5f5cf749d8672ba93cfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:d5:a9:b9:1d:a3:46:cd:2f:58:06:5d:d6:4b:
56:54:a0:db:23:d2:68:9b:10:b4:95:56:27:4a:1f:
b7:79:97:10:03:81:1a:e4:65:57:92:a4:62:06:a5:
25:5d:0c:af:5b:ee:92:63:41:46:98:41:aa:f9:42:
05:66:45:d6:b0:b3:58:0b:d2:2d:2e:1c:75:29:e2:
be:3d:17:f8:e1:06:c7:45:df:b7:12:55:d0:ed:39:
04:09:96:b1:28:e0:59:86:e4:b2:ba:0b:85:f8:9f:
71:3a:5f:1e:df:6b:5f:15:4b:60:35:e2:be:71:4d:
ba:67:81:3c:af:7e:a8:84:d5:e8:8c:e3:38:18:27:
2d:ee:e9:e0:be:13:1b:9e:34:11:62:f2:2f:a5:d0:
a3:7d:75:75:fa:97:95:7f:e3:c3:21:4d:cf:e9:06:
90:a2:f6:58:22:ad:eb:bb:9a:c4:b6:41:b1:34:2e:
24:42:51:09:4e:d6:52:97:94:37:65:04:2a:37:c6:
77:24:88:70:35:8b:f1:99:df:3e:6f:33:73:ba:ad:
87:64:fa:bc:37:d7:9a:23:c2:56:fb:b9:fc:23:54:
89:2b:f3:07:a1:d0:ae:07:83:89:d8:e0:8d:2b:98:
a0:57:e6:bd:1e:0e:d4:d8:4f:2f:0d:23:54:02:7a:
23:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:04:39:D9:74:32:F9:A4:17:CB:5F:5C:F7:49:D8:67:2B:A9:3C:FB
X509v3 Authority Key Identifier:
keyid:33:C3:42:C0:6A:AC:C3:59:D3:94:39:FF:58:DE:FA:8E:A1:87:57:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M8NCwGqsw1nTlDn_WN76jqGHV0g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/1QQ52XQy-aQXy19c90nYZyupPPs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/M8NCwGqsw1nTlDn_WN76jqGHV0g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.22.168.0/22
Signature Algorithm: sha256WithRSAEncryption
78:dc:81:45:98:6a:01:0b:c7:fb:e2:9d:0a:82:52:60:dc:ce:
91:00:1c:f9:8f:dd:ae:d1:99:98:54:1a:81:65:61:17:e4:39:
c8:f9:28:ad:eb:d1:3f:93:1f:6a:54:87:24:ef:d0:cc:eb:db:
5c:fa:12:78:75:97:1c:81:0c:98:af:6b:32:e5:1d:8c:e5:25:
cc:94:93:d4:4c:3f:7b:31:e8:b6:a8:f6:21:8c:63:f9:ba:59:
16:0f:9a:26:27:22:e0:86:03:33:6b:75:22:82:d5:62:19:c1:
e8:e3:56:41:ac:0e:e8:49:cc:ca:5f:41:7c:ba:e2:a0:a7:b5:
6f:00:d9:c8:7e:90:c7:41:bf:e9:8f:85:be:2c:97:db:69:a5:
42:0a:d7:c5:8d:87:6c:f5:b9:25:c8:ea:8c:a2:f2:a3:10:ca:
c6:97:8a:50:a5:99:30:92:38:52:1b:5a:05:c3:7d:e0:f3:b7:
2d:45:16:67:0e:ea:5f:5e:fd:0a:2c:ec:5d:7e:f3:a8:69:b4:
33:53:8a:a8:2c:d7:03:41:77:e3:53:ad:35:ce:71:6d:37:01:
65:1b:14:74:a8:eb:5a:ad:8c:fb:4e:3e:fe:e2:ee:e5:0c:f0:
8b:90:72:46:7b:47:f9:d4:c3:7f:78:a9:d4:cb:24:48:06:a2:
7d:58:16:74
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDjkpdDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
M2MzNDJjMDZhYWNjMzU5ZDM5NDM5ZmY1OGRlZmE4ZWExODc1NzQ4MB4XDTIyMDQy
MDA2Mzc1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDUwNDM5ZDk3NDMy
ZjlhNDE3Y2I1ZjVjZjc0OWQ4NjcyYmE5M2NmYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL/Vqbkdo0bNL1gGXdZLVlSg2yPSaJsQtJVWJ0oft3mXEAOB
GuRlV5KkYgalJV0Mr1vukmNBRphBqvlCBWZF1rCzWAvSLS4cdSnivj0X+OEGx0Xf
txJV0O05BAmWsSjgWYbksroLhfifcTpfHt9rXxVLYDXivnFNumeBPK9+qITV6Izj
OBgnLe7p4L4TG540EWLyL6XQo311dfqXlX/jwyFNz+kGkKL2WCKt67uaxLZBsTQu
JEJRCU7WUpeUN2UEKjfGdySIcDWL8ZnfPm8zc7qth2T6vDfXmiPCVvu5/CNUiSvz
B6HQrgeDidjgjSuYoFfmvR4O1NhPLw0jVAJ6I6sCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTVBDnZdDL5pBfLX1z3SdhnK6k8+zAfBgNVHSMEGDAWgBQzw0LAaqzDWdOU
Of9Y3vqOoYdXSDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L004TkN3R3FzdzFuVGxEbl9XTjc2anFHSFYwZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWUvYzU1ZmRmLWE2OGEtNGFhMC1iOGM1LTdmMjMzMzYwNDk5Ny8x
LzFRUTUyWFF5LWFRWHkxOWM5MG5ZWnl1cFBQcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWUv
YzU1ZmRmLWE2OGEtNGFhMC1iOGM1LTdmMjMzMzYwNDk5Ny8xL004TkN3R3FzdzFu
VGxEbl9XTjc2anFHSFYwZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAtkWqDANBgkqhkiG9w0BAQsFAAOC
AQEAeNyBRZhqAQvH++KdCoJSYNzOkQAc+Y/drtGZmFQagWVhF+Q5yPkorevRP5Mf
alSHJO/QzOvbXPoSeHWXHIEMmK9rMuUdjOUlzJST1Ew/ezHotqj2IYxj+bpZFg+a
Jici4IYDM2t1IoLVYhnB6ONWQawO6EnMyl9BfLrioKe1bwDZyH6Qx0G/6Y+FviyX
22mlQgrXxY2HbPW5JcjqjKLyoxDKxpeKUKWZMJI4UhtaBcN94PO3LUUWZw7qX179
CizsXX7zqGm0M1OKqCzXA0F341OtNc5xbTcBZRsUdKjrWq2M+04+/uLu5Qzwi5By
RntH+dTDf3ip1MskSAaifVgWdA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:28 2024 by rpki-client on console-ams.rpki-client.org