Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/qxWqr-7T19hSG3vwC099arnrUC4.roa
File: qxWqr-7T19hSG3vwC099arnrUC4.roa (raw, json)
Hash identifier: D1zIXRoC1yhUHoNnuI6hB0WH9tceCjOthgVtVcXhd80=
Subject key identifier: AB:15:AA:AF:EE:D3:D7:D8:52:1B:7B:F0:0B:4F:7D:6A:B9:EB:50:2E
Certificate issuer: /CN=624ad4535ac88dd534199f2a726095af71afe44e
Certificate serial: 06A0DDC9
Authority key identifier: 62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/qxWqr-7T19hSG3vwC099arnrUC4.roa
Signing time: Fri 04 Feb 2022 18:43:21 +0000
ROA not before: Fri 04 Feb 2022 18:43:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197706
IP address blocks: 185.233.124.0/24 maxlen: 24
185.233.125.0/24 maxlen: 24
185.233.126.0/24 maxlen: 24
185.53.100.0/22 maxlen: 24
109.74.31.0/24 maxlen: 24
109.74.29.0/24 maxlen: 24
109.74.30.0/24 maxlen: 24
109.74.28.0/24 maxlen: 24
31.171.152.0/21 maxlen: 21
31.171.152.0/22 maxlen: 22
31.171.159.0/24 maxlen: 24
31.171.158.0/24 maxlen: 24
31.171.157.0/24 maxlen: 24
45.66.252.0/22 maxlen: 22
194.113.80.0/23 maxlen: 23
194.113.94.0/24 maxlen: 24
45.142.24.0/22 maxlen: 22
2a0d:4a40::/29 maxlen: 29
2a04:27c0::/29 maxlen: 29
2a0e:d4c0::/29 maxlen: 29
2a0d:42c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 111205833 (0x6a0ddc9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=624ad4535ac88dd534199f2a726095af71afe44e
Validity
Not Before: Feb 4 18:43:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ab15aaafeed3d7d8521b7bf00b4f7d6ab9eb502e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:4b:eb:a3:c3:11:0b:82:d9:48:c8:31:8c:c3:
c9:7a:75:94:79:38:ea:f9:bb:c1:8a:60:6b:5b:85:
5e:ad:19:4e:e9:c6:1d:eb:12:7f:4f:a1:9b:bc:7f:
9a:b9:7d:77:2b:99:5e:30:a6:d6:2d:ba:ce:39:cb:
92:05:83:f1:08:db:3f:2f:e5:6b:14:cb:1a:bd:47:
ac:4c:b0:70:c0:29:ed:b7:e4:12:b5:7f:25:79:93:
05:c0:09:a4:dd:4a:ae:c1:fd:93:93:b5:a0:5a:68:
60:0c:44:7b:4b:54:ea:7e:0b:90:a0:a1:69:45:c3:
4a:03:4f:0d:29:a3:db:89:90:a5:ee:50:e5:68:31:
34:09:77:d3:ba:6c:e5:90:14:50:51:84:30:27:51:
0a:2a:5c:07:88:54:08:0d:48:7d:63:4a:c7:24:78:
aa:33:cf:c0:f5:25:89:bd:b1:3b:2b:1a:c7:25:cf:
1c:70:91:a2:e0:9f:89:1b:6c:e4:d9:6b:bb:d2:3d:
2d:ae:b7:3a:9f:8a:c3:1d:85:41:08:cc:f2:a4:1e:
f3:9e:af:62:b0:fc:a8:15:67:c5:65:df:2a:f9:30:
d9:60:40:ab:07:93:a3:61:f8:a9:ef:5d:1e:fa:23:
24:30:90:c0:2c:bb:47:73:93:c0:b3:02:0c:94:78:
1f:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:15:AA:AF:EE:D3:D7:D8:52:1B:7B:F0:0B:4F:7D:6A:B9:EB:50:2E
X509v3 Authority Key Identifier:
keyid:62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/qxWqr-7T19hSG3vwC099arnrUC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.152.0/21
45.66.252.0/22
45.142.24.0/22
109.74.28.0/22
185.53.100.0/22
185.233.124.0-185.233.126.255
194.113.80.0/23
194.113.94.0/24
IPv6:
2a04:27c0::/29
2a0d:42c0::/29
2a0d:4a40::/29
2a0e:d4c0::/29
Signature Algorithm: sha256WithRSAEncryption
73:2a:5a:a3:c1:a8:4e:84:50:37:99:6b:1a:84:97:07:62:f5:
96:a1:f0:0f:61:73:8b:88:de:ec:2f:d6:c6:39:01:ed:f9:6e:
0a:4d:b1:0c:1e:0f:0d:c1:9a:ff:98:b8:8c:5b:41:5f:48:78:
fd:fa:f9:ab:2c:24:51:60:3e:37:b0:c2:f4:cc:0f:7c:be:1c:
c4:18:54:5b:23:d0:66:67:be:27:88:ee:a3:d6:96:d3:43:c3:
75:4d:08:02:62:65:cb:69:6d:0a:f7:09:9d:2d:12:27:92:18:
de:ff:01:53:38:8b:e9:37:9d:8b:02:40:39:50:7d:4f:a5:c7:
80:b1:8e:64:ba:9a:cf:f8:52:aa:d8:27:57:8d:7c:91:52:cf:
92:75:04:fb:0c:c0:eb:7a:fe:1a:b6:c4:52:c7:6b:8d:29:bc:
30:a7:53:4f:52:57:e6:b7:ec:b3:52:2d:0d:d3:e0:d2:b6:3a:
e1:73:f1:53:4d:01:dc:27:47:18:4a:a4:08:ae:08:15:86:4f:
af:2d:4b:9b:66:61:4c:c5:74:15:88:d8:dd:9a:d8:3a:19:41:
26:5b:97:89:61:1e:ac:84:12:97:ca:36:1f:1f:c3:bd:7a:c4:
b9:5c:83:6e:c1:14:09:d1:9a:e7:76:e2:3f:b2:c4:44:49:ee:
e6:86:c0:b2
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIEBqDdyTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MjRhZDQ1MzVhYzg4ZGQ1MzQxOTlmMmE3MjYwOTVhZjcxYWZlNDRlMB4XDTIyMDIw
NDE4NDMyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWIxNWFhYWZlZWQz
ZDdkODUyMWI3YmYwMGI0ZjdkNmFiOWViNTAyZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALZL66PDEQuC2UjIMYzDyXp1lHk46vm7wYpga1uFXq0ZTunG
HesSf0+hm7x/mrl9dyuZXjCm1i26zjnLkgWD8QjbPy/laxTLGr1HrEywcMAp7bfk
ErV/JXmTBcAJpN1KrsH9k5O1oFpoYAxEe0tU6n4LkKChaUXDSgNPDSmj24mQpe5Q
5WgxNAl307ps5ZAUUFGEMCdRCipcB4hUCA1IfWNKxyR4qjPPwPUlib2xOysaxyXP
HHCRouCfiRts5Nlru9I9La63Op+Kwx2FQQjM8qQe856vYrD8qBVnxWXfKvkw2WBA
qweTo2H4qe9dHvojJDCQwCy7R3OTwLMCDJR4H8ECAwEAAaOCAl8wggJbMB0GA1Ud
DgQWBBSrFaqv7tPX2FIbe/ALT31quetQLjAfBgNVHSMEGDAWgBRiStRTWsiN1TQZ
nypyYJWvca/kTjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lrclVVMXJJamRVMEdaOHFjbUNWcjNHdjVFNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvYWExMDE5LTU2NGYtNGM0Ni1hMjE3LWZiNTk0OTgwOGRkYy8x
L3F4V3FyLTdUMTloU0czdndDMDk5YXJuclVDNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
YWExMDE5LTU2NGYtNGM0Ni1hMjE3LWZiNTk0OTgwOGRkYy8xL1lrclVVMXJJamRV
MEdaOHFjbUNWcjNHdjVFNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB1
BggrBgEFBQcBBwEB/wRmMGQwPgQCAAEwOAMEAx+rmAMEAi1C/AMEAi2OGAMEAm1K
HAMEArk1ZDAMAwQCuel8AwQAuel+AwQBwnFQAwQAwnFeMCIEAgACMBwDBQMqBCfA
AwUDKg1CwAMFAyoNSkADBQMqDtTAMA0GCSqGSIb3DQEBCwUAA4IBAQBzKlqjwahO
hFA3mWsahJcHYvWWofAPYXOLiN7sL9bGOQHt+W4KTbEMHg8NwZr/mLiMW0FfSHj9
+vmrLCRRYD43sML0zA98vhzEGFRbI9BmZ74niO6j1pbTQ8N1TQgCYmXLaW0K9wmd
LRInkhje/wFTOIvpN52LAkA5UH1PpceAsY5kuprP+FKq2CdXjXyRUs+SdQT7DMDr
ev4atsRSx2uNKbwwp1NPUlfmt+yzUi0N0+DStjrhc/FTTQHcJ0cYSqQIrggVhk+v
LUubZmFMxXQViNjdmtg6GUEmW5eJYR6shBKXyjYfH8O9esS5XINuwRQJ0ZrnduI/
ssRESe7mhsCy
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:32:53 2025 by rpki-client