Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/aed381-45cc-44bc-a5c3-fe7963bec7d3/1/qq5kNNuNIE4LWxEZoKenoPZU4To.roa
File: qq5kNNuNIE4LWxEZoKenoPZU4To.roa (raw, json)
Hash identifier: 24KRnDRV/FPQjB9Sf/j86HMJ0mayXhoeH++qpOFgUqE=
Subject key identifier: AA:AE:64:34:DB:8D:20:4E:0B:5B:11:19:A0:A7:A7:A0:F6:54:E1:3A
Certificate issuer: /CN=f779f5f0288985abde09827e03d787a52149e7ec
Certificate serial: 01857079A8321D7370F02DB87CDBD9B4EDFA
Authority key identifier: F7:79:F5:F0:28:89:85:AB:DE:09:82:7E:03:D7:87:A5:21:49:E7:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/93n18CiJhaveCYJ-A9eHpSFJ5-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/aed381-45cc-44bc-a5c3-fe7963bec7d3/1/qq5kNNuNIE4LWxEZoKenoPZU4To.roa
Signing time: Mon 02 Jan 2023 03:14:59 +0000
ROA not before: Mon 02 Jan 2023 03:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29467
IP address blocks: 178.251.160.0/21 maxlen: 24
185.97.244.0/22 maxlen: 24
185.4.124.0/22 maxlen: 24
5.149.112.112/30 maxlen: 30
5.149.112.0/21 maxlen: 24
185.123.216.0/22 maxlen: 24
185.123.218.72/30 maxlen: 30
2a03:2f00::/32 maxlen: 32
2a02:70c0::/32 maxlen: 32
2a03:92e0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:a8:32:1d:73:70:f0:2d:b8:7c:db:d9:b4:ed:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f779f5f0288985abde09827e03d787a52149e7ec
Validity
Not Before: Jan 2 03:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aaae6434db8d204e0b5b1119a0a7a7a0f654e13a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:a1:77:fb:b0:8a:c7:86:52:93:e9:36:87:30:
cd:45:99:4c:8b:09:08:81:00:d5:a6:fc:4a:1d:55:
bc:b3:06:bf:0e:33:b8:ed:31:0a:1c:22:26:ac:a2:
53:2e:e4:d8:a1:ad:29:b4:98:d4:27:4b:35:1f:cc:
08:e0:13:9d:bf:8c:aa:bc:63:17:87:cb:da:57:ed:
e8:d5:45:4e:e2:e8:5d:bb:45:49:33:3b:08:00:9a:
56:16:c5:e8:2d:9e:d6:cb:b4:8f:a1:24:6d:0c:b3:
8f:6a:ae:0c:77:0c:77:02:50:e9:91:9c:32:40:ef:
e3:87:b9:40:9e:30:08:83:07:74:fd:e8:b5:d3:d9:
f2:7e:ef:02:05:8f:ef:7b:e2:46:87:74:56:96:f7:
04:b6:65:ca:48:e5:9b:8b:cc:cc:0b:3c:d1:c7:dd:
42:31:4d:cf:8b:29:36:63:7c:07:52:47:89:7b:10:
20:3a:00:cf:73:b8:67:e4:9a:6d:93:25:fa:99:73:
84:94:8a:f5:66:e3:b0:dd:d6:ef:c1:01:51:71:7b:
4b:8e:fd:2d:c2:f0:65:70:a2:f5:cf:26:42:ec:ae:
6d:6d:53:da:31:12:3f:e9:51:1b:34:89:7f:15:6e:
52:c6:ef:b1:08:da:9f:54:7e:db:98:53:74:c2:2a:
d4:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:AE:64:34:DB:8D:20:4E:0B:5B:11:19:A0:A7:A7:A0:F6:54:E1:3A
X509v3 Authority Key Identifier:
keyid:F7:79:F5:F0:28:89:85:AB:DE:09:82:7E:03:D7:87:A5:21:49:E7:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/93n18CiJhaveCYJ-A9eHpSFJ5-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/aed381-45cc-44bc-a5c3-fe7963bec7d3/1/qq5kNNuNIE4LWxEZoKenoPZU4To.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/aed381-45cc-44bc-a5c3-fe7963bec7d3/1/93n18CiJhaveCYJ-A9eHpSFJ5-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.112.0/21
178.251.160.0/21
185.4.124.0/22
185.97.244.0/22
185.123.216.0/22
IPv6:
2a02:70c0::/32
2a03:2f00::/32
2a03:92e0::/32
Signature Algorithm: sha256WithRSAEncryption
42:da:7b:b4:6a:a8:10:38:6d:38:db:be:75:28:87:1a:1d:66:
cc:3b:fb:86:23:95:cd:6a:81:97:65:a0:f3:78:e2:01:b7:53:
6b:08:6b:e3:ad:23:a8:b0:e8:83:1c:1b:7f:e6:10:a7:d7:70:
bf:df:70:c6:e4:a2:98:ee:27:6e:6b:ff:9a:ce:d2:83:16:a9:
37:c7:34:3a:93:39:78:4d:89:5c:a3:db:3e:b1:0f:95:54:ee:
69:d3:a6:15:87:98:df:38:79:8d:39:9e:c8:c9:3d:fb:3c:c2:
e8:d1:31:1e:22:67:aa:59:bc:42:c8:3e:46:ea:c6:26:fa:2f:
71:ae:11:20:52:af:e5:8d:aa:ed:49:e2:f5:39:e7:6f:a0:7d:
75:56:ae:ec:f1:c5:63:e0:fe:5c:14:e2:e2:a8:56:15:02:85:
f5:8a:18:a6:99:ff:50:21:7b:2c:66:82:4b:7b:e4:eb:c1:0e:
78:61:bb:e8:9b:8b:ac:99:b7:ef:f3:36:d7:e1:a9:d2:99:64:
b6:db:db:fa:7f:7f:e8:95:2d:c3:eb:c3:37:d9:d4:67:d5:08:
04:14:b9:74:6d:c6:06:d7:56:09:82:9e:53:e7:83:60:3c:1d:
f0:64:f4:f6:20:22:5c:7c:25:e8:c1:0a:aa:65:d2:35:43:87:
08:60:68:f7
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYVweagyHXNw8C24fNvZtO36MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NzlmNWYwMjg4OTg1YWJkZTA5ODI3ZTAzZDc4N2E1MjE0
OWU3ZWMwHhcNMjMwMTAyMDMxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWFlNjQzNGRiOGQyMDRlMGI1YjExMTlhMGE3YTdhMGY2NTRlMTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmaF3+7CKx4ZSk+k2hzDNRZlMiwkI
gQDVpvxKHVW8swa/DjO47TEKHCImrKJTLuTYoa0ptJjUJ0s1H8wI4BOdv4yqvGMX
h8vaV+3o1UVO4uhdu0VJMzsIAJpWFsXoLZ7Wy7SPoSRtDLOPaq4Mdwx3AlDpkZwy
QO/jh7lAnjAIgwd0/ei109nyfu8CBY/ve+JGh3RWlvcEtmXKSOWbi8zMCzzRx91C
MU3Piyk2Y3wHUkeJexAgOgDPc7hn5JptkyX6mXOElIr1ZuOw3dbvwQFRcXtLjv0t
wvBlcKL1zyZC7K5tbVPaMRI/6VEbNIl/FW5Sxu+xCNqfVH7bmFN0wirUCQIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFKquZDTbjSBOC1sRGaCnp6D2VOE6MB8GA1UdIwQY
MBaAFPd59fAoiYWr3gmCfgPXh6UhSefsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTNuMThDaUpoYXZlQ1lKLUE5ZUhwU0ZKNS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9hZWQzODEtNDVjYy00NGJjLWE1YzMt
ZmU3OTYzYmVjN2QzLzEvcXE1a05OdU5JRTRMV3hFWm9LZW5vUFpVNFRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9hZWQzODEtNDVjYy00NGJjLWE1YzMtZmU3OTYzYmVjN2Qz
LzEvOTNuMThDaUpoYXZlQ1lKLUE5ZUhwU0ZKNS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAkBAIAATAeAwQDBZVwAwQD
svugAwQCuQR8AwQCuWH0AwQCuXvYMBsEAgACMBUDBQAqAnDAAwUAKgMvAAMFACoD
kuAwDQYJKoZIhvcNAQELBQADggEBAELae7RqqBA4bTjbvnUohxodZsw7+4Yjlc1q
gZdloPN44gG3U2sIa+OtI6iw6IMcG3/mEKfXcL/fcMbkopjuJ25r/5rO0oMWqTfH
NDqTOXhNiVyj2z6xD5VU7mnTphWHmN84eY05nsjJPfs8wujRMR4iZ6pZvELIPkbq
xib6L3GuESBSr+WNqu1J4vU552+gfXVWruzxxWPg/lwU4uKoVhUChfWKGKaZ/1Ah
eyxmgkt75OvBDnhhu+ibi6yZt+/zNtfhqdKZZLbb2/p/f+iVLcPrwzfZ1GfVCAQU
uXRtxgbXVgmCnlPng2A8HfBk9PYgIlx8JejBCqpl0jVDhwhgaPc=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:30 2025 by rpki-client