Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/253078-0a7b-45bb-bc67-073639938437/1/qU2cKNtfi7qJd7-wbMR1gLKyBqk.roa
File: qU2cKNtfi7qJd7-wbMR1gLKyBqk.roa (raw, json)
Hash identifier: rBqBxrNbGLF8hHoVAFC3tFRDap7vv0Zz8dZ+UueQVnI=
Subject key identifier: A9:4D:9C:28:DB:5F:8B:BA:89:77:BF:B0:6C:C4:75:80:B2:B2:06:A9
Certificate issuer: /CN=c4f88b5c6e5116e50cf2b5bdf43e8720f1d8c60f
Certificate serial: 01CF6F67
Authority key identifier: C4:F8:8B:5C:6E:51:16:E5:0C:F2:B5:BD:F4:3E:87:20:F1:D8:C6:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xPiLXG5RFuUM8rW99D6HIPHYxg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/253078-0a7b-45bb-bc67-073639938437/1/qU2cKNtfi7qJd7-wbMR1gLKyBqk.roa
Signing time: Sat 01 Jan 2022 09:58:18 +0000
ROA not before: Sat 01 Jan 2022 09:58:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41589
IP address blocks: 81.25.128.0/20 maxlen: 20
195.34.86.0/23 maxlen: 23
91.142.48.0/20 maxlen: 24
217.171.176.0/20 maxlen: 20
79.141.16.0/20 maxlen: 20
185.118.100.0/22 maxlen: 24
2a02:4d8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30371687 (0x1cf6f67)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4f88b5c6e5116e50cf2b5bdf43e8720f1d8c60f
Validity
Not Before: Jan 1 09:58:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a94d9c28db5f8bba8977bfb06cc47580b2b206a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:77:cc:8e:44:48:21:e5:af:f7:9f:8c:db:80:
84:d6:fe:5b:de:79:23:f6:b2:53:bf:e1:6f:35:f1:
a4:8b:8b:76:69:18:9c:29:f0:c8:88:96:a9:37:df:
97:bd:44:2b:8d:20:e0:a1:4e:62:09:88:6e:d9:88:
c5:7f:cb:cd:ec:24:f7:fc:19:10:36:6e:a1:05:64:
d2:34:b0:80:81:88:c3:20:0d:80:54:37:37:f4:6d:
e3:9a:19:7c:ab:27:a7:c2:b1:54:2e:ef:30:fc:7f:
3c:ef:58:9b:29:c1:83:d9:2e:da:6d:96:7a:f8:a6:
8e:cb:4c:05:5f:67:4f:98:cf:8b:08:93:84:21:41:
df:8d:c8:ef:5e:a8:00:a0:23:1e:43:5a:e2:3c:80:
19:63:e9:ee:32:d9:f7:75:b3:9b:f9:16:eb:9d:6e:
e3:7f:14:9c:37:3e:1b:e4:48:a9:19:89:ae:ca:52:
21:4f:9e:16:6e:80:1b:af:fd:f0:3b:4e:a8:ba:64:
b7:d1:bd:41:43:11:74:0c:01:11:aa:d6:f8:57:ed:
d7:82:fa:ce:09:f2:20:4e:ca:fc:f6:5b:7e:44:1e:
ae:ce:7c:cf:60:32:9a:76:eb:80:41:5c:08:78:cb:
4d:d9:43:07:16:fa:54:95:34:61:04:0e:f0:d0:93:
7a:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:4D:9C:28:DB:5F:8B:BA:89:77:BF:B0:6C:C4:75:80:B2:B2:06:A9
X509v3 Authority Key Identifier:
keyid:C4:F8:8B:5C:6E:51:16:E5:0C:F2:B5:BD:F4:3E:87:20:F1:D8:C6:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xPiLXG5RFuUM8rW99D6HIPHYxg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/253078-0a7b-45bb-bc67-073639938437/1/qU2cKNtfi7qJd7-wbMR1gLKyBqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/253078-0a7b-45bb-bc67-073639938437/1/xPiLXG5RFuUM8rW99D6HIPHYxg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.141.16.0/20
81.25.128.0/20
91.142.48.0/20
185.118.100.0/22
195.34.86.0/23
217.171.176.0/20
IPv6:
2a02:4d8::/32
Signature Algorithm: sha256WithRSAEncryption
24:c9:75:70:cc:4e:d1:a9:63:cb:9f:dd:0b:ad:ce:c8:bd:ed:
e5:d2:4e:0c:b4:b4:fb:f3:7c:31:55:67:d7:c4:8e:71:7a:25:
7e:77:e1:35:e2:fd:96:c2:31:b1:d4:f4:8d:77:78:54:b2:c7:
26:36:dd:15:1c:c9:13:41:4c:c8:73:48:80:4b:5a:9b:66:12:
eb:6e:73:4d:d7:c9:ae:ad:a1:e0:82:3f:27:8b:d5:97:7b:a6:
25:0d:e3:19:2b:11:cc:ce:95:4d:b1:7e:7d:2a:2e:33:92:50:
e7:1e:04:ee:79:ab:4a:e6:bd:32:22:12:6d:e6:5d:6b:08:75:
30:4c:bd:f5:95:2c:7d:68:19:1d:5c:e8:b0:24:6a:ca:86:37:
bf:f5:77:fc:a4:07:6c:42:4a:ec:36:91:08:9f:5f:a7:6c:38:
26:fe:22:0c:f1:8e:49:56:fb:68:90:5b:68:5e:2e:de:14:a8:
19:41:82:d1:f0:35:8a:0e:66:1e:a8:ab:d3:1c:1c:c5:2a:bf:
92:c3:aa:86:77:5f:ba:9c:6a:70:89:4c:f8:9b:fd:06:e7:4e:
58:99:f6:07:7c:e0:74:4b:35:11:14:90:78:7a:42:d3:81:70:
98:6c:3e:d1:c1:2c:e4:3b:18:03:b6:c4:ff:5b:92:98:30:e7:
f5:28:b7:c4
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIEAc9vZzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NGY4OGI1YzZlNTExNmU1MGNmMmI1YmRmNDNlODcyMGYxZDhjNjBmMB4XDTIyMDEw
MTA5NTgxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTk0ZDljMjhkYjVm
OGJiYTg5NzdiZmIwNmNjNDc1ODBiMmIyMDZhOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMN3zI5ESCHlr/efjNuAhNb+W955I/ayU7/hbzXxpIuLdmkY
nCnwyIiWqTffl71EK40g4KFOYgmIbtmIxX/Lzewk9/wZEDZuoQVk0jSwgIGIwyAN
gFQ3N/Rt45oZfKsnp8KxVC7vMPx/PO9YmynBg9ku2m2WevimjstMBV9nT5jPiwiT
hCFB343I716oAKAjHkNa4jyAGWPp7jLZ93Wzm/kW651u438UnDc+G+RIqRmJrspS
IU+eFm6AG6/98DtOqLpkt9G9QUMRdAwBEarW+Fft14L6zgnyIE7K/PZbfkQers58
z2AymnbrgEFcCHjLTdlDBxb6VJU0YQQO8NCTesMCAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBSpTZwo21+Luol3v7BsxHWAsrIGqTAfBgNVHSMEGDAWgBTE+ItcblEW5Qzy
tb30Pocg8djGDzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hQaUxYRzVSRnVVTThyVzk5RDZISVBIWXhnOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDkvMjUzMDc4LTBhN2ItNDViYi1iYzY3LTA3MzYzOTkzODQzNy8x
L3FVMmNLTnRmaTdxSmQ3LXdiTVIxZ0xLeUJxay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDkv
MjUzMDc4LTBhN2ItNDViYi1iYzY3LTA3MzYzOTkzODQzNy8xL3hQaUxYRzVSRnVV
TThyVzk5RDZISVBIWXhnOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEBE+NEAMEBFEZgAMEBFuOMAMEArl2
ZAMEAcMiVgMEBNmrsDANBAIAAjAHAwUAKgIE2DANBgkqhkiG9w0BAQsFAAOCAQEA
JMl1cMxO0aljy5/dC63OyL3t5dJODLS0+/N8MVVn18SOcXolfnfhNeL9lsIxsdT0
jXd4VLLHJjbdFRzJE0FMyHNIgEtam2YS625zTdfJrq2h4II/J4vVl3umJQ3jGSsR
zM6VTbF+fSouM5JQ5x4E7nmrSua9MiISbeZdawh1MEy99ZUsfWgZHVzosCRqyoY3
v/V3/KQHbEJK7DaRCJ9fp2w4Jv4iDPGOSVb7aJBbaF4u3hSoGUGC0fA1ig5mHqir
0xwcxSq/ksOqhndfupxqcIlM+Jv9BudOWJn2B3zgdEs1ERSQeHpC04FwmGw+0cEs
5DsYA7bE/1uSmDDn9Si3xA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:49 2024 by rpki-client on console-ams.rpki-client.org