Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/20f805-df63-4631-99bd-a256177739c6/1/q6q941GzikOAc6k8wSKJg1k-dHw.roa
File: q6q941GzikOAc6k8wSKJg1k-dHw.roa (raw, json)
Hash identifier: SKCG0NRhCzA67zesnnbFECAJ/S5c3hYwMhcn8sAk694=
Subject key identifier: AB:AA:BD:E3:51:B3:8A:43:80:73:A9:3C:C1:22:89:83:59:3E:74:7C
Certificate issuer: /CN=94db4b1e9ed68bb5c33228ae30e9cdd252b32fb8
Certificate serial: 1B534F2C
Authority key identifier: 94:DB:4B:1E:9E:D6:8B:B5:C3:32:28:AE:30:E9:CD:D2:52:B3:2F:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lNtLHp7Wi7XDMiiuMOnN0lKzL7g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/20f805-df63-4631-99bd-a256177739c6/1/q6q941GzikOAc6k8wSKJg1k-dHw.roa
Signing time: Sat 01 Jan 2022 15:04:37 +0000
ROA not before: Sat 01 Jan 2022 15:04:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35366
IP address blocks: 81.7.0.0/18 maxlen: 19
185.2.8.0/22 maxlen: 23
84.23.64.0/19 maxlen: 20
81.89.96.0/20 maxlen: 21
85.31.184.0/21 maxlen: 23
91.143.80.0/20 maxlen: 21
2a02:180::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 458444588 (0x1b534f2c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94db4b1e9ed68bb5c33228ae30e9cdd252b32fb8
Validity
Not Before: Jan 1 15:04:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=abaabde351b38a438073a93cc1228983593e747c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:32:54:c7:08:86:10:5b:22:af:58:6a:9e:2e:
b8:c8:5b:99:d9:c9:b1:eb:d7:f2:ff:7b:ad:76:b8:
e0:68:99:03:6a:03:ad:cf:30:bf:e6:20:18:cb:07:
39:16:54:64:78:cd:e3:2a:58:a3:4e:c6:b5:40:b7:
f1:d8:1c:88:f3:7b:61:76:b7:ce:06:e2:cf:8f:21:
69:de:19:6e:ec:ed:ac:45:39:c2:87:f9:f2:3c:4b:
b9:72:f6:9d:85:ab:76:59:06:a5:3b:5d:e3:fd:52:
71:2b:d8:26:0e:e0:f6:7c:3c:18:44:52:7f:85:90:
04:aa:d2:4e:f9:cc:e1:25:a0:ee:42:82:8f:89:4c:
f8:73:c6:b1:99:dd:b7:4c:4a:92:5f:fb:88:f2:96:
d9:d9:7d:87:64:63:fc:12:92:a1:c6:68:29:72:62:
f4:c2:a7:21:cd:d5:fd:34:e6:98:ed:f6:af:b9:01:
ef:89:d1:69:c1:22:98:0d:aa:2e:70:c7:41:d5:d2:
67:d2:00:82:03:cd:4b:76:e1:04:ec:4c:34:1a:18:
66:82:48:b1:17:9c:a8:e8:a9:ed:7e:ef:af:a8:1a:
ed:50:f1:7a:11:8c:0b:80:c8:f7:c5:ab:0c:08:70:
62:27:87:3b:22:21:3b:38:6e:09:e7:a6:c3:26:20:
ec:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:AA:BD:E3:51:B3:8A:43:80:73:A9:3C:C1:22:89:83:59:3E:74:7C
X509v3 Authority Key Identifier:
keyid:94:DB:4B:1E:9E:D6:8B:B5:C3:32:28:AE:30:E9:CD:D2:52:B3:2F:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lNtLHp7Wi7XDMiiuMOnN0lKzL7g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/20f805-df63-4631-99bd-a256177739c6/1/q6q941GzikOAc6k8wSKJg1k-dHw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/20f805-df63-4631-99bd-a256177739c6/1/lNtLHp7Wi7XDMiiuMOnN0lKzL7g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.7.0.0/18
81.89.96.0/20
84.23.64.0/19
85.31.184.0/21
91.143.80.0/20
185.2.8.0/22
IPv6:
2a02:180::/32
Signature Algorithm: sha256WithRSAEncryption
74:e8:47:4b:74:b9:b7:e2:77:56:01:88:ba:70:7d:e4:4b:ea:
0b:38:21:54:ed:66:14:02:ea:4a:81:e1:2f:02:f9:69:13:36:
6f:a3:ff:6f:0f:13:b5:c2:3f:a2:65:b6:31:20:f9:64:a0:29:
70:8e:45:5e:e3:70:e4:25:7f:23:52:84:c4:6f:b9:f0:17:41:
91:61:e6:91:fb:db:b2:71:5c:d7:29:17:a4:01:27:12:59:96:
18:9d:7d:07:95:14:2d:84:c6:78:e0:dd:6d:fa:09:6e:d2:69:
95:fd:f4:ba:21:85:46:d1:5a:ef:b0:ee:45:7e:ff:dd:56:93:
92:10:8a:41:43:03:4c:5a:3f:50:bc:22:7e:95:e1:ca:bd:50:
39:0d:14:39:8a:ed:c7:36:82:ea:ff:e0:1f:d5:3f:71:1c:dd:
b1:86:36:62:49:df:c6:51:74:c7:2e:cd:c6:f6:1b:fd:e1:f3:
6d:3c:5b:fb:c6:b6:4c:3c:6a:60:cc:16:54:af:d9:09:e6:da:
45:fa:e6:b1:5b:5e:9d:85:8f:5b:ff:c0:c5:b0:09:a8:0f:51:
03:02:21:4b:51:40:87:39:b5:37:b5:39:52:b6:e0:71:64:be:
92:34:07:ed:e1:12:7b:a2:96:ca:1f:8d:ab:ce:be:24:dc:7c:
b8:53:a5:99
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIEG1NPLDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NGRiNGIxZTllZDY4YmI1YzMzMjI4YWUzMGU5Y2RkMjUyYjMyZmI4MB4XDTIyMDEw
MTE1MDQzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWJhYWJkZTM1MWIz
OGE0MzgwNzNhOTNjYzEyMjg5ODM1OTNlNzQ3YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANEyVMcIhhBbIq9Yap4uuMhbmdnJsevX8v97rXa44GiZA2oD
rc8wv+YgGMsHORZUZHjN4ypYo07GtUC38dgciPN7YXa3zgbiz48had4ZbuztrEU5
wof58jxLuXL2nYWrdlkGpTtd4/1ScSvYJg7g9nw8GERSf4WQBKrSTvnM4SWg7kKC
j4lM+HPGsZndt0xKkl/7iPKW2dl9h2Rj/BKSocZoKXJi9MKnIc3V/TTmmO32r7kB
74nRacEimA2qLnDHQdXSZ9IAggPNS3bhBOxMNBoYZoJIsRecqOip7X7vr6ga7VDx
ehGMC4DI98WrDAhwYieHOyIhOzhuCeemwyYg7NECAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBSrqr3jUbOKQ4BzqTzBIomDWT50fDAfBgNVHSMEGDAWgBSU20sentaLtcMy
KK4w6c3SUrMvuDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xOdExIcDdXaTdYRE1paXVNT25OMGxLekw3Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGQvMjBmODA1LWRmNjMtNDYzMS05OWJkLWEyNTYxNzc3MzljNi8x
L3E2cTk0MUd6aWtPQWM2azh3U0tKZzFrLWRIdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGQv
MjBmODA1LWRmNjMtNDYzMS05OWJkLWEyNTYxNzc3MzljNi8xL2xOdExIcDdXaTdY
RE1paXVNT25OMGxLekw3Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEBlEHAAMEBFFZYAMEBVQXQAMEA1Uf
uAMEBFuPUAMEArkCCDANBAIAAjAHAwUAKgIBgDANBgkqhkiG9w0BAQsFAAOCAQEA
dOhHS3S5t+J3VgGIunB95EvqCzghVO1mFALqSoHhLwL5aRM2b6P/bw8TtcI/omW2
MSD5ZKApcI5FXuNw5CV/I1KExG+58BdBkWHmkfvbsnFc1ykXpAEnElmWGJ19B5UU
LYTGeODdbfoJbtJplf30uiGFRtFa77DuRX7/3VaTkhCKQUMDTFo/ULwifpXhyr1Q
OQ0UOYrtxzaC6v/gH9U/cRzdsYY2YknfxlF0xy7NxvYb/eHzbTxb+8a2TDxqYMwW
VK/ZCebaRfrmsVtenYWPW//AxbAJqA9RAwIhS1FAhzm1N7U5UrbgcWS+kjQH7eES
e6KWyh+Nq86+JNx8uFOlmQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:59 2025 by rpki-client