Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/QiekVL8bHbzOpj41iuJRKSjt_E4.roa
File: QiekVL8bHbzOpj41iuJRKSjt_E4.roa (raw, json)
Hash identifier: uCgfVQWqLTfztfJtiqBP3YDHQ6EbD2m+tQgfDAF4JUc=
Subject key identifier: 42:27:A4:54:BF:1B:1D:BC:CE:A6:3E:35:8A:E2:51:29:28:ED:FC:4E
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 01855D71DE52CA98C842E5C74B60FDD10E28
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/QiekVL8bHbzOpj41iuJRKSjt_E4.roa
Signing time: Thu 29 Dec 2022 10:33:41 +0000
ROA not before: Thu 29 Dec 2022 10:33:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62206
IP address blocks: 5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
2.56.108.0/22 maxlen: 22
45.88.139.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
45.13.188.0/24 maxlen: 24
45.94.168.0/22 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
193.30.241.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
45.81.112.0/22 maxlen: 24
77.83.38.0/24 maxlen: 24
45.138.180.0/24 maxlen: 24
45.138.182.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:5d:71:de:52:ca:98:c8:42:e5:c7:4b:60:fd:d1:0e:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Dec 29 10:33:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4227a454bf1b1dbccea63e358ae2512928edfc4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:df:b7:01:fb:bf:85:fd:d9:b2:3b:a3:0a:d3:
7e:a6:99:8d:67:8f:85:ef:eb:5f:c4:9a:b1:d1:d5:
92:ad:d2:07:6d:3e:65:90:b0:1a:bd:c5:60:79:80:
63:fb:6a:63:80:31:14:0b:09:bd:b8:51:8f:cc:6c:
bd:18:3b:20:c4:6c:4c:56:27:07:9b:7c:0b:45:4b:
6a:c0:2b:1c:81:61:23:30:4e:d7:ef:f1:98:5f:cc:
69:38:bd:58:2d:60:2b:f5:35:d8:97:ad:49:41:e2:
81:0e:ad:5e:22:48:f3:fa:ed:6c:81:69:dc:38:67:
18:22:60:3f:6e:8e:6a:81:ff:66:ed:6e:ff:df:88:
b1:08:47:da:f0:31:04:16:2d:43:bd:f6:c6:ea:48:
49:29:cb:a1:63:b6:21:20:de:e8:89:f5:73:db:65:
aa:bd:02:1f:a9:bc:da:2d:50:02:a0:7d:bd:3d:df:
6f:ec:fb:14:20:de:06:63:0c:6a:72:5e:42:56:0c:
c3:70:31:1e:5c:39:1a:f2:bc:fe:d9:17:34:3b:b9:
b6:34:41:ad:30:f4:e2:ea:59:ca:4e:89:fb:73:9a:
c8:a3:0b:67:1b:25:94:b8:43:88:2b:53:86:29:86:
fb:94:af:e9:ea:b9:c2:3c:0f:ae:04:9a:37:d9:b4:
4a:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:27:A4:54:BF:1B:1D:BC:CE:A6:3E:35:8A:E2:51:29:28:ED:FC:4E
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/QiekVL8bHbzOpj41iuJRKSjt_E4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/22
5.181.87.0/24
45.9.29.0/24
45.13.188.0/24
45.81.112.0/22
45.88.136.0/24
45.88.139.0/24
45.94.168.0/22
45.132.181.0-45.132.183.255
45.138.180.0/24
45.138.182.0/24
45.144.212.0/24
77.83.38.0/24
85.209.120.0/22
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/22
193.57.43.0/24
194.242.96.0/22
195.62.24.0/24
195.177.92.0/22
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
a6:fc:da:fb:7c:9a:2c:62:19:47:86:6e:b8:a6:14:cc:79:7c:
16:57:ab:c3:ca:44:18:2e:98:4a:a0:69:e3:a6:79:08:c5:e5:
40:b4:06:96:01:cb:3b:fc:c5:c2:40:3f:ca:8d:52:7c:78:9c:
c5:46:7f:1f:7c:aa:f3:78:ff:84:ab:03:91:4c:70:18:b5:b0:
18:9f:1b:8d:80:67:f6:6e:59:f2:f5:4c:b1:03:43:4a:25:0a:
58:13:5c:c3:11:49:eb:bb:31:50:16:cc:d5:d9:08:6d:4c:40:
a7:32:8d:3e:80:8f:a8:39:22:47:4f:a6:1a:05:38:09:fe:c1:
be:1a:37:20:11:58:df:fe:7f:03:29:7c:cf:72:7a:d8:88:b0:
97:e5:06:43:57:50:d7:8c:3a:90:8c:86:a6:f4:f5:05:c9:f0:
f1:19:3f:4b:87:42:15:a8:c3:1a:2c:f6:67:73:bb:fd:8e:75:
be:7c:48:1d:0a:71:a9:b3:22:c3:c3:97:54:fd:73:da:e9:9e:
36:95:f9:a7:95:4b:f5:43:76:f3:26:71:89:d4:38:5f:7f:30:
47:23:58:7f:09:59:78:8f:bb:26:d0:dd:25:94:6f:37:31:3b:
2c:62:43:98:0f:76:ba:4f:12:80:ab:b8:f7:f9:a7:94:5f:0b:
ea:e4:78:30
-----BEGIN CERTIFICATE-----
MIIFuTCCBKGgAwIBAgISAYVdcd5SypjIQuXHS2D90Q4oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjIxMjI5MTAzMzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjI3YTQ1NGJmMWIxZGJjY2VhNjNlMzU4YWUyNTEyOTI4ZWRmYzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkd+3Afu/hf3ZsjujCtN+ppmNZ4+F
7+tfxJqx0dWSrdIHbT5lkLAavcVgeYBj+2pjgDEUCwm9uFGPzGy9GDsgxGxMVicH
m3wLRUtqwCscgWEjME7X7/GYX8xpOL1YLWAr9TXYl61JQeKBDq1eIkjz+u1sgWnc
OGcYImA/bo5qgf9m7W7/34ixCEfa8DEEFi1DvfbG6khJKcuhY7YhIN7oifVz22Wq
vQIfqbzaLVACoH29Pd9v7PsUIN4GYwxqcl5CVgzDcDEeXDka8rz+2Rc0O7m2NEGt
MPTi6lnKTon7c5rIowtnGyWUuEOIK1OGKYb7lK/p6rnCPA+uBJo32bRKbwIDAQAB
o4ICxTCCAsEwHQYDVR0OBBYEFEInpFS/Gx28zqY+NYriUSko7fxOMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvUWlla1ZMOGJIYnpPcGo0MWl1SlJLU2p0X0U0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHaBggrBgEFBQcBBwEB/wSByjCBxzCBmQQCAAEwgZIDBAIC
OGwDBAAFtVcDBAAtCR0DBAAtDbwDBAItUXADBAAtWIgDBAAtWIsDBAItXqgwDAME
AC2EtQMEAy2EsAMEAC2KtAMEAC2KtgMEAC2Q1AMEAE1TJgMEAlXReAMEAbkr+AME
ALkr+wMEAbnIPgMEAsEe8AMEAME5KwMEAsLyYAMEAMM+GAMEAsOxXAMEAsPTvDAp
BAIAAjAjAwUAKgFxIAMFAyoHkgADBQMqDKWAAwUDKhDfwAMFAyoRBYAwDQYJKoZI
hvcNAQELBQADggEBAKb82vt8mixiGUeGbrimFMx5fBZXq8PKRBgumEqgaeOmeQjF
5UC0BpYByzv8xcJAP8qNUnx4nMVGfx98qvN4/4SrA5FMcBi1sBifG42AZ/ZuWfL1
TLEDQ0olClgTXMMRSeu7MVAWzNXZCG1MQKcyjT6Aj6g5IkdPphoFOAn+wb4aNyAR
WN/+fwMpfM9yetiIsJflBkNXUNeMOpCMhqb09QXJ8PEZP0uHQhWowxos9mdzu/2O
db58SB0KcamzIsPDl1T9c9rpnjaV+aeVS/VDdvMmcYnUOF9/MEcjWH8JWXiPuybQ
3SWUbzcxOyxiQ5gPdrpPEoCruPf5p5RfC+rkeDA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:32 2023 by rpki-client on console-fra.rpki-client.org