Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/5b6768-4b5f-4430-bff1-b5e5700fc774/1/QplPb6-Vgry-niCzpy1vut62OtY.roa
File: QplPb6-Vgry-niCzpy1vut62OtY.roa (raw, json)
Hash identifier: LN+g4PoSdwqtjE6E/qye1TDX6X39IjUBSzqLSGcMe/4=
Subject key identifier: 42:99:4F:6F:AF:95:82:BC:BE:9E:20:B3:A7:2D:6F:BA:DE:B6:3A:D6
Certificate issuer: /CN=cebf8d6dec3920bc73f097fdf56caf10b52db455
Certificate serial: 018A4568190E13C716923AE39AEB9463A67F
Authority key identifier: CE:BF:8D:6D:EC:39:20:BC:73:F0:97:FD:F5:6C:AF:10:B5:2D:B4:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zr-Nbew5ILxz8Jf99WyvELUttFU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/5b6768-4b5f-4430-bff1-b5e5700fc774/1/QplPb6-Vgry-niCzpy1vut62OtY.roa
Signing time: Wed 30 Aug 2023 07:46:04 +0000
ROA not before: Wed 30 Aug 2023 07:46:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60595
IP address blocks: 194.26.133.0/24 maxlen: 24
185.15.54.0/24 maxlen: 24
185.15.55.0/24 maxlen: 24
185.15.52.0/22 maxlen: 22
185.15.52.0/24 maxlen: 24
185.15.53.0/24 maxlen: 24
194.2.77.0/24 maxlen: 24
2a03:a2c0::/29 maxlen: 48
2a03:a2c0::/32 maxlen: 32
2a03:a2c2::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:45:68:19:0e:13:c7:16:92:3a:e3:9a:eb:94:63:a6:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cebf8d6dec3920bc73f097fdf56caf10b52db455
Validity
Not Before: Aug 30 07:46:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=42994f6faf9582bcbe9e20b3a72d6fbadeb63ad6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:9b:b4:3b:82:37:ed:7f:1b:cc:1c:3f:8b:9e:
8f:74:79:07:6c:7e:00:13:bb:17:9a:04:f5:7e:01:
82:9a:38:32:13:b7:4e:c5:6d:54:54:74:12:36:e6:
ea:8b:3b:99:23:33:73:84:f8:99:9b:17:37:e7:69:
13:aa:59:b8:2b:c8:b4:92:33:49:08:ac:87:51:80:
30:39:d9:48:28:8d:88:21:7c:5c:92:68:53:0e:43:
66:39:2a:2a:0e:c9:ce:cb:6e:44:6d:ee:b4:7e:78:
bd:0b:99:33:ea:c7:7c:36:c3:0b:49:4e:b2:e2:8a:
f6:9e:c1:ba:de:e9:a9:8b:df:92:76:b9:cf:58:83:
0d:a0:cb:48:03:6a:a2:a5:91:39:0c:63:3b:d6:b8:
18:48:2e:47:fc:12:3a:1c:ec:55:4a:2e:18:01:95:
3a:15:c3:b6:23:6e:71:05:75:54:54:08:31:db:20:
82:cc:6a:03:82:c3:56:33:c1:95:59:c3:a4:c7:bd:
9b:5a:6f:c1:43:18:12:37:b7:83:51:70:2f:9d:cf:
53:11:27:9a:69:ad:1d:4d:56:22:9c:14:47:96:b1:
f3:ea:9d:ca:94:5e:de:60:23:1e:bc:88:a5:2c:78:
98:17:69:ca:db:ea:ea:ff:60:ec:43:94:c4:78:e0:
23:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:99:4F:6F:AF:95:82:BC:BE:9E:20:B3:A7:2D:6F:BA:DE:B6:3A:D6
X509v3 Authority Key Identifier:
keyid:CE:BF:8D:6D:EC:39:20:BC:73:F0:97:FD:F5:6C:AF:10:B5:2D:B4:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zr-Nbew5ILxz8Jf99WyvELUttFU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/5b6768-4b5f-4430-bff1-b5e5700fc774/1/QplPb6-Vgry-niCzpy1vut62OtY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/5b6768-4b5f-4430-bff1-b5e5700fc774/1/zr-Nbew5ILxz8Jf99WyvELUttFU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.15.52.0/22
194.2.77.0/24
194.26.133.0/24
IPv6:
2a03:a2c0::/29
Signature Algorithm: sha256WithRSAEncryption
9d:37:c6:51:29:6b:b0:59:26:6f:dc:a0:4f:ec:a5:08:f4:06:
82:85:6a:f1:de:7a:65:64:a2:da:8f:cf:9c:fa:6f:1d:83:1d:
4f:6c:79:33:39:5e:a0:00:74:5d:35:16:2f:1c:22:08:37:23:
51:30:47:6f:d8:f8:68:e0:d3:61:f8:86:cf:fe:55:73:bc:2c:
cd:04:52:4b:c6:b5:78:3e:ec:47:8e:56:7d:79:b8:9a:a8:81:
78:af:7f:94:ef:60:b6:80:62:4d:85:63:87:d1:52:f8:76:0d:
25:49:f0:53:a3:41:b8:3e:f7:77:ae:70:40:f3:23:46:28:f6:
39:33:73:8a:30:04:06:bb:7e:a0:9f:59:1a:30:c4:c2:0f:6f:
cf:c8:14:e4:6e:77:06:d2:f0:11:01:4e:83:ea:a2:48:fc:a1:
ff:4d:1e:96:c2:a9:ed:4d:29:3e:df:4f:a5:b0:fc:ee:49:84:
37:53:de:97:f5:94:bd:b6:2f:bd:9b:72:3e:98:7e:16:b2:83:
9a:66:47:8e:76:d6:66:84:dd:94:2d:e3:00:2c:60:3f:4b:f4:
93:0d:e5:6e:06:c9:de:28:f8:1e:1d:67:3f:be:03:ba:57:f2:
35:2b:ab:a5:51:bd:7d:ca:53:2d:50:6f:18:9e:f4:ee:ab:df:
02:70:97:2a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYpFaBkOE8cWkjrjmuuUY6Z/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYmY4ZDZkZWMzOTIwYmM3M2YwOTdmZGY1NmNhZjEwYjUy
ZGI0NTUwHhcNMjMwODMwMDc0NjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Mjk5NGY2ZmFmOTU4MmJjYmU5ZTIwYjNhNzJkNmZiYWRlYjYzYWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjZu0O4I37X8bzBw/i56PdHkHbH4A
E7sXmgT1fgGCmjgyE7dOxW1UVHQSNubqizuZIzNzhPiZmxc352kTqlm4K8i0kjNJ
CKyHUYAwOdlIKI2IIXxckmhTDkNmOSoqDsnOy25Ebe60fni9C5kz6sd8NsMLSU6y
4or2nsG63umpi9+SdrnPWIMNoMtIA2qipZE5DGM71rgYSC5H/BI6HOxVSi4YAZU6
FcO2I25xBXVUVAgx2yCCzGoDgsNWM8GVWcOkx72bWm/BQxgSN7eDUXAvnc9TESea
aa0dTVYinBRHlrHz6p3KlF7eYCMevIilLHiYF2nK2+rq/2DsQ5TEeOAjYwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFEKZT2+vlYK8vp4gs6ctb7retjrWMB8GA1UdIwQY
MBaAFM6/jW3sOSC8c/CX/fVsrxC1LbRVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenItTmJldzVJTHh6OEpmOTlXeXZFTFV0dEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi81YjY3NjgtNGI1Zi00NDMwLWJmZjEt
YjVlNTcwMGZjNzc0LzEvUXBsUGI2LVZncnktbmlDenB5MXZ1dDYyT3RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi81YjY3NjgtNGI1Zi00NDMwLWJmZjEtYjVlNTcwMGZjNzc0
LzEvenItTmJldzVJTHh6OEpmOTlXeXZFTFV0dEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuQ80AwQA
wgJNAwQAwhqFMA0EAgACMAcDBQMqA6LAMA0GCSqGSIb3DQEBCwUAA4IBAQCdN8ZR
KWuwWSZv3KBP7KUI9AaChWrx3nplZKLaj8+c+m8dgx1PbHkzOV6gAHRdNRYvHCII
NyNRMEdv2Pho4NNh+IbP/lVzvCzNBFJLxrV4PuxHjlZ9ebiaqIF4r3+U72C2gGJN
hWOH0VL4dg0lSfBTo0G4Pvd3rnBA8yNGKPY5M3OKMAQGu36gn1kaMMTCD2/PyBTk
bncG0vARAU6D6qJI/KH/TR6WwqntTSk+30+lsPzuSYQ3U96X9ZS9ti+9m3I+mH4W
soOaZkeOdtZmhN2ULeMALGA/S/STDeVuBsneKPgeHWc/vgO6V/I1K6ulUb19ylMt
UG8YnvTuq98CcJcq
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:29:32 2025 by rpki-client