Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/e00d1e-4a18-4956-82a4-190a5c8d9d95/1/Qipku1hvdCMWTNgzIk0lSbekQQQ.roa
File: Qipku1hvdCMWTNgzIk0lSbekQQQ.roa (raw, json)
Hash identifier: pQ08OP3yuV85IOutwFV5j+cYHt3SIxWp8HRQShUWj3s=
Subject key identifier: 42:2A:64:BB:58:6F:74:23:16:4C:D8:33:22:4D:25:49:B7:A4:41:04
Certificate issuer: /CN=90afdcff7de3a65947631f92c67e272767194478
Certificate serial: 0E4F8CD2
Authority key identifier: 90:AF:DC:FF:7D:E3:A6:59:47:63:1F:92:C6:7E:27:27:67:19:44:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kK_c_33jpllHYx-Sxn4nJ2cZRHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/e00d1e-4a18-4956-82a4-190a5c8d9d95/1/Qipku1hvdCMWTNgzIk0lSbekQQQ.roa
Signing time: Sat 01 Jan 2022 10:04:38 +0000
ROA not before: Sat 01 Jan 2022 10:04:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199441
IP address blocks: 195.192.236.0/22 maxlen: 24
185.14.128.0/23 maxlen: 24
185.14.130.0/24 maxlen: 24
185.14.131.0/24 maxlen: 24
2a03:a240:2::/48 maxlen: 48
2a03:a240::/47 maxlen: 48
2a03:a240:3::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 240094418 (0xe4f8cd2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90afdcff7de3a65947631f92c67e272767194478
Validity
Not Before: Jan 1 10:04:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=422a64bb586f7423164cd833224d2549b7a44104
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:cb:7e:8f:a3:11:4c:2d:87:85:fb:b5:b1:96:
6c:6c:20:ff:b6:ce:49:8d:05:c7:de:bb:37:ff:9c:
ef:3a:26:c2:cf:f8:80:07:e2:05:b2:56:05:78:d2:
f7:d5:ee:44:33:2c:8f:d4:1c:7d:89:16:60:4b:74:
9a:72:4c:af:e4:c1:8f:97:35:a6:e5:55:a6:24:05:
eb:58:c8:96:19:7d:44:45:9d:51:3e:5b:23:79:4e:
e9:db:50:67:c0:14:0c:3c:71:14:75:f9:d5:b5:95:
f1:c8:e0:51:e6:a1:dc:2c:0f:e9:46:2e:39:bf:75:
16:7a:06:8f:06:16:f8:aa:74:53:c9:82:c9:3c:94:
dc:59:8a:3c:19:16:bd:45:3e:e2:51:ec:fb:a5:77:
7a:b6:54:fb:d2:81:56:b2:67:71:a1:aa:8e:4c:82:
b7:d0:9a:d5:16:ec:a8:62:0d:df:83:c4:26:3d:e6:
c9:8f:c9:cb:eb:07:23:67:6a:57:bd:90:19:8b:98:
2a:f3:cb:cc:5d:2a:aa:3a:46:b9:82:a1:0d:21:ff:
24:76:72:4b:a6:13:f5:7c:07:e7:ee:73:5d:0d:c3:
24:c0:f7:58:d7:ee:72:eb:c7:df:f5:84:c4:46:dc:
bd:27:30:22:20:46:d4:c9:3e:78:f0:59:d8:3b:fd:
e9:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:2A:64:BB:58:6F:74:23:16:4C:D8:33:22:4D:25:49:B7:A4:41:04
X509v3 Authority Key Identifier:
keyid:90:AF:DC:FF:7D:E3:A6:59:47:63:1F:92:C6:7E:27:27:67:19:44:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kK_c_33jpllHYx-Sxn4nJ2cZRHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/e00d1e-4a18-4956-82a4-190a5c8d9d95/1/Qipku1hvdCMWTNgzIk0lSbekQQQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/e00d1e-4a18-4956-82a4-190a5c8d9d95/1/kK_c_33jpllHYx-Sxn4nJ2cZRHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.14.128.0/22
195.192.236.0/22
IPv6:
2a03:a240::/46
Signature Algorithm: sha256WithRSAEncryption
52:63:6c:e2:41:aa:68:03:39:37:e7:ff:7b:4e:cd:05:1c:3c:
6d:d9:c1:ae:31:90:5a:c2:ef:39:f4:d3:71:d6:82:3c:30:c5:
57:87:ec:57:e9:c1:21:a3:b4:19:47:bf:55:0a:ef:2b:55:b8:
ed:59:10:af:3f:b3:3c:1d:0b:37:ae:87:7b:de:16:56:4c:d8:
3b:c8:ea:e8:c4:26:b0:61:b1:e9:fe:4d:a3:84:d6:4a:8e:76:
99:a4:5c:7b:54:e0:24:a7:80:cd:30:f4:a1:1d:37:ad:fc:83:
16:33:28:95:99:20:0c:1d:c5:d2:0b:0c:01:42:5d:6e:c8:61:
9d:0c:3e:88:6b:31:aa:f7:ba:d4:97:79:91:74:f6:fa:33:da:
88:76:f1:73:de:02:51:57:1b:8f:9b:78:e3:01:7a:32:3e:06:
38:72:b2:44:b4:bb:36:f9:80:c8:c3:cd:fd:bf:f0:3b:ff:5a:
6c:b6:00:27:ff:da:3f:66:6a:ae:b1:40:e0:78:fd:e8:41:f3:
20:f6:0b:0a:bd:da:6e:5d:ad:60:fd:7c:b8:a6:e1:4f:6e:4f:
0e:29:15:e8:4e:84:e2:7c:5f:57:9c:59:b0:d9:90:ab:9e:32:
4b:d0:76:b5:12:38:02:47:4d:0c:63:87:42:35:00:3f:7e:85:
21:d6:71:d9
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIEDk+M0jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MGFmZGNmZjdkZTNhNjU5NDc2MzFmOTJjNjdlMjcyNzY3MTk0NDc4MB4XDTIyMDEw
MTEwMDQzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDIyYTY0YmI1ODZm
NzQyMzE2NGNkODMzMjI0ZDI1NDliN2E0NDEwNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALDLfo+jEUwth4X7tbGWbGwg/7bOSY0Fx967N/+c7zomws/4
gAfiBbJWBXjS99XuRDMsj9QcfYkWYEt0mnJMr+TBj5c1puVVpiQF61jIlhl9REWd
UT5bI3lO6dtQZ8AUDDxxFHX51bWV8cjgUeah3CwP6UYuOb91FnoGjwYW+Kp0U8mC
yTyU3FmKPBkWvUU+4lHs+6V3erZU+9KBVrJncaGqjkyCt9Ca1RbsqGIN34PEJj3m
yY/Jy+sHI2dqV72QGYuYKvPLzF0qqjpGuYKhDSH/JHZyS6YT9XwH5+5zXQ3DJMD3
WNfucuvH3/WExEbcvScwIiBG1Mk+ePBZ2Dv96UsCAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBRCKmS7WG90IxZM2DMiTSVJt6RBBDAfBgNVHSMEGDAWgBSQr9z/feOmWUdj
H5LGficnZxlEeDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tLX2NfMzNqcGxsSFl4LVN4bjRuSjJjWlJIZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjAvZTAwZDFlLTRhMTgtNDk1Ni04MmE0LTE5MGE1YzhkOWQ5NS8x
L1FpcGt1MWh2ZENNV1ROZ3pJazBsU2Jla1FRUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjAv
ZTAwZDFlLTRhMTgtNDk1Ni04MmE0LTE5MGE1YzhkOWQ5NS8xL2tLX2NfMzNqcGxs
SFl4LVN4bjRuSjJjWlJIZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2
BggrBgEFBQcBBwEB/wQnMCUwEgQCAAEwDAMEArkOgAMEAsPA7DAPBAIAAjAJAwcC
KgOiQAAAMA0GCSqGSIb3DQEBCwUAA4IBAQBSY2ziQapoAzk35/97Ts0FHDxt2cGu
MZBawu859NNx1oI8MMVXh+xX6cEho7QZR79VCu8rVbjtWRCvP7M8HQs3rod73hZW
TNg7yOroxCawYbHp/k2jhNZKjnaZpFx7VOAkp4DNMPShHTet/IMWMyiVmSAMHcXS
CwwBQl1uyGGdDD6IazGq97rUl3mRdPb6M9qIdvFz3gJRVxuPm3jjAXoyPgY4crJE
tLs2+YDIw839v/A7/1pstgAn/9o/ZmqusUDgeP3oQfMg9gsKvdpuXa1g/Xy4puFP
bk8OKRXoToTifF9XnFmw2ZCrnjJL0Ha1EjgCR00MY4dCNQA/foUh1nHZ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:57 2023 by rpki-client on console-ams.rpki-client.org