Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/919fff-252f-4720-ade4-bbfe2196c6af/1/qLA1rPeFQDF99weGzuc6cKLRWN4.roa
File: qLA1rPeFQDF99weGzuc6cKLRWN4.roa (raw, json)
Hash identifier: PmSKgLhb8jSHL8vzvETXpcLUXH41P9bom4TkP/7pVqk=
Subject key identifier: A8:B0:35:AC:F7:85:40:31:7D:F7:07:86:CE:E7:3A:70:A2:D1:58:DE
Certificate issuer: /CN=bcfd2da5447d007616ebddc2a70feac5e77c4a8b
Certificate serial: 3C29AB
Authority key identifier: BC:FD:2D:A5:44:7D:00:76:16:EB:DD:C2:A7:0F:EA:C5:E7:7C:4A:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vP0tpUR9AHYW693Cpw_qxed8Sos.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/919fff-252f-4720-ade4-bbfe2196c6af/1/qLA1rPeFQDF99weGzuc6cKLRWN4.roa
Signing time: Sat 01 Jan 2022 00:56:22 +0000
ROA not before: Sat 01 Jan 2022 00:56:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49436
IP address blocks: 195.42.158.0/23 maxlen: 23
185.250.168.0/22 maxlen: 22
2a0c:f47::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3942827 (0x3c29ab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcfd2da5447d007616ebddc2a70feac5e77c4a8b
Validity
Not Before: Jan 1 00:56:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a8b035acf78540317df70786cee73a70a2d158de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:77:dd:d3:99:38:09:2c:b3:9a:37:be:f3:f6:
3c:66:eb:35:58:25:d5:dc:c1:28:49:56:ac:9e:f1:
b5:d2:76:6c:85:a7:02:bd:6c:64:65:0b:be:87:32:
f5:59:b8:a6:d1:49:d9:73:ee:72:d3:4a:fd:6b:81:
e9:a5:e0:c3:6b:6d:3e:ef:c6:8f:4f:1c:3c:d3:b8:
c8:19:74:f8:05:44:f7:22:9a:b0:62:be:e0:18:21:
e1:1b:4c:39:48:2e:f6:ce:65:e9:c2:81:0e:ec:5c:
5e:16:23:b9:91:71:8a:54:42:9d:35:89:1a:d5:f8:
67:85:b2:cd:20:b1:2b:c7:bc:c6:3a:08:60:02:1c:
80:8d:f5:86:fe:07:59:0b:fb:e4:cb:3b:94:f0:23:
4d:46:41:61:6b:f8:a5:74:5a:96:c9:3d:d2:74:22:
36:19:bf:b9:50:2a:3c:ff:e7:0f:fc:bf:b9:45:ba:
12:54:32:be:74:60:bc:54:aa:ca:e0:3d:80:bc:84:
51:ba:37:46:2a:a3:f1:11:fa:89:65:74:df:de:0a:
a9:01:18:86:23:65:87:ac:7d:02:f6:5e:45:77:e4:
04:7c:e4:a9:bf:7d:b3:cb:60:1d:6a:07:50:f7:6c:
62:ec:da:30:48:d1:c8:e9:2b:d2:a5:69:e9:93:b4:
84:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:B0:35:AC:F7:85:40:31:7D:F7:07:86:CE:E7:3A:70:A2:D1:58:DE
X509v3 Authority Key Identifier:
keyid:BC:FD:2D:A5:44:7D:00:76:16:EB:DD:C2:A7:0F:EA:C5:E7:7C:4A:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vP0tpUR9AHYW693Cpw_qxed8Sos.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/919fff-252f-4720-ade4-bbfe2196c6af/1/qLA1rPeFQDF99weGzuc6cKLRWN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/919fff-252f-4720-ade4-bbfe2196c6af/1/vP0tpUR9AHYW693Cpw_qxed8Sos.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.250.168.0/22
195.42.158.0/23
IPv6:
2a0c:f47::/32
Signature Algorithm: sha256WithRSAEncryption
74:c6:7d:ae:ab:09:29:d1:84:10:bc:c5:a0:53:9e:89:1e:ad:
82:2e:fc:ab:cf:8a:94:1f:72:e0:08:69:c1:f8:c0:d9:49:ba:
da:c0:5c:d7:5f:4b:8f:c7:43:89:26:e3:e2:2a:a8:10:16:c4:
b8:69:e4:0f:e9:e7:68:c0:12:ed:b7:a9:27:4d:1e:a0:70:ff:
67:b7:01:e1:62:3a:44:b9:ac:87:24:a9:17:16:bf:4d:66:a8:
db:89:ce:ec:6e:dd:8d:40:aa:ef:3e:12:33:a2:bf:54:92:db:
34:c0:46:6c:60:ee:d5:ab:5d:9b:67:1d:f0:76:bd:4a:2e:2e:
ac:d3:d7:30:4b:f8:7b:c3:00:78:60:16:86:ca:02:a9:af:c8:
6a:5d:9a:f0:3c:f4:a8:41:22:28:90:97:c4:d0:ee:6e:13:3f:
d2:d6:cb:8b:d2:72:9c:b8:02:e8:3a:74:8b:5a:57:a1:91:45:
c0:3e:43:ae:ef:45:48:05:cc:38:b4:04:09:7c:7f:d6:8b:ab:
d0:4f:4e:b1:e8:b6:f4:b0:9a:00:1d:58:a5:57:9d:58:53:f4:
27:11:a2:a9:54:a5:da:7b:31:4d:e1:f2:3b:42:6e:5b:dc:70:
2f:3a:9e:66:fd:50:fe:94:c0:6d:be:72:9b:fd:36:25:8a:1f:
0f:eb:63:66
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIDPCmrMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJj
ZmQyZGE1NDQ3ZDAwNzYxNmViZGRjMmE3MGZlYWM1ZTc3YzRhOGIwHhcNMjIwMTAx
MDA1NjIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhhOGIwMzVhY2Y3ODU0
MDMxN2RmNzA3ODZjZWU3M2E3MGEyZDE1OGRlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAzXfd05k4CSyzmje+8/Y8Zus1WCXV3MEoSVasnvG10nZshacC
vWxkZQu+hzL1Wbim0UnZc+5y00r9a4HppeDDa20+78aPTxw807jIGXT4BUT3Ipqw
Yr7gGCHhG0w5SC72zmXpwoEO7FxeFiO5kXGKVEKdNYka1fhnhbLNILErx7zGOghg
AhyAjfWG/gdZC/vkyzuU8CNNRkFha/ildFqWyT3SdCI2Gb+5UCo8/+cP/L+5RboS
VDK+dGC8VKrK4D2AvIRRujdGKqPxEfqJZXTf3gqpARiGI2WHrH0C9l5Fd+QEfOSp
v32zy2AdagdQ92xi7NowSNHI6SvSpWnpk7SEywIDAQABo4ICHjCCAhowHQYDVR0O
BBYEFKiwNaz3hUAxffcHhs7nOnCi0VjeMB8GA1UdIwQYMBaAFLz9LaVEfQB2Fuvd
wqcP6sXnfEqLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
dlAwdHBVUjlBSFlXNjkzQ3B3X3F4ZWQ4U29zLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8yMS85MTlmZmYtMjUyZi00NzIwLWFkZTQtYmJmZTIxOTZjNmFmLzEv
cUxBMXJQZUZRREY5OXdlR3p1YzZjS0xSV040LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS85
MTlmZmYtMjUyZi00NzIwLWFkZTQtYmJmZTIxOTZjNmFmLzEvdlAwdHBVUjlBSFlX
NjkzQ3B3X3F4ZWQ4U29zLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQG
CCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCufqoAwQBwyqeMA0EAgACMAcDBQAq
DA9HMA0GCSqGSIb3DQEBCwUAA4IBAQB0xn2uqwkp0YQQvMWgU56JHq2CLvyrz4qU
H3LgCGnB+MDZSbrawFzXX0uPx0OJJuPiKqgQFsS4aeQP6edowBLtt6knTR6gcP9n
twHhYjpEuayHJKkXFr9NZqjbic7sbt2NQKrvPhIzor9Ukts0wEZsYO7Vq12bZx3w
dr1KLi6s09cwS/h7wwB4YBaGygKpr8hqXZrwPPSoQSIokJfE0O5uEz/S1suL0nKc
uALoOnSLWlehkUXAPkOu70VIBcw4tAQJfH/Wi6vQT06x6Lb0sJoAHVilV51YU/Qn
EaKpVKXaezFN4fI7Qm5b3HAvOp5m/VD+lMBtvnKb/TYlih8P62Nm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:12 2024 by rpki-client on console-fra.rpki-client.org