Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/0a3fff-1a42-4044-ae8f-7354a73bda7e/1/qtrDqL6wo14_hk_FanBx_iMRWVE.roa
File: qtrDqL6wo14_hk_FanBx_iMRWVE.roa (raw, json)
Hash identifier: RYFx5sj0FPPHS6pPFYnwQ2aJTzJmt/JUA+NOocVHwjc=
Subject key identifier: AA:DA:C3:A8:BE:B0:A3:5E:3F:86:4F:C5:6A:70:71:FE:23:11:59:51
Certificate issuer: /CN=9f6fb7954179a9666b4cb6afe346d1e21ec30e45
Certificate serial: 180E978E
Authority key identifier: 9F:6F:B7:95:41:79:A9:66:6B:4C:B6:AF:E3:46:D1:E2:1E:C3:0E:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n2-3lUF5qWZrTLav40bR4h7DDkU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/0a3fff-1a42-4044-ae8f-7354a73bda7e/1/qtrDqL6wo14_hk_FanBx_iMRWVE.roa
Signing time: Sat 01 Jan 2022 01:58:32 +0000
ROA not before: Sat 01 Jan 2022 01:58:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1200
IP address blocks: 185.55.136.0/22 maxlen: 22
91.200.16.0/22 maxlen: 22
195.69.144.0/22 maxlen: 22
195.60.82.128/26 maxlen: 26
91.236.189.0/24 maxlen: 24
193.105.101.0/24 maxlen: 24
80.249.208.0/21 maxlen: 21
2a02:4b60::/32 maxlen: 32
2001:67c:1a8::/48 maxlen: 48
2001:7f8:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 403609486 (0x180e978e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f6fb7954179a9666b4cb6afe346d1e21ec30e45
Validity
Not Before: Jan 1 01:58:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aadac3a8beb0a35e3f864fc56a7071fe23115951
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:87:03:60:58:6b:56:c7:06:d5:1c:23:7b:9f:
f1:73:52:3a:cd:b7:fa:6a:d5:ad:db:1e:7a:5b:42:
15:7d:bf:32:01:fd:58:3b:9f:71:07:5e:b5:b1:0a:
83:1e:d7:dc:22:84:2e:30:f5:51:cb:ee:03:c3:57:
b2:c2:ae:99:f6:f5:0d:a1:68:a5:a1:72:85:2d:d9:
40:58:7c:a5:21:bc:49:1a:2d:91:4c:b0:f7:f3:f8:
86:f0:5e:ef:37:85:85:33:47:96:37:61:6a:d4:82:
8b:4f:63:6e:71:ed:96:62:e9:71:88:e8:93:a4:42:
7f:59:c7:5e:23:06:db:59:46:f2:d9:7f:39:5b:38:
07:24:4d:db:7f:e5:5a:f7:30:95:95:7e:8a:c1:4a:
60:1a:89:75:9f:f8:9e:a4:47:eb:00:e5:96:39:da:
1e:7b:bb:50:c1:5a:33:07:2b:f4:ea:87:b0:e6:0e:
54:b4:a9:4c:73:5a:94:38:bd:6a:e7:75:87:ca:57:
d9:a0:cb:9a:f7:49:41:09:6c:87:b6:a9:49:5c:5e:
66:b6:5b:97:70:09:69:d3:d6:a6:c5:60:75:56:fb:
86:75:54:b9:0b:cf:ea:86:76:6f:b1:c7:c6:1b:16:
a7:da:8b:31:76:6c:82:1a:f0:55:f6:ff:e1:b2:cf:
de:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:DA:C3:A8:BE:B0:A3:5E:3F:86:4F:C5:6A:70:71:FE:23:11:59:51
X509v3 Authority Key Identifier:
keyid:9F:6F:B7:95:41:79:A9:66:6B:4C:B6:AF:E3:46:D1:E2:1E:C3:0E:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n2-3lUF5qWZrTLav40bR4h7DDkU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/0a3fff-1a42-4044-ae8f-7354a73bda7e/1/qtrDqL6wo14_hk_FanBx_iMRWVE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/0a3fff-1a42-4044-ae8f-7354a73bda7e/1/n2-3lUF5qWZrTLav40bR4h7DDkU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.249.208.0/21
91.200.16.0/22
91.236.189.0/24
185.55.136.0/22
193.105.101.0/24
195.60.82.128/26
195.69.144.0/22
IPv6:
2001:67c:1a8::/48
2001:7f8:1::/48
2a02:4b60::/32
Signature Algorithm: sha256WithRSAEncryption
31:45:85:d3:8b:30:e2:fe:64:52:47:09:d9:02:27:07:77:f4:
18:05:ba:00:ec:84:1f:6b:5f:db:3e:cf:81:7a:01:ed:52:fa:
8e:7a:e3:7a:cf:8d:2f:d2:81:8a:d3:72:b8:63:29:4b:18:f9:
d4:28:60:f0:cc:fe:1a:94:84:52:f8:cb:f5:ba:70:3b:8a:d1:
58:e2:77:7d:25:55:36:3b:2b:07:c0:76:da:13:f1:f5:06:03:
7c:d3:1b:2b:1c:b9:e0:73:2f:35:f2:26:ae:06:07:4a:a8:83:
3e:06:64:14:7d:5a:d7:de:46:ca:47:69:5d:bf:31:3a:f2:d4:
9f:dd:d6:48:c0:22:e9:73:cd:e7:da:aa:ec:18:7a:9c:9b:7d:
6c:e0:22:ee:29:03:6f:f4:86:4e:8d:d9:2c:af:bb:ac:ca:26:
f5:07:b0:64:75:1e:f1:ac:26:33:76:ee:b5:33:c5:aa:f9:68:
4b:85:5b:59:7f:9e:bf:ec:ee:8e:1c:19:c0:1a:93:b7:14:53:
9b:32:bb:ca:2a:36:28:9b:8a:eb:7c:ea:90:3d:71:e5:cf:dc:
d7:66:b3:8e:20:77:12:09:c9:cd:53:97:bd:0d:72:73:1a:0f:
93:df:46:18:4b:d1:94:75:cd:60:10:35:01:95:4f:86:73:c5:
97:e3:c2:46
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIEGA6XjjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZjZmYjc5NTQxNzlhOTY2NmI0Y2I2YWZlMzQ2ZDFlMjFlYzMwZTQ1MB4XDTIyMDEw
MTAxNTgzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWFkYWMzYThiZWIw
YTM1ZTNmODY0ZmM1NmE3MDcxZmUyMzExNTk1MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJiHA2BYa1bHBtUcI3uf8XNSOs23+mrVrdseeltCFX2/MgH9
WDufcQdetbEKgx7X3CKELjD1UcvuA8NXssKumfb1DaFopaFyhS3ZQFh8pSG8SRot
kUyw9/P4hvBe7zeFhTNHljdhatSCi09jbnHtlmLpcYjok6RCf1nHXiMG21lG8tl/
OVs4ByRN23/lWvcwlZV+isFKYBqJdZ/4nqRH6wDlljnaHnu7UMFaMwcr9OqHsOYO
VLSpTHNalDi9aud1h8pX2aDLmvdJQQlsh7apSVxeZrZbl3AJadPWpsVgdVb7hnVU
uQvP6oZ2b7HHxhsWp9qLMXZsghrwVfb/4bLP3n0CAwEAAaOCAk8wggJLMB0GA1Ud
DgQWBBSq2sOovrCjXj+GT8VqcHH+IxFZUTAfBgNVHSMEGDAWgBSfb7eVQXmpZmtM
tq/jRtHiHsMORTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L24yLTNsVUY1cVdaclRMYXY0MGJSNGg3RERrVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjIvMGEzZmZmLTFhNDItNDA0NC1hZThmLTczNTRhNzNiZGE3ZS8x
L3F0ckRxTDZ3bzE0X2hrX0ZhbkJ4X2lNUldWRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjIv
MGEzZmZmLTFhNDItNDA0NC1hZThmLTczNTRhNzNiZGE3ZS8xL24yLTNsVUY1cVda
clRMYXY0MGJSNGg3RERrVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBl
BggrBgEFBQcBBwEB/wRWMFQwMQQCAAEwKwMEA1D50AMEAlvIEAMEAFvsvQMEArk3
iAMEAMFpZQMFBsM8UoADBALDRZAwHwQCAAIwGQMHACABBnwBqAMHACABB/gAAQMF
ACoCS2AwDQYJKoZIhvcNAQELBQADggEBADFFhdOLMOL+ZFJHCdkCJwd39BgFugDs
hB9rX9s+z4F6Ae1S+o5643rPjS/SgYrTcrhjKUsY+dQoYPDM/hqUhFL4y/W6cDuK
0Vjid30lVTY7KwfAdtoT8fUGA3zTGyscueBzLzXyJq4GB0qogz4GZBR9WtfeRspH
aV2/MTry1J/d1kjAIulzzefaquwYepybfWzgIu4pA2/0hk6N2Syvu6zKJvUHsGR1
HvGsJjN27rUzxar5aEuFW1l/nr/s7o4cGcAak7cUU5syu8oqNiibiut86pA9ceXP
3Ndms44gdxIJyc1Tl70NcnMaD5PfRhhL0ZR1zWAQNQGVT4ZzxZfjwkY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:56 2024 by rpki-client on console-ams.rpki-client.org