Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/mqSuuirDe0L3U32Y3dJvG0ZZPF4.roa
File: mqSuuirDe0L3U32Y3dJvG0ZZPF4.roa (raw, json)
Hash identifier: Tu0M/N9NNGJNZrZb56rHY5vGA5c3/iqzCIBjVKjIM1M=
Subject key identifier: 9A:A4:AE:BA:2A:C3:7B:42:F7:53:7D:98:DD:D2:6F:1B:46:59:3C:5E
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 01848B4309A33061BD3A1D8AD0BA17C10A2F
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/mqSuuirDe0L3U32Y3dJvG0ZZPF4.roa
Signing time: Fri 18 Nov 2022 15:02:17 +0000
ROA not before: Fri 18 Nov 2022 15:02:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29262
IP address blocks: 185.254.54.0/24 maxlen: 24
185.254.55.0/24 maxlen: 24
139.28.32.0/22 maxlen: 22
141.98.50.0/24 maxlen: 24
188.119.68.0/22 maxlen: 22
83.171.244.0/22 maxlen: 22
193.187.140.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:8b:43:09:a3:30:61:bd:3a:1d:8a:d0:ba:17:c1:0a:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Nov 18 15:02:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9aa4aeba2ac37b42f7537d98ddd26f1b46593c5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:32:d5:ef:20:1b:60:3e:a4:78:d2:8c:49:70:
9c:a2:52:45:d4:b0:e1:15:bc:50:ed:83:31:33:b0:
d5:35:9d:3a:c1:41:e4:6e:37:a4:7f:1e:56:98:8e:
80:f0:9b:53:36:87:4c:c6:f9:e1:b5:5c:e1:c5:64:
f4:9c:15:06:11:77:c0:17:5d:a7:b1:f6:16:17:57:
14:b7:25:32:a9:cb:a0:f6:9e:35:dc:30:b7:c2:f3:
db:78:5b:c9:de:ee:7f:fb:d0:fd:2a:86:e0:17:0a:
69:b6:5f:8f:fe:c4:10:67:d3:a8:13:2a:bc:ad:b3:
3d:08:5c:91:a5:00:18:0d:63:cf:b2:cd:a2:60:28:
1e:cc:87:61:ec:3c:2c:70:34:31:d5:cd:36:b5:1f:
78:db:db:48:de:10:fd:d5:c0:08:78:78:58:c6:6b:
49:80:63:f6:a7:2e:11:10:4d:9b:cf:7e:0f:6a:21:
d4:f3:1c:69:f1:8d:25:51:cd:0b:b4:d4:63:51:02:
47:b1:bb:ff:f3:d8:e6:13:cd:ab:e3:fa:74:9a:7a:
cc:d0:fc:11:20:d8:45:56:e6:6e:c0:10:7e:bb:64:
a3:90:bd:c2:9a:57:5b:bb:9e:27:ea:f1:34:31:50:
bc:cb:62:bf:8e:f5:5e:8a:62:93:18:69:f4:49:84:
d9:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:A4:AE:BA:2A:C3:7B:42:F7:53:7D:98:DD:D2:6F:1B:46:59:3C:5E
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/mqSuuirDe0L3U32Y3dJvG0ZZPF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.171.244.0/22
139.28.32.0/22
141.98.50.0/24
185.254.54.0/23
188.119.68.0/22
193.187.140.0/22
Signature Algorithm: sha256WithRSAEncryption
93:ad:c2:2c:d0:49:40:75:b8:14:e1:ac:dd:85:ef:a1:ba:3a:
cb:ba:c4:d8:28:d0:45:5d:7d:d5:a9:32:27:5e:25:29:aa:58:
a2:af:a4:a8:81:e4:15:93:88:6b:36:5e:8c:fc:82:b7:2e:10:
d3:a8:14:cc:12:d0:a6:0f:ba:64:77:5f:f2:e4:fe:2d:18:22:
39:92:48:79:29:a1:5c:a6:44:78:53:79:35:00:40:ba:91:8b:
52:9d:f7:0b:f5:8f:3f:73:12:21:d3:54:f7:6c:aa:6b:dd:8f:
95:d3:7c:d3:be:e1:7c:58:bd:fe:f6:a6:71:2b:3b:e5:ef:da:
4f:c2:72:0f:dc:fb:93:eb:65:7e:62:0d:b2:8c:13:43:95:6e:
cb:8d:32:8e:00:6f:f7:c9:f1:79:ec:c1:e6:33:dc:ff:7e:fe:
87:09:a9:41:4c:59:25:46:8f:4a:fe:d6:d7:07:76:c0:e1:83:
a2:d9:f8:27:42:87:c6:c9:f8:98:e6:f8:01:8e:cb:fe:ce:db:
d8:bf:74:aa:af:eb:9a:ba:35:3f:f7:ad:5b:1f:32:3e:ed:c1:
63:6c:ee:fe:08:1a:57:40:1a:83:2f:71:97:46:7c:81:0f:d7:
0b:e8:8f:6f:37:c0:57:55:e2:19:63:c3:0a:58:81:82:e0:9b:
17:e3:28:98
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYSLQwmjMGG9Oh2K0LoXwQovMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjIxMTE4MTUwMjE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWE0YWViYTJhYzM3YjQyZjc1MzdkOThkZGQyNmYxYjQ2NTkzYzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhTLV7yAbYD6keNKMSXCcolJF1LDh
FbxQ7YMxM7DVNZ06wUHkbjekfx5WmI6A8JtTNodMxvnhtVzhxWT0nBUGEXfAF12n
sfYWF1cUtyUyqcug9p413DC3wvPbeFvJ3u5/+9D9KobgFwpptl+P/sQQZ9OoEyq8
rbM9CFyRpQAYDWPPss2iYCgezIdh7DwscDQx1c02tR9429tI3hD91cAIeHhYxmtJ
gGP2py4REE2bz34PaiHU8xxp8Y0lUc0LtNRjUQJHsbv/89jmE82r4/p0mnrM0PwR
INhFVuZuwBB+u2SjkL3Cmldbu54n6vE0MVC8y2K/jvVeimKTGGn0SYTZMQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJqkrroqw3tC91N9mN3SbxtGWTxeMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvbXFTdXVpckRlMEwzVTMyWTNkSnZHMFpaUEY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCU6v0AwQC
ixwgAwQAjWIyAwQBuf42AwQCvHdEAwQCwbuMMA0GCSqGSIb3DQEBCwUAA4IBAQCT
rcIs0ElAdbgU4azdhe+hujrLusTYKNBFXX3VqTInXiUpqliir6SogeQVk4hrNl6M
/IK3LhDTqBTMEtCmD7pkd1/y5P4tGCI5kkh5KaFcpkR4U3k1AEC6kYtSnfcL9Y8/
cxIh01T3bKpr3Y+V03zTvuF8WL3+9qZxKzvl79pPwnIP3PuT62V+Yg2yjBNDlW7L
jTKOAG/3yfF57MHmM9z/fv6HCalBTFklRo9K/tbXB3bA4YOi2fgnQofGyfiY5vgB
jsv+ztvYv3Sqr+uaujU/961bHzI+7cFjbO7+CBpXQBqDL3GXRnyBD9cL6I9vN8BX
VeIZY8MKWIGC4JsX4yiY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:50 2024 by rpki-client on console-fra.rpki-client.org