Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/3c9c3c-d608-4ea2-9a28-c11ec6ea86b8/1/QLPJ6W634gn5wMar63EmzljKVUg.roa
File: QLPJ6W634gn5wMar63EmzljKVUg.roa (raw, json)
Hash identifier: E69cWjTuXY6PtxUAABjiPTpCT/bBGiXutpIVsVA+QpA=
Subject key identifier: 40:B3:C9:E9:6E:B7:E2:09:F9:C0:C6:AB:EB:71:26:CE:58:CA:55:48
Certificate issuer: /CN=ce9135dfed0bb6335d19ddd6d7e99f48afbe3c01
Certificate serial: 033B29AC
Authority key identifier: CE:91:35:DF:ED:0B:B6:33:5D:19:DD:D6:D7:E9:9F:48:AF:BE:3C:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zpE13-0LtjNdGd3W1-mfSK--PAE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/3c9c3c-d608-4ea2-9a28-c11ec6ea86b8/1/QLPJ6W634gn5wMar63EmzljKVUg.roa
Signing time: Sat 01 Jan 2022 15:59:19 +0000
ROA not before: Sat 01 Jan 2022 15:59:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 13005
IP address blocks: 213.170.132.0/24 maxlen: 32
213.170.128.0/22 maxlen: 32
213.170.136.0/22 maxlen: 32
213.170.134.0/24 maxlen: 32
85.113.68.0/23 maxlen: 32
213.170.144.0/24 maxlen: 32
213.170.140.0/24 maxlen: 32
213.170.150.0/24 maxlen: 32
213.170.152.0/23 maxlen: 32
213.170.148.0/23 maxlen: 32
213.170.147.0/24 maxlen: 32
213.170.154.0/24 maxlen: 32
2001:be0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54208940 (0x33b29ac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce9135dfed0bb6335d19ddd6d7e99f48afbe3c01
Validity
Not Before: Jan 1 15:59:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=40b3c9e96eb7e209f9c0c6abeb7126ce58ca5548
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:58:f5:d5:7d:cd:d5:62:47:ff:62:41:e9:29:
cf:12:fa:6c:84:91:31:9d:95:e8:1b:57:0c:91:3f:
c8:65:59:df:49:91:8e:62:72:17:ef:16:80:f0:19:
73:1b:c8:73:ee:b0:53:83:d4:ea:5f:cf:89:47:c8:
7e:b7:89:5e:e5:44:15:77:8e:c1:f9:76:8f:64:f1:
2e:e8:f6:ca:c7:48:6f:e9:05:d8:80:0f:fb:7b:dc:
2b:2d:8d:fd:08:36:5b:2b:62:cb:10:30:28:04:7f:
7d:a5:66:c1:40:69:10:8a:7d:b8:ab:76:b1:14:35:
cc:82:ee:2e:37:73:74:94:b1:8d:40:4a:bf:69:e1:
23:ae:04:56:b8:e3:f0:a6:af:6e:5e:c1:bd:f4:be:
93:cf:56:4a:13:e2:d3:4a:a7:a3:5a:20:d8:9c:09:
9c:2c:5e:d4:ce:13:f1:85:b7:75:7e:d3:08:45:87:
dc:42:4b:56:9a:72:da:33:6c:b5:f8:13:1a:17:7c:
ab:98:cc:0f:4f:0e:85:42:b1:46:49:5c:08:c7:41:
e6:0c:cb:da:ad:86:2e:c4:5a:7a:2f:9b:ea:a3:d9:
71:af:e6:33:a6:4c:b9:08:9d:f7:30:46:c2:72:ce:
72:38:9b:ae:8d:74:30:e5:67:14:84:e4:ef:34:9b:
32:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:B3:C9:E9:6E:B7:E2:09:F9:C0:C6:AB:EB:71:26:CE:58:CA:55:48
X509v3 Authority Key Identifier:
keyid:CE:91:35:DF:ED:0B:B6:33:5D:19:DD:D6:D7:E9:9F:48:AF:BE:3C:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zpE13-0LtjNdGd3W1-mfSK--PAE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/3c9c3c-d608-4ea2-9a28-c11ec6ea86b8/1/QLPJ6W634gn5wMar63EmzljKVUg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/3c9c3c-d608-4ea2-9a28-c11ec6ea86b8/1/zpE13-0LtjNdGd3W1-mfSK--PAE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.113.68.0/23
213.170.128.0-213.170.132.255
213.170.134.0/24
213.170.136.0-213.170.140.255
213.170.144.0/24
213.170.147.0-213.170.150.255
213.170.152.0-213.170.154.255
IPv6:
2001:be0::/32
Signature Algorithm: sha256WithRSAEncryption
a7:67:a3:ef:c8:8a:2f:d9:e9:e8:a4:ed:a7:1f:0c:61:1b:36:
0d:82:2f:a1:4e:7f:35:4a:e9:c8:27:07:62:c3:96:4c:0b:f7:
ed:7c:d6:22:55:45:b1:08:96:41:22:75:b9:00:7e:5a:66:7a:
4e:a4:fa:bb:db:f7:98:9e:80:56:a7:a6:5c:19:7e:c6:95:ec:
d6:74:f6:e3:d3:09:94:3a:d2:73:95:57:68:fb:ff:27:6f:6a:
68:c7:bf:54:7c:1d:f5:86:1f:71:86:9f:07:79:f2:76:0e:3a:
eb:79:de:fa:28:8b:20:af:73:ae:8c:43:fb:39:a1:f2:f6:5e:
41:5a:67:a1:35:a9:a1:8b:43:15:c2:2a:3c:21:b8:c4:0c:61:
29:dd:e1:20:c1:2f:35:48:6c:3d:9a:ff:02:c6:81:d0:05:5c:
79:07:d3:51:70:3e:47:a5:af:a4:cb:c2:6a:e9:0f:f1:1f:90:
81:15:7e:77:c5:87:6b:af:35:7c:15:95:bc:6b:64:62:df:ed:
bf:9e:63:9a:99:86:66:a6:24:c5:81:77:22:db:b2:ff:35:c0:
89:ba:56:7a:8b:3c:84:df:3c:05:2d:0d:d5:eb:dd:6a:60:b6:
6b:30:c8:fb:3c:2e:ac:44:c3:93:37:01:9e:91:bb:3d:68:45:
89:22:13:8e
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgIEAzsprDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZTkxMzVkZmVkMGJiNjMzNWQxOWRkZDZkN2U5OWY0OGFmYmUzYzAxMB4XDTIyMDEw
MTE1NTkxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDBiM2M5ZTk2ZWI3
ZTIwOWY5YzBjNmFiZWI3MTI2Y2U1OGNhNTU0ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKJY9dV9zdViR/9iQekpzxL6bISRMZ2V6BtXDJE/yGVZ30mR
jmJyF+8WgPAZcxvIc+6wU4PU6l/PiUfIfreJXuVEFXeOwfl2j2TxLuj2ysdIb+kF
2IAP+3vcKy2N/Qg2WytiyxAwKAR/faVmwUBpEIp9uKt2sRQ1zILuLjdzdJSxjUBK
v2nhI64EVrjj8Kavbl7BvfS+k89WShPi00qno1og2JwJnCxe1M4T8YW3dX7TCEWH
3EJLVppy2jNstfgTGhd8q5jMD08OhUKxRklcCMdB5gzL2q2GLsRaei+b6qPZca/m
M6ZMuQid9zBGwnLOcjibro10MOVnFITk7zSbMkUCAwEAAaOCAlwwggJYMB0GA1Ud
DgQWBBRAs8npbrfiCfnAxqvrcSbOWMpVSDAfBgNVHSMEGDAWgBTOkTXf7Qu2M10Z
3dbX6Z9Ir748ATAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pwRTEzLTBMdGpOZEdkM1cxLW1mU0stLVBBRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjgvM2M5YzNjLWQ2MDgtNGVhMi05YTI4LWMxMWVjNmVhODZiOC8x
L1FMUEo2VzYzNGduNXdNYXI2M0VtemxqS1ZVZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjgv
M2M5YzNjLWQ2MDgtNGVhMi05YTI4LWMxMWVjNmVhODZiOC8xL3pwRTEzLTBMdGpO
ZEdkM1cxLW1mU0stLVBBRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBy
BggrBgEFBQcBBwEB/wRjMGEwUAQCAAEwSgMEAVVxRDAMAwQH1aqAAwQA1aqEAwQA
1aqGMAwDBAPVqogDBADVqowDBADVqpAwDAMEANWqkwMEANWqljAMAwQD1aqYAwQA
1aqaMA0EAgACMAcDBQAgAQvgMA0GCSqGSIb3DQEBCwUAA4IBAQCnZ6PvyIov2eno
pO2nHwxhGzYNgi+hTn81SunIJwdiw5ZMC/ftfNYiVUWxCJZBInW5AH5aZnpOpPq7
2/eYnoBWp6ZcGX7GlezWdPbj0wmUOtJzlVdo+/8nb2pox79UfB31hh9xhp8HefJ2
Djrred76KIsgr3OujEP7OaHy9l5BWmehNamhi0MVwio8IbjEDGEp3eEgwS81SGw9
mv8CxoHQBVx5B9NRcD5Hpa+ky8Jq6Q/xH5CBFX53xYdrrzV8FZW8a2Ri3+2/nmOa
mYZmpiTFgXci27L/NcCJulZ6izyE3zwFLQ3V691qYLZrMMj7PC6sRMOTNwGekbs9
aEWJIhOO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:05 2024 by rpki-client on console-fra.rpki-client.org