Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/qyMqLJU8AXT3YwJTzC7YqLvdViY.roa
File: qyMqLJU8AXT3YwJTzC7YqLvdViY.roa (raw, json)
Hash identifier: VmWf/omXaYfsq7bxCyiCGaH/BEeS8vSZlnGb1a82/Ik=
Subject key identifier: AB:23:2A:2C:95:3C:01:74:F7:63:02:53:CC:2E:D8:A8:BB:DD:56:26
Certificate issuer: /CN=0551605b675ece4e0fce7175ae31a93fa8272ba6
Certificate serial: 16B2E7E6
Authority key identifier: 05:51:60:5B:67:5E:CE:4E:0F:CE:71:75:AE:31:A9:3F:A8:27:2B:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BVFgW2dezk4PznF1rjGpP6gnK6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/qyMqLJU8AXT3YwJTzC7YqLvdViY.roa
Signing time: Thu 20 Jan 2022 15:24:43 +0000
ROA not before: Thu 20 Jan 2022 15:24:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42303
IP address blocks: 193.149.178.0/24 maxlen: 24
185.55.8.0/22 maxlen: 22
5.35.184.0/21 maxlen: 21
77.72.96.0/21 maxlen: 21
94.127.32.0/21 maxlen: 21
46.182.200.0/21 maxlen: 21
185.153.212.0/22 maxlen: 24
151.236.200.0/21 maxlen: 24
2a02:470::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 380823526 (0x16b2e7e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0551605b675ece4e0fce7175ae31a93fa8272ba6
Validity
Not Before: Jan 20 15:24:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ab232a2c953c0174f7630253cc2ed8a8bbdd5626
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:02:a5:a1:97:73:52:0e:8a:0b:ba:bc:23:a9:
f2:09:c1:3d:80:43:df:93:f6:55:de:f5:fe:2d:9a:
59:f1:8e:ea:bd:97:76:68:d1:96:28:d2:1f:8b:4e:
1b:9c:c9:c1:44:18:54:4f:1c:96:ed:98:f5:64:23:
41:4c:aa:fc:e0:5f:2c:79:90:1c:51:83:62:37:85:
80:6e:78:ab:43:53:ad:2c:47:0e:a3:d0:ea:09:bb:
0f:8c:72:a6:80:b7:e6:0a:c8:8d:10:8b:ef:2f:78:
fd:57:02:0f:c1:40:b8:5b:7e:59:68:78:61:d7:f8:
83:04:48:89:2d:db:aa:4b:f2:02:aa:bb:e8:37:e9:
df:6d:cd:9c:7b:08:cf:eb:61:d7:74:c5:7f:29:83:
44:40:c7:8f:68:6e:13:dc:7f:9f:d6:33:ae:8e:87:
fb:ce:ec:88:a1:5a:9e:1a:e5:62:27:ac:51:79:60:
53:c2:00:2f:08:0a:b5:d8:e5:2c:60:2c:ea:f8:3f:
ae:8d:c8:16:b1:03:80:58:80:0f:db:a5:07:ba:9b:
77:28:5e:5b:57:23:4d:95:89:8f:89:e0:cc:96:f6:
10:67:48:a5:01:3a:01:bd:f2:a6:31:af:43:4d:18:
14:33:69:87:2b:38:a8:8b:82:d3:b4:b1:e0:60:a5:
5e:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:23:2A:2C:95:3C:01:74:F7:63:02:53:CC:2E:D8:A8:BB:DD:56:26
X509v3 Authority Key Identifier:
keyid:05:51:60:5B:67:5E:CE:4E:0F:CE:71:75:AE:31:A9:3F:A8:27:2B:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BVFgW2dezk4PznF1rjGpP6gnK6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/qyMqLJU8AXT3YwJTzC7YqLvdViY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/BVFgW2dezk4PznF1rjGpP6gnK6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.184.0/21
46.182.200.0/21
77.72.96.0/21
94.127.32.0/21
151.236.200.0/21
185.55.8.0/22
185.153.212.0/22
193.149.178.0/24
IPv6:
2a02:470::/32
Signature Algorithm: sha256WithRSAEncryption
21:d4:bb:b3:d2:2e:46:39:fe:67:1c:ff:24:1e:b1:98:02:7e:
30:bc:d0:99:09:a9:19:33:ca:b8:c9:0f:2c:73:a0:a3:be:ab:
cf:a2:fa:ec:eb:70:e7:ae:a6:9c:1a:28:74:02:fd:2f:11:f4:
91:9a:a3:ff:46:46:8a:ad:c7:70:ec:47:ea:9c:7f:c0:4c:9b:
65:bc:63:11:a1:5b:9e:09:7e:e6:4f:57:12:2b:5d:29:9f:45:
e6:95:ec:c6:62:d9:db:cd:3b:da:79:77:7f:b1:b6:cf:7d:fc:
8d:8b:da:cf:3c:cf:6d:c7:c7:5a:ea:c8:cc:88:7f:05:e8:90:
ca:41:56:30:1a:2c:d6:83:17:27:b8:df:fc:10:bb:a7:23:8b:
b8:cb:4f:23:bf:3b:2e:a9:f0:65:9d:bb:01:cb:56:9a:1e:4e:
3a:65:a4:f6:ed:d0:6f:46:99:6f:e9:23:df:54:07:74:c3:9f:
76:0e:d0:27:ca:c4:cf:1f:4a:7a:30:2d:9c:98:8c:c2:8f:b4:
b5:65:29:47:a6:88:e3:b6:dc:c9:ae:6b:3d:30:bb:3c:c3:e2:
b8:c6:e4:1f:aa:ab:ac:93:3e:c9:03:fb:ad:b4:3e:4e:d0:84:
20:b6:70:9b:a8:cc:96:9d:dc:6e:db:c7:64:30:17:aa:94:04:
4a:61:cd:48
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIEFrLn5jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTUxNjA1YjY3NWVjZTRlMGZjZTcxNzVhZTMxYTkzZmE4MjcyYmE2MB4XDTIyMDEy
MDE1MjQ0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWIyMzJhMmM5NTNj
MDE3NGY3NjMwMjUzY2MyZWQ4YThiYmRkNTYyNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMACpaGXc1IOigu6vCOp8gnBPYBD35P2Vd71/i2aWfGO6r2X
dmjRlijSH4tOG5zJwUQYVE8clu2Y9WQjQUyq/OBfLHmQHFGDYjeFgG54q0NTrSxH
DqPQ6gm7D4xypoC35grIjRCL7y94/VcCD8FAuFt+WWh4Ydf4gwRIiS3bqkvyAqq7
6Dfp323NnHsIz+th13TFfymDREDHj2huE9x/n9Yzro6H+87siKFanhrlYiesUXlg
U8IALwgKtdjlLGAs6vg/ro3IFrEDgFiAD9ulB7qbdyheW1cjTZWJj4ngzJb2EGdI
pQE6Ab3ypjGvQ00YFDNphys4qIuC07Sx4GClXsECAwEAAaOCAkIwggI+MB0GA1Ud
DgQWBBSrIyoslTwBdPdjAlPMLtiou91WJjAfBgNVHSMEGDAWgBQFUWBbZ17OTg/O
cXWuMak/qCcrpjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JWRmdXMmRlems0UHpuRjFyakdwUDZnbks2WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvMjhlYTQ1LTdkMzAtNDZkZi04ZjJhLTA3NzlmNDhlY2VhMC8x
L3F5TXFMSlU4QVhUM1l3SlR6QzdZcUx2ZFZpWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
MjhlYTQ1LTdkMzAtNDZkZi04ZjJhLTA3NzlmNDhlY2VhMC8xL0JWRmdXMmRlems0
UHpuRjFyakdwUDZnbks2WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBY
BggrBgEFBQcBBwEB/wRJMEcwNgQCAAEwMAMEAwUjuAMEAy62yAMEA01IYAMEA15/
IAMEA5fsyAMEArk3CAMEArmZ1AMEAMGVsjANBAIAAjAHAwUAKgIEcDANBgkqhkiG
9w0BAQsFAAOCAQEAIdS7s9IuRjn+Zxz/JB6xmAJ+MLzQmQmpGTPKuMkPLHOgo76r
z6L67Otw566mnBoodAL9LxH0kZqj/0ZGiq3HcOxH6px/wEybZbxjEaFbngl+5k9X
EitdKZ9F5pXsxmLZ28072nl3f7G2z338jYvazzzPbcfHWurIzIh/BeiQykFWMBos
1oMXJ7jf/BC7pyOLuMtPI787LqnwZZ27ActWmh5OOmWk9u3Qb0aZb+kj31QHdMOf
dg7QJ8rEzx9KejAtnJiMwo+0tWUpR6aI47bcya5rPTC7PMPiuMbkH6qrrJM+yQP7
rbQ+TtCEILZwm6jMlp3cbtvHZDAXqpQESmHNSA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:51 2023 by rpki-client on console-ams.rpki-client.org