Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/1e1d69-0bfd-40af-88b1-ab40b58a2892/1/qmeS2_b-NeewDzneFc8470yp7K8.roa
File: qmeS2_b-NeewDzneFc8470yp7K8.roa (raw, json)
Hash identifier: iLgFiLyyOXQg2ACaUPAUfPz8C98PYIvKjNhtTkxkjoA=
Subject key identifier: AA:67:92:DB:F6:FE:35:E7:B0:0F:39:DE:15:CF:38:EF:4C:A9:EC:AF
Certificate issuer: /CN=1074db96402ff5cf187564560ea8f13eeeb5ffeb
Certificate serial: 01848B2D0BC5141B9FF11651EA64CB8200C9
Authority key identifier: 10:74:DB:96:40:2F:F5:CF:18:75:64:56:0E:A8:F1:3E:EE:B5:FF:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EHTblkAv9c8YdWRWDqjxPu61_-s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/1e1d69-0bfd-40af-88b1-ab40b58a2892/1/qmeS2_b-NeewDzneFc8470yp7K8.roa
Signing time: Fri 18 Nov 2022 14:38:15 +0000
ROA not before: Fri 18 Nov 2022 14:38:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8685
IP address blocks: 212.2.192.0/21 maxlen: 21
212.2.192.0/19 maxlen: 24
212.2.192.0/24 maxlen: 24
212.2.194.0/24 maxlen: 24
212.2.193.0/24 maxlen: 24
212.2.199.0/24 maxlen: 24
212.2.198.0/24 maxlen: 24
212.2.197.0/24 maxlen: 24
212.2.196.0/24 maxlen: 24
212.2.195.0/24 maxlen: 24
212.2.206.0/24 maxlen: 24
212.2.204.0/22 maxlen: 22
212.2.204.0/23 maxlen: 23
212.2.205.0/24 maxlen: 24
212.2.204.0/24 maxlen: 24
212.2.213.0/24 maxlen: 24
212.2.212.0/24 maxlen: 24
212.2.211.0/24 maxlen: 24
212.2.212.0/23 maxlen: 23
212.2.210.0/24 maxlen: 24
212.2.209.0/24 maxlen: 24
212.2.208.0/24 maxlen: 24
212.2.216.0/21 maxlen: 21
212.2.217.0/24 maxlen: 24
212.2.216.0/24 maxlen: 24
212.2.215.0/24 maxlen: 24
212.2.222.0/24 maxlen: 24
82.151.131.0/24 maxlen: 24
82.151.128.0/19 maxlen: 24
82.151.128.0/20 maxlen: 20
82.151.132.0/24 maxlen: 24
82.151.138.0/24 maxlen: 24
82.151.134.0/24 maxlen: 24
82.151.133.0/24 maxlen: 24
82.151.144.0/20 maxlen: 20
82.151.144.0/24 maxlen: 24
82.151.143.0/24 maxlen: 24
82.151.142.0/24 maxlen: 24
82.151.140.0/24 maxlen: 24
185.58.244.0/22 maxlen: 24
94.102.64.0/20 maxlen: 24
94.102.64.0/21 maxlen: 21
94.102.70.0/23 maxlen: 24
94.102.72.0/21 maxlen: 24
94.102.76.0/24 maxlen: 24
212.58.31.0/24 maxlen: 24
212.58.28.0/24 maxlen: 24
81.21.174.0/24 maxlen: 24
81.21.166.0/24 maxlen: 24
81.21.161.0/24 maxlen: 24
81.21.160.0/20 maxlen: 24
81.21.160.0/21 maxlen: 21
81.21.170.0/24 maxlen: 24
81.21.169.0/24 maxlen: 24
81.21.168.0/21 maxlen: 24
81.21.167.0/24 maxlen: 24
82.151.154.0/23 maxlen: 24
212.58.0.0/19 maxlen: 24
212.58.0.0/24 maxlen: 24
212.58.0.0/21 maxlen: 21
212.58.8.0/21 maxlen: 24
212.58.16.0/24 maxlen: 24
212.58.16.0/21 maxlen: 24
212.58.13.0/24 maxlen: 24
212.58.24.0/21 maxlen: 24
212.58.18.0/24 maxlen: 24
213.155.96.0/21 maxlen: 21
213.155.96.0/19 maxlen: 24
213.155.104.0/21 maxlen: 24
213.155.103.0/24 maxlen: 24
213.155.99.0/24 maxlen: 24
213.155.112.0/21 maxlen: 24
213.155.124.0/22 maxlen: 24
213.155.122.0/23 maxlen: 24
213.155.121.0/24 maxlen: 24
213.155.120.0/23 maxlen: 24
2a02:480::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:8b:2d:0b:c5:14:1b:9f:f1:16:51:ea:64:cb:82:00:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1074db96402ff5cf187564560ea8f13eeeb5ffeb
Validity
Not Before: Nov 18 14:38:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aa6792dbf6fe35e7b00f39de15cf38ef4ca9ecaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:b0:05:ea:8f:49:83:73:db:23:30:d2:58:58:
2f:1d:15:b5:6e:11:20:62:3a:3c:95:45:13:6d:bf:
ac:f9:2a:29:01:fe:f0:ca:53:16:b4:2d:8b:d3:54:
7f:27:54:5f:f7:81:df:7b:0a:61:5e:83:13:36:fb:
1a:31:60:33:4d:2a:37:9c:b4:24:87:44:d8:26:79:
62:6e:d0:bb:9e:48:29:7e:32:41:7c:14:ee:ef:6d:
02:f7:98:2a:fc:2c:8b:44:db:d0:3b:0c:2a:2b:80:
8d:66:1b:b0:0d:24:c8:72:30:6c:23:4c:66:bb:a7:
7a:b2:d6:fa:1d:c7:e9:68:54:62:db:dc:c4:05:70:
83:5b:d8:3d:80:47:8b:db:e2:9c:96:d9:bf:d3:7c:
73:89:a8:75:81:fb:4d:b6:9e:f2:fe:9c:94:b3:05:
7b:d3:9c:a9:a6:e7:19:a5:65:42:d6:c0:bb:9c:c4:
04:27:06:a4:62:ef:f2:4f:7a:16:08:ef:a8:54:db:
75:f7:e0:11:50:3b:b9:b4:b3:39:43:f1:3a:53:cf:
7c:1c:db:d1:71:10:c1:f6:79:4a:07:02:25:5b:8c:
3a:e9:d0:2f:8c:dd:5e:0d:52:37:8e:15:4b:37:99:
d8:c1:ad:73:77:8d:e1:d0:44:21:eb:2c:77:75:48:
84:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:67:92:DB:F6:FE:35:E7:B0:0F:39:DE:15:CF:38:EF:4C:A9:EC:AF
X509v3 Authority Key Identifier:
keyid:10:74:DB:96:40:2F:F5:CF:18:75:64:56:0E:A8:F1:3E:EE:B5:FF:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EHTblkAv9c8YdWRWDqjxPu61_-s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/1e1d69-0bfd-40af-88b1-ab40b58a2892/1/qmeS2_b-NeewDzneFc8470yp7K8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/1e1d69-0bfd-40af-88b1-ab40b58a2892/1/EHTblkAv9c8YdWRWDqjxPu61_-s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.21.160.0/20
82.151.128.0/19
94.102.64.0/20
185.58.244.0/22
212.2.192.0/19
212.58.0.0/19
213.155.96.0/19
IPv6:
2a02:480::/32
Signature Algorithm: sha256WithRSAEncryption
55:d4:90:ba:9e:a2:e7:a6:d9:bc:cf:10:32:12:99:31:6a:43:
07:f2:74:5f:5b:13:5b:89:5a:e6:1a:e7:2f:28:47:c1:c2:1d:
42:d6:3b:65:ca:4b:32:e2:ca:c1:66:c0:a3:2b:aa:2f:b0:69:
18:5d:ca:97:f4:f9:24:5c:a2:58:8a:d7:e5:8e:44:40:5e:da:
bc:01:79:00:1b:95:c7:de:a5:5a:ff:17:41:59:50:e5:41:3c:
5f:b6:ad:10:6f:c9:4e:36:57:49:92:02:1f:34:77:04:64:94:
ab:13:da:c8:87:17:d9:aa:50:2e:f1:ac:da:33:91:4a:a3:b5:
8c:0f:05:2e:53:46:96:46:8a:ec:f9:4a:93:74:c5:4d:b7:bd:
91:6f:69:eb:96:9b:2f:48:91:6b:9a:d2:16:f2:c6:26:e3:2e:
d4:2b:24:dd:51:c7:65:29:81:bc:56:f1:cf:a5:e7:7d:2b:c4:
92:67:42:6f:5a:c5:38:49:e2:02:16:ca:54:f7:7e:f4:71:43:
1f:87:21:db:59:b1:0c:60:19:cf:1d:2f:49:0f:23:87:4c:98:
21:6e:20:d6:f7:f8:c8:9e:e1:ad:95:ff:7f:78:51:4e:00:f3:
d3:dd:1e:13:37:cf:77:d7:18:98:81:1f:7b:95:a7:fc:86:46:
77:77:98:31
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYSLLQvFFBuf8RZR6mTLggDJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNzRkYjk2NDAyZmY1Y2YxODc1NjQ1NjBlYThmMTNlZWVi
NWZmZWIwHhcNMjIxMTE4MTQzODE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTY3OTJkYmY2ZmUzNWU3YjAwZjM5ZGUxNWNmMzhlZjRjYTllY2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7AF6o9Jg3PbIzDSWFgvHRW1bhEg
Yjo8lUUTbb+s+SopAf7wylMWtC2L01R/J1Rf94HfewphXoMTNvsaMWAzTSo3nLQk
h0TYJnlibtC7nkgpfjJBfBTu720C95gq/CyLRNvQOwwqK4CNZhuwDSTIcjBsI0xm
u6d6stb6HcfpaFRi29zEBXCDW9g9gEeL2+Kcltm/03xziah1gftNtp7y/pyUswV7
05yppucZpWVC1sC7nMQEJwakYu/yT3oWCO+oVNt19+ARUDu5tLM5Q/E6U898HNvR
cRDB9nlKBwIlW4w66dAvjN1eDVI3jhVLN5nYwa1zd43h0EQh6yx3dUiEzQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFKpnktv2/jXnsA853hXPOO9MqeyvMB8GA1UdIwQY
MBaAFBB025ZAL/XPGHVkVg6o8T7utf/rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUhUYmxrQXY5YzhZZFdSV0RxanhQdTYxXy1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My8xZTFkNjktMGJmZC00MGFmLTg4YjEt
YWI0MGI1OGEyODkyLzEvcW1lUzJfYi1OZWV3RHpuZUZjODQ3MHlwN0s4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My8xZTFkNjktMGJmZC00MGFmLTg4YjEtYWI0MGI1OGEyODky
LzEvRUhUYmxrQXY5YzhZZFdSV0RxanhQdTYxXy1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQEURWgAwQF
UpeAAwQEXmZAAwQCuTr0AwQF1ALAAwQF1DoAAwQF1ZtgMA0EAgACMAcDBQAqAgSA
MA0GCSqGSIb3DQEBCwUAA4IBAQBV1JC6nqLnptm8zxAyEpkxakMH8nRfWxNbiVrm
GucvKEfBwh1C1jtlyksy4srBZsCjK6ovsGkYXcqX9PkkXKJYitfljkRAXtq8AXkA
G5XH3qVa/xdBWVDlQTxftq0Qb8lONldJkgIfNHcEZJSrE9rIhxfZqlAu8azaM5FK
o7WMDwUuU0aWRors+UqTdMVNt72Rb2nrlpsvSJFrmtIW8sYm4y7UKyTdUcdlKYG8
VvHPped9K8SSZ0JvWsU4SeICFspU9370cUMfhyHbWbEMYBnPHS9JDyOHTJghbiDW
9/jInuGtlf9/eFFOAPPT3R4TN8931xiYgR97laf8hkZ3d5gx
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:53 2023 by rpki-client on console-ams.rpki-client.org