Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/cqZw44TBl2roBttf8u-1LYlKVFI.roa
File: cqZw44TBl2roBttf8u-1LYlKVFI.roa (raw, json)
Hash identifier: Of4E4KOa8AGzOpc674e9WKPhDFmeaybNLzw8puyBOcw=
Subject key identifier: 72:A6:70:E3:84:C1:97:6A:E8:06:DB:5F:F2:EF:B5:2D:89:4A:54:52
Certificate issuer: /CN=896a82a725ed22bb46847ae568912078de25c108
Certificate serial: 018571F0D70EA273059D5633654E914B1602
Authority key identifier: 89:6A:82:A7:25:ED:22:BB:46:84:7A:E5:68:91:20:78:DE:25:C1:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iWqCpyXtIrtGhHrlaJEgeN4lwQg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/cqZw44TBl2roBttf8u-1LYlKVFI.roa
Signing time: Mon 02 Jan 2023 10:04:47 +0000
ROA not before: Mon 02 Jan 2023 10:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44933
IP address blocks: 77.70.164.0/22 maxlen: 22
193.220.184.0/22 maxlen: 22
193.220.188.0/24 maxlen: 24
193.220.191.0/24 maxlen: 24
193.220.192.0/20 maxlen: 24
2a02:6604:3::/48 maxlen: 48
2a02:6600:2003::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:f0:d7:0e:a2:73:05:9d:56:33:65:4e:91:4b:16:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=896a82a725ed22bb46847ae568912078de25c108
Validity
Not Before: Jan 2 10:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=72a670e384c1976ae806db5ff2efb52d894a5452
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:96:ec:78:78:3e:85:a9:58:36:68:e6:a3:07:
cd:df:f2:d9:db:d3:6c:9a:10:df:1e:cc:1e:0c:38:
5a:26:a6:98:4f:f2:49:0b:e7:54:72:0b:18:62:01:
01:7e:5c:a7:7e:e8:dc:e5:5b:c4:d7:5e:32:37:e4:
76:17:8d:62:f3:fd:55:94:12:54:4d:c7:f0:aa:84:
04:05:eb:fd:16:68:82:10:4f:18:41:32:94:78:86:
6f:fa:99:db:23:41:de:bf:69:94:ad:e1:f3:7e:4f:
7d:ce:91:32:ad:e6:28:5a:b9:8c:24:da:a3:61:26:
10:41:73:88:a1:b5:fa:1f:47:b8:71:02:0a:cb:a8:
e9:e1:37:18:c4:9a:07:70:5b:f4:71:82:9c:49:59:
09:c8:30:b6:16:1e:17:a8:a2:40:17:59:76:c5:8e:
09:eb:c5:57:ba:5a:29:eb:a3:4d:8e:8b:d9:d3:81:
8f:95:5e:44:d0:a1:ee:12:f7:f8:d2:6d:37:11:4b:
8c:8a:fe:86:28:70:63:d7:fc:c2:d3:45:b1:a7:c9:
ea:03:6e:ea:aa:f5:b1:15:fb:c7:f8:29:42:9a:00:
5f:10:01:c2:7e:c3:25:38:ee:ad:20:f4:65:84:4c:
bf:d6:6b:32:0f:aa:14:82:7d:ce:8c:b9:88:ff:2f:
3e:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:A6:70:E3:84:C1:97:6A:E8:06:DB:5F:F2:EF:B5:2D:89:4A:54:52
X509v3 Authority Key Identifier:
keyid:89:6A:82:A7:25:ED:22:BB:46:84:7A:E5:68:91:20:78:DE:25:C1:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iWqCpyXtIrtGhHrlaJEgeN4lwQg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/cqZw44TBl2roBttf8u-1LYlKVFI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/iWqCpyXtIrtGhHrlaJEgeN4lwQg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.70.164.0/22
193.220.184.0-193.220.188.255
193.220.191.0-193.220.207.255
IPv6:
2a02:6600:2003::/48
2a02:6604:3::/48
Signature Algorithm: sha256WithRSAEncryption
af:83:4e:43:13:c3:34:9f:2c:94:74:72:1b:5d:29:a6:26:0a:
d8:f3:66:81:a1:c3:1c:ca:36:86:c4:79:5d:e8:b2:6f:99:94:
47:4f:b7:be:bd:7a:2e:9b:aa:95:6b:aa:8c:ca:0c:2e:3b:e0:
2a:80:d8:30:3f:ce:cc:d5:3b:6f:b5:dd:be:49:fb:f2:14:49:
2a:61:97:cf:6a:e9:55:c7:0a:57:78:cd:a4:e5:2f:9c:8b:7e:
29:cc:a3:f7:d2:c4:3d:87:2a:b5:24:48:72:ea:7d:84:75:16:
75:37:a0:b0:41:6e:34:0c:5c:bb:c1:d1:76:23:e1:65:b8:d5:
88:19:a5:ac:ac:02:f0:ff:89:38:bb:48:bd:be:a0:f9:3b:29:
b2:d1:d3:d3:cd:fb:e2:c2:91:28:9d:93:ed:4c:7a:d9:f0:ef:
1c:50:20:53:d5:f1:b0:67:9b:88:c8:a3:2a:99:b2:f7:d7:f7:
92:98:c3:b8:3f:51:33:a3:ea:56:f6:65:84:d3:35:8b:cd:7b:
aa:e6:2e:74:22:7c:37:f1:bb:5e:d9:6f:c5:52:23:9c:83:f1:
ff:93:48:35:74:60:d6:82:8e:3d:f6:28:f0:63:bd:0f:79:e1:
52:47:7b:91:90:ee:d9:ed:09:81:cb:03:1f:9a:d2:8d:26:4c:
21:54:14:b6
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYVx8NcOonMFnVYzZU6RSxYCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NmE4MmE3MjVlZDIyYmI0Njg0N2FlNTY4OTEyMDc4ZGUy
NWMxMDgwHhcNMjMwMTAyMTAwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmE2NzBlMzg0YzE5NzZhZTgwNmRiNWZmMmVmYjUyZDg5NGE1NDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+JbseHg+halYNmjmowfN3/LZ29Ns
mhDfHsweDDhaJqaYT/JJC+dUcgsYYgEBflynfujc5VvE114yN+R2F41i8/1VlBJU
TcfwqoQEBev9FmiCEE8YQTKUeIZv+pnbI0Hev2mUreHzfk99zpEyreYoWrmMJNqj
YSYQQXOIobX6H0e4cQIKy6jp4TcYxJoHcFv0cYKcSVkJyDC2Fh4XqKJAF1l2xY4J
68VXulop66NNjovZ04GPlV5E0KHuEvf40m03EUuMiv6GKHBj1/zC00Wxp8nqA27q
qvWxFfvH+ClCmgBfEAHCfsMlOO6tIPRlhEy/1msyD6oUgn3OjLmI/y8+nQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFHKmcOOEwZdq6AbbX/LvtS2JSlRSMB8GA1UdIwQY
MBaAFIlqgqcl7SK7RoR65WiRIHjeJcEIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVdxQ3B5WHRJcnRHaEhybGFKRWdlTjRsd1FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8zZmM4ZGEtMzUxNS00MzRkLTlmMGUt
MDQwMTI3MTAyMjA5LzEvY3FadzQ0VEJsMnJvQnR0Zjh1LTFMWWxLVkZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC8zZmM4ZGEtMzUxNS00MzRkLTlmMGUtMDQwMTI3MTAyMjA5
LzEvaVdxQ3B5WHRJcnRHaEhybGFKRWdlTjRsd1FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAoBAIAATAiAwQCTUakMAwD
BAPB3LgDBADB3LwwDAMEAMHcvwMEBMHcwDAYBAIAAjASAwcAKgJmACADAwcAKgJm
BAADMA0GCSqGSIb3DQEBCwUAA4IBAQCvg05DE8M0nyyUdHIbXSmmJgrY82aBocMc
yjaGxHld6LJvmZRHT7e+vXoum6qVa6qMygwuO+AqgNgwP87M1Ttvtd2+SfvyFEkq
YZfPaulVxwpXeM2k5S+ci34pzKP30sQ9hyq1JEhy6n2EdRZ1N6CwQW40DFy7wdF2
I+FluNWIGaWsrALw/4k4u0i9vqD5Oymy0dPTzfviwpEonZPtTHrZ8O8cUCBT1fGw
Z5uIyKMqmbL31/eSmMO4P1Ezo+pW9mWE0zWLzXuq5i50Inw38bte2W/FUiOcg/H/
k0g1dGDWgo499ijwY70PeeFSR3uRkO7Z7QmBywMfmtKNJkwhVBS2
-----END CERTIFICATE-----
Generated at Fri Apr 18 16:42:12 2025 by rpki-client