Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/057780-52e8-4777-8a25-021c2e0735b1/1/qtIahX1lxHXCp8HVLU8xyfGuH-0.roa
File: qtIahX1lxHXCp8HVLU8xyfGuH-0.roa (raw, json)
Hash identifier: mjAnMKRBn8QE+mNf9o2A2Y0oAvvN8yctNrMFRkftTRo=
Subject key identifier: AA:D2:1A:85:7D:65:C4:75:C2:A7:C1:D5:2D:4F:31:C9:F1:AE:1F:ED
Certificate issuer: /CN=1f688f9857d9e440c1058dc8959e49f8b3183f61
Certificate serial: 0924E31C
Authority key identifier: 1F:68:8F:98:57:D9:E4:40:C1:05:8D:C8:95:9E:49:F8:B3:18:3F:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H2iPmFfZ5EDBBY3IlZ5J-LMYP2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/057780-52e8-4777-8a25-021c2e0735b1/1/qtIahX1lxHXCp8HVLU8xyfGuH-0.roa
Signing time: Sat 01 Jan 2022 05:52:46 +0000
ROA not before: Sat 01 Jan 2022 05:52:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205581
IP address blocks: 85.209.240.0/24 maxlen: 24
85.209.243.0/24 maxlen: 24
85.209.242.0/24 maxlen: 24
85.209.241.0/24 maxlen: 24
2a0e:b784::/32 maxlen: 32
2a0e:b782::/32 maxlen: 32
2a0e:b780::/32 maxlen: 32
2a0e:b786::/32 maxlen: 32
2a0e:b785::/32 maxlen: 32
2a0e:b783::/32 maxlen: 32
2a0e:b787::/32 maxlen: 32
2a0e:b781::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 153412380 (0x924e31c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f688f9857d9e440c1058dc8959e49f8b3183f61
Validity
Not Before: Jan 1 05:52:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aad21a857d65c475c2a7c1d52d4f31c9f1ae1fed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:cc:7b:37:84:64:ba:41:76:4e:be:96:38:d6:
43:0d:16:ad:77:7d:d0:26:ed:6f:5e:7f:78:56:c6:
18:3e:db:52:4a:e2:f9:9d:01:b9:6b:35:cb:40:8b:
61:8c:22:43:52:0d:fe:2c:67:1a:64:d5:59:4a:03:
8f:87:c8:b1:8e:dc:4f:cf:79:9e:db:2c:88:5d:ec:
29:c5:29:95:f6:06:31:d4:47:70:29:45:a7:1d:06:
10:d4:8d:55:e1:57:90:81:a3:ab:95:01:e4:5d:65:
1e:c9:ed:d0:11:f5:74:a6:49:7b:c4:7f:3d:c0:52:
0b:2c:4a:a0:b0:cf:eb:7b:dd:15:76:21:e7:fd:a7:
14:34:bd:b3:ef:58:81:44:4b:03:af:62:56:6c:43:
0d:2d:da:6d:e5:b3:23:45:32:62:3e:41:af:87:88:
67:97:68:6c:75:27:50:4e:d2:12:67:22:66:28:4b:
e9:1b:44:20:20:bb:40:3f:be:12:36:bb:2e:41:61:
ce:e9:f2:86:b6:1e:2f:6d:82:0a:a0:e0:7b:32:24:
fa:a9:0d:76:b9:bd:b1:9c:14:ab:d8:45:19:d3:4b:
3d:3d:a4:b2:a2:3f:42:b2:1f:35:f0:e5:4a:62:53:
51:a6:c1:ef:6a:a0:c9:aa:a3:52:44:ce:20:5c:16:
c0:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:D2:1A:85:7D:65:C4:75:C2:A7:C1:D5:2D:4F:31:C9:F1:AE:1F:ED
X509v3 Authority Key Identifier:
keyid:1F:68:8F:98:57:D9:E4:40:C1:05:8D:C8:95:9E:49:F8:B3:18:3F:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H2iPmFfZ5EDBBY3IlZ5J-LMYP2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/057780-52e8-4777-8a25-021c2e0735b1/1/qtIahX1lxHXCp8HVLU8xyfGuH-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/057780-52e8-4777-8a25-021c2e0735b1/1/H2iPmFfZ5EDBBY3IlZ5J-LMYP2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.240.0/22
IPv6:
2a0e:b780::/29
Signature Algorithm: sha256WithRSAEncryption
0e:d3:2c:f0:6d:9d:50:38:19:e5:cc:bf:e1:18:01:96:65:ae:
ae:00:04:3a:1a:1c:21:2e:fe:e4:81:bb:19:3c:ff:03:3a:33:
fe:1b:66:49:0c:67:ba:ac:c1:aa:3a:3e:3a:43:98:72:c0:b2:
e5:0b:7c:dd:01:2d:84:3f:6f:72:ac:2a:4c:10:6a:63:3d:28:
8c:1d:c3:7a:56:3a:6f:78:89:fa:8e:09:55:82:7b:f5:ed:ad:
d1:a3:48:b1:b3:51:63:62:6a:e7:02:6c:2e:f8:27:61:2d:1f:
27:34:e8:0b:4b:69:53:54:4d:b9:1e:a2:ae:f8:69:6a:b5:ad:
8f:96:e7:e3:7e:61:fb:22:a1:7d:65:e7:5a:6d:d3:af:25:b0:
c7:2e:31:a2:ae:c7:5f:2b:0f:22:2b:1b:a9:0a:11:2a:2f:87:
f9:e9:eb:42:22:a5:17:48:78:44:ec:c0:db:96:7c:89:e5:1e:
1e:d5:f6:60:e4:1c:91:f0:25:7b:64:a3:71:b3:98:2d:74:c7:
ad:42:38:f0:78:02:62:40:77:e7:e6:98:b7:5c:58:bd:8b:b7:
03:c2:95:d9:83:88:9d:ea:4b:61:1e:91:cb:c9:09:9e:08:7e:
eb:4b:8c:b5:62:70:65:57:c2:b1:2e:e3:33:13:5f:87:52:55:
2e:35:46:08
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECSTjHDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZjY4OGY5ODU3ZDllNDQwYzEwNThkYzg5NTllNDlmOGIzMTgzZjYxMB4XDTIyMDEw
MTA1NTI0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWFkMjFhODU3ZDY1
YzQ3NWMyYTdjMWQ1MmQ0ZjMxYzlmMWFlMWZlZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMXMezeEZLpBdk6+ljjWQw0WrXd90Cbtb15/eFbGGD7bUkri
+Z0BuWs1y0CLYYwiQ1IN/ixnGmTVWUoDj4fIsY7cT895ntssiF3sKcUplfYGMdRH
cClFpx0GENSNVeFXkIGjq5UB5F1lHsnt0BH1dKZJe8R/PcBSCyxKoLDP63vdFXYh
5/2nFDS9s+9YgURLA69iVmxDDS3abeWzI0UyYj5Br4eIZ5dobHUnUE7SEmciZihL
6RtEICC7QD++Eja7LkFhzunyhrYeL22CCqDgezIk+qkNdrm9sZwUq9hFGdNLPT2k
sqI/QrIfNfDlSmJTUabB72qgyaqjUkTOIFwWwCkCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSq0hqFfWXEdcKnwdUtTzHJ8a4f7TAfBgNVHSMEGDAWgBQfaI+YV9nkQMEF
jciVnkn4sxg/YTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0gyaVBtRmZaNUVEQkJZM0lsWjVKLUxNWVAyRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGYvMDU3NzgwLTUyZTgtNDc3Ny04YTI1LTAyMWMyZTA3MzViMS8x
L3F0SWFoWDFseEhYQ3A4SFZMVTh4eWZHdUgtMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYv
MDU3NzgwLTUyZTgtNDc3Ny04YTI1LTAyMWMyZTA3MzViMS8xL0gyaVBtRmZaNUVE
QkJZM0lsWjVKLUxNWVAyRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAlXR8DANBAIAAjAHAwUDKg63gDAN
BgkqhkiG9w0BAQsFAAOCAQEADtMs8G2dUDgZ5cy/4RgBlmWurgAEOhocIS7+5IG7
GTz/Azoz/htmSQxnuqzBqjo+OkOYcsCy5Qt83QEthD9vcqwqTBBqYz0ojB3DelY6
b3iJ+o4JVYJ79e2t0aNIsbNRY2Jq5wJsLvgnYS0fJzToC0tpU1RNuR6irvhparWt
j5bn435h+yKhfWXnWm3TryWwxy4xoq7HXysPIisbqQoRKi+H+enrQiKlF0h4ROzA
25Z8ieUeHtX2YOQckfAle2SjcbOYLXTHrUI48HgCYkB35+aYt1xYvYu3A8KV2YOI
nepLYR6Ry8kJngh+60uMtWJwZVfCsS7jMxNfh1JVLjVGCA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:46 2023 by rpki-client on console-ams.rpki-client.org