Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qKkfjTxYDHWBbswodBVYVeAhxU0.roa
File: qKkfjTxYDHWBbswodBVYVeAhxU0.roa (raw, json)
Hash identifier: APfqSjWCi6/57g4WbHCjdFjveWQUy2lyezCGJ8vBigE=
Subject key identifier: A8:A9:1F:8D:3C:58:0C:75:81:6E:CC:28:74:15:58:55:E0:21:C5:4D
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018516163FB929C3218405D179B12FD7E16C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qKkfjTxYDHWBbswodBVYVeAhxU0.roa
Signing time: Thu 15 Dec 2022 14:00:34 +0000
ROA not before: Thu 15 Dec 2022 14:00:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58057
IP address blocks: 45.136.136.0/22 maxlen: 24
94.177.122.0/24 maxlen: 24
194.50.94.0/24 maxlen: 24
85.202.203.0/24 maxlen: 24
194.50.92.0/24 maxlen: 24
194.50.111.0/24 maxlen: 24
45.12.69.0/24 maxlen: 24
45.12.68.0/22 maxlen: 24
139.28.96.0/22 maxlen: 24
31.42.183.0/24 maxlen: 24
2a0e:97c0:260::/44 maxlen: 44
2a0e:b107:1165::/48 maxlen: 48
2a0c:3b80::/29 maxlen: 48
2a0e:97c1:200::/40 maxlen: 48
2001:7f8:119::/48 maxlen: 48
2a10:cc46:1000::/36 maxlen: 48
2a10:2f00:18f::/48 maxlen: 48
2a0e:97c0:170::/48 maxlen: 48
2a0e:b107:9f2::/48 maxlen: 48
2a10:cc40:250::/44 maxlen: 48
2a0f:e404:102::/48 maxlen: 48
2a09:4c0::/29 maxlen: 64
2a0e:b107:1786::/48 maxlen: 48
2a0e:97c4:100::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:16:16:3f:b9:29:c3:21:84:05:d1:79:b1:2f:d7:e1:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Dec 15 14:00:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a8a91f8d3c580c75816ecc2874155855e021c54d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:72:f4:9e:b6:b8:9a:41:fd:37:21:3d:1b:91:
58:86:47:f4:b1:b0:75:54:66:24:c8:2d:11:e3:21:
88:19:ea:7f:13:3b:b7:d3:6d:82:7a:6f:bb:cf:09:
ff:e0:c1:8f:c0:7e:f4:9b:65:28:5b:59:fe:27:19:
38:7f:a5:37:47:94:b2:d6:28:ae:48:98:25:02:cd:
a3:54:d5:77:c4:82:b8:58:55:12:27:3f:83:37:f5:
a4:ef:14:25:49:ea:dd:d5:ac:1b:98:ae:dc:e9:3d:
56:fc:71:03:8e:23:19:af:2b:92:79:be:b0:32:de:
0c:85:6e:2d:c8:95:be:26:c3:6d:cf:e6:48:23:26:
d9:5d:e5:8b:2a:ff:e9:c5:29:4e:96:19:be:1b:32:
81:e0:bf:df:d3:3c:98:28:f8:a7:4e:c8:fa:50:c4:
89:0b:0e:08:21:42:a8:7f:b4:90:71:cc:e5:cd:15:
e2:43:5b:80:d5:fb:f1:de:65:8f:89:54:50:20:3f:
e5:0b:70:6e:af:3d:e1:36:4b:6a:0b:63:14:2b:4f:
55:f6:b5:cb:93:e2:f2:20:e9:a3:bf:95:61:21:7f:
2a:84:44:d8:8c:aa:aa:86:05:bd:a3:89:40:11:9a:
04:8a:61:3e:b7:35:78:12:41:c8:8a:a3:84:45:03:
7e:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:A9:1F:8D:3C:58:0C:75:81:6E:CC:28:74:15:58:55:E0:21:C5:4D
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qKkfjTxYDHWBbswodBVYVeAhxU0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.183.0/24
45.12.68.0/22
45.136.136.0/22
85.202.203.0/24
94.177.122.0/24
139.28.96.0/22
194.50.92.0/24
194.50.94.0/24
194.50.111.0/24
IPv6:
2001:7f8:119::/48
2a09:4c0::/29
2a0c:3b80::/29
2a0e:97c0:170::/48
2a0e:97c0:260::/44
2a0e:97c1:200::/40
2a0e:97c4:100::/44
2a0e:b107:9f2::/48
2a0e:b107:1165::/48
2a0e:b107:1786::/48
2a0f:e404:102::/48
2a10:2f00:18f::/48
2a10:cc40:250::/44
2a10:cc46:1000::/36
Signature Algorithm: sha256WithRSAEncryption
2b:48:e4:dd:fb:3e:86:56:0c:5a:36:e9:a7:77:cf:59:8d:c9:
f0:1b:6f:f5:1d:3d:13:74:23:40:86:47:6d:d9:4b:2b:f0:8a:
6b:56:e7:fb:71:bf:ba:c7:ca:d5:e1:cc:a6:04:12:64:cc:03:
af:a8:8f:7d:71:0e:32:90:7e:2c:0b:29:86:18:f0:2f:79:1d:
47:b3:5d:39:81:47:41:0b:df:b2:f2:fd:84:c0:a3:04:1f:cd:
19:45:f2:56:bd:57:d6:10:79:93:b8:10:15:89:d5:fe:6a:83:
99:23:b9:68:05:11:bb:72:4e:50:05:52:7d:55:d7:ac:66:04:
8f:f7:c0:38:83:83:49:e5:a8:36:cb:f6:bc:60:79:32:5e:14:
84:58:2d:79:9d:18:79:41:5b:4c:17:44:88:6e:1c:b6:14:d4:
00:bd:0b:5f:27:da:7c:ad:c0:8e:10:19:64:65:08:ca:90:92:
9d:41:9d:5b:0d:2e:9c:4f:b8:af:1f:ca:80:39:25:92:63:57:
6f:9d:d0:d8:0b:bd:ac:e4:0b:96:d1:8e:71:bb:fd:13:4b:be:
92:3a:e3:0d:3b:66:19:da:27:0b:8b:8e:4b:08:32:b5:34:b8:
f5:01:5c:ee:ca:43:5e:6e:e9:5e:ed:d5:39:a9:93:bc:2d:e4:
08:f2:9f:42
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgISAYUWFj+5KcMhhAXRebEv1+FsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMjE1MTQwMDM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGE5MWY4ZDNjNTgwYzc1ODE2ZWNjMjg3NDE1NTg1NWUwMjFjNTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgHL0nra4mkH9NyE9G5FYhkf0sbB1
VGYkyC0R4yGIGep/Ezu3022Cem+7zwn/4MGPwH70m2UoW1n+Jxk4f6U3R5Sy1iiu
SJglAs2jVNV3xIK4WFUSJz+DN/Wk7xQlSerd1awbmK7c6T1W/HEDjiMZryuSeb6w
Mt4MhW4tyJW+JsNtz+ZIIybZXeWLKv/pxSlOlhm+GzKB4L/f0zyYKPinTsj6UMSJ
Cw4IIUKof7SQcczlzRXiQ1uA1fvx3mWPiVRQID/lC3Burz3hNktqC2MUK09V9rXL
k+LyIOmjv5VhIX8qhETYjKqqhgW9o4lAEZoEimE+tzV4EkHIiqOERQN+yQIDAQAB
o4ICvDCCArgwHQYDVR0OBBYEFKipH408WAx1gW7MKHQVWFXgIcVNMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvcUtrZmpUeFlESFdCYnN3b2RCVllWZUFoeFUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHRBggrBgEFBQcBBwEB/wSBwTCBvjA8BAIAATA2AwQAHyq3
AwQCLQxEAwQCLYiIAwQAVcrLAwQAXrF6AwQCixxgAwQAwjJcAwQAwjJeAwQAwjJv
MH4EAgACMHgDBwAgAQf4ARkDBQMqCQTAAwUDKgw7gAMHACoOl8ABcAMHBCoOl8AC
YAMGACoOl8ECAwcEKg6XxAEAAwcAKg6xBwnyAwcAKg6xBxFlAwcAKg6xBxeGAwcA
Kg/kBAECAwcAKhAvAAGPAwcEKhDMQAJQAwYEKhDMRhAwDQYJKoZIhvcNAQELBQAD
ggEBACtI5N37PoZWDFo26ad3z1mNyfAbb/UdPRN0I0CGR23ZSyvwimtW5/txv7rH
ytXhzKYEEmTMA6+oj31xDjKQfiwLKYYY8C95HUezXTmBR0EL37Ly/YTAowQfzRlF
8la9V9YQeZO4EBWJ1f5qg5kjuWgFEbtyTlAFUn1V16xmBI/3wDiDg0nlqDbL9rxg
eTJeFIRYLXmdGHlBW0wXRIhuHLYU1AC9C18n2nytwI4QGWRlCMqQkp1BnVsNLpxP
uK8fyoA5JZJjV2+d0NgLvazkC5bRjnG7/RNLvpI64w07ZhnaJwuLjksIMrU0uPUB
XO7KQ15u6V7t1Tmpk7wt5Ajyn0I=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:03 2023 by rpki-client on console-ams.rpki-client.org