Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/q7RYd6ja0Nxnw-n9JEyXWLvA3ho.roa
File: q7RYd6ja0Nxnw-n9JEyXWLvA3ho.roa (raw, json)
Hash identifier: cO/JoUnoyprMiDt9kfahS/0yVjBkpWXXzo9jnqfg3mY=
Subject key identifier: AB:B4:58:77:A8:DA:D0:DC:67:C3:E9:FD:24:4C:97:58:BB:C0:DE:1A
Certificate issuer: /CN=dafb645f134f4fdada45e70bcfcd93b897dbd725
Certificate serial: 37F2EC88
Authority key identifier: DA:FB:64:5F:13:4F:4F:DA:DA:45:E7:0B:CF:CD:93:B8:97:DB:D7:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2vtkXxNPT9raRecLz82TuJfb1yU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/q7RYd6ja0Nxnw-n9JEyXWLvA3ho.roa
Signing time: Sat 01 Jan 2022 05:53:45 +0000
ROA not before: Sat 01 Jan 2022 05:53:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51074
IP address blocks: 185.115.148.0/22 maxlen: 24
37.130.204.0/23 maxlen: 23
37.130.200.0/21 maxlen: 24
37.130.202.0/23 maxlen: 23
178.252.128.0/18 maxlen: 24
5.220.0.0/14 maxlen: 24
178.252.178.0/24 maxlen: 24
178.252.179.0/24 maxlen: 24
31.184.128.0/18 maxlen: 24
2a02:2b58::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 938667144 (0x37f2ec88)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dafb645f134f4fdada45e70bcfcd93b897dbd725
Validity
Not Before: Jan 1 05:53:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=abb45877a8dad0dc67c3e9fd244c9758bbc0de1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f9:fa:e7:6d:a8:e0:04:87:23:bb:e9:72:85:
0a:67:8d:f7:c5:a1:8f:c3:fc:26:dd:05:30:00:26:
50:8c:3e:c0:73:db:53:cf:f0:a2:b0:e9:02:32:a2:
c0:51:da:3f:07:43:6c:33:3a:b6:c3:f4:bb:13:99:
00:4c:b3:d1:bc:9d:3c:ab:df:c8:d8:0c:fb:fc:f0:
ca:fc:d8:8c:ef:6e:02:6b:0a:f3:c8:05:7e:be:39:
07:fd:2a:85:c2:b2:25:9d:15:39:00:ca:90:c5:86:
1e:3f:2b:6f:2a:91:8f:76:31:7f:4e:30:69:2e:22:
35:2e:26:fb:ef:76:2a:cf:01:5d:a3:e6:29:63:e9:
45:d9:93:e8:3e:6b:da:65:94:3d:d7:1d:b7:9a:e1:
b5:e9:5b:9b:2a:41:cc:5e:d0:23:85:c4:06:43:25:
11:69:47:b4:24:69:53:61:af:2d:47:4c:53:ec:8c:
b8:40:5d:c1:6f:3e:34:ee:d2:8e:cd:c2:63:ef:5b:
65:82:f5:56:77:eb:0d:8f:35:4b:35:be:0a:7d:10:
53:0d:af:5c:77:ac:54:88:42:a5:69:d2:6c:44:5a:
21:98:1b:74:63:6c:ea:aa:b3:7d:b2:7d:9a:31:21:
7d:8f:3c:9a:f1:50:c2:fc:d4:7b:82:9e:0f:73:fa:
dc:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:B4:58:77:A8:DA:D0:DC:67:C3:E9:FD:24:4C:97:58:BB:C0:DE:1A
X509v3 Authority Key Identifier:
keyid:DA:FB:64:5F:13:4F:4F:DA:DA:45:E7:0B:CF:CD:93:B8:97:DB:D7:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2vtkXxNPT9raRecLz82TuJfb1yU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/q7RYd6ja0Nxnw-n9JEyXWLvA3ho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/2vtkXxNPT9raRecLz82TuJfb1yU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.220.0.0/14
31.184.128.0/18
37.130.200.0/21
178.252.128.0/18
185.115.148.0/22
IPv6:
2a02:2b58::/29
Signature Algorithm: sha256WithRSAEncryption
12:57:be:52:d2:23:52:fd:67:05:5f:69:b9:84:6a:6f:d6:52:
ce:a2:0f:f9:48:46:e2:da:ba:46:66:c9:c1:46:3c:d8:b5:64:
47:61:46:16:c8:5e:36:9d:9f:91:4e:2f:1c:dc:42:fd:59:69:
9d:22:fe:93:9b:1b:57:a7:7e:9f:43:35:c1:fc:e3:3d:f2:71:
ff:b4:36:e3:c9:f8:ac:83:4b:3f:59:f3:8f:8a:5e:dc:a9:40:
33:4a:d2:38:9c:ae:dd:27:b1:58:ff:4e:8f:29:57:16:cc:2f:
d7:ce:44:15:56:f0:7f:27:d1:96:55:ca:67:0a:63:03:47:fb:
9c:3b:1d:8f:49:6c:f4:59:f7:c2:bf:38:3c:45:46:81:7c:14:
69:ae:f4:06:dc:53:8a:27:43:01:01:a6:9e:91:1a:78:50:b2:
f5:b6:db:74:8c:d2:c3:96:8f:ec:4f:62:2b:4e:62:3d:4b:83:
a5:cf:82:ff:33:20:6d:38:1a:17:8b:c0:4b:21:c2:f2:fd:08:
31:5c:ad:52:39:5f:ac:e4:f8:70:ce:cb:d2:c1:c3:82:ce:52:
49:c6:60:73:1c:29:ac:c3:d3:59:40:7b:a4:98:51:e7:65:f5:
0b:09:3b:7b:b3:b4:11:96:71:ea:9a:42:9e:61:1d:d4:8f:77:
53:a2:0c:0e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgIEN/LsiDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YWZiNjQ1ZjEzNGY0ZmRhZGE0NWU3MGJjZmNkOTNiODk3ZGJkNzI1MB4XDTIyMDEw
MTA1NTM0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWJiNDU4NzdhOGRh
ZDBkYzY3YzNlOWZkMjQ0Yzk3NThiYmMwZGUxYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK35+udtqOAEhyO76XKFCmeN98Whj8P8Jt0FMAAmUIw+wHPb
U8/worDpAjKiwFHaPwdDbDM6tsP0uxOZAEyz0bydPKvfyNgM+/zwyvzYjO9uAmsK
88gFfr45B/0qhcKyJZ0VOQDKkMWGHj8rbyqRj3Yxf04waS4iNS4m++92Ks8BXaPm
KWPpRdmT6D5r2mWUPdcdt5rhtelbmypBzF7QI4XEBkMlEWlHtCRpU2GvLUdMU+yM
uEBdwW8+NO7Sjs3CY+9bZYL1VnfrDY81SzW+Cn0QUw2vXHesVIhCpWnSbERaIZgb
dGNs6qqzfbJ9mjEhfY88mvFQwvzUe4KeD3P63IsCAwEAAaOCAi8wggIrMB0GA1Ud
DgQWBBSrtFh3qNrQ3GfD6f0kTJdYu8DeGjAfBgNVHSMEGDAWgBTa+2RfE09P2tpF
5wvPzZO4l9vXJTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJ2dGtYeE5QVDlyYVJlY0x6ODJUdUpmYjF5VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTIvN2E0OGY1LWJkMjQtNGRjNC04Y2NhLTZiYTBhMGNlMDFlZC8x
L3E3UllkNmphME54bnctbjlKRXlYV0x2QTNoby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTIv
N2E0OGY1LWJkMjQtNGRjNC04Y2NhLTZiYTBhMGNlMDFlZC8xLzJ2dGtYeE5QVDly
YVJlY0x6ODJUdUpmYjF5VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBF
BggrBgEFBQcBBwEB/wQ2MDQwIwQCAAEwHQMDAgXcAwQGH7iAAwQDJYLIAwQGsvyA
AwQCuXOUMA0EAgACMAcDBQMqAitYMA0GCSqGSIb3DQEBCwUAA4IBAQASV75S0iNS
/WcFX2m5hGpv1lLOog/5SEbi2rpGZsnBRjzYtWRHYUYWyF42nZ+RTi8c3EL9WWmd
Iv6TmxtXp36fQzXB/OM98nH/tDbjyfisg0s/WfOPil7cqUAzStI4nK7dJ7FY/06P
KVcWzC/XzkQVVvB/J9GWVcpnCmMDR/ucOx2PSWz0WffCvzg8RUaBfBRprvQG3FOK
J0MBAaaekRp4ULL1ttt0jNLDlo/sT2IrTmI9S4Olz4L/MyBtOBoXi8BLIcLy/Qgx
XK1SOV+s5PhwzsvSwcOCzlJJxmBzHCmsw9NZQHukmFHnZfULCTt7s7QRlnHqmkKe
YR3Uj3dTogwO
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:25 2023 by rpki-client on console-fra.rpki-client.org