Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/f3c8e8-c5bc-4211-a9ac-4f9112ede968/1/qqqHCyl3USEGTq-GM-Ar2ygto1w.roa
File: qqqHCyl3USEGTq-GM-Ar2ygto1w.roa (raw, json)
Hash identifier: N0Gzx2Y0nA7aC+OuN0bmMbH87i46sF6QALHZ0KjkKZo=
Subject key identifier: AA:AA:87:0B:29:77:51:21:06:4E:AF:86:33:E0:2B:DB:28:2D:A3:5C
Certificate issuer: /CN=dbe0ca7c1e0e8a1c7ad02d0bb828b41188ae5243
Certificate serial: 018497104474CCFD3B2DABD6BB87CCD94EF8
Authority key identifier: DB:E0:CA:7C:1E:0E:8A:1C:7A:D0:2D:0B:B8:28:B4:11:88:AE:52:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2-DKfB4Oihx60C0LuCi0EYiuUkM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/f3c8e8-c5bc-4211-a9ac-4f9112ede968/1/qqqHCyl3USEGTq-GM-Ar2ygto1w.roa
Signing time: Sun 20 Nov 2022 22:02:16 +0000
ROA not before: Sun 20 Nov 2022 22:02:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 45014
IP address blocks: 217.172.128.0/20 maxlen: 24
217.172.132.0/24 maxlen: 24
185.18.32.0/24 maxlen: 24
185.184.236.0/22 maxlen: 22
159.253.56.0/21 maxlen: 24
80.93.160.0/20 maxlen: 24
92.60.96.0/20 maxlen: 24
2a00:1a90::/32 maxlen: 38
2a03:f2c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:97:10:44:74:cc:fd:3b:2d:ab:d6:bb:87:cc:d9:4e:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbe0ca7c1e0e8a1c7ad02d0bb828b41188ae5243
Validity
Not Before: Nov 20 22:02:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aaaa870b29775121064eaf8633e02bdb282da35c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:b9:6b:70:b7:b3:f8:14:45:91:44:8c:74:91:
18:c3:79:5a:d7:c9:4d:3c:86:66:97:8d:fc:ed:31:
39:72:b2:4f:4d:de:78:04:6a:8e:a1:a6:7c:75:9c:
fa:d9:45:62:27:c4:3e:6d:44:df:e0:b7:3b:04:89:
9c:33:07:6c:83:6b:58:27:cd:87:c4:ba:44:83:f4:
32:83:3f:83:ad:4d:89:a2:e7:dc:4c:12:be:08:a7:
6e:44:28:e4:7e:31:8a:de:bb:ff:7d:96:1f:0f:b2:
4c:a3:b3:20:c1:0e:50:7e:17:75:b1:f8:a2:b2:21:
81:6c:84:13:b0:8b:e2:67:65:0f:87:4b:57:ab:fc:
40:96:e8:46:67:2b:11:4a:51:78:ee:73:f4:86:7f:
f8:db:d8:58:2b:38:ec:19:e9:ad:94:c7:6b:24:62:
ca:a7:a6:85:3f:cc:a7:4c:fd:ab:d1:42:5f:a5:4c:
2e:0c:15:d3:9f:4e:18:61:66:5a:d6:7d:21:ec:39:
b0:0d:7a:e1:87:7b:55:5e:d8:53:f1:4a:50:0c:75:
be:b4:58:a6:ce:d9:bd:00:c1:ac:b7:dd:0a:5e:7e:
fc:2b:e9:56:68:f2:7c:9b:d2:d9:06:a0:f5:62:4e:
e8:43:33:3f:08:65:27:f9:cf:6e:26:c5:fc:6a:e0:
3d:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:AA:87:0B:29:77:51:21:06:4E:AF:86:33:E0:2B:DB:28:2D:A3:5C
X509v3 Authority Key Identifier:
keyid:DB:E0:CA:7C:1E:0E:8A:1C:7A:D0:2D:0B:B8:28:B4:11:88:AE:52:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-DKfB4Oihx60C0LuCi0EYiuUkM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/f3c8e8-c5bc-4211-a9ac-4f9112ede968/1/qqqHCyl3USEGTq-GM-Ar2ygto1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/f3c8e8-c5bc-4211-a9ac-4f9112ede968/1/2-DKfB4Oihx60C0LuCi0EYiuUkM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.93.160.0/20
92.60.96.0/20
159.253.56.0/21
185.18.32.0/24
185.184.236.0/22
217.172.128.0/20
IPv6:
2a00:1a90::/32
2a03:f2c0::/32
Signature Algorithm: sha256WithRSAEncryption
18:00:91:c4:0e:aa:fe:6c:a2:a9:fc:83:a6:b5:bc:b8:f4:03:
bc:79:48:fd:29:35:71:7b:3e:b9:5e:a1:de:b1:f3:9e:df:54:
a6:51:bd:b9:e2:78:f5:9a:3c:fc:d0:e4:6a:d8:f7:53:a5:a6:
1e:d9:22:2f:22:19:95:ca:2d:6c:25:5c:9e:7f:9a:b0:5f:23:
77:9d:be:76:de:b6:a1:67:3d:64:ac:eb:96:31:b9:08:a7:dc:
21:d7:33:40:ab:60:9a:26:03:b4:8b:82:9c:b3:07:67:23:8e:
d9:94:cf:05:be:b9:28:4c:0c:8a:47:ef:e8:e8:df:1f:b5:27:
90:ba:e3:94:78:95:df:63:e2:29:2d:fe:04:fb:51:b7:52:47:
85:75:5e:5f:b7:bf:fe:51:87:a6:2a:a9:11:78:8c:b5:67:50:
27:e2:d4:a1:52:3c:ce:da:ac:62:7f:38:5e:23:25:7b:59:01:
24:79:b2:f8:60:ae:88:a5:b1:31:9f:4e:f7:99:b5:bb:be:97:
34:54:5d:f4:ce:53:60:e1:20:4c:f0:fa:f2:99:a5:bb:4b:c2:
b8:d2:a6:c7:18:07:c0:41:84:0a:1d:a5:37:9a:b2:bd:38:00:
59:63:b2:73:16:88:dd:15:67:44:f5:33:1c:f7:d6:4f:f2:ac:
a8:c5:54:63
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYSXEER0zP07LavWu4fM2U74MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZTBjYTdjMWUwZThhMWM3YWQwMmQwYmI4MjhiNDExODhh
ZTUyNDMwHhcNMjIxMTIwMjIwMjE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWFhODcwYjI5Nzc1MTIxMDY0ZWFmODYzM2UwMmJkYjI4MmRhMzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtrlrcLez+BRFkUSMdJEYw3la18lN
PIZml4387TE5crJPTd54BGqOoaZ8dZz62UViJ8Q+bUTf4Lc7BImcMwdsg2tYJ82H
xLpEg/Qygz+DrU2JoufcTBK+CKduRCjkfjGK3rv/fZYfD7JMo7MgwQ5Qfhd1sfii
siGBbIQTsIviZ2UPh0tXq/xAluhGZysRSlF47nP0hn/429hYKzjsGemtlMdrJGLK
p6aFP8ynTP2r0UJfpUwuDBXTn04YYWZa1n0h7DmwDXrhh3tVXthT8UpQDHW+tFim
ztm9AMGst90KXn78K+lWaPJ8m9LZBqD1Yk7oQzM/CGUn+c9uJsX8auA9RwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFKqqhwspd1EhBk6vhjPgK9soLaNcMB8GA1UdIwQY
MBaAFNvgynweDoocetAtC7gotBGIrlJDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMi1ES2ZCNE9paHg2MEMwTHVDaTBFWWl1VWtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9mM2M4ZTgtYzViYy00MjExLWE5YWMt
NGY5MTEyZWRlOTY4LzEvcXFxSEN5bDNVU0VHVHEtR00tQXIyeWd0bzF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9mM2M4ZTgtYzViYy00MjExLWE5YWMtNGY5MTEyZWRlOTY4
LzEvMi1ES2ZCNE9paHg2MEMwTHVDaTBFWWl1VWtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQEUF2gAwQE
XDxgAwQDn/04AwQAuRIgAwQCubjsAwQE2ayAMBQEAgACMA4DBQAqABqQAwUAKgPy
wDANBgkqhkiG9w0BAQsFAAOCAQEAGACRxA6q/myiqfyDprW8uPQDvHlI/Sk1cXs+
uV6h3rHznt9UplG9ueJ49Zo8/NDkatj3U6WmHtkiLyIZlcotbCVcnn+asF8jd52+
dt62oWc9ZKzrljG5CKfcIdczQKtgmiYDtIuCnLMHZyOO2ZTPBb65KEwMikfv6Ojf
H7UnkLrjlHiV32PiKS3+BPtRt1JHhXVeX7e//lGHpiqpEXiMtWdQJ+LUoVI8ztqs
Yn84XiMle1kBJHmy+GCuiKWxMZ9O95m1u76XNFRd9M5TYOEgTPD68pmlu0vCuNKm
xxgHwEGECh2lN5qyvTgAWWOycxaI3RVnRPUzHPfWT/KsqMVUYw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:35 2023 by rpki-client on console-fra.rpki-client.org