Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/qdkoDKl6b8U1OUQyTaxn478x604.roa
File: qdkoDKl6b8U1OUQyTaxn478x604.roa (raw, json)
Hash identifier: hDoE2QmP1lo/oosNdex0Qc9adpKzkEWseCfQ4CJFt/o=
Subject key identifier: A9:D9:28:0C:A9:7A:6F:C5:35:39:44:32:4D:AC:67:E3:BF:31:EB:4E
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 04A62355
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/qdkoDKl6b8U1OUQyTaxn478x604.roa
Signing time: Sun 20 Mar 2022 11:07:25 +0000
ROA not before: Sun 20 Mar 2022 11:07:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50129
IP address blocks: 185.241.122.0/24 maxlen: 24
185.241.123.0/24 maxlen: 24
194.31.104.0/22 maxlen: 22
185.225.244.0/24 maxlen: 24
185.225.245.0/24 maxlen: 24
185.225.246.0/24 maxlen: 24
185.225.244.0/22 maxlen: 22
31.15.0.0/22 maxlen: 22
185.225.247.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77996885 (0x4a62355)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Mar 20 11:07:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a9d9280ca97a6fc5353944324dac67e3bf31eb4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:dd:ea:53:ca:e4:fc:ac:61:78:52:b0:23:66:
2a:ec:ad:46:3a:4f:02:3f:02:a8:eb:0e:1a:59:eb:
eb:a0:a6:20:2f:cc:54:7f:9b:c6:4b:0f:e5:0d:46:
52:52:b3:c1:6c:0e:49:f6:19:7a:ed:1f:d6:f2:b0:
b8:37:71:53:63:79:7e:93:90:7f:05:7a:03:63:61:
95:78:1f:3b:53:e1:5b:21:3e:39:f2:83:a9:dc:b9:
af:dc:eb:8a:56:a1:1f:02:72:10:2c:24:72:78:50:
6f:77:d2:bd:78:04:ea:8e:5c:8e:64:26:9a:0f:49:
33:72:fd:70:9f:af:55:e8:1e:d3:d9:14:e2:64:0d:
bc:81:50:4c:a3:b4:f6:ff:d1:55:4a:60:57:1b:e2:
2d:68:87:ce:00:5a:33:d5:1f:9c:5a:7d:db:c6:af:
18:02:4f:f3:1f:c2:93:ff:73:64:58:65:eb:b2:f4:
56:b1:e0:85:bb:74:dc:2a:96:a3:13:09:dd:5d:7a:
9f:9c:a0:e0:c2:c0:a7:11:28:d0:e5:e8:e6:52:50:
e4:91:f6:1a:c6:9f:6f:a8:27:d6:36:fd:2d:e5:56:
72:49:29:e4:37:0d:a9:b1:bc:9f:d7:86:fd:40:f9:
60:ac:61:1b:c7:32:4d:72:99:9c:9c:c8:b5:46:16:
47:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:D9:28:0C:A9:7A:6F:C5:35:39:44:32:4D:AC:67:E3:BF:31:EB:4E
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/qdkoDKl6b8U1OUQyTaxn478x604.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.15.0.0/22
185.225.244.0/22
185.241.122.0/23
194.31.104.0/22
Signature Algorithm: sha256WithRSAEncryption
c2:0f:ab:b6:b1:50:23:0c:af:62:44:70:b7:de:29:f9:9f:24:
47:92:06:78:c2:1a:bf:ed:f2:9b:a1:d3:e0:1f:5c:6c:ad:b7:
4c:31:e6:25:1d:b7:eb:65:34:15:85:63:5a:cd:bc:bf:9b:1d:
e7:f2:b5:8f:c5:88:53:aa:91:c9:6c:ac:ed:c1:9b:38:91:ec:
e1:cd:5d:7f:c0:61:4a:13:51:98:94:6c:d2:06:88:4c:84:69:
46:87:4c:b9:4e:15:c2:3c:33:de:90:ad:2b:fd:ff:71:b1:3d:
a7:62:05:98:89:38:42:f5:d1:c1:63:a8:7e:05:08:cd:a4:60:
34:5e:e6:98:dc:4a:09:4c:53:36:9d:19:13:c8:d8:b7:fb:b9:
ff:ea:77:a2:ff:d9:9c:16:eb:d6:d9:bf:30:58:49:d7:69:d2:
67:e8:1e:dc:88:67:e8:8e:03:3b:5e:19:5e:65:e3:a1:fa:93:
9a:35:c3:ba:66:75:df:0c:9e:49:b2:c1:fc:24:9a:85:d0:6b:
78:1c:d1:45:48:e6:e3:07:8c:15:b6:42:2d:c1:0d:0d:a9:6c:
c4:c2:e3:42:4f:04:31:4b:d5:dd:12:ae:28:cf:d6:97:3a:9f:
1a:c1:90:fa:37:c1:07:70:2e:70:42:2f:2f:65:22:a7:95:09:
77:c1:6f:c8
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEBKYjVTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTM0YzQ5ZmNmYThhNDUwNDFkOTVlZDRkOGQ0ZmM2OWM3MjdhNDY3MB4XDTIyMDMy
MDExMDcyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTlkOTI4MGNhOTdh
NmZjNTM1Mzk0NDMyNGRhYzY3ZTNiZjMxZWI0ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMTd6lPK5PysYXhSsCNmKuytRjpPAj8CqOsOGlnr66CmIC/M
VH+bxksP5Q1GUlKzwWwOSfYZeu0f1vKwuDdxU2N5fpOQfwV6A2NhlXgfO1PhWyE+
OfKDqdy5r9zrilahHwJyECwkcnhQb3fSvXgE6o5cjmQmmg9JM3L9cJ+vVege09kU
4mQNvIFQTKO09v/RVUpgVxviLWiHzgBaM9UfnFp928avGAJP8x/Ck/9zZFhl67L0
VrHghbt03CqWoxMJ3V16n5yg4MLApxEo0OXo5lJQ5JH2Gsafb6gn1jb9LeVWckkp
5DcNqbG8n9eG/UD5YKxhG8cyTXKZnJzItUYWRxkCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBSp2SgMqXpvxTU5RDJNrGfjvzHrTjAfBgNVHSMEGDAWgBQFNMSfz6ikUEHZ
XtTY1PxpxyekZzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JUVEVuOC1vcEZCQjJWN1UyTlQ4YWNjbnBHYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWEvMGNjYmRhLWQ2ZjEtNDUyNy04MTA2LWNkN2UwNmNiYjUzMS8x
L3Fka29ES2w2YjhVMU9VUXlUYXhuNDc4eDYwNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWEv
MGNjYmRhLWQ2ZjEtNDUyNy04MTA2LWNkN2UwNmNiYjUzMS8xL0JUVEVuOC1vcEZC
QjJWN1UyTlQ4YWNjbnBHYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAh8PAAMEArnh9AMEAbnxegMEAsIf
aDANBgkqhkiG9w0BAQsFAAOCAQEAwg+rtrFQIwyvYkRwt94p+Z8kR5IGeMIav+3y
m6HT4B9cbK23TDHmJR2362U0FYVjWs28v5sd5/K1j8WIU6qRyWys7cGbOJHs4c1d
f8BhShNRmJRs0gaITIRpRodMuU4Vwjwz3pCtK/3/cbE9p2IFmIk4QvXRwWOofgUI
zaRgNF7mmNxKCUxTNp0ZE8jYt/u5/+p3ov/ZnBbr1tm/MFhJ12nSZ+ge3Ihn6I4D
O14ZXmXjofqTmjXDumZ13wyeSbLB/CSahdBreBzRRUjm4weMFbZCLcENDalsxMLj
Qk8EMUvV3RKuKM/WlzqfGsGQ+jfBB3AucEIvL2Uip5UJd8FvyA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:36 2023 by rpki-client on console-ams.rpki-client.org