Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/bb5ece-012e-4194-9980-7e21db5a2ef9/1/1H9_Qwzg_PUkVoVXi3DcFinQCCo.roa
File: 1H9_Qwzg_PUkVoVXi3DcFinQCCo.roa (raw, json)
Hash identifier: AGgu/Y1UkFU2QvPjNzoHaLvzlN19N4IBcrDVfFUvjI0=
Subject key identifier: D4:7F:7F:43:0C:E0:FC:F5:24:56:85:57:8B:70:DC:16:29:D0:08:2A
Certificate issuer: /CN=4214088c77bd12687fd4ba9fe3159ea805888ed2
Certificate serial: 2FDB53A2
Authority key identifier: 42:14:08:8C:77:BD:12:68:7F:D4:BA:9F:E3:15:9E:A8:05:88:8E:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QhQIjHe9Emh_1Lqf4xWeqAWIjtI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/bb5ece-012e-4194-9980-7e21db5a2ef9/1/1H9_Qwzg_PUkVoVXi3DcFinQCCo.roa
Signing time: Sat 01 Jan 2022 10:53:53 +0000
ROA not before: Sat 01 Jan 2022 10:53:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21183
IP address blocks: 188.164.216.0/22 maxlen: 22
188.164.216.0/21 maxlen: 24
46.252.32.0/20 maxlen: 24
185.237.16.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 802902946 (0x2fdb53a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4214088c77bd12687fd4ba9fe3159ea805888ed2
Validity
Not Before: Jan 1 10:53:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d47f7f430ce0fcf5245685578b70dc1629d0082a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:5f:99:6c:43:f9:d7:ec:ac:14:9c:ea:e7:56:
e8:c8:94:59:f6:7d:95:c1:82:43:fc:57:0f:19:40:
a4:3e:f8:70:5f:de:e2:c0:57:c1:b3:7a:66:e8:ae:
4f:07:d9:eb:78:f4:4a:a2:e2:fb:52:e2:ad:70:7f:
00:0f:ad:a4:af:89:10:30:fe:9e:98:af:04:40:d2:
d6:1b:43:da:30:a1:fc:8e:32:0e:42:5c:90:f0:44:
f3:a0:96:0d:36:95:82:95:e7:99:b8:2e:bb:08:e0:
cc:f1:18:d3:71:ef:d7:6c:00:64:f0:8b:43:55:1a:
70:03:ac:a5:4a:d1:15:78:25:ec:bf:0d:4a:35:ca:
a5:89:84:02:43:e5:7a:b1:b2:66:dc:9d:7b:94:91:
4e:60:aa:96:87:8b:08:50:09:6d:dc:21:24:de:6f:
97:58:78:8f:48:a9:44:40:e4:ef:11:38:29:ea:e6:
75:22:4f:8f:e3:f9:0f:ce:53:f0:9d:e3:33:73:0d:
6d:ed:e5:83:2a:11:df:02:36:00:15:23:ad:1d:a3:
ff:9c:05:21:bd:e9:e8:a9:1b:df:2b:cf:a3:3f:27:
38:59:f6:9c:18:87:36:dc:63:35:2a:dc:8f:2e:21:
87:7a:45:01:25:b6:61:12:a0:0f:92:d8:d5:35:30:
5b:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:7F:7F:43:0C:E0:FC:F5:24:56:85:57:8B:70:DC:16:29:D0:08:2A
X509v3 Authority Key Identifier:
keyid:42:14:08:8C:77:BD:12:68:7F:D4:BA:9F:E3:15:9E:A8:05:88:8E:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QhQIjHe9Emh_1Lqf4xWeqAWIjtI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/bb5ece-012e-4194-9980-7e21db5a2ef9/1/1H9_Qwzg_PUkVoVXi3DcFinQCCo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/bb5ece-012e-4194-9980-7e21db5a2ef9/1/QhQIjHe9Emh_1Lqf4xWeqAWIjtI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.252.32.0/20
185.237.16.0/23
188.164.216.0/21
Signature Algorithm: sha256WithRSAEncryption
9f:46:16:b0:ac:b7:9a:b4:46:4f:12:48:c4:e8:26:05:86:dd:
c6:51:2f:14:cb:fe:48:b2:2d:95:b9:a2:e0:a0:99:b0:08:d8:
1e:1a:ba:09:a9:c3:15:ca:8d:09:db:1b:11:e2:73:41:11:5c:
95:2c:94:7f:7a:86:08:aa:b8:79:bc:da:85:37:52:24:f7:d6:
bf:25:77:cb:df:46:84:b4:63:66:ea:96:03:52:0d:d3:f9:ef:
34:e2:71:f4:ed:a3:2b:c5:fa:ae:69:4a:f8:54:3d:bb:02:ed:
62:1a:5c:65:6f:4e:83:5a:61:d3:04:ea:60:6a:5a:7d:12:de:
c2:ae:de:5c:54:4e:c6:2d:42:9b:ad:68:aa:96:6f:a0:d4:2d:
ba:89:d6:12:cc:9c:13:6a:46:48:1a:d7:4d:ad:f5:85:e3:70:
d6:a9:f3:e3:e6:e0:0b:1c:a1:87:09:89:d7:92:7a:e5:cc:e7:
38:52:ae:a6:ce:cf:f1:84:2d:27:82:1c:9e:04:27:d3:a6:21:
79:c3:76:de:90:2f:28:1a:ad:a5:74:c7:a3:d3:30:ab:20:e9:
88:f3:34:d3:66:8c:98:b6:c1:55:89:d6:ab:bb:a3:89:88:74:
f7:23:80:80:07:46:31:b1:ab:9b:34:5c:ba:e7:f1:7d:58:c9:
a4:bd:da:47
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEL9tTojANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MjE0MDg4Yzc3YmQxMjY4N2ZkNGJhOWZlMzE1OWVhODA1ODg4ZWQyMB4XDTIyMDEw
MTEwNTM1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDQ3ZjdmNDMwY2Uw
ZmNmNTI0NTY4NTU3OGI3MGRjMTYyOWQwMDgyYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMxfmWxD+dfsrBSc6udW6MiUWfZ9lcGCQ/xXDxlApD74cF/e
4sBXwbN6ZuiuTwfZ63j0SqLi+1LirXB/AA+tpK+JEDD+npivBEDS1htD2jCh/I4y
DkJckPBE86CWDTaVgpXnmbguuwjgzPEY03Hv12wAZPCLQ1UacAOspUrRFXgl7L8N
SjXKpYmEAkPlerGyZtyde5SRTmCqloeLCFAJbdwhJN5vl1h4j0ipREDk7xE4Kerm
dSJPj+P5D85T8J3jM3MNbe3lgyoR3wI2ABUjrR2j/5wFIb3p6Kkb3yvPoz8nOFn2
nBiHNtxjNSrcjy4hh3pFASW2YRKgD5LY1TUwW7MCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBTUf39DDOD89SRWhVeLcNwWKdAIKjAfBgNVHSMEGDAWgBRCFAiMd70SaH/U
up/jFZ6oBYiO0jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FoUUlqSGU5RW1oXzFMcWY0eFdlcUFXSWp0SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWEvYmI1ZWNlLTAxMmUtNDE5NC05OTgwLTdlMjFkYjVhMmVmOS8x
LzFIOV9Rd3pnX1BVa1ZvVlhpM0RjRmluUUNDby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWEv
YmI1ZWNlLTAxMmUtNDE5NC05OTgwLTdlMjFkYjVhMmVmOS8xL1FoUUlqSGU5RW1o
XzFMcWY0eFdlcUFXSWp0SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEBC78IAMEAbntEAMEA7yk2DANBgkq
hkiG9w0BAQsFAAOCAQEAn0YWsKy3mrRGTxJIxOgmBYbdxlEvFMv+SLItlbmi4KCZ
sAjYHhq6CanDFcqNCdsbEeJzQRFclSyUf3qGCKq4ebzahTdSJPfWvyV3y99GhLRj
ZuqWA1IN0/nvNOJx9O2jK8X6rmlK+FQ9uwLtYhpcZW9Og1ph0wTqYGpafRLewq7e
XFROxi1Cm61oqpZvoNQtuonWEsycE2pGSBrXTa31heNw1qnz4+bgCxyhhwmJ15J6
5cznOFKups7P8YQtJ4IcngQn06YhecN23pAvKBqtpXTHo9MwqyDpiPM002aMmLbB
VYnWq7ujiYh09yOAgAdGMbGrmzRcuufxfVjJpL3aRw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:37 2023 by rpki-client on console-ams.rpki-client.org