Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/qq5KM2wtL8X_4AdgvsYQo8BFhm8.roa
File: qq5KM2wtL8X_4AdgvsYQo8BFhm8.roa (raw, json)
Hash identifier: zFnE7QHwbfosZBISYFOqufZiHwgUIsCEnwRmp3hY83c=
Subject key identifier: AA:AE:4A:33:6C:2D:2F:C5:FF:E0:07:60:BE:C6:10:A3:C0:45:86:6F
Certificate issuer: /CN=26a5aa918cbfeb3e12997f33890feb258907b343
Certificate serial: 036A69E2
Authority key identifier: 26:A5:AA:91:8C:BF:EB:3E:12:99:7F:33:89:0F:EB:25:89:07:B3:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/qq5KM2wtL8X_4AdgvsYQo8BFhm8.roa
Signing time: Sat 01 Jan 2022 05:06:07 +0000
ROA not before: Sat 01 Jan 2022 05:06:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29522
IP address blocks: 185.140.120.0/22 maxlen: 22
195.149.224.0/21 maxlen: 21
94.152.0.0/16 maxlen: 16
185.11.100.0/22 maxlen: 22
94.152.254.0/24 maxlen: 24
94.152.255.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57305570 (0x36a69e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26a5aa918cbfeb3e12997f33890feb258907b343
Validity
Not Before: Jan 1 05:06:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aaae4a336c2d2fc5ffe00760bec610a3c045866f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:73:fd:9e:95:08:22:4e:50:44:d5:16:31:ed:
ec:df:b5:24:9f:91:8d:8c:ad:6e:34:7e:05:3e:41:
fc:6d:ec:d0:ab:9f:b0:39:26:10:63:1a:48:ee:2b:
8d:d2:c5:2f:31:e5:fa:2d:77:16:17:7e:3a:be:b7:
2b:ee:fb:d3:ce:a8:dd:3a:bb:7b:18:55:ca:c8:ae:
68:81:13:7f:e5:11:c9:6a:9e:0f:8c:dc:24:65:9f:
4b:83:da:94:96:00:bc:92:15:cb:f2:e9:81:9e:a5:
49:29:02:e4:77:39:69:e1:57:d8:1e:a1:75:5d:34:
a9:c9:a4:3e:ff:ea:32:bf:f2:04:9f:be:c4:c1:f2:
3f:0d:3d:cd:0f:af:f3:7a:ec:7a:f4:6a:7f:b1:1b:
c1:f3:6b:21:3e:cc:25:dc:5c:c8:f5:a2:c6:f6:2c:
71:9d:1c:2d:6d:4d:3d:af:3e:bf:af:ff:77:08:28:
45:10:0e:e9:64:45:ba:02:8b:35:02:ba:89:57:e6:
48:3f:58:f9:c3:a2:e3:a9:c9:40:80:4f:e9:d0:58:
7c:dd:a9:e7:04:e2:4d:60:4d:37:b1:fc:bf:da:f1:
9c:de:24:3f:e0:68:8c:6e:b9:ad:b2:1a:16:51:b9:
5f:de:a3:db:ee:79:51:38:be:4d:32:36:1e:44:7f:
86:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:AE:4A:33:6C:2D:2F:C5:FF:E0:07:60:BE:C6:10:A3:C0:45:86:6F
X509v3 Authority Key Identifier:
keyid:26:A5:AA:91:8C:BF:EB:3E:12:99:7F:33:89:0F:EB:25:89:07:B3:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/qq5KM2wtL8X_4AdgvsYQo8BFhm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.152.0.0/16
185.11.100.0/22
185.140.120.0/22
195.149.224.0/21
Signature Algorithm: sha256WithRSAEncryption
6d:e7:73:3b:74:fa:19:8b:ac:af:3d:52:c6:8b:37:f5:41:68:
45:f0:f7:87:4a:eb:25:63:f0:30:2a:16:a3:33:43:c5:4a:55:
8d:c1:20:94:14:e1:8f:5d:da:21:c9:d7:87:3f:74:07:ab:de:
af:5e:ce:95:2a:c0:2a:22:a3:93:6f:36:a1:9e:db:1d:5a:e2:
00:26:88:00:33:2d:89:71:5c:f6:fd:fa:24:97:80:25:89:e0:
ed:12:7b:ed:33:af:de:b1:fa:99:ce:bc:1e:65:b6:6e:53:7c:
b8:64:2a:f8:e2:52:36:ca:ad:cf:10:38:ab:36:19:03:bc:b5:
3a:b6:16:29:29:21:c0:c9:80:f5:f5:19:14:fa:dd:b9:ad:f7:
e1:0b:19:d8:df:c9:15:1c:69:62:93:7e:7c:3e:63:39:6b:1b:
b1:5b:98:19:71:2f:1d:6e:f5:7e:8c:e5:6f:7d:63:f3:b4:f2:
7b:88:c4:98:fc:bc:e6:c9:87:c9:85:a4:61:f1:a0:9c:64:62:
51:3a:af:3a:e3:fb:a7:ce:10:a7:0f:52:8e:84:66:c9:22:f3:
6b:73:5e:de:d5:91:69:f9:0c:99:1b:61:4a:9a:06:ee:54:22:
d0:86:78:02:21:e7:68:d8:41:8c:f0:7a:01:ff:06:3f:37:1a:
e3:04:37:db
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEA2pp4jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NmE1YWE5MThjYmZlYjNlMTI5OTdmMzM4OTBmZWIyNTg5MDdiMzQzMB4XDTIyMDEw
MTA1MDYwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWFhZTRhMzM2YzJk
MmZjNWZmZTAwNzYwYmVjNjEwYTNjMDQ1ODY2ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKdz/Z6VCCJOUETVFjHt7N+1JJ+RjYytbjR+BT5B/G3s0Kuf
sDkmEGMaSO4rjdLFLzHl+i13Fhd+Or63K+77086o3Tq7exhVysiuaIETf+URyWqe
D4zcJGWfS4PalJYAvJIVy/LpgZ6lSSkC5Hc5aeFX2B6hdV00qcmkPv/qMr/yBJ++
xMHyPw09zQ+v83rsevRqf7EbwfNrIT7MJdxcyPWixvYscZ0cLW1NPa8+v6//dwgo
RRAO6WRFugKLNQK6iVfmSD9Y+cOi46nJQIBP6dBYfN2p5wTiTWBNN7H8v9rxnN4k
P+BojG65rbIaFlG5X96j2+55UTi+TTI2HkR/hrcCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBSqrkozbC0vxf/gB2C+xhCjwEWGbzAfBgNVHSMEGDAWgBQmpaqRjL/rPhKZ
fzOJD+sliQezQzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pxV3FrWXlfNno0U21YOHppUV9ySllrSHMwTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWQvMTQzM2VhLTEwODAtNDZlNS1iNjEyLTI5N2UyODJkNjZhOC8x
L3FxNUtNMnd0TDhYXzRBZGd2c1lRbzhCRmhtOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWQv
MTQzM2VhLTEwODAtNDZlNS1iNjEyLTI5N2UyODJkNjZhOC8xL0pxV3FrWXlfNno0
U21YOHppUV9ySllrSHMwTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wHQQCAAEwFwMDAF6YAwQCuQtkAwQCuYx4AwQDw5Xg
MA0GCSqGSIb3DQEBCwUAA4IBAQBt53M7dPoZi6yvPVLGizf1QWhF8PeHSuslY/Aw
KhajM0PFSlWNwSCUFOGPXdohydeHP3QHq96vXs6VKsAqIqOTbzahntsdWuIAJogA
My2JcVz2/fokl4AlieDtEnvtM6/esfqZzrweZbZuU3y4ZCr44lI2yq3PEDirNhkD
vLU6thYpKSHAyYD19RkU+t25rffhCxnY38kVHGlik358PmM5axuxW5gZcS8dbvV+
jOVvfWPztPJ7iMSY/LzmyYfJhaRh8aCcZGJROq864/unzhCnD1KOhGbJIvNrc17e
1ZFp+QyZG2FKmgbuVCLQhngCIedo2EGM8HoB/wY/NxrjBDfb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:10 2024 by rpki-client on console-ams.rpki-client.org