Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/cq2_9dCjPy5hBC25jfwFoH9N5TE.roa
File: cq2_9dCjPy5hBC25jfwFoH9N5TE.roa (raw, json)
Hash identifier: GM9iYOXdj8FjbebGXKTHAuv+sY4MPOvA35wiTLThzTw=
Subject key identifier: 72:AD:BF:F5:D0:A3:3F:2E:61:04:2D:B9:8D:FC:05:A0:7F:4D:E5:31
Certificate issuer: /CN=43dfc066ce7cd3e382574a68667973b0b468df3c
Certificate serial: 05965759
Authority key identifier: 43:DF:C0:66:CE:7C:D3:E3:82:57:4A:68:66:79:73:B0:B4:68:DF:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q9_AZs580-OCV0poZnlzsLRo3zw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/cq2_9dCjPy5hBC25jfwFoH9N5TE.roa
Signing time: Sat 01 Jan 2022 15:55:31 +0000
ROA not before: Sat 01 Jan 2022 15:55:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197564
IP address blocks: 213.108.24.0/24 maxlen: 24
213.108.25.0/24 maxlen: 24
45.155.96.0/22 maxlen: 22
45.155.99.0/24 maxlen: 24
91.226.36.0/23 maxlen: 23
2a10:ba00:bee4::/48 maxlen: 48
2a10:ba00:bee2::/48 maxlen: 48
2001:67c:124c::/48 maxlen: 48
2a10:ba00:bee0::/48 maxlen: 48
2a10:ba00:bee3::/48 maxlen: 48
2a10:ba00:bee1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93738841 (0x5965759)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43dfc066ce7cd3e382574a68667973b0b468df3c
Validity
Not Before: Jan 1 15:55:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=72adbff5d0a33f2e61042db98dfc05a07f4de531
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:b6:c7:4e:c3:1c:67:b2:fb:52:1d:cf:ea:b6:
f0:24:46:30:d1:7b:30:0e:eb:c9:39:85:06:c6:75:
45:60:c2:d9:b3:1c:24:f8:37:5a:e7:9d:e7:4f:4d:
fe:89:2b:e7:09:c1:31:82:17:a3:ef:06:cb:84:d0:
01:7b:3d:70:44:34:b3:95:f4:47:f1:2e:73:79:b0:
d0:19:be:88:b9:09:93:5f:bf:17:cd:9b:4f:85:4e:
21:fe:1c:d0:6f:0b:4a:d4:95:6c:11:8a:fa:ca:6f:
34:9a:88:e0:e9:8e:28:fd:c7:fd:fd:d1:2f:16:fc:
de:78:a9:94:79:ac:3e:e4:86:e4:cd:d9:9c:bf:b4:
83:4f:80:7f:b2:95:c7:16:ee:ef:14:c0:d7:87:f6:
a2:e1:0a:17:60:1f:92:b6:6e:eb:c2:bd:5c:18:27:
cc:e2:6c:88:f9:d5:60:11:37:9a:96:7d:49:3d:93:
e7:ea:af:1e:e9:be:41:2f:0c:d0:b6:48:27:4b:ac:
97:3e:77:ac:75:ed:c1:04:66:ce:96:ea:dc:8f:f0:
65:43:5b:b7:e7:86:13:10:4f:e0:2d:c6:90:c5:ce:
38:7a:88:ca:37:d8:cc:f4:5a:96:37:3e:78:b3:ea:
f0:b0:06:e3:52:c9:64:83:7c:c5:af:a8:6c:18:31:
f6:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:AD:BF:F5:D0:A3:3F:2E:61:04:2D:B9:8D:FC:05:A0:7F:4D:E5:31
X509v3 Authority Key Identifier:
keyid:43:DF:C0:66:CE:7C:D3:E3:82:57:4A:68:66:79:73:B0:B4:68:DF:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9_AZs580-OCV0poZnlzsLRo3zw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/cq2_9dCjPy5hBC25jfwFoH9N5TE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/Q9_AZs580-OCV0poZnlzsLRo3zw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.96.0/22
91.226.36.0/23
213.108.24.0/23
IPv6:
2001:67c:124c::/48
2a10:ba00:bee0::-2a10:ba00:bee4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
0c:be:34:4c:e5:09:40:49:59:95:dc:a6:2d:93:fb:49:52:b7:
5a:7a:87:05:70:c5:34:0f:30:39:cc:99:c0:ec:00:be:e7:34:
79:3c:c4:4b:45:d6:58:19:e6:f8:df:d3:65:49:a3:f8:97:8e:
d7:9f:41:fb:72:c1:a8:48:24:9d:a4:e3:a2:5e:fe:45:a1:e2:
b4:3f:29:94:5f:8f:71:fe:09:3e:c7:1e:ba:6a:c7:99:88:7d:
e1:3d:0d:5b:89:a9:1a:6d:39:8c:ce:91:25:a9:44:15:c9:7a:
73:03:e6:b3:72:c2:2d:bb:2f:a1:7a:5a:99:e5:ec:33:b0:98:
4c:2d:1e:21:7d:05:39:78:40:27:93:d0:e1:dc:05:91:66:2a:
6c:22:f7:9d:94:f4:75:87:eb:12:b9:c0:46:8c:f8:b9:52:ab:
0f:e3:f4:61:cb:41:fe:f7:45:6b:70:cb:ac:9a:52:1f:5f:7e:
ee:63:61:d1:95:f1:18:a3:2b:68:af:50:b5:1d:dd:23:e9:0c:
48:97:9c:88:14:78:d6:83:90:ff:99:cd:ee:ea:c3:f3:f9:a3:
9d:46:41:72:ca:74:04:02:07:c3:d1:a7:fb:4f:75:bd:e6:40:
8e:2d:d2:12:ad:7b:1f:4d:4f:d4:8d:bd:11:13:ec:46:0e:2b:
4b:2c:a4:4b
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgIEBZZXWTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
M2RmYzA2NmNlN2NkM2UzODI1NzRhNjg2Njc5NzNiMGI0NjhkZjNjMB4XDTIyMDEw
MTE1NTUzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzJhZGJmZjVkMGEz
M2YyZTYxMDQyZGI5OGRmYzA1YTA3ZjRkZTUzMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMm2x07DHGey+1Idz+q28CRGMNF7MA7ryTmFBsZ1RWDC2bMc
JPg3Wued509N/okr5wnBMYIXo+8Gy4TQAXs9cEQ0s5X0R/Euc3mw0Bm+iLkJk1+/
F82bT4VOIf4c0G8LStSVbBGK+spvNJqI4OmOKP3H/f3RLxb83niplHmsPuSG5M3Z
nL+0g0+Af7KVxxbu7xTA14f2ouEKF2AfkrZu68K9XBgnzOJsiPnVYBE3mpZ9ST2T
5+qvHum+QS8M0LZIJ0uslz53rHXtwQRmzpbq3I/wZUNbt+eGExBP4C3GkMXOOHqI
yjfYzPRaljc+eLPq8LAG41LJZIN8xa+obBgx9vcCAwEAAaOCAjowggI2MB0GA1Ud
DgQWBBRyrb/10KM/LmEELbmN/AWgf03lMTAfBgNVHSMEGDAWgBRD38BmznzT44JX
SmhmeXOwtGjfPDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1E5X0FaczU4MC1PQ1YwcG9abmx6c0xSbzN6dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjQvMTYzNmY4LTUwMjYtNDA0ZS1hMWFlLTI1MDk3NDNhZDI5ZS8x
L2NxMl85ZENqUHk1aEJDMjVqZndGb0g5TjVURS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjQv
MTYzNmY4LTUwMjYtNDA0ZS1hMWFlLTI1MDk3NDNhZDI5ZS8xL1E5X0FaczU4MC1P
Q1YwcG9abmx6c0xSbzN6dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBQ
BggrBgEFBQcBBwEB/wRBMD8wGAQCAAEwEgMEAi2bYAMEAVviJAMEAdVsGDAjBAIA
AjAdAwcAIAEGfBJMMBIDBwUqELoAvuADBwAqELoAvuQwDQYJKoZIhvcNAQELBQAD
ggEBAAy+NEzlCUBJWZXcpi2T+0lSt1p6hwVwxTQPMDnMmcDsAL7nNHk8xEtF1lgZ
5vjf02VJo/iXjtefQftywahIJJ2k46Je/kWh4rQ/KZRfj3H+CT7HHrpqx5mIfeE9
DVuJqRptOYzOkSWpRBXJenMD5rNywi27L6F6Wpnl7DOwmEwtHiF9BTl4QCeT0OHc
BZFmKmwi952U9HWH6xK5wEaM+LlSqw/j9GHLQf73RWtwy6yaUh9ffu5jYdGV8Rij
K2ivULUd3SPpDEiXnIgUeNaDkP+Zze7qw/P5o51GQXLKdAQCB8PRp/tPdb3mQI4t
0hKtex9NT9SNvRET7EYOK0sspEs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:43 2024 by rpki-client on console-ams.rpki-client.org