Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/tqHnjjxtpei8ws5sr4x6aU5pzLE.roa
File: tqHnjjxtpei8ws5sr4x6aU5pzLE.roa (raw, json)
Hash identifier: da5Uc5AsQ57mjLSM06mJdtgRXr++emtrAeuCbpSmZGs=
Subject key identifier: B6:A1:E7:8E:3C:6D:A5:E8:BC:C2:CE:6C:AF:8C:7A:69:4E:69:CC:B1
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 0184E9EEA147F1A3BE7BF7E0EF421EE0806F
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/tqHnjjxtpei8ws5sr4x6aU5pzLE.roa
Signing time: Wed 07 Dec 2022 00:14:00 +0000
ROA not before: Wed 07 Dec 2022 00:14:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213220
IP address blocks: 188.130.209.0/24 maxlen: 24
109.248.6.0/23 maxlen: 24
95.182.110.0/24 maxlen: 24
95.182.108.0/24 maxlen: 24
109.248.33.0/24 maxlen: 24
109.248.45.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e9:ee:a1:47:f1:a3:be:7b:f7:e0:ef:42:1e:e0:80:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Dec 7 00:14:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b6a1e78e3c6da5e8bcc2ce6caf8c7a694e69ccb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:5f:73:08:b8:d3:c9:fd:8c:ef:66:cf:8a:20:
12:c7:90:11:0b:c1:47:87:2c:fa:00:cc:a9:5f:74:
79:0e:36:69:30:ab:25:b9:ef:22:c7:5d:cc:75:50:
15:ec:46:09:a7:4e:94:80:ec:b8:c5:9f:59:6e:ca:
53:e8:bd:16:2f:a6:24:85:72:ce:72:5e:78:a9:ec:
16:5a:80:e0:19:ee:09:d3:69:77:c1:0d:59:0b:19:
75:b4:96:92:d5:84:dc:df:98:2b:ba:2f:4e:68:24:
dd:64:1f:0c:c6:bf:75:58:47:da:d7:39:ea:c8:ec:
94:04:47:c5:d3:20:c0:7f:a8:71:18:fd:e2:1b:8f:
b3:45:8c:ac:46:44:94:96:13:3a:1d:b9:64:5e:be:
82:3a:8d:a1:21:93:28:15:f8:3d:a7:71:e6:29:47:
60:d0:5c:bc:93:ae:d6:ff:c0:74:71:ec:f7:4a:d3:
43:f3:01:03:44:39:08:ce:49:4a:57:5f:44:cb:10:
ed:31:cd:54:c9:5a:c2:61:41:0c:55:98:6d:57:22:
07:90:45:00:4e:cb:a2:89:2d:3a:60:fe:67:d5:59:
e0:ea:fa:ec:97:e1:f8:dd:1d:79:b0:a5:0c:5e:75:
31:ec:8b:36:cb:96:07:18:83:39:9c:3a:09:4e:3c:
dd:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:A1:E7:8E:3C:6D:A5:E8:BC:C2:CE:6C:AF:8C:7A:69:4E:69:CC:B1
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/tqHnjjxtpei8ws5sr4x6aU5pzLE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.182.108.0/24
95.182.110.0/24
109.248.6.0/23
109.248.33.0/24
109.248.45.0/24
188.130.209.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:04:18:74:dd:66:26:a6:b1:38:31:ce:33:a9:00:3e:5e:49:
89:ba:a6:e8:39:f3:e0:9e:0b:d1:dd:35:97:09:89:ba:5b:ad:
ff:ad:ad:65:dd:88:b0:ba:b3:e9:49:25:87:05:9e:f6:0f:b6:
93:c3:67:1b:a0:7a:83:b0:2a:5e:9d:92:47:34:e1:96:4b:74:
75:e3:e2:4e:b5:26:da:9d:32:bf:23:97:26:f0:48:a6:0d:27:
e0:03:98:82:a8:2a:b7:53:eb:50:50:64:20:29:75:e7:cd:ec:
f3:2a:c8:19:c9:76:b6:a3:04:79:2e:09:b3:bf:c2:b5:99:ea:
fa:ba:74:30:a6:09:e2:33:ca:95:ee:75:53:52:55:b3:f9:51:
84:ec:f3:12:8a:dd:88:f7:31:41:32:5d:ee:c5:68:a7:7b:83:
60:f1:ed:93:c6:d8:ed:f6:1e:ec:80:da:e9:8b:d1:30:ee:77:
c8:19:d8:1b:8f:3e:a4:ca:ca:96:65:cc:71:c2:71:2c:d0:ea:
be:0a:a4:ad:fa:21:d9:cb:1a:4c:ff:95:44:80:08:dc:c6:78:
7b:4f:a1:55:3b:36:60:dc:cf:88:5f:c6:75:98:56:5f:ae:9b:
29:05:52:11:9e:9b:32:e4:bc:71:f9:6a:70:28:75:f3:b9:f8:
e1:61:12:87
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYTp7qFH8aO+e/fg70Ie4IBvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjIxMjA3MDAxNDAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmExZTc4ZTNjNmRhNWU4YmNjMmNlNmNhZjhjN2E2OTRlNjljY2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvF9zCLjTyf2M72bPiiASx5ARC8FH
hyz6AMypX3R5DjZpMKslue8ix13MdVAV7EYJp06UgOy4xZ9ZbspT6L0WL6YkhXLO
cl54qewWWoDgGe4J02l3wQ1ZCxl1tJaS1YTc35grui9OaCTdZB8Mxr91WEfa1znq
yOyUBEfF0yDAf6hxGP3iG4+zRYysRkSUlhM6HblkXr6COo2hIZMoFfg9p3HmKUdg
0Fy8k67W/8B0cez3StND8wEDRDkIzklKV19EyxDtMc1UyVrCYUEMVZhtVyIHkEUA
TsuiiS06YP5n1Vng6vrsl+H43R15sKUMXnUx7Is2y5YHGIM5nDoJTjzd+wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLah5448baXovMLObK+MemlOacyxMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvdHFIbmpqeHRwZWk4d3M1c3I0eDZhVTVwekxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAX7ZsAwQA
X7ZuAwQBbfgGAwQAbfghAwQAbfgtAwQAvILRMA0GCSqGSIb3DQEBCwUAA4IBAQAq
BBh03WYmprE4Mc4zqQA+XkmJuqboOfPgngvR3TWXCYm6W63/ra1l3YiwurPpSSWH
BZ72D7aTw2cboHqDsCpenZJHNOGWS3R14+JOtSbanTK/I5cm8EimDSfgA5iCqCq3
U+tQUGQgKXXnzezzKsgZyXa2owR5Lgmzv8K1mer6unQwpgniM8qV7nVTUlWz+VGE
7PMSit2I9zFBMl3uxWine4Ng8e2Txtjt9h7sgNrpi9Ew7nfIGdgbjz6kysqWZcxx
wnEs0Oq+CqSt+iHZyxpM/5VEgAjcxnh7T6FVOzZg3M+IX8Z1mFZfrpspBVIRnpsy
5Lxx+WpwKHXzufjhYRKH
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:00 2024 by rpki-client on console-ams.rpki-client.org