Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/qCzAx1Cz5yk-iucDdcFCl2DzcFY.roa
File: qCzAx1Cz5yk-iucDdcFCl2DzcFY.roa (raw, json)
Hash identifier: XzetFSZ5l1XOt0vLwrhel73rLrx7uyPHSZ6knbuHbPM=
Subject key identifier: A8:2C:C0:C7:50:B3:E7:29:3E:8A:E7:03:75:C1:42:97:60:F3:70:56
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 0184A022F4FFA01920182C84F546C78EC9E9
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/qCzAx1Cz5yk-iucDdcFCl2DzcFY.roa
Signing time: Tue 22 Nov 2022 16:19:16 +0000
ROA not before: Tue 22 Nov 2022 16:19:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43372
IP address blocks: 88.220.112.0/24 maxlen: 24
195.136.168.0/22 maxlen: 22
88.220.130.0/23 maxlen: 23
88.220.134.0/23 maxlen: 23
195.136.197.0/24 maxlen: 24
88.220.161.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a0:22:f4:ff:a0:19:20:18:2c:84:f5:46:c7:8e:c9:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Nov 22 16:19:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a82cc0c750b3e7293e8ae70375c1429760f37056
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:36:27:95:f0:03:7e:f5:39:4f:06:34:44:e6:
7b:7e:9a:17:db:30:26:62:7b:a9:dd:21:3c:fc:a8:
3b:19:8c:46:0e:2d:90:45:9b:de:d1:76:bb:1f:eb:
84:e7:b6:e3:a1:ee:39:0b:94:79:5b:e0:0b:6b:66:
f3:e5:a5:0a:0d:f1:11:7a:28:f4:b0:27:d3:f1:bf:
20:94:3a:b4:95:17:10:01:42:ca:99:6b:07:30:cf:
1d:ad:bc:35:ac:48:3f:79:27:0d:fd:c3:1c:ce:74:
8a:07:44:44:73:4b:92:0d:2b:3f:f3:98:54:c7:92:
44:ee:32:91:1a:d0:13:f9:1b:36:59:c2:f3:92:71:
5f:50:50:ac:b0:04:58:cd:b9:8a:13:52:4b:66:8f:
e4:8d:84:65:df:6d:92:91:13:c5:28:c1:0f:c7:1d:
8f:aa:d0:96:8d:08:ad:70:20:c9:d8:05:a7:b8:a7:
10:fb:7e:ab:c4:db:c2:72:c0:e3:d4:b7:ff:7f:6c:
f6:45:cc:22:02:dc:5f:4c:c0:e7:79:2e:e6:3b:f4:
a6:0b:e8:b4:dc:c4:7d:49:24:65:b8:06:6e:8e:4b:
cc:83:83:57:1a:96:e3:61:a2:3d:67:ec:09:f6:59:
ed:5f:97:53:ab:59:b2:cc:13:c0:77:88:11:f0:97:
71:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:2C:C0:C7:50:B3:E7:29:3E:8A:E7:03:75:C1:42:97:60:F3:70:56
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/qCzAx1Cz5yk-iucDdcFCl2DzcFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.220.112.0/24
88.220.130.0/23
88.220.134.0/23
88.220.161.0/24
195.136.168.0/22
195.136.197.0/24
Signature Algorithm: sha256WithRSAEncryption
92:89:95:0d:77:e4:4e:c5:2f:67:52:38:52:46:7a:d6:e1:dc:
f4:bd:b0:30:58:8d:63:c5:e9:65:2b:e5:8b:0b:4c:f8:b5:1f:
42:fa:13:6d:f0:dd:fa:90:4b:1b:13:fb:d6:40:dd:43:af:f0:
de:f0:ff:20:88:7a:63:9d:d4:2c:7a:26:3e:e8:f9:5d:4e:16:
46:63:8b:db:5c:c3:5f:36:aa:64:fe:48:a2:5a:b7:1b:fa:5f:
bc:ed:42:d2:d9:24:34:82:03:17:a5:70:47:b2:6e:25:0c:36:
e0:19:13:f5:ae:fe:31:93:e0:4e:4a:3d:55:5a:f1:cc:21:18:
f2:8e:60:bc:a8:a2:9c:42:13:9c:4d:0a:4c:d9:9f:a2:07:7b:
40:4e:cf:98:2b:33:07:c5:2b:38:74:92:61:6a:10:fd:3a:9a:
e5:95:90:8a:d2:69:87:b1:b1:6c:d6:b4:66:40:84:8e:19:5d:
9b:56:2f:4e:43:ca:37:b9:7e:bd:bf:36:d7:88:5c:dc:af:6e:
f3:96:b1:84:55:49:5c:93:52:20:07:a5:75:72:5f:64:28:b4:
3e:a1:b1:86:5a:72:58:62:86:31:72:42:71:ce:be:fd:3c:e4:
f2:9a:d1:e5:0a:13:6c:82:ea:d7:3f:62:62:55:b5:10:35:26:
9b:56:af:ad
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYSgIvT/oBkgGCyE9UbHjsnpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj
MmQ3NmIwHhcNMjIxMTIyMTYxOTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODJjYzBjNzUwYjNlNzI5M2U4YWU3MDM3NWMxNDI5NzYwZjM3MDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDYnlfADfvU5TwY0ROZ7fpoX2zAm
Ynup3SE8/Kg7GYxGDi2QRZve0Xa7H+uE57bjoe45C5R5W+ALa2bz5aUKDfEReij0
sCfT8b8glDq0lRcQAULKmWsHMM8drbw1rEg/eScN/cMcznSKB0REc0uSDSs/85hU
x5JE7jKRGtAT+Rs2WcLzknFfUFCssARYzbmKE1JLZo/kjYRl322SkRPFKMEPxx2P
qtCWjQitcCDJ2AWnuKcQ+36rxNvCcsDj1Lf/f2z2RcwiAtxfTMDneS7mO/SmC+i0
3MR9SSRluAZujkvMg4NXGpbjYaI9Z+wJ9lntX5dTq1myzBPAd4gR8JdxhQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKgswMdQs+cpPornA3XBQpdg83BWMB8GA1UdIwQY
MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt
NTI3NjZiMjRiYWE0LzEvcUN6QXgxQ3o1eWstaXVjRGRjRkNsMkR6Y0ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0
LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAWNxwAwQB
WNyCAwQBWNyGAwQAWNyhAwQCw4ioAwQAw4jFMA0GCSqGSIb3DQEBCwUAA4IBAQCS
iZUNd+ROxS9nUjhSRnrW4dz0vbAwWI1jxellK+WLC0z4tR9C+hNt8N36kEsbE/vW
QN1Dr/De8P8giHpjndQseiY+6PldThZGY4vbXMNfNqpk/kiiWrcb+l+87ULS2SQ0
ggMXpXBHsm4lDDbgGRP1rv4xk+BOSj1VWvHMIRjyjmC8qKKcQhOcTQpM2Z+iB3tA
Ts+YKzMHxSs4dJJhahD9OprllZCK0mmHsbFs1rRmQISOGV2bVi9OQ8o3uX69vzbX
iFzcr27zlrGEVUlck1IgB6V1cl9kKLQ+obGGWnJYYoYxckJxzr79POTymtHlChNs
gurXP2JiVbUQNSabVq+t
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:21 2023 by rpki-client on console-fra.rpki-client.org