Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/b039bc-213b-457c-96ae-3181db911a13/1/Qy0TnLVNOI5B2aGGZt2WVdIVhFc.roa
File: Qy0TnLVNOI5B2aGGZt2WVdIVhFc.roa (raw, json)
Hash identifier: RGvLJAX4mtTN+M17uaCvaLFrplFMn6divqBxEApKitg=
Subject key identifier: 43:2D:13:9C:B5:4D:38:8E:41:D9:A1:86:66:DD:96:55:D2:15:84:57
Certificate issuer: /CN=0d0874b333e35df14fd970e189581da093bc8093
Certificate serial: 01830D1616510CC5313B662FD1CE1349750E
Authority key identifier: 0D:08:74:B3:33:E3:5D:F1:4F:D9:70:E1:89:58:1D:A0:93:BC:80:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQh0szPjXfFP2XDhiVgdoJO8gJM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/b039bc-213b-457c-96ae-3181db911a13/1/Qy0TnLVNOI5B2aGGZt2WVdIVhFc.roa
Signing time: Mon 05 Sep 2022 09:58:14 +0000
ROA not before: Mon 05 Sep 2022 09:58:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199496
IP address blocks: 185.13.76.0/22 maxlen: 32
95.129.248.0/21 maxlen: 32
185.65.156.0/22 maxlen: 32
185.249.76.0/22 maxlen: 22
185.235.220.0/22 maxlen: 32
2a00:83e0::/32 maxlen: 64
2a02:f4c0::/29 maxlen: 64
2a09:d00::/29 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:0d:16:16:51:0c:c5:31:3b:66:2f:d1:ce:13:49:75:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d0874b333e35df14fd970e189581da093bc8093
Validity
Not Before: Sep 5 09:58:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=432d139cb54d388e41d9a18666dd9655d2158457
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c3:c2:1f:68:cf:84:37:a7:82:28:0f:3e:ef:
27:2a:d9:1a:09:00:08:36:b1:ce:69:b8:0f:fa:61:
4c:06:86:7e:56:fe:db:05:cc:49:fe:5d:c9:66:44:
83:8d:cf:ea:c1:d0:c6:02:65:a3:1a:d4:e5:04:18:
c7:62:86:bf:58:0f:ca:f5:61:32:ef:99:16:0d:44:
a4:7b:4f:d4:bd:90:02:26:30:bb:03:7e:a3:1a:7e:
55:02:f1:de:f0:f9:88:d9:b8:83:b1:f7:43:a2:80:
50:f1:33:7b:09:2b:0e:04:64:50:bb:db:de:18:69:
a6:a6:2f:98:26:a7:d0:93:60:db:7c:95:3e:6f:52:
31:d2:a7:2f:30:be:d7:d7:df:5f:88:36:08:c3:51:
dc:76:91:d7:1f:52:ea:27:00:ed:20:8a:19:d6:63:
2a:9d:02:e6:45:cd:0a:b0:5e:14:3b:ec:5f:79:1b:
d5:e0:ee:d9:5e:fb:fc:24:db:bc:23:c3:c4:b7:c8:
a9:1d:b8:ce:2b:9c:66:7d:0e:38:8c:63:22:13:37:
af:73:2d:14:c6:29:db:2f:18:09:7d:04:b5:11:31:
0d:23:b7:ff:6e:02:cb:ec:9e:c7:24:c6:bb:c8:76:
c3:88:fe:fb:b4:ca:29:ff:60:63:70:17:20:4a:42:
23:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:2D:13:9C:B5:4D:38:8E:41:D9:A1:86:66:DD:96:55:D2:15:84:57
X509v3 Authority Key Identifier:
keyid:0D:08:74:B3:33:E3:5D:F1:4F:D9:70:E1:89:58:1D:A0:93:BC:80:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQh0szPjXfFP2XDhiVgdoJO8gJM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/b039bc-213b-457c-96ae-3181db911a13/1/Qy0TnLVNOI5B2aGGZt2WVdIVhFc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/b039bc-213b-457c-96ae-3181db911a13/1/DQh0szPjXfFP2XDhiVgdoJO8gJM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.129.248.0/21
185.13.76.0/22
185.65.156.0/22
185.235.220.0/22
185.249.76.0/22
IPv6:
2a00:83e0::/32
2a02:f4c0::/29
2a09:d00::/29
Signature Algorithm: sha256WithRSAEncryption
1b:51:32:45:60:a6:2f:8c:d8:8d:d4:c2:2a:f9:18:30:e7:44:
91:d7:ef:1e:47:1e:a9:c2:aa:48:ed:ee:5a:0a:1a:7d:43:2c:
d2:cd:18:3c:fd:ea:67:37:7c:72:db:04:d5:41:d1:c0:6f:09:
a6:ab:08:6e:a7:e2:1d:76:dd:18:2b:c5:f6:e7:e6:35:98:ac:
ab:37:d5:34:0a:25:42:2f:07:0c:77:1b:48:e8:7a:4a:b8:b5:
4b:50:58:f2:5a:9a:53:59:81:c6:e8:45:4b:bc:2b:6a:76:11:
ae:22:a5:c7:60:20:79:d8:2e:36:95:2b:b9:fb:ec:1b:b7:fc:
14:5b:4f:fd:a9:2b:72:f8:59:88:7c:a0:1b:ab:76:17:e8:a2:
d1:c3:10:32:7c:ed:74:14:b0:27:ab:6c:af:80:48:ed:b3:4f:
de:d1:82:df:48:0b:ba:de:d2:91:e8:85:61:88:c0:10:cc:45:
e8:32:8c:e0:64:54:59:ae:ad:f8:f7:4d:9c:e5:81:e8:f3:a2:
4b:32:aa:23:da:57:f6:9b:a2:c6:88:b1:91:78:cb:ad:d0:f6:
38:a8:67:36:05:7c:d0:cb:01:6b:f8:f9:3f:5f:3a:18:4e:c6:
3f:1a:f4:6d:5d:69:ea:b7:13:35:4d:57:72:92:36:2c:79:e0:
6a:48:59:20
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYMNFhZRDMUxO2Yv0c4TSXUOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMDg3NGIzMzNlMzVkZjE0ZmQ5NzBlMTg5NTgxZGEwOTNi
YzgwOTMwHhcNMjIwOTA1MDk1ODE0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzJkMTM5Y2I1NGQzODhlNDFkOWExODY2NmRkOTY1NWQyMTU4NDU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAssPCH2jPhDengigPPu8nKtkaCQAI
NrHOabgP+mFMBoZ+Vv7bBcxJ/l3JZkSDjc/qwdDGAmWjGtTlBBjHYoa/WA/K9WEy
75kWDUSke0/UvZACJjC7A36jGn5VAvHe8PmI2biDsfdDooBQ8TN7CSsOBGRQu9ve
GGmmpi+YJqfQk2DbfJU+b1Ix0qcvML7X199fiDYIw1HcdpHXH1LqJwDtIIoZ1mMq
nQLmRc0KsF4UO+xfeRvV4O7ZXvv8JNu8I8PEt8ipHbjOK5xmfQ44jGMiEzevcy0U
xinbLxgJfQS1ETENI7f/bgLL7J7HJMa7yHbDiP77tMop/2BjcBcgSkIjqwIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFEMtE5y1TTiOQdmhhmbdllXSFYRXMB8GA1UdIwQY
MBaAFA0IdLMz413xT9lw4YlYHaCTvICTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFFoMHN6UGpYZkZQMlhEaGlWZ2RvSk84Z0pNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9iMDM5YmMtMjEzYi00NTdjLTk2YWUt
MzE4MWRiOTExYTEzLzEvUXkwVG5MVk5PSTVCMmFHR1p0MldWZElWaEZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9iMDM5YmMtMjEzYi00NTdjLTk2YWUtMzE4MWRiOTExYTEz
LzEvRFFoMHN6UGpYZkZQMlhEaGlWZ2RvSk84Z0pNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAkBAIAATAeAwQDX4H4AwQC
uQ1MAwQCuUGcAwQCuevcAwQCuflMMBsEAgACMBUDBQAqAIPgAwUDKgL0wAMFAyoJ
DQAwDQYJKoZIhvcNAQELBQADggEBABtRMkVgpi+M2I3Uwir5GDDnRJHX7x5HHqnC
qkjt7loKGn1DLNLNGDz96mc3fHLbBNVB0cBvCaarCG6n4h123Rgrxfbn5jWYrKs3
1TQKJUIvBwx3G0joekq4tUtQWPJamlNZgcboRUu8K2p2Ea4ipcdgIHnYLjaVK7n7
7Bu3/BRbT/2pK3L4WYh8oBurdhfootHDEDJ87XQUsCerbK+ASO2zT97Rgt9IC7re
0pHohWGIwBDMRegyjOBkVFmurfj3TZzlgejzoksyqiPaV/abosaIsZF4y63Q9jio
ZzYFfNDLAWv4+T9fOhhOxj8a9G1daeq3EzVNV3KSNix54GpIWSA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:22 2023 by rpki-client on console-fra.rpki-client.org