Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/mq5ZkNGT5W_wwqAAW_Q68cvmzJE.roa
File: mq5ZkNGT5W_wwqAAW_Q68cvmzJE.roa (raw, json)
Hash identifier: u70enkiWkgB+gGS91LOW2qEuffbB0l5Ge2WQ3/ihzNc=
Subject key identifier: 9A:AE:59:90:D1:93:E5:6F:F0:C2:A0:00:5B:F4:3A:F1:CB:E6:CC:91
Certificate issuer: /CN=2f3136ed10998580a517d9598abca33d9ba66599
Certificate serial: 02E63F83
Authority key identifier: 2F:31:36:ED:10:99:85:80:A5:17:D9:59:8A:BC:A3:3D:9B:A6:65:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LzE27RCZhYClF9lZiryjPZumZZk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/mq5ZkNGT5W_wwqAAW_Q68cvmzJE.roa
Signing time: Thu 02 Jun 2022 18:26:20 +0000
ROA not before: Thu 02 Jun 2022 18:26:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14340
IP address blocks: 194.145.16.0/21 maxlen: 24
159.92.0.0/16 maxlen: 24
161.71.0.0/17 maxlen: 24
163.79.128.0/17 maxlen: 24
151.106.128.0/20 maxlen: 24
185.79.140.0/22 maxlen: 24
194.145.0.0/20 maxlen: 24
85.222.128.0/19 maxlen: 24
163.76.128.0/17 maxlen: 24
151.106.216.0/22 maxlen: 24
161.71.128.0/17 maxlen: 24
151.106.220.0/22 maxlen: 24
151.106.144.0/20 maxlen: 24
160.8.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 48643971 (0x2e63f83)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f3136ed10998580a517d9598abca33d9ba66599
Validity
Not Before: Jun 2 18:26:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9aae5990d193e56ff0c2a0005bf43af1cbe6cc91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:c4:c6:4e:9a:23:7b:e2:b4:c1:ec:28:2c:80:
6f:d0:3e:eb:2c:2b:7b:15:5c:d5:30:36:ad:22:3f:
e1:33:4c:08:d2:09:02:31:62:1a:dd:ca:24:12:b9:
4f:c4:ba:32:ce:0a:7c:5e:49:ca:f2:36:d7:6a:0d:
4a:37:d5:91:bd:c3:4d:99:99:d5:2e:2f:56:d4:55:
5c:0e:54:02:80:b0:de:32:d0:bf:5e:e7:24:35:c5:
a4:39:4a:13:0a:1b:80:60:8f:1a:9a:d4:46:1a:98:
ca:24:0f:b3:59:b6:44:0d:9b:69:54:4b:42:7b:bd:
10:d5:71:4f:28:45:1d:92:8f:36:34:6c:73:9c:bd:
0c:ef:dd:0e:4c:fd:5b:d5:51:77:ef:9a:2c:22:69:
f5:82:aa:3d:93:17:54:9f:5d:ef:9b:76:80:cd:58:
f2:65:38:2d:26:d7:88:c1:85:4f:99:2a:57:e6:4f:
e3:39:df:75:23:70:2d:54:4d:4d:5a:d4:b3:0a:64:
8c:5f:98:dd:9a:bc:a3:f4:1f:2d:a3:3c:5e:eb:f9:
0c:fe:80:bc:e4:f4:79:72:b7:a1:e9:b1:e2:d3:82:
d1:49:16:75:b8:a9:a7:85:9b:1f:97:ea:47:dc:39:
72:2c:58:3a:40:15:77:c7:8f:75:8f:d2:74:7e:ef:
f1:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:AE:59:90:D1:93:E5:6F:F0:C2:A0:00:5B:F4:3A:F1:CB:E6:CC:91
X509v3 Authority Key Identifier:
keyid:2F:31:36:ED:10:99:85:80:A5:17:D9:59:8A:BC:A3:3D:9B:A6:65:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LzE27RCZhYClF9lZiryjPZumZZk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/mq5ZkNGT5W_wwqAAW_Q68cvmzJE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/LzE27RCZhYClF9lZiryjPZumZZk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.222.128.0/19
151.106.128.0/19
151.106.216.0/21
159.92.0.0/16
160.8.0.0/16
161.71.0.0/16
163.76.128.0/17
163.79.128.0/17
185.79.140.0/22
194.145.0.0-194.145.23.255
Signature Algorithm: sha256WithRSAEncryption
37:4b:53:70:1a:ef:dc:e8:9e:d2:2e:a2:37:e3:ba:5f:ae:6d:
6a:8e:93:1f:72:12:23:d7:f2:30:0e:ec:6e:98:00:a9:e0:ac:
3f:3d:64:53:2d:7d:9e:2e:69:4a:de:d5:66:84:bd:e5:b1:2c:
08:43:27:87:55:90:af:a2:1d:54:d8:d1:d9:09:b7:ee:c7:55:
12:db:49:96:85:4f:73:fa:00:61:f0:fc:d1:41:e0:98:78:86:
4a:9b:a4:23:ec:0c:48:98:1b:28:88:8e:fd:d9:58:38:04:59:
47:ad:78:81:1b:51:26:5c:06:da:dc:d8:ed:98:4b:6b:83:2c:
3c:cc:bf:46:5d:c9:c0:28:95:60:f0:6d:69:10:3a:6a:5a:f4:
3d:0c:ae:e6:60:18:da:3f:f5:9a:76:fe:57:7a:97:f1:31:f6:
63:24:b8:73:69:df:78:5c:45:b7:e6:59:e6:7d:59:73:4f:fe:
3d:fd:62:49:40:5b:b1:f0:1c:03:71:33:dd:5e:d1:bc:59:f8:
5a:86:e2:28:ab:67:70:55:1d:a2:b4:d3:d4:0c:0b:29:4c:d2:
ce:bd:ce:0d:02:bb:d8:83:06:55:06:21:6f:7f:52:68:60:b9:
cf:fe:42:3e:19:08:7a:4b:0a:e9:a9:bd:63:61:43:af:6f:a3:
b5:c9:30:f3
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIEAuY/gzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZjMxMzZlZDEwOTk4NTgwYTUxN2Q5NTk4YWJjYTMzZDliYTY2NTk5MB4XDTIyMDYw
MjE4MjYyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWFhZTU5OTBkMTkz
ZTU2ZmYwYzJhMDAwNWJmNDNhZjFjYmU2Y2M5MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKfExk6aI3vitMHsKCyAb9A+6ywrexVc1TA2rSI/4TNMCNIJ
AjFiGt3KJBK5T8S6Ms4KfF5JyvI212oNSjfVkb3DTZmZ1S4vVtRVXA5UAoCw3jLQ
v17nJDXFpDlKEwobgGCPGprURhqYyiQPs1m2RA2baVRLQnu9ENVxTyhFHZKPNjRs
c5y9DO/dDkz9W9VRd++aLCJp9YKqPZMXVJ9d75t2gM1Y8mU4LSbXiMGFT5kqV+ZP
4znfdSNwLVRNTVrUswpkjF+Y3Zq8o/QfLaM8Xuv5DP6AvOT0eXK3oemx4tOC0UkW
dbipp4WbH5fqR9w5cixYOkAVd8ePdY/SdH7v8XECAwEAAaOCAkMwggI/MB0GA1Ud
DgQWBBSarlmQ0ZPlb/DCoABb9Drxy+bMkTAfBgNVHSMEGDAWgBQvMTbtEJmFgKUX
2VmKvKM9m6ZlmTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0x6RTI3UkNaaFlDbEY5bFppcnlqUFp1bVpaay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmQvZjkwZDgzLTAyYmUtNGU1Zi1iZDBmLTkyOWYxMDY2MzBmMS8x
L21xNVprTkdUNVdfd3dxQUFXX1E2OGN2bXpKRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmQv
ZjkwZDgzLTAyYmUtNGU1Zi1iZDBmLTkyOWYxMDY2MzBmMS8xL0x6RTI3UkNaaFlD
bEY5bFppcnlqUFp1bVpaay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZ
BggrBgEFBQcBBwEB/wRKMEgwRgQCAAEwQAMEBVXegAMEBZdqgAMEA5dq2AMDAJ9c
AwMAoAgDAwChRwMEB6NMgAMEB6NPgAMEArlPjDALAwMAwpEDBAPCkRAwDQYJKoZI
hvcNAQELBQADggEBADdLU3Aa79zontIuojfjul+ubWqOkx9yEiPX8jAO7G6YAKng
rD89ZFMtfZ4uaUre1WaEveWxLAhDJ4dVkK+iHVTY0dkJt+7HVRLbSZaFT3P6AGHw
/NFB4Jh4hkqbpCPsDEiYGyiIjv3ZWDgEWUeteIEbUSZcBtrc2O2YS2uDLDzMv0Zd
ycAolWDwbWkQOmpa9D0MruZgGNo/9Zp2/ld6l/Ex9mMkuHNp33hcRbfmWeZ9WXNP
/j39YklAW7HwHANxM91e0bxZ+FqG4iirZ3BVHaK009QMCylM0s69zg0Cu9iDBlUG
IW9/Umhguc/+Qj4ZCHpLCumpvWNhQ69vo7XJMPM=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:18 2023 by rpki-client on console-ams.rpki-client.org