Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/400686-8c75-42d0-8bd1-00044757fe8a/1/QLdglM7uxnJeUBjPkgY0djk_2kk.roa
File: QLdglM7uxnJeUBjPkgY0djk_2kk.roa (raw, json)
Hash identifier: dlCo34qRGaabkDsLYTFWmhlQMK9l2Mcr6DDOAc/czcw=
Subject key identifier: 40:B7:60:94:CE:EE:C6:72:5E:50:18:CF:92:06:34:76:39:3F:DA:49
Certificate issuer: /CN=bf73a3f21a1944421b4ddba7ecbc8360cca5e6fc
Certificate serial: 11E90985
Authority key identifier: BF:73:A3:F2:1A:19:44:42:1B:4D:DB:A7:EC:BC:83:60:CC:A5:E6:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v3Oj8hoZREIbTdun7LyDYMyl5vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/400686-8c75-42d0-8bd1-00044757fe8a/1/QLdglM7uxnJeUBjPkgY0djk_2kk.roa
Signing time: Sat 01 Jan 2022 05:01:37 +0000
ROA not before: Sat 01 Jan 2022 05:01:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47581
IP address blocks: 185.146.127.0/24 maxlen: 24
212.58.157.0/24 maxlen: 24
212.58.159.0/24 maxlen: 24
212.58.158.0/24 maxlen: 24
2a07:7b80:106::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 300484997 (0x11e90985)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf73a3f21a1944421b4ddba7ecbc8360cca5e6fc
Validity
Not Before: Jan 1 05:01:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=40b76094ceeec6725e5018cf92063476393fda49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:63:a1:4b:09:5f:11:ad:91:30:ea:c8:93:e7:
95:e8:a6:02:bc:75:a0:b2:9f:80:49:49:66:c2:06:
8b:66:1b:80:93:96:74:3a:c8:00:14:a8:fd:fc:fe:
f1:60:75:14:90:17:cb:ea:ca:d2:1a:0d:f4:a5:7f:
76:2d:b9:81:46:2b:bb:b4:5b:df:cf:da:97:91:da:
d3:0b:cc:d0:e9:69:e6:ef:64:2f:ed:d0:23:95:5d:
58:c0:c4:27:3e:e6:66:12:28:22:30:ef:90:a8:a9:
61:ce:0f:07:0d:fe:f2:fe:7a:7f:4e:3b:75:74:a4:
3a:57:1f:82:b0:f9:4f:95:88:33:5c:f5:10:eb:45:
88:1b:df:10:f5:d8:29:b9:5a:62:32:ac:38:c2:6a:
7b:04:98:20:b2:b4:d4:ae:34:94:df:53:47:53:e7:
4b:fd:d2:a7:0f:40:dc:34:cc:70:9e:9d:e0:47:f9:
2a:98:c6:52:af:55:ba:c8:e7:41:46:29:0e:55:14:
35:6c:13:fc:89:41:09:3c:19:f1:ac:0b:6a:5d:2c:
64:84:74:2f:43:3f:95:a4:7e:f1:ff:da:8a:f0:fb:
66:4c:5c:2e:07:2e:14:94:28:17:76:c2:eb:96:84:
e3:6f:46:82:ec:08:98:78:7a:9f:24:73:17:85:36:
29:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:B7:60:94:CE:EE:C6:72:5E:50:18:CF:92:06:34:76:39:3F:DA:49
X509v3 Authority Key Identifier:
keyid:BF:73:A3:F2:1A:19:44:42:1B:4D:DB:A7:EC:BC:83:60:CC:A5:E6:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v3Oj8hoZREIbTdun7LyDYMyl5vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/400686-8c75-42d0-8bd1-00044757fe8a/1/QLdglM7uxnJeUBjPkgY0djk_2kk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/400686-8c75-42d0-8bd1-00044757fe8a/1/v3Oj8hoZREIbTdun7LyDYMyl5vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.146.127.0/24
212.58.157.0-212.58.159.255
IPv6:
2a07:7b80:106::/48
Signature Algorithm: sha256WithRSAEncryption
54:d5:0f:12:fa:51:78:82:92:fc:16:e2:20:12:00:9f:0c:2a:
ae:5b:c3:b8:08:98:64:03:f1:94:5a:02:65:25:d7:4e:6f:11:
6d:c6:19:2c:42:44:03:c5:10:f8:b9:75:dc:cb:f9:fd:ab:1a:
5e:b1:2c:50:94:0e:06:5d:7a:a7:8e:c2:1a:d7:a9:e4:5b:8f:
ba:3b:9b:c8:2d:8f:2d:9a:40:7c:48:fc:3c:06:98:b9:99:fe:
a9:94:9a:17:0d:b5:94:62:81:f1:57:cf:ca:04:d5:ae:a4:c0:
32:ac:26:3c:3a:b1:5d:31:0e:9b:9b:5d:21:ab:c1:72:c6:a4:
0a:86:a0:9d:43:5e:9e:2d:1d:a6:eb:84:59:86:58:19:cb:91:
50:b7:a0:f7:97:e2:57:ca:48:4d:ce:0b:c7:49:c9:ad:0c:a9:
c6:89:52:61:fc:c5:7c:d6:b7:04:73:e6:c2:0f:c1:8f:2f:ef:
f2:f7:c9:29:65:ed:1d:48:ad:15:be:ec:b6:d5:d8:3c:83:42:
85:1d:d9:cf:76:97:86:b3:4c:db:9b:04:ac:8a:d9:6b:f1:6c:
71:94:c2:38:b2:0e:0a:f4:29:e5:88:34:56:d0:f1:3a:af:0f:
05:d7:b8:58:ac:ab:af:11:b2:a1:b2:80:8d:81:e2:b4:cd:8a:
92:83:ae:a9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgIEEekJhTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZjczYTNmMjFhMTk0NDQyMWI0ZGRiYTdlY2JjODM2MGNjYTVlNmZjMB4XDTIyMDEw
MTA1MDEzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDBiNzYwOTRjZWVl
YzY3MjVlNTAxOGNmOTIwNjM0NzYzOTNmZGE0OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMhjoUsJXxGtkTDqyJPnleimArx1oLKfgElJZsIGi2YbgJOW
dDrIABSo/fz+8WB1FJAXy+rK0hoN9KV/di25gUYru7Rb38/al5Ha0wvM0Olp5u9k
L+3QI5VdWMDEJz7mZhIoIjDvkKipYc4PBw3+8v56f047dXSkOlcfgrD5T5WIM1z1
EOtFiBvfEPXYKblaYjKsOMJqewSYILK01K40lN9TR1PnS/3Spw9A3DTMcJ6d4Ef5
KpjGUq9VusjnQUYpDlUUNWwT/IlBCTwZ8awLal0sZIR0L0M/laR+8f/aivD7Zkxc
LgcuFJQoF3bC65aE429GguwImHh6nyRzF4U2KdcCAwEAAaOCAigwggIkMB0GA1Ud
DgQWBBRAt2CUzu7Gcl5QGM+SBjR2OT/aSTAfBgNVHSMEGDAWgBS/c6PyGhlEQhtN
26fsvINgzKXm/DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3YzT2o4aG9aUkVJYlRkdW43THlEWU15bDV2dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzEvNDAwNjg2LThjNzUtNDJkMC04YmQxLTAwMDQ0NzU3ZmU4YS8x
L1FMZGdsTTd1eG5KZVVCalBrZ1kwZGprXzJray5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzEv
NDAwNjg2LThjNzUtNDJkMC04YmQxLTAwMDQ0NzU3ZmU4YS8xL3YzT2o4aG9aUkVJ
YlRkdW43THlEWU15bDV2dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA+
BggrBgEFBQcBBwEB/wQvMC0wGgQCAAEwFAMEALmSfzAMAwQA1DqdAwQF1DqAMA8E
AgACMAkDBwAqB3uAAQYwDQYJKoZIhvcNAQELBQADggEBAFTVDxL6UXiCkvwW4iAS
AJ8MKq5bw7gImGQD8ZRaAmUl105vEW3GGSxCRAPFEPi5ddzL+f2rGl6xLFCUDgZd
eqeOwhrXqeRbj7o7m8gtjy2aQHxI/DwGmLmZ/qmUmhcNtZRigfFXz8oE1a6kwDKs
Jjw6sV0xDpubXSGrwXLGpAqGoJ1DXp4tHabrhFmGWBnLkVC3oPeX4lfKSE3OC8dJ
ya0MqcaJUmH8xXzWtwRz5sIPwY8v7/L3ySll7R1IrRW+7LbV2DyDQoUd2c92l4az
TNubBKyK2WvxbHGUwjiyDgr0KeWINFbQ8TqvDwXXuFisq68RsqGygI2B4rTNipKD
rqk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:27 2024 by rpki-client on console-ams.rpki-client.org