Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/4a1ebd-d44e-4892-85b3-735a0cc1e789/1/qGVmr7zq0A_8xT-8pVGzcQW1_sI.roa
File: qGVmr7zq0A_8xT-8pVGzcQW1_sI.roa (raw, json)
Hash identifier: kAKaFrsftGaafZ/fzJpdCUvDdv/l1KFm20lnRhl5J0o=
Subject key identifier: A8:65:66:AF:BC:EA:D0:0F:FC:C5:3F:BC:A5:51:B3:71:05:B5:FE:C2
Certificate issuer: /CN=1dde756a9b6d14000c3e150d5b7d6095b7613fe4
Certificate serial: 15CED430
Authority key identifier: 1D:DE:75:6A:9B:6D:14:00:0C:3E:15:0D:5B:7D:60:95:B7:61:3F:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hd51apttFAAMPhUNW31glbdhP-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/4a1ebd-d44e-4892-85b3-735a0cc1e789/1/qGVmr7zq0A_8xT-8pVGzcQW1_sI.roa
Signing time: Sat 01 Jan 2022 15:02:43 +0000
ROA not before: Sat 01 Jan 2022 15:02:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47224
IP address blocks: 193.169.242.0/23 maxlen: 23
185.10.32.0/23 maxlen: 23
185.10.34.0/23 maxlen: 23
171.25.191.0/24 maxlen: 24
91.221.32.0/24 maxlen: 24
91.221.33.0/24 maxlen: 24
194.152.49.0/24 maxlen: 24
194.152.48.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 365876272 (0x15ced430)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1dde756a9b6d14000c3e150d5b7d6095b7613fe4
Validity
Not Before: Jan 1 15:02:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a86566afbcead00ffcc53fbca551b37105b5fec2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:bc:54:c2:98:a1:1c:d7:7a:50:44:03:b0:12:
45:97:3b:e3:0b:00:83:b3:de:3f:7f:1d:c7:40:d9:
d4:d5:0e:de:a4:0f:5f:27:09:3f:e0:49:fb:bc:bb:
1d:9e:a0:8d:cf:cd:22:0e:22:de:b9:72:96:fe:22:
d2:bb:38:7e:4a:fb:28:47:88:9b:ce:c6:d4:f7:f4:
fc:bb:7f:81:6b:72:b5:5c:e3:6c:0f:14:0b:64:32:
50:ab:47:05:95:4d:4f:54:79:c4:11:ec:61:9f:32:
a8:b1:4a:55:0f:52:9f:9b:14:e7:01:bc:42:f2:d0:
8d:38:84:66:71:2a:32:16:38:b3:9b:ae:5e:a0:fd:
9e:54:91:a8:65:e3:5e:fb:bb:f1:3d:cb:0a:3a:dc:
6d:85:ef:42:77:72:73:b3:85:93:a2:3c:8c:57:d0:
61:17:b2:d0:2e:ee:c8:11:3c:fb:6b:d3:07:b0:bc:
fe:28:d9:12:54:b1:b9:4b:32:a4:58:28:69:64:35:
42:49:1f:37:17:21:fa:63:5e:9f:3b:13:3a:07:94:
ac:06:d1:01:35:60:9e:b3:5d:01:66:b9:79:38:30:
d7:f0:e9:a1:3e:47:2c:28:68:33:95:61:2c:fe:ff:
14:ec:52:70:ac:1b:d6:53:87:55:80:ca:cf:ae:33:
2a:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:65:66:AF:BC:EA:D0:0F:FC:C5:3F:BC:A5:51:B3:71:05:B5:FE:C2
X509v3 Authority Key Identifier:
keyid:1D:DE:75:6A:9B:6D:14:00:0C:3E:15:0D:5B:7D:60:95:B7:61:3F:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hd51apttFAAMPhUNW31glbdhP-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/4a1ebd-d44e-4892-85b3-735a0cc1e789/1/qGVmr7zq0A_8xT-8pVGzcQW1_sI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/4a1ebd-d44e-4892-85b3-735a0cc1e789/1/Hd51apttFAAMPhUNW31glbdhP-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.32.0/23
171.25.191.0/24
185.10.32.0/22
193.169.242.0/23
194.152.48.0/23
Signature Algorithm: sha256WithRSAEncryption
8e:99:c5:d1:29:fa:a6:56:09:4d:dc:b4:46:44:3a:ad:e9:45:
7f:40:7c:fb:0c:00:77:ad:1f:fc:c1:01:ef:14:97:d8:6c:d9:
a9:2f:d0:21:92:49:57:65:2f:a2:5c:ce:88:b9:3f:0a:84:bc:
f5:2a:5b:7d:1b:16:92:5b:71:3f:af:6b:7b:84:4b:43:84:81:
02:9e:7b:63:ae:28:a0:f4:66:17:1d:ad:02:61:63:6c:12:97:
a2:31:ae:22:79:65:52:62:d3:11:88:a9:1d:12:28:e9:fe:f7:
e1:13:27:25:32:43:91:f6:6c:fd:46:61:a1:c9:03:b3:1d:79:
ef:25:1b:d1:15:57:ac:cc:9e:24:20:58:39:09:d6:5d:9b:60:
a8:93:fa:3a:51:6e:6b:de:80:fc:02:dd:85:46:8e:bf:d6:90:
93:f7:b9:df:40:b5:eb:8c:ba:d5:9f:d1:cb:4e:49:72:59:9e:
24:39:38:da:c6:43:83:e9:9b:9e:3a:9d:25:9b:04:ad:73:1d:
7b:74:2b:07:a6:29:59:37:8f:06:02:c6:30:af:b4:c0:47:94:
23:af:09:a3:ba:ca:89:35:6b:06:3f:4b:44:76:c0:ea:7c:02:
47:f5:db:13:73:a6:96:d6:ed:ff:80:27:bf:88:93:61:fa:48:
6f:79:38:32
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEFc7UMDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZGRlNzU2YTliNmQxNDAwMGMzZTE1MGQ1YjdkNjA5NWI3NjEzZmU0MB4XDTIyMDEw
MTE1MDI0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTg2NTY2YWZiY2Vh
ZDAwZmZjYzUzZmJjYTU1MWIzNzEwNWI1ZmVjMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANS8VMKYoRzXelBEA7ASRZc74wsAg7PeP38dx0DZ1NUO3qQP
XycJP+BJ+7y7HZ6gjc/NIg4i3rlylv4i0rs4fkr7KEeIm87G1Pf0/Lt/gWtytVzj
bA8UC2QyUKtHBZVNT1R5xBHsYZ8yqLFKVQ9Sn5sU5wG8QvLQjTiEZnEqMhY4s5uu
XqD9nlSRqGXjXvu78T3LCjrcbYXvQndyc7OFk6I8jFfQYRey0C7uyBE8+2vTB7C8
/ijZElSxuUsypFgoaWQ1QkkfNxch+mNenzsTOgeUrAbRATVgnrNdAWa5eTgw1/Dp
oT5HLChoM5VhLP7/FOxScKwb1lOHVYDKz64zKvkCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBSoZWavvOrQD/zFP7ylUbNxBbX+wjAfBgNVHSMEGDAWgBQd3nVqm20UAAw+
FQ1bfWCVt2E/5DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hkNTFhcHR0RkFBTVBoVU5XMzFnbGJkaFAtUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzMvNGExZWJkLWQ0NGUtNDg5Mi04NWIzLTczNWEwY2MxZTc4OS8x
L3FHVm1yN3pxMEFfOHhULThwVkd6Y1FXMV9zSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzMv
NGExZWJkLWQ0NGUtNDg5Mi04NWIzLTczNWEwY2MxZTc4OS8xL0hkNTFhcHR0RkFB
TVBoVU5XMzFnbGJkaFAtUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAVvdIAMEAKsZvwMEArkKIAMEAcGp
8gMEAcKYMDANBgkqhkiG9w0BAQsFAAOCAQEAjpnF0Sn6plYJTdy0RkQ6relFf0B8
+wwAd60f/MEB7xSX2GzZqS/QIZJJV2UvolzOiLk/CoS89SpbfRsWkltxP69re4RL
Q4SBAp57Y64ooPRmFx2tAmFjbBKXojGuInllUmLTEYipHRIo6f734RMnJTJDkfZs
/UZhockDsx157yUb0RVXrMyeJCBYOQnWXZtgqJP6OlFua96A/ALdhUaOv9aQk/e5
30C164y61Z/Ry05JclmeJDk42sZDg+mbnjqdJZsErXMde3QrB6YpWTePBgLGMK+0
wEeUI68Jo7rKiTVrBj9LRHbA6nwCR/XbE3Omltbt/4Anv4iTYfpIb3k4Mg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:34 2023 by rpki-client on console-ams.rpki-client.org