Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/1be7bc-b642-4a0d-8e6b-f7e0c5e2702e/1/QyMbHc7YYS1kHq0h1U86qjqO3mI.roa
File: QyMbHc7YYS1kHq0h1U86qjqO3mI.roa (raw, json)
Hash identifier: 2ylFDQytW4R+S3Z2o0P+xF8msUyZZIqKndZIH7RQLEo=
Subject key identifier: 43:23:1B:1D:CE:D8:61:2D:64:1E:AD:21:D5:4F:3A:AA:3A:8E:DE:62
Certificate issuer: /CN=10543a5197eb2544447e9d36b3ebf14452c777eb
Certificate serial: 20356D7F
Authority key identifier: 10:54:3A:51:97:EB:25:44:44:7E:9D:36:B3:EB:F1:44:52:C7:77:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EFQ6UZfrJUREfp02s-vxRFLHd-s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/1be7bc-b642-4a0d-8e6b-f7e0c5e2702e/1/QyMbHc7YYS1kHq0h1U86qjqO3mI.roa
Signing time: Sat 01 Jan 2022 05:03:04 +0000
ROA not before: Sat 01 Jan 2022 05:03:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2110
IP address blocks: 193.95.128.0/18 maxlen: 18
194.125.0.0/17 maxlen: 17
213.202.128.0/18 maxlen: 18
192.111.39.0/24 maxlen: 24
78.16.0.0/14 maxlen: 14
212.2.160.0/19 maxlen: 19
185.146.180.0/22 maxlen: 22
185.146.180.0/24 maxlen: 24
193.120.52.0/24 maxlen: 24
194.145.128.0/21 maxlen: 21
193.120.216.0/24 maxlen: 24
194.46.192.0/18 maxlen: 18
193.120.0.0/16 maxlen: 16
193.203.128.0/19 maxlen: 19
194.165.160.0/19 maxlen: 19
2001:7c8::/29 maxlen: 29
2001:7c8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 540372351 (0x20356d7f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10543a5197eb2544447e9d36b3ebf14452c777eb
Validity
Not Before: Jan 1 05:03:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=43231b1dced8612d641ead21d54f3aaa3a8ede62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:69:dd:ac:88:78:c0:ff:b6:60:0c:58:c3:1a:
82:f7:07:36:27:45:a7:65:11:79:0f:94:85:ee:99:
ac:c5:38:e0:a8:07:e1:20:e4:6e:3c:83:73:47:fd:
13:30:14:10:e8:2f:fc:07:9c:48:3b:4a:98:d5:f6:
81:bf:a7:ba:1a:e8:5a:57:5a:61:06:9e:8c:04:5c:
41:10:46:f2:99:e7:1e:40:c8:4a:09:de:07:26:8e:
41:9c:3f:0d:80:e9:aa:43:cc:ba:8c:d4:fd:98:60:
aa:27:81:46:f6:bf:9a:f5:ff:c4:2f:5c:6d:81:fc:
48:95:ac:32:b7:89:52:0b:24:0f:4e:c5:5d:e1:7b:
c4:15:05:2c:cd:b5:fc:73:db:82:96:8d:f3:f7:bd:
71:eb:e1:39:fd:7a:20:ad:c3:9e:a2:dc:fd:af:4f:
0e:bd:ba:36:a3:9b:65:0d:a6:0d:64:22:a5:8c:1c:
dc:2f:fb:ec:43:44:3a:0f:b1:60:ec:e1:8c:5a:00:
cc:a5:92:68:d7:38:39:38:a1:9e:d3:69:54:ec:e8:
32:06:4b:db:43:c3:e1:dc:b9:4a:fb:08:58:15:fb:
d3:32:3f:ae:eb:ac:25:c4:4a:bc:5d:24:af:49:51:
7e:13:4d:b4:ad:9b:88:82:46:39:e3:eb:97:f9:f4:
6a:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:23:1B:1D:CE:D8:61:2D:64:1E:AD:21:D5:4F:3A:AA:3A:8E:DE:62
X509v3 Authority Key Identifier:
keyid:10:54:3A:51:97:EB:25:44:44:7E:9D:36:B3:EB:F1:44:52:C7:77:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EFQ6UZfrJUREfp02s-vxRFLHd-s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/1be7bc-b642-4a0d-8e6b-f7e0c5e2702e/1/QyMbHc7YYS1kHq0h1U86qjqO3mI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/1be7bc-b642-4a0d-8e6b-f7e0c5e2702e/1/EFQ6UZfrJUREfp02s-vxRFLHd-s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.16.0.0/14
185.146.180.0/22
192.111.39.0/24
193.95.128.0/18
193.120.0.0/16
193.203.128.0/19
194.46.192.0/18
194.125.0.0/17
194.145.128.0/21
194.165.160.0/19
212.2.160.0/19
213.202.128.0/18
IPv6:
2001:7c8::/29
Signature Algorithm: sha256WithRSAEncryption
32:81:fa:0b:a1:7e:b4:09:03:ae:dc:53:ed:20:76:d8:c9:cb:
1f:e3:66:ad:c1:15:bf:ca:11:eb:91:21:0f:ba:d3:3f:b5:a4:
5e:41:c0:a7:90:b0:27:cf:04:22:1b:c4:64:bd:9a:00:de:ed:
44:5e:cc:83:93:64:b5:c1:f8:4e:df:e9:09:47:70:21:58:42:
ac:94:26:4e:cc:a8:d0:de:70:04:a1:e1:d7:03:71:dc:66:65:
f3:95:54:6c:d1:43:f1:ad:4e:24:a8:fd:72:75:52:2b:d6:05:
a6:3a:20:d6:3d:2b:63:ee:70:5d:09:2a:a9:3d:b9:90:d9:44:
4f:e9:18:88:09:bf:fd:0a:8c:5c:df:87:ac:d2:a7:35:8b:42:
6e:9f:7f:88:48:a6:7b:c7:79:4f:e2:7a:71:65:de:2c:96:47:
a6:6b:0f:f9:74:09:bc:7e:fa:35:52:f9:7d:bf:fd:61:e9:62:
d8:22:d0:1a:68:02:fc:74:fd:00:db:f3:70:0e:cd:32:9f:fe:
81:a5:88:88:35:4e:ba:8f:15:02:ae:bb:2a:ab:ee:15:0f:9a:
c1:fe:2d:a6:97:6c:ad:9e:ed:ad:60:d7:31:83:59:77:19:df:
83:65:96:e9:84:d6:08:2c:d7:4f:ae:a8:81:1e:5b:c4:a1:81:
1b:c3:5f:e5
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgIEIDVtfzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MDU0M2E1MTk3ZWIyNTQ0NDQ3ZTlkMzZiM2ViZjE0NDUyYzc3N2ViMB4XDTIyMDEw
MTA1MDMwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDMyMzFiMWRjZWQ4
NjEyZDY0MWVhZDIxZDU0ZjNhYWEzYThlZGU2MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKVp3ayIeMD/tmAMWMMagvcHNidFp2UReQ+Uhe6ZrMU44KgH
4SDkbjyDc0f9EzAUEOgv/AecSDtKmNX2gb+nuhroWldaYQaejARcQRBG8pnnHkDI
SgneByaOQZw/DYDpqkPMuozU/ZhgqieBRva/mvX/xC9cbYH8SJWsMreJUgskD07F
XeF7xBUFLM21/HPbgpaN8/e9cevhOf16IK3DnqLc/a9PDr26NqObZQ2mDWQipYwc
3C/77ENEOg+xYOzhjFoAzKWSaNc4OTihntNpVOzoMgZL20PD4dy5SvsIWBX70zI/
ruusJcRKvF0kr0lRfhNNtK2biIJGOePrl/n0alkCAwEAAaOCAlgwggJUMB0GA1Ud
DgQWBBRDIxsdzthhLWQerSHVTzqqOo7eYjAfBgNVHSMEGDAWgBQQVDpRl+slRER+
nTaz6/FEUsd36zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VGUTZVWmZySlVSRWZwMDJzLXZ4UkZMSGQtcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2EvMWJlN2JjLWI2NDItNGEwZC04ZTZiLWY3ZTBjNWUyNzAyZS8x
L1F5TWJIYzdZWVMxa0hxMGgxVTg2cWpxTzNtSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Ev
MWJlN2JjLWI2NDItNGEwZC04ZTZiLWY3ZTBjNWUyNzAyZS8xL0VGUTZVWmZySlVS
RWZwMDJzLXZ4UkZMSGQtcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBu
BggrBgEFBQcBBwEB/wRfMF0wTAQCAAEwRgMDAk4QAwQCuZK0AwQAwG8nAwQGwV+A
AwMAwXgDBAXBy4ADBAbCLsADBAfCfQADBAPCkYADBAXCpaADBAXUAqADBAbVyoAw
DQQCAAIwBwMFAyABB8gwDQYJKoZIhvcNAQELBQADggEBADKB+guhfrQJA67cU+0g
dtjJyx/jZq3BFb/KEeuRIQ+60z+1pF5BwKeQsCfPBCIbxGS9mgDe7URezIOTZLXB
+E7f6QlHcCFYQqyUJk7MqNDecASh4dcDcdxmZfOVVGzRQ/GtTiSo/XJ1UivWBaY6
INY9K2PucF0JKqk9uZDZRE/pGIgJv/0KjFzfh6zSpzWLQm6ff4hIpnvHeU/ienFl
3iyWR6ZrD/l0Cbx++jVS+X2//WHpYtgi0BpoAvx0/QDb83AOzTKf/oGliIg1TrqP
FQKuuyqr7hUPmsH+LaaXbK2e7a1g1zGDWXcZ34NllumE1ggs10+uqIEeW8ShgRvD
X+U=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:16 2023 by rpki-client on console-fra.rpki-client.org