Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/974881-4c4e-4d48-8fd3-1cc6a31b14bf/1/BqQcy_eujiQqooVoyoc8AdF5XIc.roa
File: BqQcy_eujiQqooVoyoc8AdF5XIc.roa (raw, json)
Hash identifier: ZpKXo/9pZPFE3HUHWikXKUXklfiXNN+6v5AEGxVy2ME=
Subject key identifier: 06:A4:1C:CB:F7:AE:8E:24:2A:A2:85:68:CA:87:3C:01:D1:79:5C:87
Certificate issuer: /CN=d9d649188aaa439d8511f70ebe82ba5e766c85d2
Certificate serial: 39D4EA
Authority key identifier: D9:D6:49:18:8A:AA:43:9D:85:11:F7:0E:BE:82:BA:5E:76:6C:85:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2dZJGIqqQ52FEfcOvoK6XnZshdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/974881-4c4e-4d48-8fd3-1cc6a31b14bf/1/BqQcy_eujiQqooVoyoc8AdF5XIc.roa
Signing time: Sat 01 Jan 2022 00:53:55 +0000
ROA not before: Sat 01 Jan 2022 00:53:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29611
IP address blocks: 185.85.89.0/24 maxlen: 24
185.85.90.0/24 maxlen: 24
185.85.91.0/24 maxlen: 24
185.85.88.0/22 maxlen: 22
185.85.88.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3790058 (0x39d4ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9d649188aaa439d8511f70ebe82ba5e766c85d2
Validity
Not Before: Jan 1 00:53:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=06a41ccbf7ae8e242aa28568ca873c01d1795c87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:70:4c:34:7d:4f:c8:c0:40:b6:05:7a:28:c3:
cd:14:8e:86:5f:2d:76:4d:f5:7b:28:07:ef:ff:62:
7d:ba:46:ee:ca:d4:60:9d:22:7e:d1:ec:43:82:61:
af:88:1d:c0:f1:f1:5b:63:54:b9:f0:f5:ff:fd:84:
a0:68:b6:b7:59:04:e2:df:21:6e:55:ae:e1:3a:87:
f1:9c:bc:5b:70:06:7d:e5:61:b3:2d:b4:6e:8d:e5:
7f:77:43:46:6c:e5:fd:51:aa:c9:91:52:66:2d:7d:
93:9f:2d:6b:e5:23:41:03:4e:b5:91:67:a6:00:d7:
07:51:cf:e6:e5:8f:82:c3:b1:e8:c4:34:39:32:f5:
b9:ca:aa:6d:f5:80:71:18:20:fe:b4:43:10:6d:c6:
ce:b0:6f:62:19:7f:ea:43:3e:00:3f:e4:6e:d4:f1:
b4:a5:a8:b4:19:f3:6d:b7:dd:b0:12:71:f6:cd:db:
fe:02:c9:08:75:05:dd:f7:a4:76:fe:80:f6:17:bf:
16:53:20:a5:70:3a:56:ea:3e:40:04:ad:5c:81:05:
14:2b:1e:d8:9a:00:6c:b1:92:d5:fd:4a:fd:44:dc:
9f:e3:b6:42:37:ad:13:53:1c:e0:b6:f6:2b:43:38:
7d:c0:5b:27:8a:81:b5:11:31:90:fc:55:24:77:ee:
96:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:A4:1C:CB:F7:AE:8E:24:2A:A2:85:68:CA:87:3C:01:D1:79:5C:87
X509v3 Authority Key Identifier:
keyid:D9:D6:49:18:8A:AA:43:9D:85:11:F7:0E:BE:82:BA:5E:76:6C:85:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2dZJGIqqQ52FEfcOvoK6XnZshdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/974881-4c4e-4d48-8fd3-1cc6a31b14bf/1/BqQcy_eujiQqooVoyoc8AdF5XIc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/974881-4c4e-4d48-8fd3-1cc6a31b14bf/1/2dZJGIqqQ52FEfcOvoK6XnZshdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.85.88.0/22
Signature Algorithm: sha256WithRSAEncryption
99:c2:28:cb:d8:8a:f3:9d:43:89:46:8f:1a:70:7b:fc:7f:26:
1f:76:d5:9d:59:9d:39:4e:08:ef:c9:3b:09:f5:ee:50:79:a5:
69:a9:ac:9b:3d:90:bc:cf:a8:36:1f:8c:3e:12:e6:29:58:be:
51:5e:df:2c:da:d3:31:29:3a:cb:27:c6:9e:74:a5:e4:98:85:
b3:43:c4:c9:5a:17:37:62:16:97:94:a3:9f:ab:2c:2e:2f:3c:
25:78:4b:34:68:37:1f:7b:90:f3:9e:fb:0c:6c:cf:c7:e5:9b:
04:86:ed:f7:b9:d6:e9:d6:e8:5c:4c:d1:aa:ad:59:01:f3:9f:
fe:13:76:f2:43:28:92:2f:2a:5b:67:26:7b:db:b7:a1:01:fa:
3b:f7:20:ed:03:91:3c:65:24:56:20:b1:cb:05:4c:9d:b9:65:
81:35:7b:4b:7b:d8:d9:86:24:cb:f4:5c:a3:55:42:bc:ff:d9:
bd:74:f3:aa:da:b5:85:82:0a:f2:95:a8:7f:03:98:88:e4:d0:
32:f2:2e:37:0b:c9:a6:50:4f:33:8f:67:4f:3e:3a:10:a1:aa:
8f:69:a4:26:8a:69:25:37:1d:47:dd:46:a5:11:f5:05:0a:b0:
b1:ed:8f:26:cf:fa:dc:20:8d:aa:27:d2:66:d4:d1:30:52:82:
8f:f1:d4:d9
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDOdTqMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ5
ZDY0OTE4OGFhYTQzOWQ4NTExZjcwZWJlODJiYTVlNzY2Yzg1ZDIwHhcNMjIwMTAx
MDA1MzU1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygwNmE0MWNjYmY3YWU4
ZTI0MmFhMjg1NjhjYTg3M2MwMWQxNzk1Yzg3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAunBMNH1PyMBAtgV6KMPNFI6GXy12TfV7KAfv/2J9ukbuytRg
nSJ+0exDgmGviB3A8fFbY1S58PX//YSgaLa3WQTi3yFuVa7hOofxnLxbcAZ95WGz
LbRujeV/d0NGbOX9UarJkVJmLX2Tny1r5SNBA061kWemANcHUc/m5Y+Cw7HoxDQ5
MvW5yqpt9YBxGCD+tEMQbcbOsG9iGX/qQz4AP+Ru1PG0pai0GfNtt92wEnH2zdv+
AskIdQXd96R2/oD2F78WUyClcDpW6j5ABK1cgQUUKx7YmgBssZLV/Ur9RNyf47ZC
N60TUxzgtvYrQzh9wFsnioG1ETGQ/FUkd+6WMQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFAakHMv3ro4kKqKFaMqHPAHReVyHMB8GA1UdIwQYMBaAFNnWSRiKqkOdhRH3
Dr6Cul52bIXSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
MmRaSkdJcXFRNTJGRWZjT3ZvSzZYblpzaGRJLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC83Yi85NzQ4ODEtNGM0ZS00ZDQ4LThmZDMtMWNjNmEzMWIxNGJmLzEv
QnFRY3lfZXVqaVFxb29Wb3lvYzhBZEY1WEljLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi85
NzQ4ODEtNGM0ZS00ZDQ4LThmZDMtMWNjNmEzMWIxNGJmLzEvMmRaSkdJcXFRNTJG
RWZjT3ZvSzZYblpzaGRJLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVVYMA0GCSqGSIb3DQEBCwUAA4IB
AQCZwijL2IrznUOJRo8acHv8fyYfdtWdWZ05TgjvyTsJ9e5QeaVpqaybPZC8z6g2
H4w+EuYpWL5RXt8s2tMxKTrLJ8aedKXkmIWzQ8TJWhc3YhaXlKOfqywuLzwleEs0
aDcfe5DznvsMbM/H5ZsEhu33udbp1uhcTNGqrVkB85/+E3byQyiSLypbZyZ727eh
Afo79yDtA5E8ZSRWILHLBUyduWWBNXtLe9jZhiTL9FyjVUK8/9m9dPOq2rWFggry
lah/A5iI5NAy8i43C8mmUE8zj2dPPjoQoaqPaaQmimklNx1H3UalEfUFCrCx7Y8m
z/rcII2qJ9Jm1NEwUoKP8dTZ
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:58 2023 by rpki-client on console-ams.rpki-client.org