Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/QrpNcGA7uxJaUdAGEF5ZTQeluwQ.roa
File: QrpNcGA7uxJaUdAGEF5ZTQeluwQ.roa (raw, json)
Hash identifier: SIhLppdmYai7PPPr0DpPflAtVBezC8ONizW6b6p7ZIs=
Subject key identifier: 42:BA:4D:70:60:3B:BB:12:5A:51:D0:06:10:5E:59:4D:07:A5:BB:04
Certificate issuer: /CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Certificate serial: 01849EB78110EFC964160771D68A723B76D1
Authority key identifier: 0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/QrpNcGA7uxJaUdAGEF5ZTQeluwQ.roa
Signing time: Tue 22 Nov 2022 09:42:16 +0000
ROA not before: Tue 22 Nov 2022 09:42:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9009
IP address blocks: 185.132.125.0/24 maxlen: 24
45.136.196.0/24 maxlen: 24
45.136.197.0/24 maxlen: 24
45.136.198.0/24 maxlen: 24
45.136.199.0/24 maxlen: 24
176.97.64.0/23 maxlen: 23
185.87.148.0/23 maxlen: 23
188.116.22.0/24 maxlen: 24
195.54.171.0/24 maxlen: 24
176.97.70.0/23 maxlen: 23
176.97.68.0/23 maxlen: 23
176.97.66.0/23 maxlen: 23
176.97.72.0/24 maxlen: 24
176.97.73.0/24 maxlen: 24
176.97.75.0/24 maxlen: 24
5.61.62.0/23 maxlen: 23
5.61.60.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9e:b7:81:10:ef:c9:64:16:07:71:d6:8a:72:3b:76:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Validity
Not Before: Nov 22 09:42:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=42ba4d70603bbb125a51d006105e594d07a5bb04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f1:f3:5f:48:c8:7a:e0:37:ca:3f:ab:49:e3:
ae:4a:2f:6f:99:f7:4d:d7:6d:5d:6a:20:4d:d5:8b:
d6:bd:3e:3a:4b:a5:a6:ac:6b:27:b6:51:77:5c:23:
d8:db:9a:ea:7d:29:5f:bb:89:0e:39:d2:bc:d5:8b:
8b:94:09:e8:eb:fa:49:73:6f:2b:e4:9b:2b:47:66:
eb:82:80:43:45:02:31:69:90:00:ed:56:b8:6c:35:
32:90:37:9b:e6:ad:fd:8f:56:85:77:dd:a3:98:b3:
5a:27:0d:e1:af:40:36:0b:8a:ee:10:eb:f7:62:d1:
07:25:ac:56:b8:3e:2b:8f:1a:ba:f2:60:b1:c7:d2:
49:14:86:89:4a:78:27:af:d5:3d:07:57:9d:12:d4:
0a:bb:e8:f6:36:d5:4e:c6:c2:0a:99:f6:86:4f:b8:
44:88:3f:ac:d6:62:7e:ea:6f:b8:26:79:29:f0:be:
08:a4:74:9b:4f:ae:d8:c9:ac:0f:d6:5f:f2:43:ed:
c3:98:02:eb:6c:2d:87:ab:11:62:b6:29:04:ce:d2:
20:cb:af:49:97:a8:ee:fa:4b:25:25:dc:19:74:89:
a5:30:66:09:de:eb:cb:7f:a0:a9:fa:f4:cd:64:c0:
07:56:bf:33:5b:46:83:15:a5:e6:1c:40:b2:97:3b:
9c:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:BA:4D:70:60:3B:BB:12:5A:51:D0:06:10:5E:59:4D:07:A5:BB:04
X509v3 Authority Key Identifier:
keyid:0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/QrpNcGA7uxJaUdAGEF5ZTQeluwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.60.0/22
45.136.196.0/22
176.97.64.0-176.97.73.255
176.97.75.0/24
185.87.148.0/23
185.132.125.0/24
188.116.22.0/24
195.54.171.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:c1:5b:6e:7a:d2:21:c9:2d:31:a6:4d:84:23:69:ee:9f:7b:
c1:2a:1a:50:09:68:81:45:90:ca:fb:c7:dd:04:0f:e4:65:a7:
a4:17:5a:08:1d:ca:0b:6b:e0:72:38:ed:30:3f:e5:d5:79:c1:
5a:c4:e4:f3:8e:8c:3b:92:bb:78:4f:60:42:d1:1c:03:87:16:
b6:36:c1:85:eb:44:ae:b1:94:1e:1c:c5:eb:6a:02:d7:86:a9:
b6:06:eb:95:3b:27:d1:c4:9b:d7:d1:84:d3:4b:cf:fe:90:27:
37:4e:1f:90:b8:a1:4f:56:bb:a1:a9:52:41:5d:dc:c3:67:72:
88:59:4d:8b:86:b8:90:aa:ef:71:40:6d:97:f1:c8:37:18:24:
de:bc:a4:96:9c:7e:63:9c:9b:b7:4b:43:a3:57:26:67:b2:8d:
1e:b3:bf:aa:7f:75:32:51:81:f3:75:ca:b4:2e:fe:2c:49:0f:
16:5d:52:79:f5:ab:ef:1a:d6:57:79:1f:45:85:45:d2:31:e6:
de:21:1e:36:b6:c6:72:a5:ca:3d:e0:9b:21:bf:33:99:9d:cb:
ff:42:76:d2:8e:09:5c:22:2d:3d:f5:d3:90:7f:09:82:05:fd:
0e:4d:42:41:36:c5:0d:df:96:b6:c4:4b:50:5a:a2:9e:b9:e7:
59:68:59:9a
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYSet4EQ78lkFgdx1opyO3bRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlZjVjYjJmNTkwZDA0MTY1NGY0ZGZkYjYwYTI4ZjlhMTU0
NGY0NDQwHhcNMjIxMTIyMDk0MjE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmJhNGQ3MDYwM2JiYjEyNWE1MWQwMDYxMDVlNTk0ZDA3YTViYjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfHzX0jIeuA3yj+rSeOuSi9vmfdN
121daiBN1YvWvT46S6WmrGsntlF3XCPY25rqfSlfu4kOOdK81YuLlAno6/pJc28r
5JsrR2brgoBDRQIxaZAA7Va4bDUykDeb5q39j1aFd92jmLNaJw3hr0A2C4ruEOv3
YtEHJaxWuD4rjxq68mCxx9JJFIaJSngnr9U9B1edEtQKu+j2NtVOxsIKmfaGT7hE
iD+s1mJ+6m+4Jnkp8L4IpHSbT67YyawP1l/yQ+3DmALrbC2HqxFitikEztIgy69J
l6ju+kslJdwZdImlMGYJ3uvLf6Cp+vTNZMAHVr8zW0aDFaXmHECylzucmwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFEK6TXBgO7sSWlHQBhBeWU0HpbsEMB8GA1UdIwQY
MBaAFA71yy9ZDQQWVPTf22Cij5oVRPREMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHZYTEwxa05CQlpVOU5fYllLS1BtaFZFOUVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8yMjZmMDQtZjdkYi00OTFhLWJhZmIt
ZWU0MzVkM2NkNTg1LzEvUXJwTmNHQTd1eEphVWRBR0VGNVpUUWVsdXdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8yMjZmMDQtZjdkYi00OTFhLWJhZmItZWU0MzVkM2NkNTg1
LzEvRHZYTEwxa05CQlpVOU5fYllLS1BtaFZFOUVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQCBT08AwQC
LYjEMAwDBAawYUADBAGwYUgDBACwYUsDBAG5V5QDBAC5hH0DBAC8dBYDBADDNqsw
DQYJKoZIhvcNAQELBQADggEBAAzBW2560iHJLTGmTYQjae6fe8EqGlAJaIFFkMr7
x90ED+Rlp6QXWggdygtr4HI47TA/5dV5wVrE5POOjDuSu3hPYELRHAOHFrY2wYXr
RK6xlB4cxetqAteGqbYG65U7J9HEm9fRhNNLz/6QJzdOH5C4oU9Wu6GpUkFd3MNn
cohZTYuGuJCq73FAbZfxyDcYJN68pJacfmOcm7dLQ6NXJmeyjR6zv6p/dTJRgfN1
yrQu/ixJDxZdUnn1q+8a1ld5H0WFRdIx5t4hHja2xnKlyj3gmyG/M5mdy/9CdtKO
CVwiLT3105B/CYIF/Q5NQkE2xQ3flrbES1Baop6551loWZo=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:35 2023 by rpki-client on console-ams.rpki-client.org