Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/d09fb0-9aa5-4b5a-8a4f-a237444af829/1/qoW8i2TKkixFIqaquS23KVgNfC8.roa
File: qoW8i2TKkixFIqaquS23KVgNfC8.roa (raw, json)
Hash identifier: TPvqK3VOasmcmCz/1Y1nI8pCjbeaOGiidwYtVLsantw=
Subject key identifier: AA:85:BC:8B:64:CA:92:2C:45:22:A6:AA:B9:2D:B7:29:58:0D:7C:2F
Certificate issuer: /CN=063badc7853b05100a6b224ddcefc18e2e7d3dd5
Certificate serial: 01841AC2E5D129E2FF81A009786A7F41BEA5
Authority key identifier: 06:3B:AD:C7:85:3B:05:10:0A:6B:22:4D:DC:EF:C1:8E:2E:7D:3D:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Bjutx4U7BRAKayJN3O_Bji59PdU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/d09fb0-9aa5-4b5a-8a4f-a237444af829/1/qoW8i2TKkixFIqaquS23KVgNfC8.roa
Signing time: Thu 27 Oct 2022 18:44:51 +0000
ROA not before: Thu 27 Oct 2022 18:44:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8387
IP address blocks: 92.61.208.0/20 maxlen: 24
185.49.176.0/22 maxlen: 24
212.166.96.0/19 maxlen: 24
212.31.64.0/19 maxlen: 24
193.162.45.0/24 maxlen: 24
212.166.108.0/24 maxlen: 24
212.166.122.0/23 maxlen: 23
46.17.224.0/21 maxlen: 24
2a10:f8c0::/29 maxlen: 48
2001:9d0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:1a:c2:e5:d1:29:e2:ff:81:a0:09:78:6a:7f:41:be:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=063badc7853b05100a6b224ddcefc18e2e7d3dd5
Validity
Not Before: Oct 27 18:44:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aa85bc8b64ca922c4522a6aab92db729580d7c2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:69:7b:6a:89:e9:87:d9:0b:61:4b:e5:5b:80:
f3:76:af:0a:3e:88:74:34:ed:04:ab:56:f8:bc:5d:
f9:0e:ab:e5:a6:75:88:67:d5:1d:54:9a:21:95:66:
14:35:85:f6:cb:8a:9f:ba:79:d2:24:ea:f5:ae:da:
6a:d9:33:3e:9b:de:68:a5:5d:f1:75:f9:a1:6a:fc:
4d:d1:1c:c4:3e:fb:a1:5e:50:23:38:d6:dc:ef:a7:
bb:16:ff:60:cb:f4:54:a2:f1:01:f4:6b:57:31:fd:
8a:63:7e:e7:12:e2:30:c5:1c:f1:c8:30:c8:4d:d2:
34:47:59:4c:32:7b:1b:4b:d8:f9:5d:40:47:aa:41:
6a:64:01:c4:90:0a:4f:09:90:f0:8e:d3:59:66:43:
1b:2d:66:31:91:3e:f9:e7:04:5d:ec:e8:f8:ec:0f:
bb:7f:ec:7b:88:7f:e1:c9:17:b7:b7:cf:57:49:93:
ad:bc:cb:05:34:50:ab:33:0c:ff:62:01:c1:73:cf:
58:7d:95:2d:d8:b9:c8:f9:ad:4f:d9:09:11:1e:b9:
ee:e9:7a:f3:1d:a0:df:08:35:ce:51:ae:e2:7d:4b:
a7:5d:32:9d:f9:73:6b:f8:48:d6:60:78:1a:f3:94:
64:64:59:95:59:19:e1:96:3c:e8:46:de:67:ec:b5:
61:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:85:BC:8B:64:CA:92:2C:45:22:A6:AA:B9:2D:B7:29:58:0D:7C:2F
X509v3 Authority Key Identifier:
keyid:06:3B:AD:C7:85:3B:05:10:0A:6B:22:4D:DC:EF:C1:8E:2E:7D:3D:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bjutx4U7BRAKayJN3O_Bji59PdU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/d09fb0-9aa5-4b5a-8a4f-a237444af829/1/qoW8i2TKkixFIqaquS23KVgNfC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/d09fb0-9aa5-4b5a-8a4f-a237444af829/1/Bjutx4U7BRAKayJN3O_Bji59PdU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.17.224.0/21
92.61.208.0/20
185.49.176.0/22
193.162.45.0/24
212.31.64.0/19
212.166.96.0/19
IPv6:
2001:9d0::/32
2a10:f8c0::/29
Signature Algorithm: sha256WithRSAEncryption
8f:7a:3a:48:79:f6:89:57:0b:24:b3:ae:2d:3b:06:f7:74:e6:
d2:54:5b:ce:8a:7d:b9:24:99:99:d0:5d:b8:0e:3c:2a:04:e3:
de:43:0b:11:25:98:24:a8:9c:03:f4:23:75:ba:e2:55:87:1f:
bf:54:e6:8c:ee:a5:a0:3e:88:e8:bb:6e:bd:52:e6:ff:d2:75:
34:cd:5c:db:14:6b:2c:33:be:53:12:2c:e6:04:9c:fc:32:3e:
24:21:78:55:9c:f8:43:2c:d0:e5:2f:28:c3:f4:fb:1e:76:ee:
9a:0f:a4:7c:06:b0:fa:8c:f3:82:cb:dd:91:fb:70:7c:b5:ca:
76:89:f6:34:15:82:4f:60:ad:c9:61:77:ce:7e:60:35:97:38:
af:8d:4f:b3:61:9a:2a:31:8d:75:69:4d:98:d0:53:23:1d:3e:
ef:b6:8c:d3:d4:77:6b:d5:48:2c:b6:f9:ed:7e:b1:ee:1a:23:
4f:ad:ae:4a:9c:7c:53:e6:80:ad:73:74:15:16:96:f6:c5:60:
f7:d1:24:bc:71:c2:b8:af:d4:eb:9d:8e:a3:95:a5:4b:79:0d:
cd:98:50:34:50:a4:74:ab:b8:eb:97:80:c4:c5:0a:12:b5:54:
c7:e7:e1:71:4a:f0:24:70:2a:f0:57:20:44:0c:41:9c:71:55:
94:26:58:e2
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYQawuXRKeL/gaAJeGp/Qb6lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2M2JhZGM3ODUzYjA1MTAwYTZiMjI0ZGRjZWZjMThlMmU3
ZDNkZDUwHhcNMjIxMDI3MTg0NDUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTg1YmM4YjY0Y2E5MjJjNDUyMmE2YWFiOTJkYjcyOTU4MGQ3YzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWl7aonph9kLYUvlW4Dzdq8KPoh0
NO0Eq1b4vF35DqvlpnWIZ9UdVJohlWYUNYX2y4qfunnSJOr1rtpq2TM+m95opV3x
dfmhavxN0RzEPvuhXlAjONbc76e7Fv9gy/RUovEB9GtXMf2KY37nEuIwxRzxyDDI
TdI0R1lMMnsbS9j5XUBHqkFqZAHEkApPCZDwjtNZZkMbLWYxkT755wRd7Oj47A+7
f+x7iH/hyRe3t89XSZOtvMsFNFCrMwz/YgHBc89YfZUt2LnI+a1P2QkRHrnu6Xrz
HaDfCDXOUa7ifUunXTKd+XNr+EjWYHga85RkZFmVWRnhljzoRt5n7LVhWwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFKqFvItkypIsRSKmqrkttylYDXwvMB8GA1UdIwQY
MBaAFAY7rceFOwUQCmsiTdzvwY4ufT3VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmp1dHg0VTdCUkFLYXlKTjNPX0JqaTU5UGRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9kMDlmYjAtOWFhNS00YjVhLThhNGYt
YTIzNzQ0NGFmODI5LzEvcW9XOGkyVEtraXhGSXFhcXVTMjNLVmdOZkM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9kMDlmYjAtOWFhNS00YjVhLThhNGYtYTIzNzQ0NGFmODI5
LzEvQmp1dHg0VTdCUkFLYXlKTjNPX0JqaTU5UGRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQDLhHgAwQE
XD3QAwQCuTGwAwQAwaItAwQF1B9AAwQF1KZgMBQEAgACMA4DBQAgAQnQAwUDKhD4
wDANBgkqhkiG9w0BAQsFAAOCAQEAj3o6SHn2iVcLJLOuLTsG93Tm0lRbzop9uSSZ
mdBduA48KgTj3kMLESWYJKicA/QjdbriVYcfv1TmjO6loD6I6LtuvVLm/9J1NM1c
2xRrLDO+UxIs5gSc/DI+JCF4VZz4QyzQ5S8ow/T7Hnbumg+kfAaw+ozzgsvdkftw
fLXKdon2NBWCT2CtyWF3zn5gNZc4r41Ps2GaKjGNdWlNmNBTIx0+77aM09R3a9VI
LLb57X6x7hojT62uSpx8U+aArXN0FRaW9sVg99EkvHHCuK/U652Oo5WlS3kNzZhQ
NFCkdKu465eAxMUKErVUx+fhcUrwJHAq8FcgRAxBnHFVlCZY4g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:55 2024 by rpki-client on console-fra.rpki-client.org