Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/15e53d-70b0-4268-9124-4b01d63e795c/1/qlzQIAVElPbJfmEe5reUbBsQw6Q.roa
File: qlzQIAVElPbJfmEe5reUbBsQw6Q.roa (raw, json)
Hash identifier: JbGv9WEMnyb3bwyqMaz2RSbMkUs7m9mWmSu927BLL9E=
Subject key identifier: AA:5C:D0:20:05:44:94:F6:C9:7E:61:1E:E6:B7:94:6C:1B:10:C3:A4
Certificate issuer: /CN=5e7fd9586f9ccb0fb4487b208cdf4675e5bbf330
Certificate serial: 03670A3F
Authority key identifier: 5E:7F:D9:58:6F:9C:CB:0F:B4:48:7B:20:8C:DF:46:75:E5:BB:F3:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xn_ZWG-cyw-0SHsgjN9GdeW78zA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/15e53d-70b0-4268-9124-4b01d63e795c/1/qlzQIAVElPbJfmEe5reUbBsQw6Q.roa
Signing time: Sat 01 Jan 2022 02:58:49 +0000
ROA not before: Sat 01 Jan 2022 02:58:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9208
IP address blocks: 185.205.232.0/22 maxlen: 24
212.166.0.0/18 maxlen: 24
2a01:5a00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57084479 (0x3670a3f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e7fd9586f9ccb0fb4487b208cdf4675e5bbf330
Validity
Not Before: Jan 1 02:58:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aa5cd020054494f6c97e611ee6b7946c1b10c3a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:f3:1e:e7:ff:47:03:cf:c5:5d:5a:78:b4:21:
96:3e:03:11:26:d8:13:92:e1:ff:49:a2:e3:ec:6d:
64:fa:32:8e:47:ee:bd:40:36:27:b5:41:a8:65:ad:
99:4c:fa:c1:59:b5:3f:f4:f3:e2:de:8a:d1:31:77:
1d:41:81:8c:67:38:9c:7f:18:e9:51:bd:a0:3b:69:
72:95:ac:bb:f0:21:e9:32:1f:89:bc:1e:84:ae:59:
4d:b9:26:e5:65:15:8c:44:0f:f7:10:02:4b:e6:6e:
f1:35:32:83:a6:5b:f0:0a:5e:de:21:18:6a:d9:51:
d1:db:3d:10:47:25:7a:03:0b:40:fd:03:13:c8:9c:
be:09:20:ee:22:05:57:92:ef:07:43:57:ac:82:37:
5f:14:45:1e:99:9a:aa:48:a2:9c:e2:81:6e:d8:da:
cd:e8:18:ff:17:05:d3:09:72:71:f5:e1:d1:cb:58:
a8:f2:2f:d7:17:e3:15:ed:28:65:04:5a:00:0a:3a:
6b:c5:93:b5:69:51:6e:e3:b6:8b:8d:7b:ba:2e:ff:
66:31:8f:2b:7c:06:a5:81:8e:9b:3c:00:45:20:9d:
cd:f8:3a:13:33:74:b4:cc:09:e0:76:2c:dc:ac:7b:
8c:12:bc:2d:5e:09:92:87:d1:9f:70:01:90:25:82:
e1:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:5C:D0:20:05:44:94:F6:C9:7E:61:1E:E6:B7:94:6C:1B:10:C3:A4
X509v3 Authority Key Identifier:
keyid:5E:7F:D9:58:6F:9C:CB:0F:B4:48:7B:20:8C:DF:46:75:E5:BB:F3:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xn_ZWG-cyw-0SHsgjN9GdeW78zA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/15e53d-70b0-4268-9124-4b01d63e795c/1/qlzQIAVElPbJfmEe5reUbBsQw6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/15e53d-70b0-4268-9124-4b01d63e795c/1/Xn_ZWG-cyw-0SHsgjN9GdeW78zA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.205.232.0/22
212.166.0.0/18
IPv6:
2a01:5a00::/32
Signature Algorithm: sha256WithRSAEncryption
62:0a:80:6f:a2:10:83:50:37:ac:29:02:9b:08:ac:f6:6c:cb:
0d:d9:32:7d:8a:aa:ce:f5:35:e1:f2:c1:be:88:63:e0:d4:14:
29:10:59:e5:ca:87:06:9d:28:7c:66:e2:8f:c0:26:f7:9a:30:
05:68:fe:7f:65:1e:f6:fa:fc:70:e0:6a:7b:53:36:89:c5:e2:
f2:47:0b:be:87:15:11:16:86:fb:47:b4:4f:a6:da:cd:ac:7a:
cc:7a:cd:e7:ec:c7:37:29:d4:e6:87:13:77:64:ce:71:b3:bb:
12:eb:e8:29:11:bf:c5:d7:e3:b5:c2:f5:d5:91:7e:6a:d9:51:
a2:c5:6e:b4:e7:67:b9:e3:8e:ef:77:ae:f6:98:3b:9d:1b:19:
4e:8f:b3:d2:b9:ae:09:28:37:e8:20:35:f7:d2:ec:0f:51:5b:
0f:dc:32:c9:5f:7e:31:84:28:32:0d:cd:b6:ec:a5:f4:5d:41:
05:b8:7f:6a:bc:c7:7a:22:f5:84:01:96:69:cd:3f:a6:62:44:
3f:fb:7b:bf:ae:54:89:e5:b9:27:e6:bd:c0:25:57:65:c1:6e:
48:64:dc:24:6e:69:0a:9a:25:94:36:8d:10:c6:8d:d5:be:e1:
7d:39:d3:2b:52:d0:0d:6e:0b:d2:de:d7:dd:ca:60:ca:c8:93:
aa:71:e5:28
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEA2cKPzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZTdmZDk1ODZmOWNjYjBmYjQ0ODdiMjA4Y2RmNDY3NWU1YmJmMzMwMB4XDTIyMDEw
MTAyNTg0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWE1Y2QwMjAwNTQ0
OTRmNmM5N2U2MTFlZTZiNzk0NmMxYjEwYzNhNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALXzHuf/RwPPxV1aeLQhlj4DESbYE5Lh/0mi4+xtZPoyjkfu
vUA2J7VBqGWtmUz6wVm1P/Tz4t6K0TF3HUGBjGc4nH8Y6VG9oDtpcpWsu/Ah6TIf
ibwehK5ZTbkm5WUVjEQP9xACS+Zu8TUyg6Zb8Ape3iEYatlR0ds9EEclegMLQP0D
E8icvgkg7iIFV5LvB0NXrII3XxRFHpmaqkiinOKBbtjazegY/xcF0wlycfXh0ctY
qPIv1xfjFe0oZQRaAAo6a8WTtWlRbuO2i417ui7/ZjGPK3wGpYGOmzwARSCdzfg6
EzN0tMwJ4HYs3Kx7jBK8LV4JkofRn3ABkCWC4UcCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSqXNAgBUSU9sl+YR7mt5RsGxDDpDAfBgNVHSMEGDAWgBRef9lYb5zLD7RI
eyCM30Z15bvzMDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1huX1pXRy1jeXctMFNIc2dqTjlHZGVXNzh6QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTQvMTVlNTNkLTcwYjAtNDI2OC05MTI0LTRiMDFkNjNlNzk1Yy8x
L3FselFJQVZFbFBiSmZtRWU1cmVVYkJzUXc2US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTQv
MTVlNTNkLTcwYjAtNDI2OC05MTI0LTRiMDFkNjNlNzk1Yy8xL1huX1pXRy1jeXct
MFNIc2dqTjlHZGVXNzh6QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEArnN6AMEBtSmADANBAIAAjAHAwUA
KgFaADANBgkqhkiG9w0BAQsFAAOCAQEAYgqAb6IQg1A3rCkCmwis9mzLDdkyfYqq
zvU14fLBvohj4NQUKRBZ5cqHBp0ofGbij8Am95owBWj+f2Ue9vr8cOBqe1M2icXi
8kcLvocVERaG+0e0T6bazax6zHrN5+zHNynU5ocTd2TOcbO7EuvoKRG/xdfjtcL1
1ZF+atlRosVutOdnueOO73eu9pg7nRsZTo+z0rmuCSg36CA199LsD1FbD9wyyV9+
MYQoMg3Ntuyl9F1BBbh/arzHeiL1hAGWac0/pmJEP/t7v65UieW5J+a9wCVXZcFu
SGTcJG5pCpollDaNEMaN1b7hfTnTK1LQDW4L0t7X3cpgysiTqnHlKA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:17 2025 by rpki-client