Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/qvENPc6v-okSsfw-NU0bcZoox1w.roa
File: qvENPc6v-okSsfw-NU0bcZoox1w.roa (raw, json)
Hash identifier: MnuZMf4d2a0kyXjZZDQjxtqW/AtKZtR8ibfDf2PSCBE=
Subject key identifier: AA:F1:0D:3D:CE:AF:FA:89:12:B1:FC:3E:35:4D:1B:71:9A:28:C7:5C
Certificate issuer: /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial: 1030CB3C
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/qvENPc6v-okSsfw-NU0bcZoox1w.roa
Signing time: Wed 19 Jan 2022 12:52:52 +0000
ROA not before: Wed 19 Jan 2022 12:52:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210554
IP address blocks: 185.197.133.0/24 maxlen: 32
2a06:e881:8707::/48 maxlen: 128
2a06:e881:870c::/48 maxlen: 128
2a06:e881:870d::/48 maxlen: 128
2a06:e881:8702::/48 maxlen: 128
2a06:e881:8703::/48 maxlen: 128
2a06:e881:8708::/48 maxlen: 128
2a06:e881:8709::/48 maxlen: 128
2a06:e881:870e::/48 maxlen: 128
2a06:e881:870f::/48 maxlen: 128
2a06:e881:8704::/48 maxlen: 128
2a06:e881:870a::/48 maxlen: 128
2a06:e881:870b::/48 maxlen: 128
2a06:e881:8700::/48 maxlen: 128
2a06:e881:8701::/48 maxlen: 128
2a06:e881:8706::/48 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 271633212 (0x1030cb3c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Validity
Not Before: Jan 19 12:52:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aaf10d3dceaffa8912b1fc3e354d1b719a28c75c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:f0:07:21:cf:96:67:00:2b:e7:ce:e4:8a:20:
6e:af:5f:86:cc:11:0f:4a:f5:a9:5b:48:57:fb:ff:
e8:cc:26:d4:1b:ba:54:8d:7f:13:12:fa:3c:8a:e3:
b5:c4:ef:d3:74:11:1a:6e:e1:7a:1c:6a:41:ca:78:
29:e3:0f:00:cf:b2:fb:78:60:d3:eb:cc:6b:c6:ae:
96:9b:a9:55:26:e5:01:3b:d6:0e:8f:b0:2f:3e:bf:
5e:b0:fe:ad:4d:c9:91:41:8e:d1:62:c5:1d:cf:dc:
d6:cf:0c:93:6a:05:2a:34:73:60:8e:47:bd:7b:08:
8b:6b:41:b2:1e:59:00:06:21:b3:58:69:e4:52:ad:
da:f2:25:06:dc:3b:e5:80:7e:1b:70:d0:61:77:06:
22:2c:9e:38:b3:36:51:7f:47:2c:1d:17:3c:9c:6e:
f5:bb:fd:20:98:17:ed:9e:0d:e1:40:2a:8e:93:c5:
0b:4b:2a:81:73:96:af:76:9b:a1:e4:cd:54:e7:29:
1e:1b:ed:48:ef:4e:73:fa:d9:53:dd:d8:45:5f:5b:
ba:91:09:b1:55:37:10:6e:25:43:50:92:31:85:37:
ad:af:9d:cd:34:65:be:7d:e7:8f:74:63:dc:f8:4c:
ff:f2:b9:c6:d4:52:e1:76:f8:4a:ab:9a:39:39:e5:
34:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:F1:0D:3D:CE:AF:FA:89:12:B1:FC:3E:35:4D:1B:71:9A:28:C7:5C
X509v3 Authority Key Identifier:
keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/qvENPc6v-okSsfw-NU0bcZoox1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.197.133.0/24
IPv6:
2a06:e881:8700::-2a06:e881:8704:ffff:ffff:ffff:ffff:ffff
2a06:e881:8706::-2a06:e881:870f:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
00:0a:59:e6:b8:79:3e:bd:e2:27:79:a5:21:d4:0b:ce:33:c0:
73:4b:67:be:02:72:43:4f:c2:1a:9f:0d:68:23:ca:1e:38:e8:
56:16:63:41:79:b6:03:c9:0d:a7:31:58:c4:40:04:8d:fb:fc:
0b:df:f7:19:7d:f8:c0:36:07:59:50:e4:13:b4:6f:4e:85:b6:
f2:9b:4a:d3:9b:5a:d1:0b:98:fb:48:9b:c7:0f:f4:9b:0c:4f:
90:fe:98:0b:87:bc:4b:02:dd:db:bf:b4:79:68:03:bb:32:66:
d4:c6:c0:b9:42:57:1f:64:26:89:d8:b9:b1:28:12:60:77:48:
b1:5d:50:4f:3a:22:e4:bb:7c:e3:3d:6d:74:ca:41:9e:21:b8:
68:72:f9:7d:06:ab:9c:bd:6c:b5:15:f9:35:9d:67:5f:c5:64:
67:90:d1:50:93:64:54:21:d3:f9:d6:53:41:96:92:ae:6d:73:
6d:8f:f0:96:34:af:30:8d:a6:44:9d:e4:c9:39:08:cc:4c:c6:
3c:46:e3:a8:c2:a0:ac:40:1e:9c:66:62:3e:68:f0:10:a2:8d:
b0:40:74:a8:31:9f:aa:29:6d:9d:78:62:36:38:80:08:f9:6d:
4a:de:b4:bc:7f:6e:45:1b:07:90:23:7c:8d:d9:50:d6:22:9d:
c6:47:4c:4d
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIEEDDLPDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ODA3NGI0MTllYWQ0Y2VmZWEyZjJhZDJjMjU5ZDk3OGM1ZWQ3OTU0MB4XDTIyMDEx
OTEyNTI1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWFmMTBkM2RjZWFm
ZmE4OTEyYjFmYzNlMzU0ZDFiNzE5YTI4Yzc1YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMPwByHPlmcAK+fO5Iogbq9fhswRD0r1qVtIV/v/6Mwm1Bu6
VI1/ExL6PIrjtcTv03QRGm7hehxqQcp4KeMPAM+y+3hg0+vMa8aulpupVSblATvW
Do+wLz6/XrD+rU3JkUGO0WLFHc/c1s8Mk2oFKjRzYI5HvXsIi2tBsh5ZAAYhs1hp
5FKt2vIlBtw75YB+G3DQYXcGIiyeOLM2UX9HLB0XPJxu9bv9IJgX7Z4N4UAqjpPF
C0sqgXOWr3aboeTNVOcpHhvtSO9Oc/rZU93YRV9bupEJsVU3EG4lQ1CSMYU3ra+d
zTRlvn3nj3Rj3PhM//K5xtRS4Xb4SquaOTnlNN8CAwEAAaOCAjgwggI0MB0GA1Ud
DgQWBBSq8Q09zq/6iRKx/D41TRtxmijHXDAfBgNVHSMEGDAWgBS4B0tBnq1M7+ov
KtLCWdl4xe15VDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VBZExRWjZ0VE9fcUx5clN3bG5aZU1YdGVWUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWIvMWU0M2U0LWQwNmUtNGE1NS1iZGI2LTNkOTFlZGU1YjJiMS8x
L3F2RU5QYzZ2LW9rU3Nmdy1OVTBiY1pvb3gxdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWIv
MWU0M2U0LWQwNmUtNGE1NS1iZGI2LTNkOTFlZGU1YjJiMS8xL3VBZExRWjZ0VE9f
cUx5clN3bG5aZU1YdGVWUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBO
BggrBgEFBQcBBwEB/wQ/MD0wDAQCAAEwBgMEALnFhTAtBAIAAjAnMBEDBgAqBuiB
hwMHACoG6IGHBDASAwcBKgbogYcGAwcEKgbogYcAMA0GCSqGSIb3DQEBCwUAA4IB
AQAAClnmuHk+veIneaUh1AvOM8BzS2e+AnJDT8Ianw1oI8oeOOhWFmNBebYDyQ2n
MVjEQASN+/wL3/cZffjANgdZUOQTtG9Ohbbym0rTm1rRC5j7SJvHD/SbDE+Q/pgL
h7xLAt3bv7R5aAO7MmbUxsC5QlcfZCaJ2LmxKBJgd0ixXVBPOiLku3zjPW10ykGe
Ibhocvl9BqucvWy1Ffk1nWdfxWRnkNFQk2RUIdP51lNBlpKubXNtj/CWNK8wjaZE
neTJOQjMTMY8RuOowqCsQB6cZmI+aPAQoo2wQHSoMZ+qKW2deGI2OIAI+W1K3rS8
f25FGweQI3yN2VDWIp3GR0xN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:38 2024 by rpki-client on console-fra.rpki-client.org