Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/99be4d-f8ec-4430-a9cd-7e12b87d06c2/1/qjfaxdHW87vsJJmu1X5lUS6k0rI.roa
File: qjfaxdHW87vsJJmu1X5lUS6k0rI.roa (raw, json)
Hash identifier: eXNgxF8+zWCumIvoY5tmkFPGhz/+vznz3RqBzPcxJ3E=
Subject key identifier: AA:37:DA:C5:D1:D6:F3:BB:EC:24:99:AE:D5:7E:65:51:2E:A4:D2:B2
Certificate issuer: /CN=30f8e2c0c87e93799e23284f36b8615db78783ab
Certificate serial: 0534208B
Authority key identifier: 30:F8:E2:C0:C8:7E:93:79:9E:23:28:4F:36:B8:61:5D:B7:87:83:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MPjiwMh-k3meIyhPNrhhXbeHg6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/99be4d-f8ec-4430-a9cd-7e12b87d06c2/1/qjfaxdHW87vsJJmu1X5lUS6k0rI.roa
Signing time: Sat 01 Jan 2022 06:06:03 +0000
ROA not before: Sat 01 Jan 2022 06:06:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206420
IP address blocks: 185.212.12.0/22 maxlen: 22
185.186.248.0/22 maxlen: 22
2a0b:70c0::/32 maxlen: 32
2a0b:8c80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87302283 (0x534208b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30f8e2c0c87e93799e23284f36b8615db78783ab
Validity
Not Before: Jan 1 06:06:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aa37dac5d1d6f3bbec2499aed57e65512ea4d2b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:d9:9a:21:ca:3a:c6:1a:0b:a8:12:ec:9c:0f:
27:76:3a:a9:0f:fe:c4:bd:c2:9c:0f:9a:c7:f7:6e:
e5:e0:49:df:3a:c1:bf:c4:b3:75:81:5c:2e:38:1a:
f7:a8:96:2c:90:f7:e9:97:5e:5f:6f:39:d8:6e:17:
0c:38:58:53:7b:8e:77:f4:8d:e0:12:33:22:8d:30:
af:28:bb:64:7f:e6:49:f3:82:0d:7b:52:51:43:3a:
45:42:2a:e1:f3:84:e7:9a:80:c6:04:47:1a:a2:70:
53:6e:99:63:b4:1c:fd:21:af:58:b9:2c:76:7e:d6:
53:4f:46:81:0e:25:e5:ab:90:10:37:c3:a4:17:3f:
b7:d3:95:86:13:5b:2c:5d:e4:e2:33:85:9c:fc:03:
8b:68:98:45:c2:da:b6:28:a3:be:6e:5f:1b:b0:35:
f0:60:a6:60:56:46:fd:0d:56:af:54:09:64:48:77:
7a:67:2f:d5:1e:40:3d:72:1d:4a:96:9e:87:76:1c:
f0:60:f9:d9:5c:04:19:9b:53:97:96:5e:d5:d2:7e:
40:c5:08:bc:b4:08:c8:11:f1:a1:a3:f4:1f:50:38:
28:28:17:ad:f9:63:3b:fb:41:ba:5f:de:82:c3:32:
a2:ed:9c:5b:61:54:4c:96:b8:f6:af:69:4a:27:4f:
97:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:37:DA:C5:D1:D6:F3:BB:EC:24:99:AE:D5:7E:65:51:2E:A4:D2:B2
X509v3 Authority Key Identifier:
keyid:30:F8:E2:C0:C8:7E:93:79:9E:23:28:4F:36:B8:61:5D:B7:87:83:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MPjiwMh-k3meIyhPNrhhXbeHg6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/99be4d-f8ec-4430-a9cd-7e12b87d06c2/1/qjfaxdHW87vsJJmu1X5lUS6k0rI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/99be4d-f8ec-4430-a9cd-7e12b87d06c2/1/MPjiwMh-k3meIyhPNrhhXbeHg6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.186.248.0/22
185.212.12.0/22
IPv6:
2a0b:70c0::/32
2a0b:8c80::/29
Signature Algorithm: sha256WithRSAEncryption
69:e7:c2:43:c9:6b:9a:b7:8e:e4:76:9d:88:fd:ff:bd:4b:85:
56:52:68:66:80:d7:f1:f1:3a:41:fc:02:b5:53:89:31:1d:59:
25:75:9e:06:8c:98:30:0a:29:60:7c:b7:01:ae:67:7f:26:54:
56:95:c0:15:3e:a1:b6:83:f5:ef:f7:56:8e:eb:4a:6a:b7:5d:
06:65:c0:3e:10:71:a2:ea:f3:11:4a:db:13:af:e4:3d:83:d1:
52:9c:3a:61:38:59:78:81:7a:e6:75:4a:54:de:74:41:54:76:
01:57:00:37:30:b8:b5:72:f1:5f:bb:6a:2d:da:c9:9b:61:56:
4c:2f:f0:09:cb:a4:4e:b2:f2:9e:4b:e3:3a:e3:58:b5:87:35:
03:89:b4:95:f2:d8:76:77:a1:d4:cc:8b:52:f7:59:5d:1c:56:
fd:1b:d7:65:5d:c7:79:f0:87:eb:59:29:40:6a:9f:b7:d5:c5:
fe:bb:6d:bf:76:ba:83:ae:12:ed:69:fb:43:c2:23:c5:82:3c:
4c:59:0b:1e:21:36:02:56:61:9b:e2:41:de:50:cb:95:0b:49:
e2:70:f3:d3:44:2b:40:a6:69:fd:10:da:bd:27:32:b4:c7:ec:
1d:c5:7c:bd:66:64:2d:ea:7f:24:76:2c:d6:4d:69:9f:a5:b9:
87:36:9c:5c
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIEBTQgizANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MGY4ZTJjMGM4N2U5Mzc5OWUyMzI4NGYzNmI4NjE1ZGI3ODc4M2FiMB4XDTIyMDEw
MTA2MDYwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWEzN2RhYzVkMWQ2
ZjNiYmVjMjQ5OWFlZDU3ZTY1NTEyZWE0ZDJiMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJrZmiHKOsYaC6gS7JwPJ3Y6qQ/+xL3CnA+ax/du5eBJ3zrB
v8SzdYFcLjga96iWLJD36ZdeX2852G4XDDhYU3uOd/SN4BIzIo0wryi7ZH/mSfOC
DXtSUUM6RUIq4fOE55qAxgRHGqJwU26ZY7Qc/SGvWLksdn7WU09GgQ4l5auQEDfD
pBc/t9OVhhNbLF3k4jOFnPwDi2iYRcLatiijvm5fG7A18GCmYFZG/Q1Wr1QJZEh3
emcv1R5APXIdSpaeh3Yc8GD52VwEGZtTl5Ze1dJ+QMUIvLQIyBHxoaP0H1A4KCgX
rfljO/tBul/egsMyou2cW2FUTJa49q9pSidPlzkCAwEAAaOCAiUwggIhMB0GA1Ud
DgQWBBSqN9rF0dbzu+wkma7VfmVRLqTSsjAfBgNVHSMEGDAWgBQw+OLAyH6TeZ4j
KE82uGFdt4eDqzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01Qaml3TWgtazNtZUl5aFBOcmhoWGJlSGc2cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWIvOTliZTRkLWY4ZWMtNDQzMC1hOWNkLTdlMTJiODdkMDZjMi8x
L3FqZmF4ZEhXODd2c0pKbXUxWDVsVVM2azBySS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWIv
OTliZTRkLWY4ZWMtNDQzMC1hOWNkLTdlMTJiODdkMDZjMi8xL01Qaml3TWgtazNt
ZUl5aFBOcmhoWGJlSGc2cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA7
BggrBgEFBQcBBwEB/wQsMCowEgQCAAEwDAMEArm6+AMEArnUDDAUBAIAAjAOAwUA
KgtwwAMFAyoLjIAwDQYJKoZIhvcNAQELBQADggEBAGnnwkPJa5q3juR2nYj9/71L
hVZSaGaA1/HxOkH8ArVTiTEdWSV1ngaMmDAKKWB8twGuZ38mVFaVwBU+obaD9e/3
Vo7rSmq3XQZlwD4QcaLq8xFK2xOv5D2D0VKcOmE4WXiBeuZ1SlTedEFUdgFXADcw
uLVy8V+7ai3ayZthVkwv8AnLpE6y8p5L4zrjWLWHNQOJtJXy2HZ3odTMi1L3WV0c
Vv0b12Vdx3nwh+tZKUBqn7fVxf67bb92uoOuEu1p+0PCI8WCPExZCx4hNgJWYZvi
Qd5Qy5ULSeJw89NEK0Cmaf0Q2r0nMrTH7B3FfL1mZC3qfyR2LNZNaZ+luYc2nFw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:46 2024 by rpki-client on console-ams.rpki-client.org