Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/qL2XErS_kFr31TDOKboAWkWBySo.roa
File: qL2XErS_kFr31TDOKboAWkWBySo.roa (raw, json)
Hash identifier: QLaG+yKgGuzHfoVahMFjEXvB/OZPsA0IJkfbZ2BNiNI=
Subject key identifier: A8:BD:97:12:B4:BF:90:5A:F7:D5:30:CE:29:BA:00:5A:45:81:C9:2A
Certificate issuer: /CN=70847f8221897d6e952e86ea2c339abaacc131f5
Certificate serial: A70684
Authority key identifier: 70:84:7F:82:21:89:7D:6E:95:2E:86:EA:2C:33:9A:BA:AC:C1:31:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cIR_giGJfW6VLobqLDOauqzBMfU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/qL2XErS_kFr31TDOKboAWkWBySo.roa
Signing time: Sat 01 Jan 2022 02:59:45 +0000
ROA not before: Sat 01 Jan 2022 02:59:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9051
IP address blocks: 185.38.28.0/22 maxlen: 24
185.95.252.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10946180 (0xa70684)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70847f8221897d6e952e86ea2c339abaacc131f5
Validity
Not Before: Jan 1 02:59:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a8bd9712b4bf905af7d530ce29ba005a4581c92a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c5:c9:dc:b4:03:e5:45:a7:8e:08:39:64:5c:
3f:2b:9f:2e:2a:92:5e:cb:fe:a2:1b:e7:86:b3:68:
77:28:dc:a9:ba:bb:e7:22:15:c7:22:c6:03:fd:92:
ed:b1:f7:65:49:c1:c3:d0:4e:0f:f2:95:be:2a:3b:
df:ae:61:3f:60:6a:04:9d:29:45:a1:8c:64:ae:24:
b0:ea:cb:ee:03:a0:e5:ad:fe:a8:9f:d2:f6:06:82:
19:0b:ee:6e:fc:b2:7c:ce:aa:a7:42:0c:e1:32:58:
ec:97:ef:a5:20:c4:36:3a:00:3f:ec:39:0d:2c:9a:
42:fa:1a:12:5b:1a:43:db:6b:f3:ab:a5:50:f5:bd:
83:24:23:8d:9e:2e:2c:a3:ee:d4:09:0a:3b:8e:ce:
ad:9b:d6:16:16:ec:e9:26:28:7a:5a:1c:1f:de:24:
4c:a7:41:46:d6:f5:a3:1d:2b:02:6e:01:5d:b8:b9:
c6:c1:92:5d:23:0a:85:2c:3a:0f:33:88:de:0f:1a:
36:03:35:e6:d5:c1:51:bd:22:cc:0d:f4:b6:0d:d1:
66:42:65:6a:60:4c:d4:30:da:f9:97:f3:c9:0d:52:
9a:5d:4a:1d:85:1a:76:2e:5c:2c:90:50:0c:ad:9f:
f1:04:71:96:d7:78:4b:67:3f:0e:ce:6c:a1:ca:09:
58:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:BD:97:12:B4:BF:90:5A:F7:D5:30:CE:29:BA:00:5A:45:81:C9:2A
X509v3 Authority Key Identifier:
keyid:70:84:7F:82:21:89:7D:6E:95:2E:86:EA:2C:33:9A:BA:AC:C1:31:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cIR_giGJfW6VLobqLDOauqzBMfU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/qL2XErS_kFr31TDOKboAWkWBySo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/cIR_giGJfW6VLobqLDOauqzBMfU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.38.28.0/22
185.95.252.0/22
Signature Algorithm: sha256WithRSAEncryption
42:b1:b1:52:f1:ce:00:e6:ff:31:40:59:ac:41:97:9f:cc:3e:
09:18:03:84:d0:ef:85:5a:49:7d:8d:4c:31:91:8d:bb:a9:97:
0a:85:4c:a0:a8:97:05:ea:68:66:45:61:f4:d6:8b:0c:19:47:
34:e7:e9:20:e8:9f:cc:ca:bf:48:2b:b8:76:37:87:18:a2:c0:
3f:d6:c0:47:63:60:3d:ab:a8:b7:e4:81:1c:86:1f:54:14:0b:
a2:97:e3:0f:cb:1f:40:53:33:40:b3:5d:e0:bd:c6:e9:ca:e7:
f3:6e:1a:ad:15:4b:62:cc:33:9b:f5:2c:81:09:6c:6f:dd:a7:
30:1e:ee:bf:91:c3:85:56:b3:12:69:34:83:0e:77:67:72:2a:
7a:a5:f0:de:a5:f6:4c:9b:2b:ee:aa:ed:71:a0:25:06:d7:1b:
7c:59:9a:91:8b:0a:08:1f:2a:fc:d4:65:e0:70:81:c0:29:47:
88:b6:58:44:f4:ce:f4:96:3d:6b:e7:fb:75:16:ca:b6:65:d1:
83:72:a7:18:4d:1c:97:05:51:20:15:7f:19:45:dd:8c:9d:cd:
bc:3b:9a:38:f6:4c:09:89:a8:59:b7:d8:ca:4d:c6:89:a8:5a:
f2:06:9c:e1:af:38:49:91:e0:cd:d1:63:ae:e5:fe:fb:f9:43:
79:1b:91:40
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAKcGhDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MDg0N2Y4MjIxODk3ZDZlOTUyZTg2ZWEyYzMzOWFiYWFjYzEzMWY1MB4XDTIyMDEw
MTAyNTk0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYThiZDk3MTJiNGJm
OTA1YWY3ZDUzMGNlMjliYTAwNWE0NTgxYzkyYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALLFydy0A+VFp44IOWRcPyufLiqSXsv+ohvnhrNodyjcqbq7
5yIVxyLGA/2S7bH3ZUnBw9BOD/KVvio7365hP2BqBJ0pRaGMZK4ksOrL7gOg5a3+
qJ/S9gaCGQvubvyyfM6qp0IM4TJY7JfvpSDENjoAP+w5DSyaQvoaElsaQ9tr86ul
UPW9gyQjjZ4uLKPu1AkKO47OrZvWFhbs6SYoelocH94kTKdBRtb1ox0rAm4BXbi5
xsGSXSMKhSw6DzOI3g8aNgM15tXBUb0izA30tg3RZkJlamBM1DDa+ZfzyQ1Sml1K
HYUadi5cLJBQDK2f8QRxltd4S2c/Ds5socoJWDkCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSovZcStL+QWvfVMM4pugBaRYHJKjAfBgNVHSMEGDAWgBRwhH+CIYl9bpUu
huosM5q6rMEx9TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NJUl9naUdKZlc2VkxvYnFMRE9hdXF6Qk1mVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTMvNzA2YzAzLTdkMzUtNDkxMy04YTE4LTZlODc4NGE3YWQwOS8x
L3FMMlhFclNfa0ZyMzFURE9LYm9BV2tXQnlTby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTMv
NzA2YzAzLTdkMzUtNDkxMy04YTE4LTZlODc4NGE3YWQwOS8xL2NJUl9naUdKZlc2
VkxvYnFMRE9hdXF6Qk1mVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArkmHAMEArlf/DANBgkqhkiG9w0B
AQsFAAOCAQEAQrGxUvHOAOb/MUBZrEGXn8w+CRgDhNDvhVpJfY1MMZGNu6mXCoVM
oKiXBepoZkVh9NaLDBlHNOfpIOifzMq/SCu4djeHGKLAP9bAR2NgPauot+SBHIYf
VBQLopfjD8sfQFMzQLNd4L3G6crn824arRVLYswzm/UsgQlsb92nMB7uv5HDhVaz
Emk0gw53Z3IqeqXw3qX2TJsr7qrtcaAlBtcbfFmakYsKCB8q/NRl4HCBwClHiLZY
RPTO9JY9a+f7dRbKtmXRg3KnGE0clwVRIBV/GUXdjJ3NvDuaOPZMCYmoWbfYyk3G
iaha8gac4a84SZHgzdFjruX++/lDeRuRQA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:12 2024 by rpki-client on console-fra.rpki-client.org