Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/bd7a93-c9e4-42b6-a5c6-d35c54f14dbe/1/Qv_ADEj48yT-S1asmk3X-EYoCh0.roa
File: Qv_ADEj48yT-S1asmk3X-EYoCh0.roa (raw, json)
Hash identifier: p9xxVcKfYoZS8fIqAdyQixt0WAxQ69DoDoUIOBmUhF4=
Subject key identifier: 42:FF:C0:0C:48:F8:F3:24:FE:4B:56:AC:9A:4D:D7:F8:46:28:0A:1D
Certificate issuer: /CN=26bbed788e29f8406b2bdc8dddeeb7d4ec4b833e
Certificate serial: 055CA440
Authority key identifier: 26:BB:ED:78:8E:29:F8:40:6B:2B:DC:8D:DD:EE:B7:D4:EC:4B:83:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JrvteI4p-EBrK9yN3e631OxLgz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/bd7a93-c9e4-42b6-a5c6-d35c54f14dbe/1/Qv_ADEj48yT-S1asmk3X-EYoCh0.roa
Signing time: Sat 01 Jan 2022 13:03:51 +0000
ROA not before: Sat 01 Jan 2022 13:03:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21415
IP address blocks: 178.169.142.0/24 maxlen: 24
178.169.143.0/24 maxlen: 24
109.121.255.0/24 maxlen: 24
109.121.254.0/24 maxlen: 24
178.169.165.0/24 maxlen: 24
178.169.162.0/24 maxlen: 24
178.169.169.0/24 maxlen: 24
109.121.192.0/24 maxlen: 24
109.121.203.0/24 maxlen: 24
109.121.202.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89957440 (0x55ca440)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26bbed788e29f8406b2bdc8dddeeb7d4ec4b833e
Validity
Not Before: Jan 1 13:03:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=42ffc00c48f8f324fe4b56ac9a4dd7f846280a1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b3:81:ce:7d:a6:66:d7:b0:c6:23:a0:14:77:
94:7e:fe:ac:1a:09:88:1c:f5:1d:c3:06:ad:c0:4b:
a0:d1:0d:65:c5:a7:de:34:4f:89:38:06:6b:33:f8:
3f:86:a2:ab:18:63:f0:06:6c:87:de:e3:02:42:b7:
8f:d3:54:36:27:59:52:6d:08:28:b6:18:b6:03:d5:
c3:cf:94:85:1f:40:5f:0d:b0:fb:3b:10:ef:e7:d3:
f1:b5:b1:77:80:4b:96:13:ac:e1:de:58:61:95:4a:
45:ec:ed:b0:a9:c8:c2:b6:93:d9:25:ba:a2:90:b0:
ee:cd:33:c7:c1:b0:bd:9a:24:ce:c8:c3:0a:6e:e9:
6c:fc:22:9d:08:5a:bd:c9:1a:dd:85:f2:ce:95:eb:
b4:6d:00:29:85:1f:6a:f7:26:44:23:8b:d6:ab:2c:
84:cf:c4:4c:db:5b:e1:42:1c:cb:65:fc:b6:26:b1:
fe:24:e7:81:bc:92:13:cb:c8:30:b6:5b:4d:cf:3e:
d6:1a:4d:6f:95:01:10:98:ab:19:b8:f0:ac:76:8e:
c4:a9:de:24:87:21:6f:3d:2d:9b:ed:8d:c0:23:67:
ec:01:8b:bd:6e:58:c5:16:f4:86:1d:62:d2:bd:30:
cd:37:9f:2c:f0:9f:87:3c:6c:68:43:ce:a1:eb:e5:
d4:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:FF:C0:0C:48:F8:F3:24:FE:4B:56:AC:9A:4D:D7:F8:46:28:0A:1D
X509v3 Authority Key Identifier:
keyid:26:BB:ED:78:8E:29:F8:40:6B:2B:DC:8D:DD:EE:B7:D4:EC:4B:83:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JrvteI4p-EBrK9yN3e631OxLgz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/bd7a93-c9e4-42b6-a5c6-d35c54f14dbe/1/Qv_ADEj48yT-S1asmk3X-EYoCh0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/bd7a93-c9e4-42b6-a5c6-d35c54f14dbe/1/JrvteI4p-EBrK9yN3e631OxLgz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.121.192.0/24
109.121.202.0/23
109.121.254.0/23
178.169.142.0/23
178.169.162.0/24
178.169.165.0/24
178.169.169.0/24
Signature Algorithm: sha256WithRSAEncryption
41:88:f1:a9:37:75:ee:0e:58:cc:8b:42:b7:44:a1:c9:0a:3d:
b8:22:7b:dd:35:25:51:6b:06:d8:f5:1a:96:18:b2:63:34:b6:
e5:08:fb:1b:42:27:29:d9:3e:cb:a0:54:50:b2:fa:7c:1e:f5:
fa:e9:82:0d:e0:81:6e:56:a3:c6:dd:df:c7:86:f8:05:20:1f:
33:02:8d:c1:2b:d8:aa:73:12:c9:05:1f:57:06:e7:52:a6:40:
ff:ac:54:58:48:3e:55:f5:46:e0:bf:60:5b:4a:cb:00:69:df:
ef:3f:63:12:f9:65:e3:8e:80:7b:2d:0f:98:16:ad:fd:a3:34:
1e:c6:57:a9:f0:6c:4d:c8:ca:60:f7:1f:02:b9:bf:31:dd:33:
a7:69:2b:1f:7e:e5:0b:8b:25:21:d7:fa:00:88:80:72:31:5e:
95:23:19:94:cc:eb:7d:53:18:28:f9:14:fe:0f:8d:17:6d:38:
18:e0:ee:f4:c3:02:25:f3:51:e8:cf:c2:56:4c:7c:d1:89:05:
32:77:92:5e:9f:ef:12:90:7a:86:94:de:e1:54:a8:35:87:57:
34:1d:7b:52:eb:0f:9e:0d:a7:90:bb:b8:05:87:a8:21:e2:73:
b8:3a:c5:4b:b1:93:2a:1a:1a:1a:ba:13:e3:4c:c1:5b:14:bc:
a1:90:02:a8
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIEBVykQDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NmJiZWQ3ODhlMjlmODQwNmIyYmRjOGRkZGVlYjdkNGVjNGI4MzNlMB4XDTIyMDEw
MTEzMDM1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDJmZmMwMGM0OGY4
ZjMyNGZlNGI1NmFjOWE0ZGQ3Zjg0NjI4MGExZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALuzgc59pmbXsMYjoBR3lH7+rBoJiBz1HcMGrcBLoNENZcWn
3jRPiTgGazP4P4aiqxhj8AZsh97jAkK3j9NUNidZUm0IKLYYtgPVw8+UhR9AXw2w
+zsQ7+fT8bWxd4BLlhOs4d5YYZVKReztsKnIwraT2SW6opCw7s0zx8GwvZokzsjD
Cm7pbPwinQhavcka3YXyzpXrtG0AKYUfavcmRCOL1qsshM/ETNtb4UIcy2X8tiax
/iTngbySE8vIMLZbTc8+1hpNb5UBEJirGbjwrHaOxKneJIchbz0tm+2NwCNn7AGL
vW5YxRb0hh1i0r0wzTefLPCfhzxsaEPOoevl1AkCAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBRC/8AMSPjzJP5LVqyaTdf4RigKHTAfBgNVHSMEGDAWgBQmu+14jin4QGsr
3I3d7rfU7EuDPjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pydnRlSTRwLUVCcks5eU4zZTYzMU94TGd6NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTYvYmQ3YTkzLWM5ZTQtNDJiNi1hNWM2LWQzNWM1NGYxNGRiZS8x
L1F2X0FERWo0OHlULVMxYXNtazNYLUVZb0NoMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTYv
YmQ3YTkzLWM5ZTQtNDJiNi1hNWM2LWQzNWM1NGYxNGRiZS8xL0pydnRlSTRwLUVC
cks5eU4zZTYzMU94TGd6NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAG15wAMEAW15ygMEAW15/gMEAbKp
jgMEALKpogMEALKppQMEALKpqTANBgkqhkiG9w0BAQsFAAOCAQEAQYjxqTd17g5Y
zItCt0ShyQo9uCJ73TUlUWsG2PUalhiyYzS25Qj7G0InKdk+y6BUULL6fB71+umC
DeCBblajxt3fx4b4BSAfMwKNwSvYqnMSyQUfVwbnUqZA/6xUWEg+VfVG4L9gW0rL
AGnf7z9jEvll446Aey0PmBat/aM0HsZXqfBsTcjKYPcfArm/Md0zp2krH37lC4sl
Idf6AIiAcjFelSMZlMzrfVMYKPkU/g+NF204GODu9MMCJfNR6M/CVkx80YkFMneS
Xp/vEpB6hpTe4VSoNYdXNB17UusPng2nkLu4BYeoIeJzuDrFS7GTKhoaGroT40zB
WxS8oZACqA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:51 2024 by rpki-client on console-ams.rpki-client.org