Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/5124d0-2b3f-4dab-857d-2e639fca4640/1/qx-7WzsqqMnJRORgd0ZA13yvFCA.roa
File: qx-7WzsqqMnJRORgd0ZA13yvFCA.roa (raw, json)
Hash identifier: fNAdHuzQ0FLt/A20YY1pINdnP2iVK0e7R+qh4SggXFU=
Subject key identifier: AB:1F:BB:5B:3B:2A:A8:C9:C9:44:E4:60:77:46:40:D7:7C:AF:14:20
Certificate issuer: /CN=cc275b217df1de988ca2192a83ae11ddf423a44f
Certificate serial: 01843E07D0313467F8E51F8E96F0E9670139
Authority key identifier: CC:27:5B:21:7D:F1:DE:98:8C:A2:19:2A:83:AE:11:DD:F4:23:A4:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zCdbIX3x3piMohkqg64R3fQjpE8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/5124d0-2b3f-4dab-857d-2e639fca4640/1/qx-7WzsqqMnJRORgd0ZA13yvFCA.roa
Signing time: Thu 03 Nov 2022 15:06:49 +0000
ROA not before: Thu 03 Nov 2022 15:06:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42622
IP address blocks: 80.72.0.0/20 maxlen: 20
185.84.212.0/22 maxlen: 22
2a00:f4c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:3e:07:d0:31:34:67:f8:e5:1f:8e:96:f0:e9:67:01:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc275b217df1de988ca2192a83ae11ddf423a44f
Validity
Not Before: Nov 3 15:06:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ab1fbb5b3b2aa8c9c944e460774640d77caf1420
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:28:1a:5c:f9:5f:39:79:e0:61:a0:8c:1a:bf:
dc:11:55:64:e4:18:1d:3c:64:f3:f6:fb:c3:31:5a:
db:f7:32:53:29:fe:ef:97:b8:da:71:13:04:b7:13:
ed:25:55:42:cc:dc:04:d8:de:2a:b0:cd:5b:e7:0c:
d1:b8:9f:51:68:7f:36:84:eb:12:92:b8:b8:7f:e2:
42:c3:b1:f8:8b:0c:dd:8e:46:05:f7:63:b3:19:61:
c8:6d:80:b4:33:b7:8f:28:eb:e3:ce:e2:dd:38:9c:
8c:99:cc:a8:fb:09:8a:da:e7:8c:fd:60:32:8a:0b:
68:2b:5f:7f:f2:cf:07:41:db:ac:04:95:56:5f:fe:
82:dc:c3:cc:cd:de:1b:b4:95:7d:e2:3c:70:7f:7c:
9c:b5:35:06:97:b8:76:80:16:e5:af:7e:6a:5d:cd:
fa:39:01:66:25:48:44:93:eb:f7:f7:5b:30:a9:d5:
d6:72:f5:a1:4d:12:00:10:36:3c:f8:2e:4c:28:da:
eb:de:c3:37:dc:4e:2c:53:50:c4:aa:05:39:64:b0:
36:e4:b4:ef:c1:ea:3d:64:6c:15:f0:8c:16:16:74:
6a:02:be:d3:31:f2:12:01:71:ff:49:2e:07:f3:76:
e2:8d:6a:3d:84:14:c3:11:8b:74:41:ca:d6:20:07:
7c:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:1F:BB:5B:3B:2A:A8:C9:C9:44:E4:60:77:46:40:D7:7C:AF:14:20
X509v3 Authority Key Identifier:
keyid:CC:27:5B:21:7D:F1:DE:98:8C:A2:19:2A:83:AE:11:DD:F4:23:A4:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zCdbIX3x3piMohkqg64R3fQjpE8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/5124d0-2b3f-4dab-857d-2e639fca4640/1/qx-7WzsqqMnJRORgd0ZA13yvFCA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/5124d0-2b3f-4dab-857d-2e639fca4640/1/zCdbIX3x3piMohkqg64R3fQjpE8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.72.0.0/20
185.84.212.0/22
IPv6:
2a00:f4c0::/32
Signature Algorithm: sha256WithRSAEncryption
20:71:51:7f:d7:6e:c7:35:37:1d:32:c6:3e:e3:2b:65:91:29:
00:11:41:bd:47:25:02:d5:74:ae:54:e7:14:3f:f8:00:c3:31:
42:a7:6a:4d:0c:77:f2:89:6c:cd:db:5f:13:ea:a5:64:10:6d:
5c:56:fc:66:2f:b6:b0:a0:04:86:4c:9c:86:75:40:98:f8:9c:
75:50:8f:52:de:d2:e0:a9:76:f4:69:48:7d:3d:d0:bf:8f:3f:
76:bc:9d:0c:27:e0:c3:35:3a:a1:aa:7c:83:45:e3:0a:30:72:
06:da:86:e7:8c:23:ed:8d:7d:7f:90:36:e6:8b:08:f9:8c:b8:
1d:ac:5a:74:a3:6a:2a:2b:62:a7:64:76:ed:26:72:8e:6b:14:
e4:86:96:26:60:51:f6:74:7f:23:4c:3e:6e:bf:37:4c:7d:0d:
a2:65:a8:a6:3d:8d:35:54:c3:f7:4b:28:cf:30:a1:de:f6:bb:
f8:88:e6:51:06:38:75:67:a6:63:df:6d:ea:0c:2e:85:d1:f3:
da:07:96:89:15:07:ba:34:b5:e4:21:cc:5a:da:52:36:00:cb:
2b:c3:3c:12:3f:6c:34:32:7b:f3:11:44:68:9a:50:0c:3c:9f:
3a:fa:e4:0e:ab:79:4e:e5:6c:01:d2:ab:4d:05:18:64:11:db:
6a:82:9e:60
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYQ+B9AxNGf45R+OlvDpZwE5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjMjc1YjIxN2RmMWRlOTg4Y2EyMTkyYTgzYWUxMWRkZjQy
M2E0NGYwHhcNMjIxMTAzMTUwNjQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjFmYmI1YjNiMmFhOGM5Yzk0NGU0NjA3NzQ2NDBkNzdjYWYxNDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlygaXPlfOXngYaCMGr/cEVVk5Bgd
PGTz9vvDMVrb9zJTKf7vl7jacRMEtxPtJVVCzNwE2N4qsM1b5wzRuJ9RaH82hOsS
kri4f+JCw7H4iwzdjkYF92OzGWHIbYC0M7ePKOvjzuLdOJyMmcyo+wmK2ueM/WAy
igtoK19/8s8HQdusBJVWX/6C3MPMzd4btJV94jxwf3yctTUGl7h2gBblr35qXc36
OQFmJUhEk+v391swqdXWcvWhTRIAEDY8+C5MKNrr3sM33E4sU1DEqgU5ZLA25LTv
weo9ZGwV8IwWFnRqAr7TMfISAXH/SS4H83bijWo9hBTDEYt0QcrWIAd8AQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKsfu1s7KqjJyUTkYHdGQNd8rxQgMB8GA1UdIwQY
MBaAFMwnWyF98d6YjKIZKoOuEd30I6RPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekNkYklYM3gzcGlNb2hrcWc2NFIzZlFqcEU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS81MTI0ZDAtMmIzZi00ZGFiLTg1N2Qt
MmU2MzlmY2E0NjQwLzEvcXgtN1d6c3FxTW5KUk9SZ2QwWkExM3l2RkNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS81MTI0ZDAtMmIzZi00ZGFiLTg1N2QtMmU2MzlmY2E0NjQw
LzEvekNkYklYM3gzcGlNb2hrcWc2NFIzZlFqcEU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEUEgAAwQC
uVTUMA0EAgACMAcDBQAqAPTAMA0GCSqGSIb3DQEBCwUAA4IBAQAgcVF/127HNTcd
MsY+4ytlkSkAEUG9RyUC1XSuVOcUP/gAwzFCp2pNDHfyiWzN218T6qVkEG1cVvxm
L7awoASGTJyGdUCY+Jx1UI9S3tLgqXb0aUh9PdC/jz92vJ0MJ+DDNTqhqnyDReMK
MHIG2obnjCPtjX1/kDbmiwj5jLgdrFp0o2oqK2KnZHbtJnKOaxTkhpYmYFH2dH8j
TD5uvzdMfQ2iZaimPY01VMP3SyjPMKHe9rv4iOZRBjh1Z6Zj323qDC6F0fPaB5aJ
FQe6NLXkIcxa2lI2AMsrwzwSP2w0MnvzEURomlAMPJ86+uQOq3lO5WwB0qtNBRhk
Edtqgp5g
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:11 2024 by rpki-client on console-fra.rpki-client.org