Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/57269b-0f70-46cf-bce2-c7775159fc82/1/qc30_9YlAmupYCu30bkRYj6NJS0.roa
File: qc30_9YlAmupYCu30bkRYj6NJS0.roa (raw, json)
Hash identifier: 6dZLM9siHU7YtjhwFHAaeOi1k18D1LBLwE55t+RYOmw=
Subject key identifier: A9:CD:F4:FF:D6:25:02:6B:A9:60:2B:B7:D1:B9:11:62:3E:8D:25:2D
Certificate issuer: /CN=a42cf3ea3f4619add7b1f85e5dbc768cd3d1742d
Certificate serial: 09E145D2
Authority key identifier: A4:2C:F3:EA:3F:46:19:AD:D7:B1:F8:5E:5D:BC:76:8C:D3:D1:74:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pCzz6j9GGa3XsfheXbx2jNPRdC0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/57269b-0f70-46cf-bce2-c7775159fc82/1/qc30_9YlAmupYCu30bkRYj6NJS0.roa
Signing time: Tue 17 May 2022 12:43:29 +0000
ROA not before: Tue 17 May 2022 12:43:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209634
IP address blocks: 185.18.233.0/24 maxlen: 24
185.18.232.0/24 maxlen: 24
147.78.184.0/22 maxlen: 22
2a09:840::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 165758418 (0x9e145d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a42cf3ea3f4619add7b1f85e5dbc768cd3d1742d
Validity
Not Before: May 17 12:43:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a9cdf4ffd625026ba9602bb7d1b911623e8d252d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:36:c6:4f:76:91:4c:ae:89:11:73:9a:42:c7:
e9:d1:a7:9f:03:6d:99:6d:96:24:a7:73:8b:d1:63:
c4:54:59:c5:03:a2:2a:74:ff:f0:95:36:30:77:2e:
bd:04:ea:b5:37:fc:cb:7f:f7:da:da:7a:61:c7:09:
11:13:ff:ee:21:16:e7:67:cd:fe:0c:70:55:a4:64:
3f:5f:a7:ce:f8:fd:7d:75:09:46:6b:b1:3f:12:cb:
d6:b2:29:7a:be:95:c0:cb:03:0c:e8:29:2c:4a:d6:
53:d7:bf:42:a9:ab:51:61:08:06:18:04:e0:f4:62:
e7:a2:5c:a2:44:f9:31:2d:6c:0b:90:eb:17:e0:5c:
fe:0d:61:01:d6:a1:ee:c1:84:e4:a5:35:a2:10:1b:
de:38:64:db:91:f8:8f:5f:40:e3:ae:53:6b:69:d2:
38:0f:d8:b1:b2:ec:e8:e2:0b:3b:ed:83:43:a1:24:
a0:60:84:dc:35:84:7c:d7:27:08:c1:ab:da:93:43:
2a:e9:be:d2:11:50:d9:a9:67:5a:6c:00:78:47:5f:
0c:65:cb:ef:6c:ac:f2:50:72:08:89:b7:4e:0b:c1:
5c:ba:18:26:71:21:0d:89:89:fd:70:f1:94:fd:4e:
d2:a8:5d:b1:1a:c5:6a:66:d1:f4:a9:14:9f:bc:bc:
ee:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:CD:F4:FF:D6:25:02:6B:A9:60:2B:B7:D1:B9:11:62:3E:8D:25:2D
X509v3 Authority Key Identifier:
keyid:A4:2C:F3:EA:3F:46:19:AD:D7:B1:F8:5E:5D:BC:76:8C:D3:D1:74:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pCzz6j9GGa3XsfheXbx2jNPRdC0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/57269b-0f70-46cf-bce2-c7775159fc82/1/qc30_9YlAmupYCu30bkRYj6NJS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/57269b-0f70-46cf-bce2-c7775159fc82/1/pCzz6j9GGa3XsfheXbx2jNPRdC0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.184.0/22
185.18.232.0/23
IPv6:
2a09:840::/32
Signature Algorithm: sha256WithRSAEncryption
44:2c:04:83:da:d7:78:70:74:62:07:dc:e5:1c:b6:34:b9:a9:
a9:12:0c:c5:34:43:88:66:dc:15:d2:4b:54:43:85:62:5d:58:
5c:59:33:5f:3f:d7:f1:43:87:b9:8b:b6:7f:8b:f0:08:2b:ea:
b4:d6:fc:ed:6e:29:5a:4b:c6:a3:cc:e6:f4:66:63:c5:40:26:
23:c3:20:1e:cb:f8:be:04:38:e9:1f:f7:04:70:ad:93:8b:aa:
cc:23:bf:93:75:b1:f3:1c:6d:ba:09:2e:b7:89:63:98:10:6b:
0e:cf:81:bd:82:90:72:0c:b0:55:ca:05:38:62:5a:2d:e1:53:
74:d6:f9:0b:b4:a6:3e:a8:db:27:a2:dc:e1:fb:ca:07:01:1d:
b4:32:5b:6c:06:0a:64:8e:26:bc:49:1a:f3:8c:e3:10:73:73:
b5:e0:44:f6:0e:5c:ae:49:14:b4:96:0e:90:c9:4c:d2:11:a1:
ba:b3:66:af:1e:11:79:b7:4f:fd:c8:3c:01:5c:cf:59:66:30:
58:7f:d9:5f:73:97:c6:30:50:23:bc:86:3d:37:d0:25:0b:2e:
a5:c3:7e:7f:d4:4c:b7:36:84:a0:6d:27:cf:cf:e6:6c:56:30:
58:3f:44:aa:cf:8b:0f:10:64:33:a9:27:aa:ab:30:c2:e3:bb:
0a:f9:1d:cd
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIECeFF0jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NDJjZjNlYTNmNDYxOWFkZDdiMWY4NWU1ZGJjNzY4Y2QzZDE3NDJkMB4XDTIyMDUx
NzEyNDMyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTljZGY0ZmZkNjI1
MDI2YmE5NjAyYmI3ZDFiOTExNjIzZThkMjUyZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL82xk92kUyuiRFzmkLH6dGnnwNtmW2WJKdzi9FjxFRZxQOi
KnT/8JU2MHcuvQTqtTf8y3/32tp6YccJERP/7iEW52fN/gxwVaRkP1+nzvj9fXUJ
RmuxPxLL1rIper6VwMsDDOgpLErWU9e/QqmrUWEIBhgE4PRi56JcokT5MS1sC5Dr
F+Bc/g1hAdah7sGE5KU1ohAb3jhk25H4j19A465Ta2nSOA/YsbLs6OILO+2DQ6Ek
oGCE3DWEfNcnCMGr2pNDKum+0hFQ2alnWmwAeEdfDGXL72ys8lByCIm3TgvBXLoY
JnEhDYmJ/XDxlP1O0qhdsRrFambR9KkUn7y87jcCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSpzfT/1iUCa6lgK7fRuRFiPo0lLTAfBgNVHSMEGDAWgBSkLPPqP0YZrdex
+F5dvHaM09F0LTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BDeno2ajlHR2EzWHNmaGVYYngyak5QUmRDMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvNTcyNjliLTBmNzAtNDZjZi1iY2UyLWM3Nzc1MTU5ZmM4Mi8x
L3FjMzBfOVlsQW11cFlDdTMwYmtSWWo2TkpTMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
NTcyNjliLTBmNzAtNDZjZi1iY2UyLWM3Nzc1MTU5ZmM4Mi8xL3BDeno2ajlHR2Ez
WHNmaGVYYngyak5QUmRDMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEApNOuAMEAbkS6DANBAIAAjAHAwUA
KgkIQDANBgkqhkiG9w0BAQsFAAOCAQEARCwEg9rXeHB0Ygfc5Ry2NLmpqRIMxTRD
iGbcFdJLVEOFYl1YXFkzXz/X8UOHuYu2f4vwCCvqtNb87W4pWkvGo8zm9GZjxUAm
I8MgHsv4vgQ46R/3BHCtk4uqzCO/k3Wx8xxtugkut4ljmBBrDs+BvYKQcgywVcoF
OGJaLeFTdNb5C7SmPqjbJ6Lc4fvKBwEdtDJbbAYKZI4mvEka84zjEHNzteBE9g5c
rkkUtJYOkMlM0hGhurNmrx4RebdP/cg8AVzPWWYwWH/ZX3OXxjBQI7yGPTfQJQsu
pcN+f9RMtzaEoG0nz8/mbFYwWD9Eqs+LDxBkM6knqqswwuO7CvkdzQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:55 2024 by rpki-client on console-ams.rpki-client.org