Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/qrZLpuYFDoiRx_6Se18HWnzGMAQ.roa
File: qrZLpuYFDoiRx_6Se18HWnzGMAQ.roa (raw, json)
Hash identifier: JHh/QbwisQtGFP4OhlP23OkcbkMV3dvvUfelpOpSnvY=
Subject key identifier: AA:B6:4B:A6:E6:05:0E:88:91:C7:FE:92:7B:5F:07:5A:7C:C6:30:04
Certificate issuer: /CN=aa1dc50a4b526df18e8b0a6565d7b9d58a75d315
Certificate serial: 0183EFD97EEB736E4FFF9729D882797DB3A5
Authority key identifier: AA:1D:C5:0A:4B:52:6D:F1:8E:8B:0A:65:65:D7:B9:D5:8A:75:D3:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh3FCktSbfGOiwplZde51Yp10xU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/qrZLpuYFDoiRx_6Se18HWnzGMAQ.roa
Signing time: Wed 19 Oct 2022 10:45:51 +0000
ROA not before: Wed 19 Oct 2022 10:45:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44066
IP address blocks: 212.224.64.0/18 maxlen: 24
185.26.96.0/22 maxlen: 24
84.200.205.0/24 maxlen: 24
194.143.134.0/23 maxlen: 23
185.171.204.0/22 maxlen: 24
79.133.32.0/19 maxlen: 24
159.100.0.0/19 maxlen: 24
84.201.17.0/24 maxlen: 24
84.201.18.0/24 maxlen: 24
37.114.96.0/19 maxlen: 24
194.187.164.0/22 maxlen: 22
84.200.0.0/16 maxlen: 24
82.211.0.0/18 maxlen: 24
31.172.80.0/20 maxlen: 24
82.211.17.0/24 maxlen: 24
84.200.39.0/24 maxlen: 24
84.201.0.0/18 maxlen: 24
2a01:7e0:1fc::/48 maxlen: 48
2a01:7e0::/29 maxlen: 48
2a01:7e0::/32 maxlen: 32
2001:1608::/32 maxlen: 48
2a01:7e0:2f::/48 maxlen: 48
2001:1638::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ef:d9:7e:eb:73:6e:4f:ff:97:29:d8:82:79:7d:b3:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1dc50a4b526df18e8b0a6565d7b9d58a75d315
Validity
Not Before: Oct 19 10:45:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aab64ba6e6050e8891c7fe927b5f075a7cc63004
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:df:15:13:18:14:43:05:4f:4b:37:04:92:a1:
7f:1e:87:2d:12:00:f4:ed:7e:4f:0f:50:ad:19:9c:
c4:10:77:77:93:f4:00:62:32:87:c8:e1:e1:c8:e8:
49:00:b9:ad:c3:ba:e5:90:0e:e8:2e:dd:82:e6:89:
00:d8:16:e8:88:04:cb:bb:c5:6b:db:6f:b7:e1:03:
1f:2f:49:c0:67:6d:c6:5e:63:e4:4b:88:36:83:5a:
62:71:de:52:1a:4a:fa:73:b8:ab:7d:28:71:be:f9:
fa:a8:2d:9c:9c:92:36:e0:cb:21:86:eb:5e:65:55:
9b:24:8e:dd:37:70:d5:90:eb:70:61:40:78:42:b4:
d9:f0:c9:39:25:34:76:10:42:3c:b9:75:f5:6b:cd:
07:9e:55:3a:f0:80:6c:99:ee:c0:f6:c9:5c:ab:85:
dd:ac:6e:4c:f4:56:4c:44:8a:91:2b:1d:1d:a1:31:
73:67:93:d8:5b:8a:57:93:79:8b:9b:3b:04:42:e3:
21:8f:17:39:3b:33:6b:a8:20:2f:2f:a8:c9:3f:87:
1b:51:22:63:02:6d:80:2b:2c:56:0a:99:1b:5a:94:
17:b3:1d:ea:cf:18:7b:82:97:17:2a:c9:ad:54:61:
28:0d:16:f6:f9:d2:f4:33:29:d2:bd:84:e3:b6:a1:
47:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:B6:4B:A6:E6:05:0E:88:91:C7:FE:92:7B:5F:07:5A:7C:C6:30:04
X509v3 Authority Key Identifier:
keyid:AA:1D:C5:0A:4B:52:6D:F1:8E:8B:0A:65:65:D7:B9:D5:8A:75:D3:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh3FCktSbfGOiwplZde51Yp10xU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/qrZLpuYFDoiRx_6Se18HWnzGMAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/qh3FCktSbfGOiwplZde51Yp10xU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.80.0/20
37.114.96.0/19
79.133.32.0/19
82.211.0.0/18
84.200.0.0-84.201.63.255
159.100.0.0/19
185.26.96.0/22
185.171.204.0/22
194.143.134.0/23
194.187.164.0/22
212.224.64.0/18
IPv6:
2001:1608::/32
2001:1638::/32
2a01:7e0::/29
Signature Algorithm: sha256WithRSAEncryption
b7:fa:b1:f5:5c:93:79:17:46:26:f0:29:d2:67:77:c9:7e:fd:
ae:1a:8d:00:85:58:94:66:17:24:11:b8:d3:21:d2:84:64:14:
13:b5:3e:c1:b4:68:86:bd:f9:2e:02:bf:fd:1d:fa:db:9c:e4:
85:52:4e:60:16:11:08:a2:b4:ab:b9:18:b6:e0:3d:a3:ec:60:
03:34:5c:37:d8:02:5b:5b:85:3a:ac:40:b0:96:be:a6:e4:78:
63:72:a7:7e:b3:1e:a3:85:69:f9:1c:18:a1:58:99:a0:81:c4:
2c:13:af:fe:24:3c:2f:09:4e:c5:5f:18:c3:ac:c0:e1:55:43:
ce:49:ef:1e:40:fb:b5:d1:1b:55:a3:cc:f9:c9:e5:f9:a6:c2:
71:93:94:f3:aa:38:dc:cd:41:2b:97:9c:f9:a6:09:a8:66:c5:
32:e3:89:14:fd:f0:77:74:60:da:85:12:71:11:54:29:d3:f7:
ed:dd:27:5d:5d:d7:be:50:37:f1:b7:41:5a:66:1c:d6:a2:aa:
5c:72:d2:23:a1:a4:19:1d:fc:3e:76:ee:5d:1e:1f:4f:b5:98:
f1:ea:71:2e:2b:70:5c:4c:7f:4c:f3:7c:9b:5d:68:ab:12:1b:
f6:88:13:6b:87:fd:0f:fe:88:cf:cb:2b:b9:43:4b:cb:35:b0:
35:bb:4b:70
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYPv2X7rc25P/5cp2IJ5fbOlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWRjNTBhNGI1MjZkZjE4ZThiMGE2NTY1ZDdiOWQ1OGE3
NWQzMTUwHhcNMjIxMDE5MTA0NTUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWI2NGJhNmU2MDUwZTg4OTFjN2ZlOTI3YjVmMDc1YTdjYzYzMDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn98VExgUQwVPSzcEkqF/HoctEgD0
7X5PD1CtGZzEEHd3k/QAYjKHyOHhyOhJALmtw7rlkA7oLt2C5okA2BboiATLu8Vr
22+34QMfL0nAZ23GXmPkS4g2g1picd5SGkr6c7irfShxvvn6qC2cnJI24Mshhute
ZVWbJI7dN3DVkOtwYUB4QrTZ8Mk5JTR2EEI8uXX1a80HnlU68IBsme7A9slcq4Xd
rG5M9FZMRIqRKx0doTFzZ5PYW4pXk3mLmzsEQuMhjxc5OzNrqCAvL6jJP4cbUSJj
Am2AKyxWCpkbWpQXsx3qzxh7gpcXKsmtVGEoDRb2+dL0MynSvYTjtqFHeQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFKq2S6bmBQ6Ikcf+kntfB1p8xjAEMB8GA1UdIwQY
MBaAFKodxQpLUm3xjosKZWXXudWKddMVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWgzRkNrdFNiZkdPaXdwbFpkZTUxWXAxMHhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9mMjM5MjktNzM3NS00MWM4LTk5NzMt
MzNkNzI4NDMzYzExLzEvcXJaTHB1WUZEb2lSeF82U2UxOEhXbnpHTUFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9mMjM5MjktNzM3NS00MWM4LTk5NzMtMzNkNzI4NDMzYzEx
LzEvcWgzRkNrdFNiZkdPaXdwbFpkZTUxWXAxMHhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBPBAIAATBJAwQEH6xQAwQF
JXJgAwQFT4UgAwQGUtMAMAsDAwNUyAMEBlTJAAMEBZ9kAAMEArkaYAMEArmrzAME
AcKPhgMEAsK7pAMEBtTgQDAbBAIAAjAVAwUAIAEWCAMFACABFjgDBQMqAQfgMA0G
CSqGSIb3DQEBCwUAA4IBAQC3+rH1XJN5F0Ym8CnSZ3fJfv2uGo0AhViUZhckEbjT
IdKEZBQTtT7BtGiGvfkuAr/9HfrbnOSFUk5gFhEIorSruRi24D2j7GADNFw32AJb
W4U6rECwlr6m5Hhjcqd+sx6jhWn5HBihWJmggcQsE6/+JDwvCU7FXxjDrMDhVUPO
Se8eQPu10RtVo8z5yeX5psJxk5TzqjjczUErl5z5pgmoZsUy44kU/fB3dGDahRJx
EVQp0/ft3SddXde+UDfxt0FaZhzWoqpcctIjoaQZHfw+du5dHh9PtZjx6nEuK3Bc
TH9M83ybXWirEhv2iBNrh/0P/ojPyyu5Q0vLNbA1u0tw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:35 2024 by rpki-client on console-ams.rpki-client.org