Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/pqT1j0kRnvR85mepGyavs0eZM90.roa
File: pqT1j0kRnvR85mepGyavs0eZM90.roa (raw, json)
Hash identifier: nbMg39hP0P494bYUk0SLH4orEyaQRyLpo1aQIHa53Ks=
Subject key identifier: A6:A4:F5:8F:49:11:9E:F4:7C:E6:67:A9:1B:26:AF:B3:47:99:33:DD
Certificate issuer: /CN=04a2ae2cd094333018c41daafb474c6cfa80d07d
Certificate serial: 015D860A
Authority key identifier: 04:A2:AE:2C:D0:94:33:30:18:C4:1D:AA:FB:47:4C:6C:FA:80:D0:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/pqT1j0kRnvR85mepGyavs0eZM90.roa
Signing time: Thu 17 Mar 2022 09:42:37 +0000
ROA not before: Thu 17 Mar 2022 09:42:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8257
IP address blocks: 188.112.64.0/19 maxlen: 19
176.61.192.0/20 maxlen: 20
188.112.64.0/18 maxlen: 18
176.61.192.0/18 maxlen: 18
176.61.208.0/20 maxlen: 20
188.112.96.0/19 maxlen: 19
176.61.224.0/21 maxlen: 21
178.253.128.0/18 maxlen: 18
178.253.128.0/19 maxlen: 19
178.253.160.0/19 maxlen: 19
85.135.192.0/18 maxlen: 18
85.135.128.0/18 maxlen: 18
85.135.128.0/17 maxlen: 17
176.61.232.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22906378 (0x15d860a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04a2ae2cd094333018c41daafb474c6cfa80d07d
Validity
Not Before: Mar 17 09:42:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a6a4f58f49119ef47ce667a91b26afb3479933dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:91:1b:ae:47:91:c4:96:71:13:9c:60:10:46:
ec:2a:a3:87:e0:d6:81:e5:37:19:4c:8b:13:49:ec:
d7:1f:a1:06:8e:f5:16:0c:2d:d3:9e:ed:d0:ea:11:
d6:c9:8d:58:96:47:64:ee:ec:72:51:7d:51:65:18:
e9:22:41:f9:54:68:9c:95:3c:ba:e8:11:f0:89:e3:
8e:4f:0b:31:f5:53:08:0f:ef:c1:77:8b:77:91:fb:
8f:b7:ff:79:6a:01:36:2f:0f:ec:f5:d3:7f:ff:20:
29:cd:ab:d8:93:a0:56:80:c6:70:eb:b9:e7:db:50:
98:93:9c:b7:f4:f4:ee:e3:5e:d2:0b:72:3f:fd:eb:
41:3a:fd:51:9c:c0:77:41:01:58:05:58:98:60:94:
98:0d:11:0e:9f:2f:d5:26:74:86:b8:7f:c8:fe:1b:
68:e6:1b:78:d9:41:56:49:02:97:ad:a1:f0:9f:af:
8d:23:34:70:3d:4e:89:f4:29:ae:88:05:c0:c5:5f:
d6:c8:7f:eb:5f:dd:bb:1f:45:84:ee:6d:9f:6c:5c:
92:b5:76:ca:4c:57:51:da:57:34:dd:d0:a9:6a:60:
b7:a6:c5:7c:d3:66:6b:ae:a1:06:c7:8e:96:d5:c1:
d6:3d:92:c9:4a:74:0f:38:07:02:52:bf:e1:42:5f:
3c:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:A4:F5:8F:49:11:9E:F4:7C:E6:67:A9:1B:26:AF:B3:47:99:33:DD
X509v3 Authority Key Identifier:
keyid:04:A2:AE:2C:D0:94:33:30:18:C4:1D:AA:FB:47:4C:6C:FA:80:D0:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/pqT1j0kRnvR85mepGyavs0eZM90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/BKKuLNCUMzAYxB2q-0dMbPqA0H0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.135.128.0/17
176.61.192.0/18
178.253.128.0/18
188.112.64.0/18
Signature Algorithm: sha256WithRSAEncryption
87:6b:0d:ce:1d:72:6c:61:41:75:83:3e:1d:74:9c:aa:8f:73:
ea:09:b3:84:b0:14:6b:a1:1e:17:d2:24:c6:c6:92:de:65:9f:
dc:75:87:11:89:b9:6b:62:01:65:a7:c6:4d:94:85:e9:92:88:
5d:62:0e:67:90:66:01:f6:62:db:b4:53:4b:a5:ec:2f:94:92:
a5:cf:a6:7f:c3:97:90:20:6c:12:b4:27:1b:ab:c3:bb:d4:ed:
11:94:d8:69:7b:21:bd:4b:e9:1f:1e:db:5c:7f:df:ad:81:f6:
39:99:df:ca:a0:99:dc:88:db:c6:45:69:82:ba:81:25:86:cf:
81:38:c4:6f:44:50:3c:62:ca:4a:68:88:18:56:7b:52:fa:c3:
57:79:62:4c:52:5c:d8:09:04:66:cf:44:4a:aa:55:fb:27:28:
81:62:33:da:f8:e6:cd:c9:0f:ae:b6:23:74:d0:03:3c:33:7c:
4b:b1:20:4f:99:49:45:87:2f:b5:26:eb:e5:5e:b9:f1:b0:0b:
16:ec:87:03:13:df:88:75:79:52:da:de:34:63:47:c9:22:21:
a3:25:2b:17:8c:5d:37:bb:44:4e:23:21:04:96:88:63:c1:f1:
b5:53:ab:bb:9f:ec:a8:16:53:fb:6f:c3:6a:2c:04:5f:35:27:
61:0d:a5:a1
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEAV2GCjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NGEyYWUyY2QwOTQzMzMwMThjNDFkYWFmYjQ3NGM2Y2ZhODBkMDdkMB4XDTIyMDMx
NzA5NDIzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTZhNGY1OGY0OTEx
OWVmNDdjZTY2N2E5MWIyNmFmYjM0Nzk5MzNkZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMmRG65HkcSWcROcYBBG7Cqjh+DWgeU3GUyLE0ns1x+hBo71
Fgwt057t0OoR1smNWJZHZO7sclF9UWUY6SJB+VRonJU8uugR8Injjk8LMfVTCA/v
wXeLd5H7j7f/eWoBNi8P7PXTf/8gKc2r2JOgVoDGcOu559tQmJOct/T07uNe0gty
P/3rQTr9UZzAd0EBWAVYmGCUmA0RDp8v1SZ0hrh/yP4baOYbeNlBVkkCl62h8J+v
jSM0cD1OifQprogFwMVf1sh/61/dux9FhO5tn2xckrV2ykxXUdpXNN3QqWpgt6bF
fNNma66hBseOltXB1j2SyUp0DzgHAlK/4UJfPHsCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBSmpPWPSRGe9HzmZ6kbJq+zR5kz3TAfBgNVHSMEGDAWgBQEoq4s0JQzMBjE
Har7R0xs+oDQfTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JLS3VMTkNVTXpBWXhCMnEtMGRNYlBxQTBIMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmEvNjM0YTEyLWU1OGMtNDU1Yy04OTMzLTZlNmU4ZDkzMDNlOS8x
L3BxVDFqMGtSbnZSODVtZXBHeWF2czBlWk05MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmEv
NjM0YTEyLWU1OGMtNDU1Yy04OTMzLTZlNmU4ZDkzMDNlOS8xL0JLS3VMTkNVTXpB
WXhCMnEtMGRNYlBxQTBIMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEB1WHgAMEBrA9wAMEBrL9gAMEBrxw
QDANBgkqhkiG9w0BAQsFAAOCAQEAh2sNzh1ybGFBdYM+HXScqo9z6gmzhLAUa6Ee
F9IkxsaS3mWf3HWHEYm5a2IBZafGTZSF6ZKIXWIOZ5BmAfZi27RTS6XsL5SSpc+m
f8OXkCBsErQnG6vDu9TtEZTYaXshvUvpHx7bXH/frYH2OZnfyqCZ3IjbxkVpgrqB
JYbPgTjEb0RQPGLKSmiIGFZ7UvrDV3liTFJc2AkEZs9ESqpV+ycogWIz2vjmzckP
rrYjdNADPDN8S7EgT5lJRYcvtSbr5V658bALFuyHAxPfiHV5UtreNGNHySIhoyUr
F4xdN7tETiMhBJaIY8HxtVOru5/sqBZT+2/DaiwEXzUnYQ2loQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:46 2024 by rpki-client on console-ams.rpki-client.org