Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/Qs2YvPHUYLYcBrJttz-uXjIfl9Q.roa
File: Qs2YvPHUYLYcBrJttz-uXjIfl9Q.roa (raw, json)
Hash identifier: OaMQsliXXgVNaGRtCKAkXeCyJsRk2wn1CGDh1sq7VPo=
Subject key identifier: 42:CD:98:BC:F1:D4:60:B6:1C:06:B2:6D:B7:3F:AE:5E:32:1F:97:D4
Certificate issuer: /CN=5cf4501b755002d9143e8fa6736815e9f0f93695
Certificate serial: 10E5924C
Authority key identifier: 5C:F4:50:1B:75:50:02:D9:14:3E:8F:A6:73:68:15:E9:F0:F9:36:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XPRQG3VQAtkUPo-mc2gV6fD5NpU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/Qs2YvPHUYLYcBrJttz-uXjIfl9Q.roa
Signing time: Sat 01 Jan 2022 05:02:17 +0000
ROA not before: Sat 01 Jan 2022 05:02:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 13037
IP address blocks: 212.23.0.0/19 maxlen: 19
88.98.0.0/20 maxlen: 20
82.71.240.0/20 maxlen: 20
88.98.16.0/23 maxlen: 23
88.98.21.0/24 maxlen: 24
88.98.18.0/24 maxlen: 24
88.98.24.0/21 maxlen: 21
88.98.22.0/23 maxlen: 23
88.96.0.0/15 maxlen: 15
51.155.0.0/16 maxlen: 16
217.155.0.0/16 maxlen: 16
88.98.160.0/21 maxlen: 21
88.98.172.0/22 maxlen: 22
88.98.170.0/23 maxlen: 23
88.98.176.0/20 maxlen: 20
51.148.0.0/16 maxlen: 16
62.3.64.0/18 maxlen: 18
82.68.0.0/14 maxlen: 14
51.170.0.0/16 maxlen: 18
88.98.128.0/19 maxlen: 19
88.98.32.0/19 maxlen: 19
88.98.64.0/19 maxlen: 19
2a02:8010::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 283480652 (0x10e5924c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cf4501b755002d9143e8fa6736815e9f0f93695
Validity
Not Before: Jan 1 05:02:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=42cd98bcf1d460b61c06b26db73fae5e321f97d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:21:52:e4:cb:b1:8f:5d:73:31:fb:26:09:14:
0b:b4:1a:61:d2:79:1f:d8:98:05:df:c1:56:44:c4:
cb:37:86:3b:78:80:9f:5e:e9:42:44:68:8d:f6:18:
24:f5:c3:07:3f:a0:da:cd:e1:97:c4:e9:00:7a:f0:
29:f2:f3:e6:63:ff:66:ba:2e:bd:b2:f4:3d:d9:d6:
ef:b0:99:3e:43:e5:bd:6c:cf:0a:a2:59:3b:b5:51:
52:96:e7:10:92:05:b5:f8:5c:77:f9:ec:ed:44:56:
75:6e:16:12:cf:c8:ad:3e:7e:16:0e:c2:1b:d3:09:
2b:f9:0f:63:24:1b:96:11:6d:93:bc:eb:ea:61:a4:
79:3d:a0:bf:e9:37:e8:7e:bc:fd:3b:e2:95:e1:31:
24:df:4b:91:83:90:66:ca:0a:0b:b9:d4:7a:0a:29:
36:74:06:e2:41:db:c3:b3:34:0a:25:c5:86:d5:6d:
a7:b7:1b:39:3d:bf:a6:50:cd:33:24:55:51:07:fd:
1e:42:72:ec:9b:77:46:8b:74:1c:7c:ad:41:b2:f8:
b8:6d:82:28:16:73:cd:4f:05:e7:6a:e3:74:eb:58:
77:2e:01:ff:0c:a0:d0:7b:72:6c:aa:eb:6a:f2:b2:
00:bd:6c:2a:73:a8:c8:1c:59:d0:8d:d8:96:72:5a:
58:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:CD:98:BC:F1:D4:60:B6:1C:06:B2:6D:B7:3F:AE:5E:32:1F:97:D4
X509v3 Authority Key Identifier:
keyid:5C:F4:50:1B:75:50:02:D9:14:3E:8F:A6:73:68:15:E9:F0:F9:36:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XPRQG3VQAtkUPo-mc2gV6fD5NpU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/Qs2YvPHUYLYcBrJttz-uXjIfl9Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/XPRQG3VQAtkUPo-mc2gV6fD5NpU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.148.0.0/16
51.155.0.0/16
51.170.0.0/16
62.3.64.0/18
82.68.0.0/14
88.96.0.0-88.98.18.255
88.98.21.0-88.98.95.255
88.98.128.0-88.98.167.255
88.98.170.0-88.98.191.255
212.23.0.0/19
217.155.0.0/16
IPv6:
2a02:8010::/29
Signature Algorithm: sha256WithRSAEncryption
26:82:d3:85:45:21:f3:d5:29:da:be:19:65:bb:70:a5:bb:19:
2e:63:d0:86:4b:dd:68:3b:9d:cd:44:fc:1b:bb:fb:d1:2d:33:
9f:e1:e0:6a:57:22:dd:6f:c2:bc:92:14:69:c4:5c:6f:64:e1:
37:81:5a:b5:ae:66:e5:73:27:20:1f:8c:e4:5e:b1:74:d5:a3:
1f:1e:f2:8f:9c:d1:ad:1e:1b:1e:3e:bf:65:a9:f1:93:09:cf:
ee:e8:43:9c:bf:b6:ab:4f:de:5b:f0:96:29:f2:f2:a2:b4:58:
49:ac:93:af:e0:a3:83:a9:b9:de:8d:36:24:72:97:52:78:b5:
76:aa:b4:50:33:26:21:6e:f0:18:03:1a:89:6d:8f:74:47:3b:
69:03:d4:af:bf:9b:2e:6d:59:47:58:46:4b:3f:89:bc:fa:03:
8a:2b:36:7f:7f:1a:aa:4b:f3:00:fd:d0:d6:ab:77:f0:d9:2d:
b4:9c:59:2b:13:aa:a5:25:5a:53:95:59:07:6b:55:47:52:31:
83:59:23:21:92:87:b6:74:cc:e2:bb:6b:85:a4:74:22:c3:ca:
36:bc:c6:5e:f1:ef:68:bc:f2:b5:ec:5e:59:a6:79:35:fa:3c:
ca:07:a1:0d:2e:d3:fd:e2:c6:ed:65:71:60:cc:d0:46:a7:eb:
c0:79:62:3c
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgIEEOWSTDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
Y2Y0NTAxYjc1NTAwMmQ5MTQzZThmYTY3MzY4MTVlOWYwZjkzNjk1MB4XDTIyMDEw
MTA1MDIxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDJjZDk4YmNmMWQ0
NjBiNjFjMDZiMjZkYjczZmFlNWUzMjFmOTdkNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANYhUuTLsY9dczH7JgkUC7QaYdJ5H9iYBd/BVkTEyzeGO3iA
n17pQkRojfYYJPXDBz+g2s3hl8TpAHrwKfLz5mP/ZrouvbL0PdnW77CZPkPlvWzP
CqJZO7VRUpbnEJIFtfhcd/ns7URWdW4WEs/IrT5+Fg7CG9MJK/kPYyQblhFtk7zr
6mGkeT2gv+k36H68/TvileExJN9LkYOQZsoKC7nUegopNnQG4kHbw7M0CiXFhtVt
p7cbOT2/plDNMyRVUQf9HkJy7Jt3Rot0HHytQbL4uG2CKBZzzU8F52rjdOtYdy4B
/wyg0HtybKrravKyAL1sKnOoyBxZ0I3YlnJaWGECAwEAAaOCAm8wggJrMB0GA1Ud
DgQWBBRCzZi88dRgthwGsm23P65eMh+X1DAfBgNVHSMEGDAWgBRc9FAbdVAC2RQ+
j6ZzaBXp8Pk2lTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hQUlFHM1ZRQXRrVVBvLW1jMmdWNmZENU5wVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmYvYzFjYTA3LTk2NTgtNDQ0Ni04Y2I1LTYwY2Y5YWIxYjEzZS8x
L1FzMll2UEhVWUxZY0JySnR0ei11WGpJZmw5US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmYv
YzFjYTA3LTk2NTgtNDQ0Ni04Y2I1LTYwY2Y5YWIxYjEzZS8xL1hQUlFHM1ZRQXRr
VVBvLW1jMmdWNmZENU5wVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
hAYIKwYBBQUHAQcBAf8EdTBzMGIEAgABMFwDAwAzlAMDADObAwMAM6oDBAY+A0AD
AwJSRDALAwMFWGADBABYYhIwDAMEAFhiFQMEBVhiQDAMAwQHWGKAAwQDWGKgMAwD
BAFYYqoDBAZYYoADBAXUFwADAwDZmzANBAIAAjAHAwUDKgKAEDANBgkqhkiG9w0B
AQsFAAOCAQEAJoLThUUh89Up2r4ZZbtwpbsZLmPQhkvdaDudzUT8G7v70S0zn+Hg
alci3W/CvJIUacRcb2ThN4Fata5m5XMnIB+M5F6xdNWjHx7yj5zRrR4bHj6/Zanx
kwnP7uhDnL+2q0/eW/CWKfLyorRYSayTr+Cjg6m53o02JHKXUni1dqq0UDMmIW7w
GAMaiW2PdEc7aQPUr7+bLm1ZR1hGSz+JvPoDiis2f38aqkvzAP3Q1qt38NkttJxZ
KxOqpSVaU5VZB2tVR1Ixg1kjIZKHtnTM4rtrhaR0IsPKNrzGXvHvaLzytexeWaZ5
Nfo8ygehDS7T/eLG7WVxYMzQRqfrwHliPA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:15 2023 by rpki-client on console-fra.rpki-client.org