Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/e27d71-efbc-47ef-9840-e74d8d1d4e02/1/qXFUXj177x7tlFFn5pbw9wEfHyI.roa
File: qXFUXj177x7tlFFn5pbw9wEfHyI.roa (raw, json)
Hash identifier: 9eeZYkqtNUAzH+xyQ/nzQjzCJ33ebtGNsz9Q0K4dqnU=
Subject key identifier: A9:71:54:5E:3D:7B:EF:1E:ED:94:51:67:E6:96:F0:F7:01:1F:1F:22
Certificate issuer: /CN=9b6b7b3ea60efb4a579a4f5e237ea7a88d3bc078
Certificate serial: 01825E7C572C4DBE491C05576C95F2DE0DB0
Authority key identifier: 9B:6B:7B:3E:A6:0E:FB:4A:57:9A:4F:5E:23:7E:A7:A8:8D:3B:C0:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m2t7PqYO-0pXmk9eI36nqI07wHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/e27d71-efbc-47ef-9840-e74d8d1d4e02/1/qXFUXj177x7tlFFn5pbw9wEfHyI.roa
Signing time: Tue 02 Aug 2022 12:16:23 +0000
ROA not before: Tue 02 Aug 2022 12:16:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 13110
IP address blocks: 194.24.164.0/23 maxlen: 23
94.127.104.0/21 maxlen: 21
80.87.32.0/20 maxlen: 20
109.173.128.0/17 maxlen: 17
85.221.128.0/17 maxlen: 17
185.44.172.0/22 maxlen: 22
151.249.80.0/21 maxlen: 21
46.228.80.0/20 maxlen: 20
77.65.0.0/17 maxlen: 17
195.160.180.0/23 maxlen: 23
62.21.0.0/17 maxlen: 17
88.151.136.0/21 maxlen: 21
46.238.64.0/18 maxlen: 18
185.14.72.0/22 maxlen: 22
2001:4020::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:5e:7c:57:2c:4d:be:49:1c:05:57:6c:95:f2:de:0d:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b6b7b3ea60efb4a579a4f5e237ea7a88d3bc078
Validity
Not Before: Aug 2 12:16:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a971545e3d7bef1eed945167e696f0f7011f1f22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ac:c8:93:a4:9e:54:cf:c4:41:93:63:0f:7e:
55:8d:b6:81:c1:1d:f9:9b:ac:44:83:c9:e0:1f:28:
9f:74:fe:74:f0:b3:60:56:f2:b2:ca:3f:89:06:4f:
0c:dc:f9:f7:72:43:d8:54:7c:b4:d6:2e:8b:35:de:
a9:b0:c0:fd:74:ec:fb:50:d9:06:97:c0:1e:60:b5:
e1:18:1e:7e:f1:bc:c8:e4:6b:30:54:eb:5a:7a:6f:
73:e3:57:3c:b0:1b:0d:4b:04:60:5a:2a:1b:a1:aa:
7e:a1:81:d7:e0:7e:ec:7b:44:8e:ad:1d:f0:0e:c3:
82:b1:90:0e:27:a6:4c:04:7b:4d:c2:a3:b2:95:c5:
6d:8e:c4:c7:ea:b4:3e:ed:71:28:ef:e9:7d:c6:c6:
91:2f:dc:d1:d8:91:6d:97:8b:fc:e8:ec:ec:b1:24:
53:26:15:3f:9d:ee:67:7e:5a:47:25:5b:59:c3:e2:
ed:d8:e4:45:75:69:79:09:2a:0c:1e:9d:9c:5e:67:
07:22:ce:0b:b4:5b:cd:55:62:e4:b0:67:34:36:f6:
ed:f1:c5:96:83:e1:19:13:7b:12:be:77:33:08:96:
d4:3d:8e:46:fa:9c:53:bd:00:c7:38:ee:5c:17:13:
13:ae:13:b8:d9:ad:fc:cb:06:8f:ba:4c:46:cd:30:
05:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:71:54:5E:3D:7B:EF:1E:ED:94:51:67:E6:96:F0:F7:01:1F:1F:22
X509v3 Authority Key Identifier:
keyid:9B:6B:7B:3E:A6:0E:FB:4A:57:9A:4F:5E:23:7E:A7:A8:8D:3B:C0:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m2t7PqYO-0pXmk9eI36nqI07wHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/e27d71-efbc-47ef-9840-e74d8d1d4e02/1/qXFUXj177x7tlFFn5pbw9wEfHyI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/e27d71-efbc-47ef-9840-e74d8d1d4e02/1/m2t7PqYO-0pXmk9eI36nqI07wHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.228.80.0/20
46.238.64.0/18
62.21.0.0/17
77.65.0.0/17
80.87.32.0/20
85.221.128.0/17
88.151.136.0/21
94.127.104.0/21
109.173.128.0/17
151.249.80.0/21
185.14.72.0/22
185.44.172.0/22
194.24.164.0/23
195.160.180.0/23
IPv6:
2001:4020::/32
Signature Algorithm: sha256WithRSAEncryption
9e:90:29:38:4a:40:a7:48:fa:fe:69:0a:52:4c:80:6b:45:f6:
6c:6d:68:28:af:2c:45:87:63:04:e7:00:11:c8:9a:ff:5c:5b:
a1:fb:4d:2e:e8:03:59:a6:25:5a:f5:f5:36:42:8c:ae:13:bd:
bc:c9:29:f3:2f:db:fd:7a:54:f2:9a:9d:72:76:75:f4:54:dd:
f1:8e:78:27:91:d0:54:b9:29:e6:81:76:14:98:5a:bb:53:80:
cc:89:18:3f:a1:ef:f9:00:0a:fe:74:b8:b0:11:50:d9:ec:e8:
75:1f:39:28:7f:97:a8:91:e7:77:d0:94:cf:f1:e4:c1:bd:c7:
b3:15:d3:4a:87:91:80:40:dd:55:5a:2b:a2:51:fa:5e:9f:11:
21:90:40:15:67:0f:50:9e:fb:f5:78:0e:4f:62:b8:11:4f:31:
be:37:f1:9d:52:23:bf:36:ef:9d:fa:22:8c:fd:74:c9:ea:29:
e4:32:33:b6:e5:64:d6:15:fb:8a:58:68:9d:2b:17:4f:dd:5a:
85:ff:0f:77:65:15:af:78:eb:f3:9b:83:f1:6c:4a:91:26:7e:
b7:09:a0:24:dd:62:6b:31:0a:77:bb:24:7d:15:86:b3:08:37:
24:2c:92:93:11:7d:92:21:a1:21:7a:ae:48:d7:13:b1:6e:1c:
ba:e6:06:84
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAYJefFcsTb5JHAVXbJXy3g2wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliNmI3YjNlYTYwZWZiNGE1NzlhNGY1ZTIzN2VhN2E4OGQz
YmMwNzgwHhcNMjIwODAyMTIxNjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTcxNTQ1ZTNkN2JlZjFlZWQ5NDUxNjdlNjk2ZjBmNzAxMWYxZjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqzIk6SeVM/EQZNjD35VjbaBwR35
m6xEg8ngHyifdP508LNgVvKyyj+JBk8M3Pn3ckPYVHy01i6LNd6psMD9dOz7UNkG
l8AeYLXhGB5+8bzI5GswVOtaem9z41c8sBsNSwRgWioboap+oYHX4H7se0SOrR3w
DsOCsZAOJ6ZMBHtNwqOylcVtjsTH6rQ+7XEo7+l9xsaRL9zR2JFtl4v86OzssSRT
JhU/ne5nflpHJVtZw+Lt2ORFdWl5CSoMHp2cXmcHIs4LtFvNVWLksGc0Nvbt8cWW
g+EZE3sSvnczCJbUPY5G+pxTvQDHOO5cFxMTrhO42a38ywaPukxGzTAFrQIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFKlxVF49e+8e7ZRRZ+aW8PcBHx8iMB8GA1UdIwQY
MBaAFJtrez6mDvtKV5pPXiN+p6iNO8B4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTJ0N1BxWU8tMHBYbWs5ZUkzNm5xSTA3d0hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9lMjdkNzEtZWZiYy00N2VmLTk4NDAt
ZTc0ZDhkMWQ0ZTAyLzEvcVhGVVhqMTc3eDd0bEZGbjVwYnc5d0VmSHlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9lMjdkNzEtZWZiYy00N2VmLTk4NDAtZTc0ZDhkMWQ0ZTAy
LzEvbTJ0N1BxWU8tMHBYbWs5ZUkzNm5xSTA3d0hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBaBAIAATBUAwQELuRQAwQG
Lu5AAwQHPhUAAwQHTUEAAwQEUFcgAwQHVd2AAwQDWJeIAwQDXn9oAwQHba2AAwQD
l/lQAwQCuQ5IAwQCuSysAwQBwhikAwQBw6C0MA0EAgACMAcDBQAgAUAgMA0GCSqG
SIb3DQEBCwUAA4IBAQCekCk4SkCnSPr+aQpSTIBrRfZsbWgoryxFh2ME5wARyJr/
XFuh+00u6ANZpiVa9fU2QoyuE728ySnzL9v9elTymp1ydnX0VN3xjngnkdBUuSnm
gXYUmFq7U4DMiRg/oe/5AAr+dLiwEVDZ7Oh1Hzkof5eoked30JTP8eTBvcezFdNK
h5GAQN1VWiuiUfpenxEhkEAVZw9Qnvv1eA5PYrgRTzG+N/GdUiO/Nu+d+iKM/XTJ
6inkMjO25WTWFfuKWGidKxdP3VqF/w93ZRWveOvzm4PxbEqRJn63CaAk3WJrMQp3
uyR9FYazCDckLJKTEX2SIaEheq5I1xOxbhy65gaE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:58 2024 by rpki-client on console-fra.rpki-client.org