Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/487c15-6f6f-407f-949f-a8e4e71bee51/1/nqiKJ4CHmVmZyja_xl__dgiCwWI.roa
File: nqiKJ4CHmVmZyja_xl__dgiCwWI.roa (raw, json)
Hash identifier: hK3VDUcr9r/dxgoBdNeKZP5rOqzzG/cqNqhJDlm4wcQ=
Subject key identifier: 9E:A8:8A:27:80:87:99:59:99:CA:36:BF:C6:5F:FF:76:08:82:C1:62
Certificate issuer: /CN=42c4c90ed16aa20e49178420bfc84a883c12ac68
Certificate serial: 018571B0F1395BAFB25FD6B146C09B27326B
Authority key identifier: 42:C4:C9:0E:D1:6A:A2:0E:49:17:84:20:BF:C8:4A:88:3C:12:AC:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QsTJDtFqog5JF4Qgv8hKiDwSrGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/487c15-6f6f-407f-949f-a8e4e71bee51/1/nqiKJ4CHmVmZyja_xl__dgiCwWI.roa
Signing time: Mon 02 Jan 2023 08:54:59 +0000
ROA not before: Mon 02 Jan 2023 08:54:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202254
IP address blocks: 212.108.132.0/24 maxlen: 24
212.108.128.0/19 maxlen: 24
212.108.134.0/24 maxlen: 24
185.206.71.0/24 maxlen: 24
194.146.158.0/24 maxlen: 24
194.146.157.0/24 maxlen: 24
194.146.159.0/24 maxlen: 24
194.146.156.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b0:f1:39:5b:af:b2:5f:d6:b1:46:c0:9b:27:32:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42c4c90ed16aa20e49178420bfc84a883c12ac68
Validity
Not Before: Jan 2 08:54:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9ea88a278087995999ca36bfc65fff760882c162
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:29:83:af:8c:db:22:3b:44:0c:58:5b:6c:da:
b8:7b:b9:b4:55:31:82:df:7d:0f:60:67:44:4e:32:
86:fe:08:c8:1d:5e:81:57:10:c1:d3:d1:7d:de:7d:
9e:80:b9:37:4a:46:07:b2:71:45:57:12:2e:94:b3:
2b:8a:18:29:17:ec:e1:75:2c:0a:28:89:d6:26:6d:
a9:6c:0d:dc:67:37:a9:7c:96:c1:2e:f6:15:29:eb:
b2:31:e5:ee:11:55:75:24:2a:00:7b:55:e8:3e:06:
5a:e0:3a:47:87:c2:ef:eb:3f:a0:e9:21:d3:1d:5c:
b4:66:24:b3:84:02:d9:47:c5:f1:25:37:10:47:cb:
6a:79:9b:d2:42:a2:db:1e:6c:88:56:8e:db:60:41:
2a:e3:6d:6e:48:5b:df:40:f4:f8:8b:ee:c7:b4:8e:
fa:d0:9e:0a:60:f9:a0:6d:fc:5e:26:ef:c3:f9:4d:
10:68:7a:ba:dc:ca:f4:45:9c:4e:cd:a3:fa:09:03:
e0:40:21:b6:34:c7:65:73:7a:b3:14:bb:e8:3b:33:
c5:f9:22:c7:bb:17:d6:00:bb:ce:05:a5:3c:1a:a2:
ea:1f:26:12:ec:e1:6d:19:1e:6b:17:63:d3:3c:93:
76:2f:94:10:7d:3a:75:a3:52:fe:1f:c6:48:73:db:
7d:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:A8:8A:27:80:87:99:59:99:CA:36:BF:C6:5F:FF:76:08:82:C1:62
X509v3 Authority Key Identifier:
keyid:42:C4:C9:0E:D1:6A:A2:0E:49:17:84:20:BF:C8:4A:88:3C:12:AC:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QsTJDtFqog5JF4Qgv8hKiDwSrGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/487c15-6f6f-407f-949f-a8e4e71bee51/1/nqiKJ4CHmVmZyja_xl__dgiCwWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/487c15-6f6f-407f-949f-a8e4e71bee51/1/QsTJDtFqog5JF4Qgv8hKiDwSrGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.206.71.0/24
194.146.156.0/22
212.108.128.0/19
Signature Algorithm: sha256WithRSAEncryption
4c:27:f4:4f:74:16:6f:30:bf:bf:40:06:fe:cc:90:24:32:0b:
5e:f6:38:83:69:af:f2:13:c2:26:3d:36:19:55:2c:5a:ba:8b:
18:70:0d:14:2a:a5:08:8b:48:69:67:03:4b:4e:0f:06:bb:87:
de:f5:85:59:22:2a:2a:ba:ba:f2:91:09:f9:13:dc:c8:17:34:
d2:7f:97:7e:b4:48:c8:63:95:61:eb:42:56:10:58:0c:a4:48:
27:a4:27:3f:b2:b9:0c:2b:06:16:92:f6:50:f0:dd:68:3b:87:
6d:d4:04:0f:6c:d4:d2:47:ef:cf:62:cc:b1:82:a7:a9:93:f5:
6c:90:a8:af:8d:25:95:72:82:08:e4:5b:09:38:8c:fc:cc:66:
11:0b:c2:73:cf:97:00:89:eb:70:34:c3:f3:41:b0:be:d6:ed:
4b:14:9b:ee:eb:98:d1:fc:cb:87:62:77:bc:f1:60:6a:ae:1d:
89:08:5f:6d:ed:6f:c9:07:fb:64:30:ca:53:7b:40:86:e5:94:
99:63:ad:d9:e5:fa:b7:b3:07:e1:c7:d7:d1:49:ac:73:f0:8c:
06:a0:0e:39:2f:8e:51:96:f3:06:09:fb:6c:5b:bb:ea:2a:1d:
6b:37:1a:8b:8c:06:da:ef:51:d7:6d:df:af:4e:56:33:da:a2:
8e:5d:95:b5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVxsPE5W6+yX9axRsCbJzJrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyYzRjOTBlZDE2YWEyMGU0OTE3ODQyMGJmYzg0YTg4M2Mx
MmFjNjgwHhcNMjMwMTAyMDg1NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWE4OGEyNzgwODc5OTU5OTljYTM2YmZjNjVmZmY3NjA4ODJjMTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhimDr4zbIjtEDFhbbNq4e7m0VTGC
330PYGdETjKG/gjIHV6BVxDB09F93n2egLk3SkYHsnFFVxIulLMrihgpF+zhdSwK
KInWJm2pbA3cZzepfJbBLvYVKeuyMeXuEVV1JCoAe1XoPgZa4DpHh8Lv6z+g6SHT
HVy0ZiSzhALZR8XxJTcQR8tqeZvSQqLbHmyIVo7bYEEq421uSFvfQPT4i+7HtI76
0J4KYPmgbfxeJu/D+U0QaHq63Mr0RZxOzaP6CQPgQCG2NMdlc3qzFLvoOzPF+SLH
uxfWALvOBaU8GqLqHyYS7OFtGR5rF2PTPJN2L5QQfTp1o1L+H8ZIc9t9FwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ6oiieAh5lZmco2v8Zf/3YIgsFiMB8GA1UdIwQY
MBaAFELEyQ7RaqIOSReEIL/ISog8EqxoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXNUSkR0RnFvZzVKRjRRZ3Y4aEtpRHdTckdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS80ODdjMTUtNmY2Zi00MDdmLTk0OWYt
YThlNGU3MWJlZTUxLzEvbnFpS0o0Q0htVm1aeWphX3hsX19kZ2lDd1dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS80ODdjMTUtNmY2Zi00MDdmLTk0OWYtYThlNGU3MWJlZTUx
LzEvUXNUSkR0RnFvZzVKRjRRZ3Y4aEtpRHdTckdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuc5HAwQC
wpKcAwQF1GyAMA0GCSqGSIb3DQEBCwUAA4IBAQBMJ/RPdBZvML+/QAb+zJAkMgte
9jiDaa/yE8ImPTYZVSxauosYcA0UKqUIi0hpZwNLTg8Gu4fe9YVZIioqurrykQn5
E9zIFzTSf5d+tEjIY5Vh60JWEFgMpEgnpCc/srkMKwYWkvZQ8N1oO4dt1AQPbNTS
R+/PYsyxgqepk/VskKivjSWVcoII5FsJOIz8zGYRC8Jzz5cAietwNMPzQbC+1u1L
FJvu65jR/MuHYne88WBqrh2JCF9t7W/JB/tkMMpTe0CG5ZSZY63Z5fq3swfhx9fR
Saxz8IwGoA45L45RlvMGCftsW7vqKh1rNxqLjAba71HXbd+vTlYz2qKOXZW1
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:00:04 2025 by rpki-client