Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/QzChr5eHfeifWZOonz8hTEAfXf8.roa
File: QzChr5eHfeifWZOonz8hTEAfXf8.roa (raw, json)
Hash identifier: TlTYlF+6EUJBNE2t1Klg75IB22e6wWqRy7cJlJ8e1x0=
Subject key identifier: 43:30:A1:AF:97:87:7D:E8:9F:59:93:A8:9F:3F:21:4C:40:1F:5D:FF
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 184A7180
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/QzChr5eHfeifWZOonz8hTEAfXf8.roa
Signing time: Wed 19 Jan 2022 00:45:31 +0000
ROA not before: Wed 19 Jan 2022 00:45:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62240
IP address blocks: 185.133.192.0/24 maxlen: 24
185.120.7.0/24 maxlen: 24
185.117.22.0/24 maxlen: 24
185.122.56.0/24 maxlen: 24
185.122.57.0/24 maxlen: 24
185.122.58.0/24 maxlen: 32
185.122.56.0/22 maxlen: 24
185.122.59.0/24 maxlen: 32
2a06:82c2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 407531904 (0x184a7180)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 19 00:45:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4330a1af97877de89f5993a89f3f214c401f5dff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:a4:b9:67:2b:72:0c:f7:aa:64:35:a5:e9:5e:
b3:e2:6b:63:e4:6b:7c:33:e4:59:07:e1:ba:59:79:
52:22:c9:9d:9c:f8:8f:2c:44:54:1a:ae:3a:59:f8:
24:1d:d7:fd:f3:6a:59:2f:d1:e2:6b:76:90:02:1a:
a8:ef:96:08:b2:64:8b:a9:d7:e0:7d:f0:5f:f9:4f:
88:d5:62:a7:dd:ec:b3:38:eb:2c:8d:7e:9a:9c:0a:
28:87:fc:8c:ac:67:eb:ea:95:62:f7:02:83:f1:ed:
e1:9f:19:61:5d:79:85:50:5b:1a:3c:2d:5f:43:0a:
11:0c:ab:49:f3:8a:2d:b3:91:44:be:c8:64:54:1b:
e4:83:fb:21:04:a5:7f:5f:88:cd:44:28:a0:06:e0:
c2:17:b0:bf:6a:13:50:5d:c7:89:f2:4c:ae:f6:6e:
5c:30:86:83:c7:62:71:7f:16:20:0f:2b:c3:41:1d:
97:5b:36:f0:5e:6d:24:80:88:1a:93:9c:0d:d6:98:
ff:cd:0f:c7:cf:28:f0:03:9d:73:da:b4:bb:67:35:
9f:68:51:5a:f9:c8:16:58:48:8b:30:e3:16:6e:a4:
56:3a:9d:95:c9:17:c7:fe:f3:08:3f:8e:e7:63:e0:
4b:3b:4c:cf:ae:a8:0f:29:ce:48:06:a0:2a:30:82:
bf:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:30:A1:AF:97:87:7D:E8:9F:59:93:A8:9F:3F:21:4C:40:1F:5D:FF
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/QzChr5eHfeifWZOonz8hTEAfXf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.22.0/24
185.120.7.0/24
185.122.56.0/22
185.133.192.0/24
IPv6:
2a06:82c2::/48
Signature Algorithm: sha256WithRSAEncryption
53:33:5c:91:f4:db:f2:16:9f:84:b2:ea:27:b1:e8:f9:db:b9:
62:21:3a:4b:b9:44:9b:1d:70:4c:b7:c8:f0:50:6f:b0:5c:49:
cd:39:3c:13:54:81:47:9c:47:82:aa:9e:6a:94:f8:89:7e:9a:
60:b7:ae:40:69:cc:5d:be:eb:03:82:e6:72:67:88:b6:5d:e2:
aa:1a:87:eb:28:02:c1:62:5f:c4:3c:7b:1d:e4:a7:ab:ea:ea:
10:19:09:94:8f:d5:43:a4:5c:50:ba:17:5a:1f:54:d6:d6:ce:
0f:8e:28:c6:08:4b:0f:ea:b3:ae:0d:08:3d:39:90:98:ab:68:
a4:66:37:6a:72:85:f7:c8:d0:36:60:62:4c:91:89:ee:91:ca:
db:fb:a5:08:09:d6:5e:e0:c1:36:ef:ea:cb:6b:cc:ea:6b:86:
e7:d0:31:d4:eb:c2:ad:28:33:4b:ae:a6:8d:fd:d9:fe:5f:e9:
2a:46:19:95:23:fc:38:92:f6:39:33:97:f3:3c:1d:f1:68:63:
c6:ac:02:a5:52:32:ad:be:8f:03:33:f0:f1:60:f9:5e:85:74:
3e:42:9e:8a:41:8d:f6:f8:e3:b8:37:6b:aa:ec:b3:a8:22:21:
f6:44:b7:b9:6b:2c:58:ab:ea:ae:e7:21:23:ad:bd:b3:ab:6e:
d5:b7:f2:22
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIEGEpxgDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDEx
OTAwNDUzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDMzMGExYWY5Nzg3
N2RlODlmNTk5M2E4OWYzZjIxNGM0MDFmNWRmZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMCkuWcrcgz3qmQ1peles+JrY+RrfDPkWQfhull5UiLJnZz4
jyxEVBquOln4JB3X/fNqWS/R4mt2kAIaqO+WCLJki6nX4H3wX/lPiNVip93sszjr
LI1+mpwKKIf8jKxn6+qVYvcCg/Ht4Z8ZYV15hVBbGjwtX0MKEQyrSfOKLbORRL7I
ZFQb5IP7IQSlf1+IzUQooAbgwhewv2oTUF3HifJMrvZuXDCGg8dicX8WIA8rw0Ed
l1s28F5tJICIGpOcDdaY/80Px88o8AOdc9q0u2c1n2hRWvnIFlhIizDjFm6kVjqd
lckXx/7zCD+O52PgSztMz66oDynOSAagKjCCv78CAwEAAaOCAiwwggIoMB0GA1Ud
DgQWBBRDMKGvl4d96J9Zk6ifPyFMQB9d/zAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L1F6Q2hyNWVIZmVpZldaT29uejhoVEVBZlhmOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBC
BggrBgEFBQcBBwEB/wQzMDEwHgQCAAEwGAMEALl1FgMEALl4BwMEArl6OAMEALmF
wDAPBAIAAjAJAwcAKgaCwgAAMA0GCSqGSIb3DQEBCwUAA4IBAQBTM1yR9NvyFp+E
suonsej527liITpLuUSbHXBMt8jwUG+wXEnNOTwTVIFHnEeCqp5qlPiJfppgt65A
acxdvusDguZyZ4i2XeKqGofrKALBYl/EPHsd5Ker6uoQGQmUj9VDpFxQuhdaH1TW
1s4PjijGCEsP6rOuDQg9OZCYq2ikZjdqcoX3yNA2YGJMkYnukcrb+6UICdZe4ME2
7+rLa8zqa4bn0DHU68KtKDNLrqaN/dn+X+kqRhmVI/w4kvY5M5fzPB3xaGPGrAKl
UjKtvo8DM/DxYPlehXQ+Qp6KQY32+OO4N2uq7LOoIiH2RLe5ayxYq+qu5yEjrb2z
q27Vt/Ii
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:09 2023 by rpki-client on console-ams.rpki-client.org