Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/qkNiABjwSjCtxAMetYf_yca-cyM.roa
File: qkNiABjwSjCtxAMetYf_yca-cyM.roa (raw, json)
Hash identifier: citSq0cM2uQ6u3rIT48ZT6SiWFKs7STz3Y+wz9MnAEU=
Subject key identifier: AA:43:62:00:18:F0:4A:30:AD:C4:03:1E:B5:87:FF:C9:C6:BE:73:23
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 198B3C2A
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/qkNiABjwSjCtxAMetYf_yca-cyM.roa
Signing time: Fri 08 Apr 2022 09:21:06 +0000
ROA not before: Fri 08 Apr 2022 09:21:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 26636
IP address blocks: 45.12.232.0/24 maxlen: 32
45.82.206.0/23 maxlen: 32
185.182.60.0/24 maxlen: 32
92.119.150.0/23 maxlen: 32
91.188.203.0/24 maxlen: 32
193.187.155.0/24 maxlen: 24
193.187.154.0/24 maxlen: 24
193.187.153.0/24 maxlen: 24
45.14.46.0/24 maxlen: 32
45.10.3.0/24 maxlen: 32
2.59.174.0/23 maxlen: 32
213.232.104.0/24 maxlen: 24
193.160.212.0/24 maxlen: 24
5.181.148.0/23 maxlen: 32
185.226.75.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 428555306 (0x198b3c2a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Apr 8 09:21:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aa43620018f04a30adc4031eb587ffc9c6be7323
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:f8:57:a5:5c:ae:40:fd:3f:9a:40:5f:7c:58:
ba:0e:0b:ad:21:66:0c:5d:57:44:56:b3:ad:2e:7a:
08:fe:20:85:57:14:be:5d:57:80:ea:02:40:2b:7a:
e5:e2:76:e8:6c:55:3f:a4:62:73:55:e6:ab:1e:59:
23:27:4a:cd:02:b2:13:85:78:44:e8:e2:c0:31:69:
e4:85:51:9f:02:ac:fa:72:65:34:3d:58:da:2a:4a:
c1:b0:8b:19:6f:8e:62:71:f2:c7:dd:92:a5:c6:2d:
d4:53:0f:f8:00:2c:bb:6f:7f:5e:70:a8:71:92:16:
4b:62:d4:54:98:8d:34:d2:1b:4c:63:c3:ba:58:55:
0f:1d:9f:d3:ea:66:fc:b4:e2:11:f8:b0:dc:10:27:
be:8e:e3:6c:ff:82:8b:d4:4b:49:65:e2:eb:4c:45:
09:fb:d5:bb:b6:e4:26:e8:ef:a5:5d:35:e1:84:c2:
3f:ab:58:4c:6b:64:ea:f3:09:8e:92:5c:27:ef:f2:
09:e2:59:39:cf:c8:d1:f2:00:d8:2c:f4:5e:59:2d:
4c:08:3a:94:fa:a0:f3:32:cb:b8:bc:d6:44:24:07:
91:46:42:b0:ad:2b:d7:c9:8d:ea:e9:51:4a:ac:7a:
d1:51:e5:ef:21:1b:22:a9:4f:59:c5:3b:9b:a3:ca:
ba:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:43:62:00:18:F0:4A:30:AD:C4:03:1E:B5:87:FF:C9:C6:BE:73:23
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/qkNiABjwSjCtxAMetYf_yca-cyM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.174.0/23
5.181.148.0/23
45.10.3.0/24
45.12.232.0/24
45.14.46.0/24
45.82.206.0/23
91.188.203.0/24
92.119.150.0/23
185.182.60.0/24
185.226.75.0/24
193.160.212.0/24
193.187.153.0-193.187.155.255
213.232.104.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:80:bb:90:11:39:b6:dc:cc:1c:33:e0:f0:78:3c:31:50:77:
18:f5:22:fa:a4:af:22:0f:d8:bf:17:77:5a:5f:12:c1:40:23:
93:0c:9e:21:68:8f:6c:b9:7e:bf:3f:18:94:34:1d:fd:5c:ba:
db:67:5a:f3:59:51:79:11:5d:02:bc:c8:cf:03:12:25:5f:cc:
af:ae:90:63:23:e6:00:59:62:60:d6:62:8c:5b:04:60:8b:03:
64:4e:02:cf:03:66:2b:0b:00:2d:65:c3:df:fa:57:fb:7e:a7:
9c:91:8c:d7:c7:ee:a4:59:01:97:55:4b:e4:53:99:91:c4:3b:
37:b9:cd:61:ed:39:af:ec:dc:e0:38:cc:83:f9:81:0a:d4:87:
bd:56:3a:61:59:8d:32:3b:9f:c4:78:4f:c5:77:1a:31:c7:94:
89:72:45:5a:28:f1:f1:a2:9d:d8:c1:39:04:d7:54:d1:6a:36:
99:1e:3d:d5:07:1b:04:04:83:2e:b7:f1:b4:9b:f9:9a:15:bf:
e5:29:f1:7b:93:55:ee:40:e3:96:78:f0:52:87:28:d1:8a:fe:
44:56:05:70:fa:33:33:14:ab:f1:80:ff:1f:86:81:b3:8e:d8:
fd:e4:c8:1f:79:bb:e8:50:ed:35:a3:ff:cb:6f:fe:97:0c:fa:
06:7a:7d:9e
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIEGYs8KjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDQw
ODA5MjEwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWE0MzYyMDAxOGYw
NGEzMGFkYzQwMzFlYjU4N2ZmYzljNmJlNzMyMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMb4V6VcrkD9P5pAX3xYug4LrSFmDF1XRFazrS56CP4ghVcU
vl1XgOoCQCt65eJ26GxVP6Ric1Xmqx5ZIydKzQKyE4V4ROjiwDFp5IVRnwKs+nJl
ND1Y2ipKwbCLGW+OYnHyx92SpcYt1FMP+AAsu29/XnCocZIWS2LUVJiNNNIbTGPD
ulhVDx2f0+pm/LTiEfiw3BAnvo7jbP+Ci9RLSWXi60xFCfvVu7bkJujvpV014YTC
P6tYTGtk6vMJjpJcJ+/yCeJZOc/I0fIA2Cz0XlktTAg6lPqg8zLLuLzWRCQHkUZC
sK0r18mN6ulRSqx60VHl7yEbIqlPWcU7m6PKursCAwEAAaOCAlkwggJVMB0GA1Ud
DgQWBBSqQ2IAGPBKMK3EAx61h//Jxr5zIzAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L3FrTmlBQmp3U2pDdHhBTWV0WWZfeWNhLWN5TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBv
BggrBgEFBQcBBwEB/wRgMF4wXAQCAAEwVgMEAQI7rgMEAQW1lAMEAC0KAwMEAC0M
6AMEAC0OLgMEAS1SzgMEAFu8ywMEAVx3lgMEALm2PAMEALniSwMEAMGg1DAMAwQA
wbuZAwQCwbuYAwQA1ehoMA0GCSqGSIb3DQEBCwUAA4IBAQC2gLuQETm23MwcM+Dw
eDwxUHcY9SL6pK8iD9i/F3daXxLBQCOTDJ4haI9suX6/PxiUNB39XLrbZ1rzWVF5
EV0CvMjPAxIlX8yvrpBjI+YAWWJg1mKMWwRgiwNkTgLPA2YrCwAtZcPf+lf7fqec
kYzXx+6kWQGXVUvkU5mRxDs3uc1h7Tmv7NzgOMyD+YEK1Ie9VjphWY0yO5/EeE/F
dxoxx5SJckVaKPHxop3YwTkE11TRajaZHj3VBxsEBIMut/G0m/maFb/lKfF7k1Xu
QOOWePBShyjRiv5EVgVw+jMzFKvxgP8fhoGzjtj95MgfebvoUO01o//Lb/6XDPoG
en2e
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:18 2023 by rpki-client on console-fra.rpki-client.org