Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/tqbY_l0iJdcU1x-2MNZZLRiIRQ4.roa
File: tqbY_l0iJdcU1x-2MNZZLRiIRQ4.roa (raw, json)
Hash identifier: qdqGEfevpwVIMUqNRp9eZ0X71mAEYF+xKtZTYHQFB2s=
Subject key identifier: B6:A6:D8:FE:5D:22:25:D7:14:D7:1F:B6:30:D6:59:2D:18:88:45:0E
Certificate issuer: /CN=4b529a4d22faef23135d6eff8912266623c49255
Certificate serial: 38B32474
Authority key identifier: 4B:52:9A:4D:22:FA:EF:23:13:5D:6E:FF:89:12:26:66:23:C4:92:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/tqbY_l0iJdcU1x-2MNZZLRiIRQ4.roa
Signing time: Mon 02 May 2022 09:44:09 +0000
ROA not before: Mon 02 May 2022 09:44:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42705
IP address blocks: 80.251.0.0/20 maxlen: 20
80.251.10.0/24 maxlen: 24
80.251.11.0/24 maxlen: 24
85.31.64.0/19 maxlen: 24
5.11.16.0/24 maxlen: 24
5.11.17.0/24 maxlen: 24
5.11.16.0/22 maxlen: 22
5.11.24.0/23 maxlen: 23
5.11.24.0/21 maxlen: 21
5.11.24.0/24 maxlen: 24
5.11.26.0/23 maxlen: 23
5.11.25.0/24 maxlen: 24
5.11.28.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 951264372 (0x38b32474)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b529a4d22faef23135d6eff8912266623c49255
Validity
Not Before: May 2 09:44:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b6a6d8fe5d2225d714d71fb630d6592d1888450e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:09:e5:8d:b6:9a:d3:cf:99:2d:40:2b:14:82:
a4:42:50:b6:67:23:5d:14:45:49:1f:01:11:b2:cd:
37:38:7c:54:9e:49:67:33:76:7b:2c:f7:3a:32:09:
5c:07:1d:af:eb:a0:77:4e:55:22:10:e5:6a:30:cd:
c1:be:19:84:25:be:b5:e7:bd:7f:50:d7:23:94:c4:
fd:17:24:6b:7c:4b:54:f0:f4:b3:15:e4:1e:86:b0:
41:0c:90:b7:9f:7a:e0:5e:a6:7b:0d:96:9e:be:be:
7c:d0:43:a6:7a:09:df:7f:f5:43:49:50:a2:63:0b:
88:e8:ca:cd:32:67:87:b6:24:d4:40:cc:84:5f:39:
8e:a7:1e:af:5a:f3:39:0f:ea:29:ae:cd:e0:03:5f:
ce:bf:9a:83:4a:c3:eb:5c:df:92:25:b2:13:97:cd:
c8:8d:5c:1a:f7:b0:ae:7e:2d:20:bb:72:ae:9e:b7:
fe:25:00:70:f4:b8:80:40:8e:8e:09:a8:e2:5f:7e:
02:cc:2f:22:58:0f:e7:da:54:c5:d9:09:2f:aa:45:
77:69:04:af:15:2b:92:94:e7:0d:71:96:6a:3e:43:
95:ad:d9:06:65:5f:d1:0d:e9:51:5d:22:0a:b2:e6:
5b:2f:09:27:82:53:96:c8:44:a5:d0:73:ac:d1:f9:
0e:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:A6:D8:FE:5D:22:25:D7:14:D7:1F:B6:30:D6:59:2D:18:88:45:0E
X509v3 Authority Key Identifier:
keyid:4B:52:9A:4D:22:FA:EF:23:13:5D:6E:FF:89:12:26:66:23:C4:92:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/tqbY_l0iJdcU1x-2MNZZLRiIRQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/S1KaTSL67yMTXW7_iRImZiPEklU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.11.16.0/22
5.11.24.0/21
80.251.0.0/20
85.31.64.0/19
Signature Algorithm: sha256WithRSAEncryption
9b:b5:ef:05:96:b8:02:b6:5a:1a:f3:83:50:19:7a:ff:08:11:
fa:b2:61:2e:96:2b:d8:f3:ca:2c:8f:ee:a0:98:03:46:58:9c:
74:d7:aa:83:33:c3:23:d7:da:43:d0:63:ca:96:8c:d3:fa:ed:
0d:05:e7:43:e9:2e:df:8c:65:5a:cc:51:5e:89:fc:a4:33:a2:
13:a5:94:72:fb:25:50:02:8f:8b:92:20:ec:48:85:a2:0a:31:
5d:98:93:de:59:1e:ff:2a:f4:25:15:ab:9e:88:a3:a6:78:f2:
9e:86:b7:3b:1b:13:8a:72:e8:fd:52:b0:12:d1:65:7f:64:7e:
29:8e:67:fa:39:41:86:70:9b:f3:c8:c1:53:cc:e2:bd:a9:34:
18:68:32:f3:28:17:7f:2d:28:64:d7:25:9a:25:7d:8d:e9:ac:
ac:84:30:ba:4a:55:9f:45:83:1c:77:88:28:0c:3e:5a:3d:84:
46:69:ac:3f:9b:d2:74:f1:14:aa:e3:60:83:60:02:77:4a:78:
c4:03:f6:03:b4:0f:d7:37:0a:49:1b:c9:dc:ff:17:f1:57:e3:
c7:bc:ca:2e:fa:8c:a8:8d:b5:72:77:c4:9f:69:68:20:ea:dc:
af:e0:17:0e:f8:c7:4a:b2:7f:bb:d1:d5:8c:28:78:a6:5b:ad:
61:3f:26:13
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEOLMkdDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YjUyOWE0ZDIyZmFlZjIzMTM1ZDZlZmY4OTEyMjY2NjIzYzQ5MjU1MB4XDTIyMDUw
MjA5NDQwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjZhNmQ4ZmU1ZDIy
MjVkNzE0ZDcxZmI2MzBkNjU5MmQxODg4NDUwZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALQJ5Y22mtPPmS1AKxSCpEJQtmcjXRRFSR8BEbLNNzh8VJ5J
ZzN2eyz3OjIJXAcdr+ugd05VIhDlajDNwb4ZhCW+tee9f1DXI5TE/Rcka3xLVPD0
sxXkHoawQQyQt5964F6mew2Wnr6+fNBDpnoJ33/1Q0lQomMLiOjKzTJnh7Yk1EDM
hF85jqcer1rzOQ/qKa7N4ANfzr+ag0rD61zfkiWyE5fNyI1cGvewrn4tILtyrp63
/iUAcPS4gECOjgmo4l9+AswvIlgP59pUxdkJL6pFd2kErxUrkpTnDXGWaj5Dla3Z
BmVf0Q3pUV0iCrLmWy8JJ4JTlshEpdBzrNH5DusCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBS2ptj+XSIl1xTXH7Yw1lktGIhFDjAfBgNVHSMEGDAWgBRLUppNIvrvIxNd
bv+JEiZmI8SSVTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1MxS2FUU0w2N3lNVFhXN19pUkltWmlQRWtsVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDMvMWQ5YjA1LWVjNjEtNGMzMy1hMDk3LTM2YWU3NmVlOTgzZS8x
L3RxYllfbDBpSmRjVTF4LTJNTlpaTFJpSVJRNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDMv
MWQ5YjA1LWVjNjEtNGMzMy1hMDk3LTM2YWU3NmVlOTgzZS8xL1MxS2FUU0w2N3lN
VFhXN19pUkltWmlQRWtsVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAgULEAMEAwULGAMEBFD7AAMEBVUf
QDANBgkqhkiG9w0BAQsFAAOCAQEAm7XvBZa4ArZaGvODUBl6/wgR+rJhLpYr2PPK
LI/uoJgDRlicdNeqgzPDI9faQ9BjypaM0/rtDQXnQ+ku34xlWsxRXon8pDOiE6WU
cvslUAKPi5Ig7EiFogoxXZiT3lke/yr0JRWrnoijpnjynoa3OxsTinLo/VKwEtFl
f2R+KY5n+jlBhnCb88jBU8zivak0GGgy8ygXfy0oZNclmiV9jemsrIQwukpVn0WD
HHeIKAw+Wj2ERmmsP5vSdPEUquNgg2ACd0p4xAP2A7QP1zcKSRvJ3P8X8Vfjx7zK
LvqMqI21cnfEn2loIOrcr+AXDvjHSrJ/u9HVjCh4plutYT8mEw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:06 2024 by rpki-client on console-fra.rpki-client.org