Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/792372-3d2a-44fd-91a0-f4272eec280d/1/qhlv15MqjsACT9uLwx7osKYzU5k.roa
File: qhlv15MqjsACT9uLwx7osKYzU5k.roa (raw, json)
Hash identifier: RsKGYB8JnUQG+tkxrYVVHE5rO+F9+QWjKhWyzDOlYT4=
Subject key identifier: AA:19:6F:D7:93:2A:8E:C0:02:4F:DB:8B:C3:1E:E8:B0:A6:33:53:99
Certificate issuer: /CN=5b3358110dadf224e719914161731df5e56c4188
Certificate serial: 0563C0A6
Authority key identifier: 5B:33:58:11:0D:AD:F2:24:E7:19:91:41:61:73:1D:F5:E5:6C:41:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WzNYEQ2t8iTnGZFBYXMd9eVsQYg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/792372-3d2a-44fd-91a0-f4272eec280d/1/qhlv15MqjsACT9uLwx7osKYzU5k.roa
Signing time: Sat 01 Jan 2022 12:54:06 +0000
ROA not before: Sat 01 Jan 2022 12:54:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 28979
IP address blocks: 194.127.216.0/21 maxlen: 21
194.127.217.0/24 maxlen: 24
194.127.215.0/24 maxlen: 24
194.127.218.0/24 maxlen: 24
194.127.219.0/24 maxlen: 24
185.204.240.0/23 maxlen: 23
185.204.242.0/23 maxlen: 23
2a04:b647:fffe::/48 maxlen: 48
2a04:b647::/32 maxlen: 32
2a04:b647:ffff::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90423462 (0x563c0a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b3358110dadf224e719914161731df5e56c4188
Validity
Not Before: Jan 1 12:54:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aa196fd7932a8ec0024fdb8bc31ee8b0a6335399
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:fb:15:1b:b2:8d:99:27:46:9d:9d:36:f2:4c:
93:6c:a7:35:9e:44:f8:ed:e3:06:d8:1d:67:f1:d5:
9b:45:aa:91:a1:1c:83:57:24:9a:d9:eb:d8:2c:18:
f4:a7:57:7e:91:8a:b4:91:7f:c4:42:19:bf:c8:59:
0d:f6:89:fb:79:6f:e2:2e:92:72:f7:eb:48:75:81:
b7:73:50:d7:40:ec:28:4d:ae:53:e3:29:f7:68:3c:
5f:25:5b:a9:cb:b0:09:81:99:53:ac:4a:44:3d:c8:
7a:5e:ab:70:36:a0:43:b1:93:52:0e:26:f2:f4:b4:
86:8a:77:dd:da:82:ad:2d:b1:18:dc:e4:97:d7:a8:
49:87:06:48:68:8d:a6:44:40:79:09:f4:f0:77:b3:
fd:71:d9:b6:c9:93:c3:d7:28:28:6a:76:3f:aa:83:
ae:6a:db:3c:d4:7e:98:e3:40:0a:fe:c3:e2:35:f7:
c2:a3:76:e6:6a:bd:3f:51:03:65:15:d0:45:32:1a:
7b:3f:dd:6e:c5:8b:0d:e6:67:bf:8e:d9:ca:c7:4a:
69:ad:26:0c:29:fe:6f:61:20:8a:11:33:56:ec:5f:
e1:2f:d3:30:c4:8e:5b:aa:45:43:c6:bf:5a:71:03:
7b:13:74:2e:20:e7:08:3f:6d:b7:5e:cc:f1:16:6c:
52:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:19:6F:D7:93:2A:8E:C0:02:4F:DB:8B:C3:1E:E8:B0:A6:33:53:99
X509v3 Authority Key Identifier:
keyid:5B:33:58:11:0D:AD:F2:24:E7:19:91:41:61:73:1D:F5:E5:6C:41:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WzNYEQ2t8iTnGZFBYXMd9eVsQYg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/792372-3d2a-44fd-91a0-f4272eec280d/1/qhlv15MqjsACT9uLwx7osKYzU5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/792372-3d2a-44fd-91a0-f4272eec280d/1/WzNYEQ2t8iTnGZFBYXMd9eVsQYg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.204.240.0/22
194.127.215.0-194.127.223.255
IPv6:
2a04:b647::/32
Signature Algorithm: sha256WithRSAEncryption
53:c4:67:5c:22:ca:81:be:e2:9a:36:ae:de:8a:4f:4c:86:48:
4b:22:59:9d:8f:49:db:56:a7:1b:c2:80:d4:88:b3:bb:1d:d2:
69:61:1e:15:aa:fe:ea:e0:39:d5:27:e9:27:aa:9d:6c:3d:da:
a9:a8:3a:57:2b:c4:5e:77:dd:1e:00:3f:4c:ae:d0:a9:50:04:
20:be:37:cd:6e:29:dc:48:14:39:9c:3d:31:79:b1:75:40:67:
d5:3b:7c:6e:82:e1:66:65:43:df:ad:57:dc:74:b5:eb:d3:57:
90:61:22:12:b4:2a:db:f6:85:57:83:cc:d3:0a:94:04:b7:4c:
22:d8:de:81:d7:5c:a1:4c:22:82:5c:6a:d3:82:f8:8c:46:78:
8f:61:fe:99:da:8e:3c:f0:42:d3:bf:99:02:1a:20:7a:5e:fb:
3a:59:26:9c:d9:c2:0d:ef:19:ae:f8:b4:35:11:fe:57:29:04:
87:06:05:84:9a:87:5f:01:20:61:aa:a2:04:d9:ac:db:dc:95:
e7:ef:48:70:5e:ae:68:88:83:49:bd:a5:37:13:3d:24:2d:c2:
cd:fc:b9:d7:c5:02:2e:ed:c1:c7:8c:c4:c8:0d:9f:ed:99:3b:
8e:9f:9b:f2:c2:72:eb:71:b2:bc:24:88:c0:54:27:70:07:d4:
ad:7b:f1:f1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIEBWPApjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YjMzNTgxMTBkYWRmMjI0ZTcxOTkxNDE2MTczMWRmNWU1NmM0MTg4MB4XDTIyMDEw
MTEyNTQwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWExOTZmZDc5MzJh
OGVjMDAyNGZkYjhiYzMxZWU4YjBhNjMzNTM5OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALz7FRuyjZknRp2dNvJMk2ynNZ5E+O3jBtgdZ/HVm0WqkaEc
g1ckmtnr2CwY9KdXfpGKtJF/xEIZv8hZDfaJ+3lv4i6ScvfrSHWBt3NQ10DsKE2u
U+Mp92g8XyVbqcuwCYGZU6xKRD3Iel6rcDagQ7GTUg4m8vS0hop33dqCrS2xGNzk
l9eoSYcGSGiNpkRAeQn08Hez/XHZtsmTw9coKGp2P6qDrmrbPNR+mONACv7D4jX3
wqN25mq9P1EDZRXQRTIaez/dbsWLDeZnv47ZysdKaa0mDCn+b2EgihEzVuxf4S/T
MMSOW6pFQ8a/WnEDexN0LiDnCD9tt17M8RZsUgcCAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBSqGW/XkyqOwAJP24vDHuiwpjNTmTAfBgNVHSMEGDAWgBRbM1gRDa3yJOcZ
kUFhcx315WxBiDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1d6TllFUTJ0OGlUbkdaRkJZWE1kOWVWc1FZZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDQvNzkyMzcyLTNkMmEtNDRmZC05MWEwLWY0MjcyZWVjMjgwZC8x
L3FobHYxNU1xanNBQ1Q5dUx3eDdvc0tZelU1ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDQv
NzkyMzcyLTNkMmEtNDRmZC05MWEwLWY0MjcyZWVjMjgwZC8xL1d6TllFUTJ0OGlU
bkdaRkJZWE1kOWVWc1FZZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA8
BggrBgEFBQcBBwEB/wQtMCswGgQCAAEwFAMEArnM8DAMAwQAwn/XAwQFwn/AMA0E
AgACMAcDBQAqBLZHMA0GCSqGSIb3DQEBCwUAA4IBAQBTxGdcIsqBvuKaNq7eik9M
hkhLIlmdj0nbVqcbwoDUiLO7HdJpYR4Vqv7q4DnVJ+knqp1sPdqpqDpXK8Red90e
AD9MrtCpUAQgvjfNbincSBQ5nD0xebF1QGfVO3xuguFmZUPfrVfcdLXr01eQYSIS
tCrb9oVXg8zTCpQEt0wi2N6B11yhTCKCXGrTgviMRniPYf6Z2o488ELTv5kCGiB6
Xvs6WSac2cIN7xmu+LQ1Ef5XKQSHBgWEmodfASBhqqIE2azb3JXn70hwXq5oiINJ
vaU3Ez0kLcLN/LnXxQIu7cHHjMTIDZ/tmTuOn5vywnLrcbK8JIjAVCdwB9Ste/Hx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:19 2024 by rpki-client on console-ams.rpki-client.org