Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/qO-EvENNpaouluxN40uRoLTzAyM.roa
File: qO-EvENNpaouluxN40uRoLTzAyM.roa (raw, json)
Hash identifier: q4vvULamvZZL1wc/1LHoNI2mwg+d4y5l2Ajy+WHqJ3M=
Subject key identifier: A8:EF:84:BC:43:4D:A5:AA:2E:96:EC:4D:E3:4B:91:A0:B4:F3:03:23
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018215CAC1BC95C848CBC05AAAE75715BF18
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/qO-EvENNpaouluxN40uRoLTzAyM.roa
Signing time: Tue 19 Jul 2022 09:29:45 +0000
ROA not before: Tue 19 Jul 2022 09:29:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211619
IP address blocks: 88.209.228.0/24 maxlen: 24
92.52.218.0/24 maxlen: 24
5.182.112.0/24 maxlen: 24
5.182.115.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:15:ca:c1:bc:95:c8:48:cb:c0:5a:aa:e7:57:15:bf:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jul 19 09:29:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a8ef84bc434da5aa2e96ec4de34b91a0b4f30323
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:08:63:b9:33:68:5b:f6:a7:6a:e6:88:e3:54:
7f:65:9c:47:d1:de:43:c4:91:40:02:f0:02:60:96:
04:d2:69:9d:ed:25:cc:92:eb:a2:07:01:f3:0f:a2:
50:b4:9d:11:b3:ea:99:08:9f:b5:05:40:e7:71:29:
34:d6:56:28:d8:51:02:36:0f:55:f1:38:99:21:72:
34:1f:cf:48:74:77:03:17:6d:68:6f:f5:ee:d8:03:
c1:bc:a0:f4:aa:31:8a:54:7a:8e:84:e0:44:1a:1a:
47:a3:8f:27:3e:e2:2b:7a:90:f6:57:b5:1b:ad:4f:
13:9d:be:1b:ce:a8:df:0c:91:cb:43:a2:f1:84:c7:
8e:6a:30:65:64:78:14:05:52:91:2d:04:ce:6a:33:
b0:84:a5:d6:06:57:f8:bc:df:67:b2:1b:2e:5d:e3:
2a:6f:b5:d3:37:bd:b6:14:c1:ee:ac:1b:91:05:74:
e4:67:12:9c:a3:3b:bc:b3:fb:6a:08:01:02:2d:02:
a4:af:d0:8d:3b:ae:8f:2c:62:30:80:c6:6d:ec:6e:
85:79:2f:fc:09:b0:a2:7f:ab:bf:ed:72:29:75:d0:
f0:d7:9d:be:3d:52:9c:1b:57:87:35:d6:8b:a8:36:
cf:d3:e1:c1:de:92:db:7c:c2:43:ac:2c:3c:51:3a:
61:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:EF:84:BC:43:4D:A5:AA:2E:96:EC:4D:E3:4B:91:A0:B4:F3:03:23
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/qO-EvENNpaouluxN40uRoLTzAyM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.112.0/24
5.182.115.0/24
88.209.228.0/24
92.52.218.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:dd:50:c0:d5:81:8e:47:4d:56:b0:80:ab:bd:f0:7c:4a:cc:
70:91:34:42:ea:ee:05:b2:61:1b:1c:6a:d2:67:43:b3:f8:bb:
80:30:b5:e3:cd:c2:7c:18:15:a7:34:8c:78:e3:d8:d5:19:35:
9e:10:12:8d:b2:66:0d:e3:15:7d:59:c9:0b:22:a8:63:ea:fb:
06:2f:bf:c8:7b:5b:1a:dc:b5:4a:f1:e4:10:80:fe:97:ea:ae:
3e:65:34:8a:02:96:71:14:0b:61:08:b5:7a:b5:ba:43:7d:fa:
23:1f:6b:2d:12:35:91:87:98:4b:a0:c6:81:5c:22:fe:44:ac:
11:7b:35:00:d7:3c:8a:4a:c6:cb:d6:9a:37:a4:b9:02:3b:ce:
d0:97:5a:31:36:73:66:de:11:1d:0a:48:3b:75:d7:0f:42:6e:
41:43:97:71:14:e4:e5:31:1b:c0:5a:b6:2f:6c:d8:b0:72:c5:
53:72:0d:18:13:51:9a:e8:b7:4d:e2:ac:7b:fb:61:4a:24:83:
19:3d:94:41:d1:4d:bd:3a:42:a3:4f:a2:9d:1c:2f:6b:82:e6:
8c:41:48:a3:f8:60:cb:12:41:9d:47:d1:56:01:1b:d8:37:5a:
d4:4b:2e:cd:b5:41:98:7a:9c:41:d4:a9:33:ec:de:77:4a:94:
a4:77:2d:36
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYIVysG8lchIy8BaqudXFb8YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjIwNzE5MDkyOTQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGVmODRiYzQzNGRhNWFhMmU5NmVjNGRlMzRiOTFhMGI0ZjMwMzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAhjuTNoW/anauaI41R/ZZxH0d5D
xJFAAvACYJYE0mmd7SXMkuuiBwHzD6JQtJ0Rs+qZCJ+1BUDncSk01lYo2FECNg9V
8TiZIXI0H89IdHcDF21ob/Xu2APBvKD0qjGKVHqOhOBEGhpHo48nPuIrepD2V7Ub
rU8Tnb4bzqjfDJHLQ6LxhMeOajBlZHgUBVKRLQTOajOwhKXWBlf4vN9nshsuXeMq
b7XTN722FMHurBuRBXTkZxKcozu8s/tqCAECLQKkr9CNO66PLGIwgMZt7G6FeS/8
CbCif6u/7XIpddDw152+PVKcG1eHNdaLqDbP0+HB3pLbfMJDrCw8UTphSQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKjvhLxDTaWqLpbsTeNLkaC08wMjMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvcU8tRXZFTk5wYW91bHV4TjQwdVJvTFR6QXlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABbZwAwQA
BbZzAwQAWNHkAwQAXDTaMA0GCSqGSIb3DQEBCwUAA4IBAQCL3VDA1YGOR01WsICr
vfB8SsxwkTRC6u4FsmEbHGrSZ0Oz+LuAMLXjzcJ8GBWnNIx449jVGTWeEBKNsmYN
4xV9WckLIqhj6vsGL7/Ie1sa3LVK8eQQgP6X6q4+ZTSKApZxFAthCLV6tbpDffoj
H2stEjWRh5hLoMaBXCL+RKwRezUA1zyKSsbL1po3pLkCO87Ql1oxNnNm3hEdCkg7
ddcPQm5BQ5dxFOTlMRvAWrYvbNiwcsVTcg0YE1Ga6LdN4qx7+2FKJIMZPZRB0U29
OkKjT6KdHC9rguaMQUij+GDLEkGdR9FWARvYN1rUSy7NtUGYepxB1Kkz7N53SpSk
dy02
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:52 2023 by rpki-client on console-ams.rpki-client.org