Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/qp3-hh2Ia1XSkgnpyPefMO6y6lk.roa
File: qp3-hh2Ia1XSkgnpyPefMO6y6lk.roa (raw, json)
Hash identifier: cxeFBMNYNXngp5w4i+asB6yL7TXLSkPiVFAarEamrXM=
Subject key identifier: AA:9D:FE:86:1D:88:6B:55:D2:92:09:E9:C8:F7:9F:30:EE:B2:EA:59
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0182261DED2B403E6CE55ECAA417C7768A99
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/qp3-hh2Ia1XSkgnpyPefMO6y6lk.roa
Signing time: Fri 22 Jul 2022 13:34:31 +0000
ROA not before: Fri 22 Jul 2022 13:34:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211619
IP address blocks: 92.52.218.0/24 maxlen: 24
45.9.168.0/24 maxlen: 24
5.182.112.0/24 maxlen: 24
5.182.115.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:26:1d:ed:2b:40:3e:6c:e5:5e:ca:a4:17:c7:76:8a:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jul 22 13:34:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aa9dfe861d886b55d29209e9c8f79f30eeb2ea59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:64:71:29:79:cc:46:c1:04:d7:d9:58:5f:6b:
52:29:19:72:c9:7f:de:17:7e:81:af:91:cf:d9:0d:
1e:1a:23:ed:a8:75:f9:4e:25:00:4a:ff:d0:b1:8d:
82:f0:e4:a6:a8:6d:04:c0:82:48:6d:5d:1d:36:1d:
0a:b3:0b:38:d8:c8:3f:0b:4f:e9:f5:97:0c:92:90:
e3:d0:15:0f:8d:1c:d4:a7:ed:70:4b:36:26:d7:87:
49:64:b4:16:df:20:0e:d1:57:4e:72:58:e9:a7:c8:
e5:b2:3a:fe:e5:7a:fe:61:0d:52:45:fc:24:13:31:
3c:76:7f:a7:fb:87:59:58:f8:d0:47:1d:cc:2f:c5:
51:73:6b:bd:93:c2:27:6c:41:59:8b:a4:d2:75:3b:
8e:e4:ba:50:66:cb:c6:2d:c4:23:bc:54:71:46:38:
87:0e:16:7c:ec:c8:d5:2a:59:4e:43:05:9a:13:7e:
12:c2:19:6b:f6:d0:d7:35:46:3e:c8:03:36:89:52:
21:fe:31:e4:4a:07:ec:f3:fb:6e:d4:dc:d1:03:3d:
5a:a4:31:45:ee:dd:14:4e:6b:3e:70:52:80:41:5b:
6f:cb:eb:a4:61:bb:d5:cb:b5:0b:ea:35:ac:b5:9d:
23:9d:cc:c7:bb:e4:91:1f:ed:38:40:a0:a1:84:12:
31:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:9D:FE:86:1D:88:6B:55:D2:92:09:E9:C8:F7:9F:30:EE:B2:EA:59
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/qp3-hh2Ia1XSkgnpyPefMO6y6lk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.112.0/24
5.182.115.0/24
45.9.168.0/24
92.52.218.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:d8:4c:c6:61:6a:67:a5:ac:0b:e1:a7:af:77:34:41:35:9e:
c2:e0:d7:82:c0:ef:e8:65:70:66:2f:ea:4f:81:99:b8:b2:db:
81:88:1e:48:8b:c5:e3:3c:e7:e1:02:fa:0d:8d:37:28:53:53:
eb:48:85:7f:20:eb:0e:2e:0d:c2:5d:de:d0:63:07:94:c2:80:
dc:a7:80:42:cb:8b:29:9b:2d:2c:84:84:01:e6:c7:d7:50:3d:
97:5b:9c:99:bf:4d:e8:a4:3d:96:a3:cb:d8:ea:ab:45:d4:b9:
ac:78:06:a1:74:96:ac:24:85:d7:08:f0:d6:89:22:55:71:dc:
f4:be:d6:a5:e4:e1:1c:6a:d7:68:d2:d2:84:44:e9:3c:27:e8:
78:d4:3e:26:bc:b3:c2:68:b6:81:2d:4d:d4:5b:b6:64:f4:d8:
83:0f:20:de:9a:c6:20:ad:45:78:37:80:92:fd:0f:b5:48:46:
66:2c:13:4d:e6:52:71:4c:63:32:83:0c:5d:33:b1:63:c7:2f:
4b:68:63:f3:ce:3c:0b:bb:86:76:2a:37:13:49:58:d4:01:6c:
2c:48:ec:bf:55:99:f9:43:62:5b:3d:f9:e1:5b:d2:0d:9a:8f:
2d:f4:93:45:6e:ba:cf:ca:20:eb:d8:2d:6b:79:23:56:92:50:
d5:f4:fd:8e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYImHe0rQD5s5V7KpBfHdoqZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjIwNzIyMTMzNDMxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTlkZmU4NjFkODg2YjU1ZDI5MjA5ZTljOGY3OWYzMGVlYjJlYTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg2RxKXnMRsEE19lYX2tSKRlyyX/e
F36Br5HP2Q0eGiPtqHX5TiUASv/QsY2C8OSmqG0EwIJIbV0dNh0Ksws42Mg/C0/p
9ZcMkpDj0BUPjRzUp+1wSzYm14dJZLQW3yAO0VdOcljpp8jlsjr+5Xr+YQ1SRfwk
EzE8dn+n+4dZWPjQRx3ML8VRc2u9k8InbEFZi6TSdTuO5LpQZsvGLcQjvFRxRjiH
DhZ87MjVKllOQwWaE34Swhlr9tDXNUY+yAM2iVIh/jHkSgfs8/tu1NzRAz1apDFF
7t0UTms+cFKAQVtvy+ukYbvVy7UL6jWstZ0jnczHu+SRH+04QKChhBIxPwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKqd/oYdiGtV0pIJ6cj3nzDusupZMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvcXAzLWhoMklhMVhTa2ducHlQZWZNTzZ5NmxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABbZwAwQA
BbZzAwQALQmoAwQAXDTaMA0GCSqGSIb3DQEBCwUAA4IBAQC62EzGYWpnpawL4aev
dzRBNZ7C4NeCwO/oZXBmL+pPgZm4stuBiB5Ii8XjPOfhAvoNjTcoU1PrSIV/IOsO
Lg3CXd7QYweUwoDcp4BCy4spmy0shIQB5sfXUD2XW5yZv03opD2Wo8vY6qtF1Lms
eAahdJasJIXXCPDWiSJVcdz0vtal5OEcatdo0tKEROk8J+h41D4mvLPCaLaBLU3U
W7Zk9NiDDyDemsYgrUV4N4CS/Q+1SEZmLBNN5lJxTGMygwxdM7Fjxy9LaGPzzjwL
u4Z2KjcTSVjUAWwsSOy/VZn5Q2JbPfnhW9INmo8t9JNFbrrPyiDr2C1reSNWklDV
9P2O
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:56 2024 by rpki-client on console-ams.rpki-client.org