Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/qKJ-6blq_ImHnWiIAkEieRiwBDw.roa
File: qKJ-6blq_ImHnWiIAkEieRiwBDw.roa (raw, json)
Hash identifier: P9hpPW2X1Yb+5zG4sf2oSz7jHvUTCqcChG09mLnsUEo=
Subject key identifier: A8:A2:7E:E9:B9:6A:FC:89:87:9D:68:88:02:41:22:79:18:B0:04:3C
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 01826483EADDE28BF184A80F5E50E51B04B5
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/qKJ-6blq_ImHnWiIAkEieRiwBDw.roa
Signing time: Wed 03 Aug 2022 16:22:23 +0000
ROA not before: Wed 03 Aug 2022 16:22:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3320
IP address blocks: 94.26.90.0/24 maxlen: 24
91.92.33.0/24 maxlen: 24
91.92.35.0/24 maxlen: 24
78.159.131.0/24 maxlen: 24
93.152.205.0/24 maxlen: 24
93.152.209.0/24 maxlen: 24
91.92.49.0/24 maxlen: 24
93.152.215.0/24 maxlen: 24
93.152.221.0/24 maxlen: 24
93.152.225.0/24 maxlen: 24
93.152.224.0/24 maxlen: 24
212.102.107.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:64:83:ea:dd:e2:8b:f1:84:a8:0f:5e:50:e5:1b:04:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Aug 3 16:22:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a8a27ee9b96afc89879d68880241227918b0043c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ac:0f:68:81:a8:fb:d8:01:79:a6:ee:32:4a:
a3:ed:49:d2:73:21:01:0a:ec:73:49:c7:7b:c5:12:
c1:00:db:75:46:cc:ff:83:94:0f:1d:5c:fe:e6:f5:
bd:27:82:45:b3:ae:e1:1a:a3:98:69:cd:b5:fb:c4:
be:30:de:7c:fd:28:59:66:47:94:c3:fd:ce:c6:60:
c6:eb:32:2f:ee:46:77:a3:2a:ea:ee:40:b9:5b:58:
d4:45:1d:2b:4c:1b:a5:9f:de:fe:70:58:88:cb:ac:
4b:47:72:19:42:1b:11:ea:d0:3b:02:14:22:0c:94:
35:af:1f:bf:f7:23:b5:a0:d3:8e:82:52:18:1a:48:
e2:f1:76:ee:a1:5d:d2:34:9c:34:3e:1e:fd:e6:a7:
ed:59:3c:c0:3b:dd:42:56:57:80:c8:a7:47:74:a5:
c6:a0:ca:e5:df:40:b7:87:40:50:49:b9:0f:ae:a2:
18:b9:b1:78:ba:c5:5b:d8:ad:46:be:54:b9:82:8b:
eb:b5:a9:b4:05:da:12:d9:66:f2:e6:bb:68:db:47:
a9:a6:cd:3b:38:97:ea:2c:ca:58:66:46:36:b5:80:
c0:55:a0:08:eb:07:b5:e2:30:06:9a:b7:6a:87:eb:
15:c0:b7:16:b3:0e:92:97:68:65:3e:b8:80:57:be:
e7:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:A2:7E:E9:B9:6A:FC:89:87:9D:68:88:02:41:22:79:18:B0:04:3C
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/qKJ-6blq_ImHnWiIAkEieRiwBDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.159.131.0/24
91.92.33.0/24
91.92.35.0/24
91.92.49.0/24
93.152.205.0/24
93.152.209.0/24
93.152.215.0/24
93.152.221.0/24
93.152.224.0/23
94.26.90.0/24
212.102.107.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:4a:2e:32:92:ab:63:11:ea:3b:d4:f6:be:78:73:00:ae:7d:
37:8d:b1:e9:a0:de:f8:d5:96:ee:74:9a:2e:82:34:f0:7f:e2:
de:3f:58:06:64:e7:1a:6e:00:3d:f1:8c:23:53:7c:60:b9:83:
aa:a0:e8:5d:aa:18:40:0f:e2:56:79:39:56:49:e6:d4:76:11:
84:f6:dc:5c:31:e9:1f:44:c5:bb:c2:aa:44:e2:88:74:af:7c:
5e:46:f7:12:b8:f1:9b:05:b1:bc:32:35:47:fe:7e:4e:fe:37:
fe:1d:a1:f9:ad:86:0c:a0:4e:78:ec:4e:c4:9d:e8:9a:ec:4c:
b0:85:78:58:4e:e8:6a:2b:00:ff:dd:fe:1f:f0:0e:78:d2:36:
38:34:52:dd:2d:4c:04:dd:cc:2b:67:bf:ce:7c:6d:2d:9c:52:
a7:eb:2f:f4:83:8f:f3:b4:a4:78:ed:fa:f3:02:f1:b8:f4:24:
2d:29:c2:14:52:f4:db:18:20:4f:f8:24:99:01:58:8a:c1:0e:
b3:a2:73:34:35:8a:07:52:0e:70:b1:ad:27:5c:21:06:23:e0:
80:15:06:62:02:af:8c:c2:0e:5c:d3:6a:2a:a2:06:89:98:21:
b1:87:84:28:6b:2e:b9:eb:9c:b5:1c:cd:86:f1:00:4a:c1:58:
dd:94:70:17
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYJkg+rd4ovxhKgPXlDlGwS1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjIwODAzMTYyMjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGEyN2VlOWI5NmFmYzg5ODc5ZDY4ODgwMjQxMjI3OTE4YjAwNDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKwPaIGo+9gBeabuMkqj7UnScyEB
CuxzScd7xRLBANt1Rsz/g5QPHVz+5vW9J4JFs67hGqOYac21+8S+MN58/ShZZkeU
w/3OxmDG6zIv7kZ3oyrq7kC5W1jURR0rTBuln97+cFiIy6xLR3IZQhsR6tA7AhQi
DJQ1rx+/9yO1oNOOglIYGkji8XbuoV3SNJw0Ph795qftWTzAO91CVleAyKdHdKXG
oMrl30C3h0BQSbkPrqIYubF4usVb2K1GvlS5govrtam0BdoS2Wby5rto20epps07
OJfqLMpYZkY2tYDAVaAI6we14jAGmrdqh+sVwLcWsw6Sl2hlPriAV77ntwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFKiifum5avyJh51oiAJBInkYsAQ8MB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvcUtKLTZibHFfSW1IbldpSUFrRWllUml3QkR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQATp+DAwQA
W1whAwQAW1wjAwQAW1wxAwQAXZjNAwQAXZjRAwQAXZjXAwQAXZjdAwQBXZjgAwQA
XhpaAwQA1GZrMA0GCSqGSIb3DQEBCwUAA4IBAQCtSi4ykqtjEeo71Pa+eHMArn03
jbHpoN741ZbudJougjTwf+LeP1gGZOcabgA98YwjU3xguYOqoOhdqhhAD+JWeTlW
SebUdhGE9txcMekfRMW7wqpE4oh0r3xeRvcSuPGbBbG8MjVH/n5O/jf+HaH5rYYM
oE547E7Eneia7EywhXhYTuhqKwD/3f4f8A540jY4NFLdLUwE3cwrZ7/OfG0tnFKn
6y/0g4/ztKR47frzAvG49CQtKcIUUvTbGCBP+CSZAViKwQ6zonM0NYoHUg5wsa0n
XCEGI+CAFQZiAq+Mwg5c02oqogaJmCGxh4Qoay6565y1HM2G8QBKwVjdlHAX
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:07 2023 by rpki-client on console-fra.rpki-client.org