Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/qupx2YcLhwNwdECO3TBBimklRcI.roa
File: qupx2YcLhwNwdECO3TBBimklRcI.roa (raw, json)
Hash identifier: 8sW3tzcgdJG9nC7iOSvOr1Ks7CT/8AQVTcR+g2MeeTs=
Subject key identifier: AA:EA:71:D9:87:0B:87:03:70:74:40:8E:DD:30:41:8A:69:25:45:C2
Certificate issuer: /CN=a36d0ae5e2fbffcce08770ebc20c216b9fbf9485
Certificate serial: 26FFC236
Authority key identifier: A3:6D:0A:E5:E2:FB:FF:CC:E0:87:70:EB:C2:0C:21:6B:9F:BF:94:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o20K5eL7_8zgh3Drwgwha5-_lIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/qupx2YcLhwNwdECO3TBBimklRcI.roa
Signing time: Sat 01 Jan 2022 15:00:40 +0000
ROA not before: Sat 01 Jan 2022 15:00:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47119
IP address blocks: 136.169.222.0/23 maxlen: 23
136.169.222.0/24 maxlen: 24
136.169.221.0/24 maxlen: 24
136.169.220.0/22 maxlen: 22
136.169.223.0/24 maxlen: 24
136.169.220.0/23 maxlen: 23
136.169.220.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 654295606 (0x26ffc236)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a36d0ae5e2fbffcce08770ebc20c216b9fbf9485
Validity
Not Before: Jan 1 15:00:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aaea71d9870b87037074408edd30418a692545c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:81:51:2d:21:fa:bb:ac:31:f1:bb:e2:29:a7:
a0:97:b6:e7:f4:35:72:83:33:ce:fc:1b:fc:59:ef:
73:6f:ac:20:b3:0b:46:4a:4b:df:74:95:ae:31:78:
ae:65:46:82:12:d1:e7:fc:bd:e3:00:0f:9b:b8:8c:
88:00:6e:09:58:cd:69:85:10:ce:b3:76:db:a3:41:
d2:9b:a7:71:67:b6:1e:88:a6:86:c5:3e:da:79:f0:
80:0a:93:3d:9c:e1:86:c6:6f:cb:f7:2d:5f:61:71:
01:9c:c3:09:13:8c:9d:8a:83:65:3d:f9:3c:ca:b5:
6f:37:01:0d:00:66:26:5e:58:a0:24:e4:5f:34:a7:
3c:78:33:4a:e6:09:36:ad:38:b2:dd:b6:e4:f8:2a:
ad:15:93:42:b9:42:f1:09:b6:47:2e:71:07:1c:a8:
9b:b4:22:13:57:c4:67:11:ac:5b:e2:6b:01:83:7e:
4c:d6:86:84:c9:d7:cd:34:51:29:14:85:cc:72:5e:
d7:f1:e0:8f:cd:7b:fb:36:ad:a0:38:8c:5b:eb:13:
2f:ca:87:77:e2:28:aa:c6:02:c2:b1:c1:e3:d8:bc:
b8:16:41:60:f9:b5:b7:b5:0b:d8:bd:bf:14:11:22:
db:ef:62:60:df:06:69:40:63:2f:32:e7:b4:9d:26:
ef:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:EA:71:D9:87:0B:87:03:70:74:40:8E:DD:30:41:8A:69:25:45:C2
X509v3 Authority Key Identifier:
keyid:A3:6D:0A:E5:E2:FB:FF:CC:E0:87:70:EB:C2:0C:21:6B:9F:BF:94:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o20K5eL7_8zgh3Drwgwha5-_lIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/qupx2YcLhwNwdECO3TBBimklRcI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/o20K5eL7_8zgh3Drwgwha5-_lIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
136.169.220.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:d1:2c:76:89:ae:c7:88:19:46:61:70:4d:2e:7d:d1:f3:6f:
59:bc:ae:6d:e8:91:c5:25:25:a6:6a:9e:9d:58:0b:3d:d0:8b:
4e:be:26:83:b8:ca:9e:84:31:19:5c:47:09:e6:69:f9:71:96:
1a:ad:76:f5:27:83:0d:7c:3b:bb:ce:9c:e9:a1:ed:14:51:c9:
21:35:2c:4b:6a:d7:0f:e6:36:70:52:7d:12:15:3a:a1:91:cd:
45:d8:d2:64:c2:f5:a3:54:44:c4:d3:ce:72:31:b7:f9:e2:53:
98:01:39:40:0a:20:11:ea:06:db:3e:98:b2:91:a4:5f:17:7b:
a8:b4:8b:95:55:96:01:b5:3a:e5:24:f1:a3:36:97:2d:c7:9b:
c6:98:1e:b6:30:50:58:eb:7c:29:d3:03:ea:82:30:72:30:a7:
3c:7f:4a:40:e9:0a:61:42:35:55:f6:1f:18:ea:46:1b:50:b8:
d4:8c:aa:db:c2:1b:bb:d3:4f:6c:e8:af:5d:bf:40:ba:9b:f0:
db:5b:b6:9a:9d:c9:d9:37:b8:d4:64:90:23:5d:d2:64:37:20:
99:84:c8:9f:31:2c:db:0a:b4:b5:c6:db:17:ef:90:a8:f2:85:
b9:32:ce:97:43:cf:4c:90:ff:f1:ac:46:c6:b5:93:41:2f:3d:
42:d3:1d:85
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEJv/CNjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MzZkMGFlNWUyZmJmZmNjZTA4NzcwZWJjMjBjMjE2YjlmYmY5NDg1MB4XDTIyMDEw
MTE1MDA0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWFlYTcxZDk4NzBi
ODcwMzcwNzQ0MDhlZGQzMDQxOGE2OTI1NDVjMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJyBUS0h+rusMfG74imnoJe25/Q1coMzzvwb/Fnvc2+sILML
RkpL33SVrjF4rmVGghLR5/y94wAPm7iMiABuCVjNaYUQzrN226NB0puncWe2Hoim
hsU+2nnwgAqTPZzhhsZvy/ctX2FxAZzDCROMnYqDZT35PMq1bzcBDQBmJl5YoCTk
XzSnPHgzSuYJNq04st225PgqrRWTQrlC8Qm2Ry5xBxyom7QiE1fEZxGsW+JrAYN+
TNaGhMnXzTRRKRSFzHJe1/Hgj817+zatoDiMW+sTL8qHd+IoqsYCwrHB49i8uBZB
YPm1t7UL2L2/FBEi2+9iYN8GaUBjLzLntJ0m77kCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSq6nHZhwuHA3B0QI7dMEGKaSVFwjAfBgNVHSMEGDAWgBSjbQrl4vv/zOCH
cOvCDCFrn7+UhTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L28yMEs1ZUw3Xzh6Z2gzRHJ3Z3doYTUtX2xJVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTAvOGNhYzBjLTM0MjYtNGYwNy1hZjIwLWNiYjk1MTgzYjI3YS8x
L3F1cHgyWWNMaHdOd2RFQ08zVEJCaW1rbFJjSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTAv
OGNhYzBjLTM0MjYtNGYwNy1hZjIwLWNiYjk1MTgzYjI3YS8xL28yMEs1ZUw3Xzh6
Z2gzRHJ3Z3doYTUtX2xJVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAoip3DANBgkqhkiG9w0BAQsFAAOC
AQEAXNEsdomux4gZRmFwTS590fNvWbyubeiRxSUlpmqenVgLPdCLTr4mg7jKnoQx
GVxHCeZp+XGWGq129SeDDXw7u86c6aHtFFHJITUsS2rXD+Y2cFJ9EhU6oZHNRdjS
ZML1o1RExNPOcjG3+eJTmAE5QAogEeoG2z6YspGkXxd7qLSLlVWWAbU65STxozaX
LcebxpgetjBQWOt8KdMD6oIwcjCnPH9KQOkKYUI1VfYfGOpGG1C41Iyq28Ibu9NP
bOivXb9Aupvw21u2mp3J2Te41GSQI13SZDcgmYTInzEs2wq0tcbbF++QqPKFuTLO
l0PPTJD/8axGxrWTQS89QtMdhQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:53 2024 by rpki-client on console-fra.rpki-client.org