Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/f1457f-621f-4796-860e-9a350fd1a4ad/1/QZ5VzvFe7Tbbg4mK8rOewfJamBU.roa
File: QZ5VzvFe7Tbbg4mK8rOewfJamBU.roa (raw, json)
Hash identifier: M6G2KlDVMy2IVGgkVzWxV5KuHYIJ++k5dhwlc4Zo//w=
Subject key identifier: 41:9E:55:CE:F1:5E:ED:36:DB:83:89:8A:F2:B3:9E:C1:F2:5A:98:15
Certificate issuer: /CN=ebef95f8c4c554826de8f38ad6bba9fb74802824
Certificate serial: 0189AADDC0F38C264C77AE5860361C4D1737
Authority key identifier: EB:EF:95:F8:C4:C5:54:82:6D:E8:F3:8A:D6:BB:A9:FB:74:80:28:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6--V-MTFVIJt6POK1rup-3SAKCQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/f1457f-621f-4796-860e-9a350fd1a4ad/1/QZ5VzvFe7Tbbg4mK8rOewfJamBU.roa
Signing time: Mon 31 Jul 2023 07:33:26 +0000
ROA not before: Mon 31 Jul 2023 07:33:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15763
IP address blocks: 185.151.100.0/22 maxlen: 24
156.67.58.0/24 maxlen: 24
85.22.48.0/24 maxlen: 24
85.22.53.0/24 maxlen: 24
85.22.54.0/24 maxlen: 24
85.22.55.0/24 maxlen: 24
85.22.52.0/24 maxlen: 24
85.22.60.0/24 maxlen: 24
85.22.64.0/24 maxlen: 24
85.22.74.0/24 maxlen: 24
85.22.75.0/24 maxlen: 24
85.22.0.0/20 maxlen: 20
85.22.0.0/16 maxlen: 16
85.22.16.0/20 maxlen: 20
85.22.148.0/23 maxlen: 23
85.22.156.0/24 maxlen: 24
85.22.158.0/24 maxlen: 24
85.22.172.0/24 maxlen: 24
85.22.173.0/24 maxlen: 24
85.22.174.0/24 maxlen: 24
85.22.175.0/24 maxlen: 24
85.22.84.0/22 maxlen: 22
85.22.96.0/20 maxlen: 20
212.29.32.0/24 maxlen: 24
212.29.33.0/24 maxlen: 24
212.29.34.0/24 maxlen: 24
212.29.32.0/19 maxlen: 19
212.29.42.0/24 maxlen: 24
212.29.39.0/24 maxlen: 24
85.22.112.0/20 maxlen: 20
85.22.128.0/22 maxlen: 22
2a03:f580::/32 maxlen: 48
2a03:f580:2::/48 maxlen: 48
2a03:f580:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:aa:dd:c0:f3:8c:26:4c:77:ae:58:60:36:1c:4d:17:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebef95f8c4c554826de8f38ad6bba9fb74802824
Validity
Not Before: Jul 31 07:33:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=419e55cef15eed36db83898af2b39ec1f25a9815
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:8d:99:99:e1:42:50:fe:df:0f:70:8d:1a:36:
70:8f:fc:83:29:e8:10:4b:37:ff:65:91:7f:30:7d:
07:a3:0d:ac:bb:ed:d2:df:03:b2:e1:54:56:89:0f:
54:74:5a:bd:f9:44:f9:55:74:ad:8a:c1:62:43:53:
f6:8f:e4:35:45:92:c7:d1:6c:04:f1:8a:82:7f:a7:
9c:b1:ff:63:97:89:11:ee:f0:35:8e:53:b0:be:c2:
b0:ff:40:87:21:76:20:9b:d2:5a:d0:63:10:94:62:
4b:2e:a4:96:05:a0:88:4b:31:1c:19:11:13:aa:2d:
6e:a7:1f:5d:4b:04:33:62:a9:04:59:05:c8:12:5a:
4b:be:a7:3b:15:8d:94:63:bc:53:eb:ed:b8:f4:55:
a9:a3:c5:fe:93:c7:2d:21:9e:81:65:e3:d1:95:97:
50:b3:81:ad:ea:26:47:b4:24:49:ef:ff:12:12:2c:
d6:f8:2d:f4:62:24:15:63:19:95:dd:34:ee:a4:46:
bf:e6:2b:ed:90:cc:51:05:b6:bc:bb:40:c6:7a:02:
c5:4d:c6:b5:5e:f3:40:cf:eb:c5:b3:76:d0:23:b5:
f6:d4:3f:d0:c3:45:90:d5:15:b5:05:52:cc:8c:79:
73:d2:d3:a7:03:55:b8:8a:9a:7f:96:4b:b9:07:f4:
4b:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:9E:55:CE:F1:5E:ED:36:DB:83:89:8A:F2:B3:9E:C1:F2:5A:98:15
X509v3 Authority Key Identifier:
keyid:EB:EF:95:F8:C4:C5:54:82:6D:E8:F3:8A:D6:BB:A9:FB:74:80:28:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6--V-MTFVIJt6POK1rup-3SAKCQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/f1457f-621f-4796-860e-9a350fd1a4ad/1/QZ5VzvFe7Tbbg4mK8rOewfJamBU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/f1457f-621f-4796-860e-9a350fd1a4ad/1/6--V-MTFVIJt6POK1rup-3SAKCQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.22.0.0/16
156.67.58.0/24
185.151.100.0/22
212.29.32.0/19
IPv6:
2a03:f580::/32
Signature Algorithm: sha256WithRSAEncryption
34:03:7d:00:f7:dd:08:13:98:a9:b3:37:0e:04:e5:31:91:a7:
2d:26:ca:e0:42:d2:41:56:aa:fd:83:9b:58:e8:3d:ff:4e:52:
df:fd:1f:de:2a:87:2e:6f:91:7f:0e:22:d8:4a:23:c2:cf:cb:
66:b8:29:f1:ff:72:80:fb:1f:ca:fe:95:26:e0:b9:ad:55:65:
1e:fa:67:78:88:08:85:de:8c:38:3b:23:64:e6:4d:ef:29:6f:
e0:85:ba:c4:dc:d5:10:60:f5:5e:5e:bb:8a:9a:a7:2e:ea:45:
b9:f6:a4:4a:39:d9:99:78:44:58:1b:c2:ee:18:e1:f9:e4:e9:
ec:fd:63:4b:9a:76:5b:05:fc:c3:e8:38:7f:33:5a:2f:97:8b:
e4:cb:c5:4e:9f:72:41:4a:b6:1c:8f:ee:ed:c6:2f:42:5e:b6:
0b:a4:19:34:5d:4c:9e:f9:bf:d4:b3:ff:f6:c9:7a:f3:4f:b2:
52:08:37:67:ec:98:73:23:14:0e:26:a8:de:49:45:2b:21:c3:
b4:ae:9a:91:89:f9:56:8f:bd:47:26:5b:25:da:1b:2f:fd:ff:
bb:ca:02:bc:02:61:c2:3d:98:a6:4a:5e:6a:3f:4a:98:5f:81:
ab:12:a3:ba:19:69:93:0c:47:5e:33:10:64:64:57:a7:b3:b9:
15:e6:b7:b1
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYmq3cDzjCZMd65YYDYcTRc3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZWY5NWY4YzRjNTU0ODI2ZGU4ZjM4YWQ2YmJhOWZiNzQ4
MDI4MjQwHhcNMjMwNzMxMDczMzI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTllNTVjZWYxNWVlZDM2ZGI4Mzg5OGFmMmIzOWVjMWYyNWE5ODE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArY2ZmeFCUP7fD3CNGjZwj/yDKegQ
Szf/ZZF/MH0How2su+3S3wOy4VRWiQ9UdFq9+UT5VXStisFiQ1P2j+Q1RZLH0WwE
8YqCf6ecsf9jl4kR7vA1jlOwvsKw/0CHIXYgm9Ja0GMQlGJLLqSWBaCISzEcGRET
qi1upx9dSwQzYqkEWQXIElpLvqc7FY2UY7xT6+249FWpo8X+k8ctIZ6BZePRlZdQ
s4Gt6iZHtCRJ7/8SEizW+C30YiQVYxmV3TTupEa/5ivtkMxRBba8u0DGegLFTca1
XvNAz+vFs3bQI7X21D/Qw0WQ1RW1BVLMjHlz0tOnA1W4ipp/lku5B/RLswIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFEGeVc7xXu0224OJivKznsHyWpgVMB8GA1UdIwQY
MBaAFOvvlfjExVSCbejzita7qft0gCgkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNi0tVi1NVEZWSUp0NlBPSzFydXAtM1NBS0NRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9mMTQ1N2YtNjIxZi00Nzk2LTg2MGUt
OWEzNTBmZDFhNGFkLzEvUVo1Vnp2RmU3VGJiZzRtSzhyT2V3ZkphbUJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9mMTQ1N2YtNjIxZi00Nzk2LTg2MGUtOWEzNTBmZDFhNGFk
LzEvNi0tVi1NVEZWSUp0NlBPSzFydXAtM1NBS0NRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAdBAIAATAXAwMAVRYDBACc
QzoDBAK5l2QDBAXUHSAwDQQCAAIwBwMFACoD9YAwDQYJKoZIhvcNAQELBQADggEB
ADQDfQD33QgTmKmzNw4E5TGRpy0myuBC0kFWqv2Dm1joPf9OUt/9H94qhy5vkX8O
IthKI8LPy2a4KfH/coD7H8r+lSbgua1VZR76Z3iICIXejDg7I2TmTe8pb+CFusTc
1RBg9V5eu4qapy7qRbn2pEo52Zl4RFgbwu4Y4fnk6ez9Y0uadlsF/MPoOH8zWi+X
i+TLxU6fckFKthyP7u3GL0JetgukGTRdTJ75v9Sz//bJevNPslIIN2fsmHMjFA4m
qN5JRSshw7SumpGJ+VaPvUcmWyXaGy/9/7vKArwCYcI9mKZKXmo/SphfgasSo7oZ
aZMMR14zEGRkV6ezuRXmt7E=
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:22:11 2025 by rpki-client