Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/3328da-aa4e-445b-9da9-d053745c2acc/1/Qj-aBvpw6DQ8FrocYElJcP2OUtc.roa
File: Qj-aBvpw6DQ8FrocYElJcP2OUtc.roa (raw, json)
Hash identifier: E20oF+vNYnEgmT1nfCnY7aFYTlOdEFRdJ0lLiOKnNYo=
Subject key identifier: 42:3F:9A:06:FA:70:E8:34:3C:16:BA:1C:60:49:49:70:FD:8E:52:D7
Certificate issuer: /CN=4f895ff0e99a77c017e8a383292cb5c6f8261120
Certificate serial: 01852EE39CD9882CDFD928839DDA6825394B
Authority key identifier: 4F:89:5F:F0:E9:9A:77:C0:17:E8:A3:83:29:2C:B5:C6:F8:26:11:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4lf8Omad8AX6KODKSy1xvgmESA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/3328da-aa4e-445b-9da9-d053745c2acc/1/Qj-aBvpw6DQ8FrocYElJcP2OUtc.roa
Signing time: Tue 20 Dec 2022 09:35:46 +0000
ROA not before: Tue 20 Dec 2022 09:35:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58010
IP address blocks: 195.74.88.0/23 maxlen: 23
193.243.164.0/23 maxlen: 23
185.219.100.0/24 maxlen: 24
185.219.100.0/22 maxlen: 22
2a00:d0c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2e:e3:9c:d9:88:2c:df:d9:28:83:9d:da:68:25:39:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f895ff0e99a77c017e8a383292cb5c6f8261120
Validity
Not Before: Dec 20 09:35:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=423f9a06fa70e8343c16ba1c60494970fd8e52d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:09:f1:00:c0:85:1a:7c:e7:fd:a3:26:2f:60:
72:d3:9b:05:72:75:73:2a:5c:ff:e1:6c:24:84:25:
7b:20:5e:7a:c8:13:31:9c:6a:0d:d0:6e:c0:19:8c:
e6:66:fa:08:4d:f5:4e:72:68:65:40:9b:05:98:f0:
de:28:f8:b4:ce:46:c0:e9:33:d6:32:d0:ea:cb:ac:
d9:d9:b3:97:e4:3d:fa:35:a6:1f:28:49:40:65:65:
00:81:4a:ed:ca:3a:b2:4d:36:5e:fa:8a:37:a9:c4:
4b:31:c8:e3:2c:83:42:16:72:d1:a0:83:bc:ce:c1:
db:e3:ba:56:56:64:91:b6:14:62:f3:de:25:25:95:
e4:d0:89:97:4a:48:f7:58:38:22:ba:cf:24:8d:e3:
95:1e:14:e8:5e:55:ff:f2:7d:46:17:19:8c:3a:50:
e9:1f:58:39:a7:b1:9f:7c:c2:12:18:13:77:3f:1d:
3f:25:e9:00:33:19:f8:cd:1e:67:3e:c8:6c:b4:b1:
34:24:af:02:f1:b4:c8:04:bc:89:c2:60:d2:82:b2:
ce:aa:a0:f7:78:c8:9d:a7:e1:89:4d:65:a3:05:9e:
79:10:eb:20:b2:ac:f4:65:3f:7a:15:b5:50:c2:79:
d9:f6:58:d7:4c:e8:a3:fc:d1:dc:4a:c4:81:53:42:
5c:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:3F:9A:06:FA:70:E8:34:3C:16:BA:1C:60:49:49:70:FD:8E:52:D7
X509v3 Authority Key Identifier:
keyid:4F:89:5F:F0:E9:9A:77:C0:17:E8:A3:83:29:2C:B5:C6:F8:26:11:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4lf8Omad8AX6KODKSy1xvgmESA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/3328da-aa4e-445b-9da9-d053745c2acc/1/Qj-aBvpw6DQ8FrocYElJcP2OUtc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/3328da-aa4e-445b-9da9-d053745c2acc/1/T4lf8Omad8AX6KODKSy1xvgmESA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.219.100.0/22
193.243.164.0/23
195.74.88.0/23
IPv6:
2a00:d0c0::/32
Signature Algorithm: sha256WithRSAEncryption
16:7a:07:77:65:e0:75:a6:28:98:92:16:05:3e:b5:15:11:a5:
88:98:9d:df:34:7c:90:45:3b:b3:ce:66:c9:7a:52:be:be:e1:
0f:fb:8e:16:27:ad:62:61:ef:4c:57:91:a0:e1:ec:04:99:b0:
9a:26:c0:07:a6:b6:2c:7e:1c:11:24:37:00:3f:e8:56:92:8f:
63:75:f9:8f:88:ab:9f:1b:16:19:d3:8e:07:7d:cb:a9:22:2a:
d6:36:dd:58:43:e8:45:1a:48:84:0c:4e:6d:ea:73:29:ae:31:
f1:8e:82:45:0f:37:e9:80:ee:3c:5f:e0:20:d5:74:a2:75:db:
b3:d3:6a:5b:24:60:6b:5a:1f:e9:12:42:e7:5e:98:7a:7d:15:
7c:ea:67:24:3c:31:06:c5:fd:0e:c4:38:53:5f:dc:08:f1:68:
d8:9f:97:26:30:8e:66:76:b5:70:a1:80:2d:80:78:83:4a:85:
19:21:86:5d:cb:0b:aa:16:ef:e2:13:1f:7c:d2:71:0f:ff:e3:
6e:0c:b3:0a:a5:74:00:ac:05:ea:33:11:55:f0:67:c3:a5:7f:
b8:09:b5:85:e8:62:6b:9c:8a:69:88:67:ab:73:87:9f:57:51:
15:eb:4b:69:7e:23:42:f1:d6:90:a4:07:a5:80:1c:d0:c0:49:
96:1f:29:f4
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYUu45zZiCzf2SiDndpoJTlLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmODk1ZmYwZTk5YTc3YzAxN2U4YTM4MzI5MmNiNWM2Zjgy
NjExMjAwHhcNMjIxMjIwMDkzNTQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjNmOWEwNmZhNzBlODM0M2MxNmJhMWM2MDQ5NDk3MGZkOGU1MmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgnxAMCFGnzn/aMmL2By05sFcnVz
Klz/4WwkhCV7IF56yBMxnGoN0G7AGYzmZvoITfVOcmhlQJsFmPDeKPi0zkbA6TPW
MtDqy6zZ2bOX5D36NaYfKElAZWUAgUrtyjqyTTZe+oo3qcRLMcjjLINCFnLRoIO8
zsHb47pWVmSRthRi894lJZXk0ImXSkj3WDgius8kjeOVHhToXlX/8n1GFxmMOlDp
H1g5p7GffMISGBN3Px0/JekAMxn4zR5nPshstLE0JK8C8bTIBLyJwmDSgrLOqqD3
eMidp+GJTWWjBZ55EOsgsqz0ZT96FbVQwnnZ9ljXTOij/NHcSsSBU0JcVQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFEI/mgb6cOg0PBa6HGBJSXD9jlLXMB8GA1UdIwQY
MBaAFE+JX/DpmnfAF+ijgykstcb4JhEgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRsZjhPbWFkOEFYNktPREtTeTF4dmdtRVNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8zMzI4ZGEtYWE0ZS00NDViLTlkYTkt
ZDA1Mzc0NWMyYWNjLzEvUWotYUJ2cHc2RFE4RnJvY1lFbEpjUDJPVXRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8zMzI4ZGEtYWE0ZS00NDViLTlkYTktZDA1Mzc0NWMyYWNj
LzEvVDRsZjhPbWFkOEFYNktPREtTeTF4dmdtRVNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCudtkAwQB
wfOkAwQBw0pYMA0EAgACMAcDBQAqANDAMA0GCSqGSIb3DQEBCwUAA4IBAQAWegd3
ZeB1piiYkhYFPrUVEaWImJ3fNHyQRTuzzmbJelK+vuEP+44WJ61iYe9MV5Gg4ewE
mbCaJsAHprYsfhwRJDcAP+hWko9jdfmPiKufGxYZ044HfcupIirWNt1YQ+hFGkiE
DE5t6nMprjHxjoJFDzfpgO48X+Ag1XSidduz02pbJGBrWh/pEkLnXph6fRV86mck
PDEGxf0OxDhTX9wI8WjYn5cmMI5mdrVwoYAtgHiDSoUZIYZdywuqFu/iEx980nEP
/+NuDLMKpXQArAXqMxFV8GfDpX+4CbWF6GJrnIppiGerc4efV1EV60tpfiNC8daQ
pAelgBzQwEmWHyn0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:24 2024 by rpki-client on console-ams.rpki-client.org