Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/qY5MpmUImwKslDMmZ-Y2wtQ2Dqk.roa
File: qY5MpmUImwKslDMmZ-Y2wtQ2Dqk.roa (raw, json)
Hash identifier: psiJWbgW0/7TJTQb1xVi8I4VwxuOeRgvXsd1VgEeMCg=
Subject key identifier: A9:8E:4C:A6:65:08:9B:02:AC:94:33:26:67:E6:36:C2:D4:36:0E:A9
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 0183FA429937B8E133FAC93DA85058BDCE36
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/qY5MpmUImwKslDMmZ-Y2wtQ2Dqk.roa
Signing time: Fri 21 Oct 2022 11:16:52 +0000
ROA not before: Fri 21 Oct 2022 11:16:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202335
IP address blocks: 164.215.100.0/24 maxlen: 24
85.158.146.0/24 maxlen: 24
109.205.212.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:fa:42:99:37:b8:e1:33:fa:c9:3d:a8:50:58:bd:ce:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Oct 21 11:16:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a98e4ca665089b02ac94332667e636c2d4360ea9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:05:e4:9f:24:21:2a:00:4c:9f:d8:a8:69:33:
b5:7c:db:6c:8a:9c:5b:53:26:0d:50:9a:db:e6:7e:
54:34:3d:5a:ea:bc:72:ec:71:cd:98:31:15:63:fd:
d6:bc:1d:1f:4e:aa:2d:3b:36:17:5b:35:76:86:d7:
4b:eb:c3:79:6c:b6:fd:c1:db:6e:35:fb:ab:b9:f2:
76:64:bf:41:2c:cd:d6:11:6b:35:c6:2a:50:d8:22:
fd:b0:d9:63:5a:a0:b6:6a:18:bb:2a:27:24:84:42:
b1:e2:db:27:6c:73:8e:9b:bf:c2:e5:1b:09:45:98:
04:b5:78:3b:84:ce:d3:b5:3a:d3:0f:b9:67:3f:72:
ef:3c:7f:12:27:36:64:32:fc:86:12:57:21:67:17:
69:2d:2e:17:63:49:07:c2:fa:f1:eb:bc:53:14:73:
e7:97:44:20:2c:dd:d8:93:4a:bf:1a:84:09:a1:1e:
8b:b5:77:9f:1c:a1:2b:d0:13:ce:1b:c0:1f:72:67:
c5:66:3d:f2:74:75:60:2f:4e:36:b9:5c:8d:2d:dd:
cf:4c:96:fa:0b:78:90:c6:a3:62:c0:85:69:55:94:
a8:9f:5a:2b:39:8a:fc:6f:87:9e:8c:8d:58:80:cf:
83:9e:57:78:32:5e:f8:79:d0:ee:a7:e3:d7:16:99:
31:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:8E:4C:A6:65:08:9B:02:AC:94:33:26:67:E6:36:C2:D4:36:0E:A9
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/qY5MpmUImwKslDMmZ-Y2wtQ2Dqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.146.0/24
109.205.212.0/24
164.215.100.0/24
Signature Algorithm: sha256WithRSAEncryption
47:f1:31:8b:c7:72:be:5c:7a:fe:af:56:2b:c2:57:1b:e4:c2:
87:57:db:6d:9a:27:7e:b4:c4:76:d1:78:90:35:61:07:a2:2f:
46:84:f5:db:90:82:c1:ba:e3:c4:3e:40:9d:92:6f:18:f8:2c:
75:5b:fe:99:c3:f9:56:11:bd:ac:ad:5a:05:e4:ea:5f:59:b8:
3e:6a:29:94:c4:11:88:cd:27:ef:cf:a9:db:0d:62:53:6a:ba:
7b:e4:3b:60:09:f1:47:16:45:74:4c:34:2b:83:77:f5:84:9b:
d8:d6:29:00:87:8c:ba:71:b7:90:9b:98:5d:4a:ab:94:0d:0e:
b1:6e:af:71:c8:d1:f9:32:92:8b:35:81:ab:81:85:f8:ca:10:
8d:65:ef:a2:db:df:8e:05:b8:22:73:97:25:41:20:3c:11:24:
dc:52:2b:a5:7c:fe:ad:ad:a6:98:38:30:ca:1e:a4:b6:93:44:
6b:03:d0:17:4e:6e:c9:fb:1a:b6:94:2a:02:6f:e0:ed:eb:cc:
d2:ad:f9:08:29:a3:0a:a8:bb:44:d8:38:8f:3c:9f:fa:ab:0f:
75:6c:34:05:01:2b:24:33:02:5b:60:be:5e:7a:8e:86:24:e2:
f8:87:44:80:d2:e1:4c:b7:28:73:ae:01:71:84:c8:c7:00:0b:
db:c2:30:3e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYP6Qpk3uOEz+sk9qFBYvc42MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjIxMDIxMTExNjUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOThlNGNhNjY1MDg5YjAyYWM5NDMzMjY2N2U2MzZjMmQ0MzYwZWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxgXknyQhKgBMn9ioaTO1fNtsipxb
UyYNUJrb5n5UND1a6rxy7HHNmDEVY/3WvB0fTqotOzYXWzV2htdL68N5bLb9wdtu
NfurufJ2ZL9BLM3WEWs1xipQ2CL9sNljWqC2ahi7KickhEKx4tsnbHOOm7/C5RsJ
RZgEtXg7hM7TtTrTD7lnP3LvPH8SJzZkMvyGElchZxdpLS4XY0kHwvrx67xTFHPn
l0QgLN3Yk0q/GoQJoR6LtXefHKEr0BPOG8AfcmfFZj3ydHVgL042uVyNLd3PTJb6
C3iQxqNiwIVpVZSon1orOYr8b4eejI1YgM+Dnld4Ml74edDup+PXFpkxywIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKmOTKZlCJsCrJQzJmfmNsLUNg6pMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvcVk1TXBtVUltd0tzbERNbVotWTJ3dFEyRHFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVZ6SAwQA
bc3UAwQApNdkMA0GCSqGSIb3DQEBCwUAA4IBAQBH8TGLx3K+XHr+r1Yrwlcb5MKH
V9ttmid+tMR20XiQNWEHoi9GhPXbkILBuuPEPkCdkm8Y+Cx1W/6Zw/lWEb2srVoF
5OpfWbg+aimUxBGIzSfvz6nbDWJTarp75DtgCfFHFkV0TDQrg3f1hJvY1ikAh4y6
cbeQm5hdSquUDQ6xbq9xyNH5MpKLNYGrgYX4yhCNZe+i29+OBbgic5clQSA8ESTc
UiulfP6traaYODDKHqS2k0RrA9AXTm7J+xq2lCoCb+Dt68zSrfkIKaMKqLtE2DiP
PJ/6qw91bDQFASskMwJbYL5eeo6GJOL4h0SA0uFMtyhzrgFxhMjHAAvbwjA+
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:36:06 2025 by rpki-client