Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/BQzRJXK5CcnXFsxfIGmBFBxzt3E.roa
File: BQzRJXK5CcnXFsxfIGmBFBxzt3E.roa (raw, json)
Hash identifier: Euc8nxb48AeRyOg7zMgeyaEfAoO6PgTn5KyXC9Ww1dc=
Subject key identifier: 05:0C:D1:25:72:B9:09:C9:D7:16:CC:5F:20:69:81:14:1C:73:B7:71
Certificate issuer: /CN=5a141c5090824d0a17c29ec4050e21007113fbda
Certificate serial: 369C8113
Authority key identifier: 5A:14:1C:50:90:82:4D:0A:17:C2:9E:C4:05:0E:21:00:71:13:FB:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WhQcUJCCTQoXwp7EBQ4hAHET-9o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/BQzRJXK5CcnXFsxfIGmBFBxzt3E.roa
Signing time: Sat 01 Jan 2022 07:03:39 +0000
ROA not before: Sat 01 Jan 2022 07:03:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6461
IP address blocks: 185.85.76.0/22 maxlen: 22
91.190.168.0/21 maxlen: 21
5.63.24.0/21 maxlen: 21
2a02:798::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 916226323 (0x369c8113)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a141c5090824d0a17c29ec4050e21007113fbda
Validity
Not Before: Jan 1 07:03:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=050cd12572b909c9d716cc5f206981141c73b771
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:b7:d8:4f:5d:bd:a4:9a:c3:24:5e:71:15:5c:
d2:fa:10:57:87:d8:7e:86:cb:26:f3:14:b5:ce:fb:
b7:f3:5a:94:7f:06:82:77:d5:25:1f:cf:06:bd:f4:
f1:73:d0:53:23:4b:c3:84:ff:f9:9a:d9:20:27:7d:
d6:ca:41:b0:f5:b6:67:fe:b1:27:17:e2:e1:4d:44:
3d:5b:a4:79:72:e6:1d:a7:c1:d7:ac:34:5e:7f:b8:
ef:ee:69:62:78:44:0e:0e:f1:c2:92:79:d7:65:06:
a1:5b:6e:69:d1:a1:72:b5:fc:c9:c8:d8:f1:50:df:
c4:7e:95:59:0b:7b:0a:eb:16:8a:5f:9a:7f:4f:46:
05:6e:b6:56:7f:51:af:d1:39:0d:25:46:31:69:bb:
97:29:8d:49:76:54:02:2f:c2:3f:84:45:cd:ab:99:
7b:54:70:13:30:6f:c2:b9:91:d1:4a:23:a3:0f:58:
34:5c:2c:2c:73:82:07:10:00:6e:3c:aa:06:40:3e:
e7:b1:a0:e3:b8:b2:68:e2:69:f0:14:ea:92:45:d8:
7e:8c:7f:1e:fc:a5:8c:dc:ab:b3:5f:00:33:a3:b9:
32:cd:b4:92:89:4f:0f:b1:a9:29:85:ed:75:95:1b:
64:ac:65:52:6b:16:69:97:56:85:85:28:d9:a4:49:
3b:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:0C:D1:25:72:B9:09:C9:D7:16:CC:5F:20:69:81:14:1C:73:B7:71
X509v3 Authority Key Identifier:
keyid:5A:14:1C:50:90:82:4D:0A:17:C2:9E:C4:05:0E:21:00:71:13:FB:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WhQcUJCCTQoXwp7EBQ4hAHET-9o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/BQzRJXK5CcnXFsxfIGmBFBxzt3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/WhQcUJCCTQoXwp7EBQ4hAHET-9o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.24.0/21
91.190.168.0/21
185.85.76.0/22
IPv6:
2a02:798::/32
Signature Algorithm: sha256WithRSAEncryption
13:d8:60:3e:b6:a7:d3:2d:27:85:f5:f7:f8:a5:51:81:5b:e2:
d6:b9:73:a0:40:71:fb:18:31:08:4a:15:c2:1d:09:a9:b8:d4:
7a:2e:4e:43:1d:69:7e:2e:40:c5:9d:26:c5:36:c3:72:bf:5d:
dc:70:35:7f:2e:45:8b:45:a8:c4:02:16:84:73:a4:c0:5c:29:
9e:56:3e:2c:1a:60:2e:69:e7:95:22:34:e2:48:8b:88:a0:f1:
14:83:73:b4:77:3f:c6:a4:27:e7:23:c0:88:ec:a0:af:89:09:
a7:1d:72:38:b6:30:33:3e:35:10:32:70:63:86:81:5c:71:ec:
9f:78:21:7e:a9:48:0a:17:73:72:39:95:16:2e:77:41:69:11:
ca:5d:5b:15:c0:b8:24:32:c7:82:52:89:ff:d5:e4:b5:a8:ed:
b2:3b:d1:f3:50:5c:35:df:33:fa:86:e0:70:a6:9d:23:ea:67:
7f:50:e5:1a:6c:ad:5a:a6:7a:db:1c:fa:b4:4f:28:4f:7d:b9:
61:d8:58:d9:cd:04:86:1a:e7:a5:87:92:02:5a:2c:e6:f6:8d:
b6:94:51:96:7a:64:17:f2:17:2f:8d:32:23:e6:7e:ed:13:56:
f8:1a:2f:60:ed:a3:ba:7d:c8:9b:0c:1b:3b:d1:fc:e7:fd:d6:
28:95:c5:a6
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIENpyBEzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YTE0MWM1MDkwODI0ZDBhMTdjMjllYzQwNTBlMjEwMDcxMTNmYmRhMB4XDTIyMDEw
MTA3MDMzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDUwY2QxMjU3MmI5
MDljOWQ3MTZjYzVmMjA2OTgxMTQxYzczYjc3MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMK32E9dvaSawyRecRVc0voQV4fYfobLJvMUtc77t/NalH8G
gnfVJR/PBr308XPQUyNLw4T/+ZrZICd91spBsPW2Z/6xJxfi4U1EPVukeXLmHafB
16w0Xn+47+5pYnhEDg7xwpJ512UGoVtuadGhcrX8ycjY8VDfxH6VWQt7CusWil+a
f09GBW62Vn9Rr9E5DSVGMWm7lymNSXZUAi/CP4RFzauZe1RwEzBvwrmR0Uojow9Y
NFwsLHOCBxAAbjyqBkA+57Gg47iyaOJp8BTqkkXYfox/HvyljNyrs18AM6O5Ms20
kolPD7GpKYXtdZUbZKxlUmsWaZdWhYUo2aRJO5kCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBQFDNElcrkJydcWzF8gaYEUHHO3cTAfBgNVHSMEGDAWgBRaFBxQkIJNChfC
nsQFDiEAcRP72jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1doUWNVSkNDVFFvWHdwN0VCUTRoQUhFVC05by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWUvYjIwZTkwLWJmNmUtNGUyNS04N2Q1LWVjZWVmZjhlODRlMC8x
L0JRelJKWEs1Q2NuWEZzeGZJR21CRkJ4enQzRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWUv
YjIwZTkwLWJmNmUtNGUyNS04N2Q1LWVjZWVmZjhlODRlMC8xL1doUWNVSkNDVFFv
WHdwN0VCUTRoQUhFVC05by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAwU/GAMEA1u+qAMEArlVTDANBAIA
AjAHAwUAKgIHmDANBgkqhkiG9w0BAQsFAAOCAQEAE9hgPran0y0nhfX3+KVRgVvi
1rlzoEBx+xgxCEoVwh0JqbjUei5OQx1pfi5AxZ0mxTbDcr9d3HA1fy5Fi0WoxAIW
hHOkwFwpnlY+LBpgLmnnlSI04kiLiKDxFINztHc/xqQn5yPAiOygr4kJpx1yOLYw
Mz41EDJwY4aBXHHsn3ghfqlIChdzcjmVFi53QWkRyl1bFcC4JDLHglKJ/9Xktajt
sjvR81BcNd8z+obgcKadI+pnf1DlGmytWqZ62xz6tE8oT325YdhY2c0EhhrnpYeS
Alos5vaNtpRRlnpkF/IXL40yI+Z+7RNW+BovYO2jun3ImwwbO9H85/3WKJXFpg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:08 2023 by rpki-client on console-fra.rpki-client.org