Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/de9957-c7cc-4997-a22b-165a846d481d/1/Q0OBYNysZiF8UFNXZsO6O56JR0Y.roa
File: Q0OBYNysZiF8UFNXZsO6O56JR0Y.roa (raw, json)
Hash identifier: v/MKB32hxGFrP8//hnMSiAv/jc+xZ/Lo8WYgkhUYDBQ=
Subject key identifier: 43:43:81:60:DC:AC:66:21:7C:50:53:57:66:C3:BA:3B:9E:89:47:46
Certificate issuer: /CN=8beb65a71af02959272acc00d5c4c1958385de94
Certificate serial: 375BD22B
Authority key identifier: 8B:EB:65:A7:1A:F0:29:59:27:2A:CC:00:D5:C4:C1:95:83:85:DE:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i-tlpxrwKVknKswA1cTBlYOF3pQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/de9957-c7cc-4997-a22b-165a846d481d/1/Q0OBYNysZiF8UFNXZsO6O56JR0Y.roa
Signing time: Sat 01 Jan 2022 12:59:12 +0000
ROA not before: Sat 01 Jan 2022 12:59:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41676
IP address blocks: 176.241.240.0/21 maxlen: 21
185.93.92.0/22 maxlen: 22
185.102.188.0/22 maxlen: 22
80.238.96.0/19 maxlen: 19
109.233.88.0/21 maxlen: 21
77.46.0.0/22 maxlen: 22
185.25.216.0/22 maxlen: 22
93.174.24.0/21 maxlen: 21
185.78.132.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 928764459 (0x375bd22b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8beb65a71af02959272acc00d5c4c1958385de94
Validity
Not Before: Jan 1 12:59:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=43438160dcac66217c50535766c3ba3b9e894746
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:a5:78:ac:09:83:12:ae:20:e3:2a:c1:7c:b8:
3e:96:be:39:31:2f:90:e6:10:52:f7:c7:25:a0:8d:
2e:d1:d3:ad:bb:70:db:7a:e9:b1:ff:17:9e:9d:22:
60:fd:6c:1f:b0:f7:e8:7a:a1:b8:01:57:d6:7d:22:
3b:99:5c:20:8a:f7:e6:3e:db:77:4c:3d:cb:0f:1d:
3e:65:69:4d:29:a9:c2:ee:c8:68:ed:27:15:9a:f1:
1d:2b:65:b0:bb:c1:01:93:63:4b:1e:75:7f:92:4a:
3c:a1:76:ab:25:a3:b1:05:c6:b0:ca:fb:37:3f:46:
6c:11:15:9b:86:20:bc:b9:d1:5c:8b:29:cb:1a:04:
b9:54:e2:09:c6:21:c9:20:af:a6:e8:a5:28:66:36:
60:8a:bf:4d:13:c6:d6:55:ee:fe:4d:b4:ec:f8:28:
5a:ba:ab:d9:74:ae:e7:03:69:2a:31:a6:5f:07:cd:
64:b2:18:42:c4:ca:ab:39:29:2b:72:fb:e6:ec:65:
6c:19:74:d5:a5:44:78:29:f5:63:28:cb:98:8d:b4:
ed:31:8f:09:29:5d:82:d9:24:80:47:2f:bd:f5:83:
58:2f:93:2c:ef:9d:ed:0b:99:63:02:b9:43:fc:37:
56:d6:0b:9c:75:cd:b9:10:c5:17:23:05:dd:33:90:
c8:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:43:81:60:DC:AC:66:21:7C:50:53:57:66:C3:BA:3B:9E:89:47:46
X509v3 Authority Key Identifier:
keyid:8B:EB:65:A7:1A:F0:29:59:27:2A:CC:00:D5:C4:C1:95:83:85:DE:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i-tlpxrwKVknKswA1cTBlYOF3pQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/de9957-c7cc-4997-a22b-165a846d481d/1/Q0OBYNysZiF8UFNXZsO6O56JR0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/de9957-c7cc-4997-a22b-165a846d481d/1/i-tlpxrwKVknKswA1cTBlYOF3pQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.46.0.0/22
80.238.96.0/19
93.174.24.0/21
109.233.88.0/21
176.241.240.0/21
185.25.216.0/22
185.78.132.0/22
185.93.92.0/22
185.102.188.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:c6:1f:4a:cc:f3:8e:1d:b3:0c:c9:b6:18:73:5d:e8:bf:49:
8a:70:15:34:bc:a9:c5:fb:3a:60:95:51:fb:bd:a6:a5:e5:a7:
08:42:3b:a4:a2:ae:bb:6b:50:fd:7e:29:6b:01:bc:9a:78:bd:
26:67:a5:c7:eb:af:41:cc:bf:8f:18:88:29:63:4b:7a:25:e5:
42:44:54:a6:62:fb:bf:18:66:44:37:8f:bb:11:51:b6:0d:cf:
17:2e:d6:5c:51:a2:9f:c6:82:53:ea:39:86:85:c7:5c:1a:09:
85:6f:72:dd:c3:dc:2e:1b:86:b0:2e:b3:17:3d:6b:1e:8a:44:
08:57:38:d0:ee:50:88:8f:87:ec:44:25:89:ff:6c:6c:bf:31:
7a:59:cc:fc:16:32:38:7c:69:e9:df:1e:66:a5:2e:12:74:cc:
10:1e:49:0b:68:93:be:e1:82:57:89:b3:48:ea:fa:2a:72:0a:
42:96:f1:63:7b:a9:a5:1a:59:98:06:66:ab:e9:5d:23:59:b6:
82:69:52:09:95:13:7f:7b:94:15:c0:c6:2d:35:f4:11:9c:53:
8f:d7:b1:3c:1f:73:3f:52:11:fb:e9:0f:1f:5e:7d:3c:5a:92:
09:7c:fb:26:4c:37:96:a3:8c:aa:63:09:a6:4d:5f:5d:e1:41:
f2:97:47:00
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEN1vSKzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YmViNjVhNzFhZjAyOTU5MjcyYWNjMDBkNWM0YzE5NTgzODVkZTk0MB4XDTIyMDEw
MTEyNTkxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDM0MzgxNjBkY2Fj
NjYyMTdjNTA1MzU3NjZjM2JhM2I5ZTg5NDc0NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIuleKwJgxKuIOMqwXy4Ppa+OTEvkOYQUvfHJaCNLtHTrbtw
23rpsf8Xnp0iYP1sH7D36HqhuAFX1n0iO5lcIIr35j7bd0w9yw8dPmVpTSmpwu7I
aO0nFZrxHStlsLvBAZNjSx51f5JKPKF2qyWjsQXGsMr7Nz9GbBEVm4YgvLnRXIsp
yxoEuVTiCcYhySCvpuilKGY2YIq/TRPG1lXu/k207PgoWrqr2XSu5wNpKjGmXwfN
ZLIYQsTKqzkpK3L75uxlbBl01aVEeCn1YyjLmI207TGPCSldgtkkgEcvvfWDWC+T
LO+d7QuZYwK5Q/w3VtYLnHXNuRDFFyMF3TOQyKECAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBRDQ4Fg3KxmIXxQU1dmw7o7nolHRjAfBgNVHSMEGDAWgBSL62WnGvApWScq
zADVxMGVg4XelDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ktdGxweHJ3S1Zrbktzd0ExY1RCbFlPRjNwUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjUvZGU5OTU3LWM3Y2MtNDk5Ny1hMjJiLTE2NWE4NDZkNDgxZC8x
L1EwT0JZTnlzWmlGOFVGTlhac082TzU2SlIwWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjUv
ZGU5OTU3LWM3Y2MtNDk5Ny1hMjJiLTE2NWE4NDZkNDgxZC8xL2ktdGxweHJ3S1Zr
bktzd0ExY1RCbFlPRjNwUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEAk0uAAMEBVDuYAMEA12uGAMEA23p
WAMEA7Dx8AMEArkZ2AMEArlOhAMEArldXAMEArlmvDANBgkqhkiG9w0BAQsFAAOC
AQEAK8YfSszzjh2zDMm2GHNd6L9JinAVNLypxfs6YJVR+72mpeWnCEI7pKKuu2tQ
/X4pawG8mni9Jmelx+uvQcy/jxiIKWNLeiXlQkRUpmL7vxhmRDePuxFRtg3PFy7W
XFGin8aCU+o5hoXHXBoJhW9y3cPcLhuGsC6zFz1rHopECFc40O5QiI+H7EQlif9s
bL8xelnM/BYyOHxp6d8eZqUuEnTMEB5JC2iTvuGCV4mzSOr6KnIKQpbxY3uppRpZ
mAZmq+ldI1m2gmlSCZUTf3uUFcDGLTX0EZxTj9exPB9zP1IR++kPH159PFqSCXz7
Jkw3lqOMqmMJpk1fXeFB8pdHAA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:26 2025 by rpki-client