Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/ba402c-b00e-4a26-bf53-8e747e34e162/1/cqkQNsKk_1rqGOqQRbqADr9yH7A.roa
File: cqkQNsKk_1rqGOqQRbqADr9yH7A.roa (raw, json)
Hash identifier: YF8Mlg6RPdFu4P5/+0ArAEldAPuOeqVZuO9i2uZEwvk=
Subject key identifier: 72:A9:10:36:C2:A4:FF:5A:EA:18:EA:90:45:BA:80:0E:BF:72:1F:B0
Certificate issuer: /CN=65d9e9266eecabc0fd4a6077eb0ba8fa9f3bde27
Certificate serial: 09B9A02F
Authority key identifier: 65:D9:E9:26:6E:EC:AB:C0:FD:4A:60:77:EB:0B:A8:FA:9F:3B:DE:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZdnpJm7sq8D9SmB36wuo-p873ic.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/ba402c-b00e-4a26-bf53-8e747e34e162/1/cqkQNsKk_1rqGOqQRbqADr9yH7A.roa
Signing time: Sat 01 Jan 2022 01:01:10 +0000
ROA not before: Sat 01 Jan 2022 01:01:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20473
IP address blocks: 95.214.50.0/24 maxlen: 24
95.214.51.0/24 maxlen: 24
95.214.48.0/24 maxlen: 24
95.214.49.0/24 maxlen: 24
2a09:d682::/32 maxlen: 48
2a09:d685::/32 maxlen: 48
2a09:d686::/32 maxlen: 48
2a09:d681::/32 maxlen: 48
2a09:d683::/32 maxlen: 48
2a09:d684::/32 maxlen: 48
2a09:d687::/32 maxlen: 48
2a09:d680::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 163160111 (0x9b9a02f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65d9e9266eecabc0fd4a6077eb0ba8fa9f3bde27
Validity
Not Before: Jan 1 01:01:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=72a91036c2a4ff5aea18ea9045ba800ebf721fb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:6d:11:f4:a5:cc:2d:5a:08:95:5d:45:d4:c3:
6e:3e:e1:22:62:8c:f9:53:cf:71:42:48:4f:80:12:
80:2c:4e:bd:a2:e3:df:db:13:40:32:75:8c:3d:92:
16:2e:44:ae:d1:b8:e8:db:ec:d4:e0:17:2a:89:0c:
83:98:a3:40:50:3e:c6:9a:55:f3:f8:af:e3:4a:8c:
30:9f:44:e2:f7:f0:e2:52:fb:a6:9f:cf:58:d9:0e:
7a:62:84:89:7d:a6:21:ea:08:3d:e7:82:9f:b1:c4:
0b:e0:84:d2:29:77:4a:f6:ae:88:6a:1b:e7:62:c7:
d2:4f:9d:45:13:f5:8d:16:79:22:0b:a7:9f:08:45:
a2:a2:60:ef:da:25:ac:89:1a:b9:13:65:42:19:fb:
bd:ec:c8:d8:ef:bd:2e:c2:b6:81:90:1a:c0:ad:c3:
fd:20:41:c7:8c:88:79:65:9b:74:c7:e4:32:93:4f:
d6:83:43:16:f9:bf:1f:57:f4:73:af:18:d5:9b:36:
1d:f7:a4:1e:e6:e8:2a:ad:61:97:d5:e7:eb:44:94:
4f:1c:f3:78:85:f8:1c:ca:c2:e4:03:09:3b:a1:44:
58:7b:01:39:77:2e:96:45:36:9a:76:44:52:be:4c:
fc:cd:f6:b5:e2:6f:7f:08:fe:eb:d0:08:1f:7e:1d:
55:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:A9:10:36:C2:A4:FF:5A:EA:18:EA:90:45:BA:80:0E:BF:72:1F:B0
X509v3 Authority Key Identifier:
keyid:65:D9:E9:26:6E:EC:AB:C0:FD:4A:60:77:EB:0B:A8:FA:9F:3B:DE:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZdnpJm7sq8D9SmB36wuo-p873ic.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/ba402c-b00e-4a26-bf53-8e747e34e162/1/cqkQNsKk_1rqGOqQRbqADr9yH7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/ba402c-b00e-4a26-bf53-8e747e34e162/1/ZdnpJm7sq8D9SmB36wuo-p873ic.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.48.0/22
IPv6:
2a09:d680::/29
Signature Algorithm: sha256WithRSAEncryption
93:3b:1e:e6:3c:12:85:6d:3c:3f:e8:91:34:e1:4a:09:f6:e4:
0d:6e:d7:1b:31:72:7b:24:f6:2e:9d:0a:f9:41:e1:e8:f7:95:
9f:fa:a1:f8:b5:ff:a0:0a:93:65:7c:71:57:c4:ba:63:f3:22:
6f:35:62:b7:98:ad:35:a2:7b:21:3b:d8:e5:3b:e3:45:a3:b8:
39:da:6d:ef:1d:c2:c1:7c:dc:09:cc:6c:05:36:8a:0a:08:c8:
db:7b:d3:fb:03:8e:0c:12:a5:f8:d4:49:2e:75:1f:cd:d7:f5:
8c:d6:d8:88:b5:d8:13:3b:73:c3:7c:29:85:99:8a:b5:6a:9b:
b7:b9:39:4f:ad:b3:c2:ff:b4:86:14:96:a9:18:1a:fc:6c:3e:
ba:7e:8d:1f:45:4c:e0:3b:d7:9c:05:94:22:c6:f0:0a:46:20:
2b:c4:ee:a1:7c:9c:18:d5:40:3d:3b:f1:3b:72:c1:a5:cc:78:
d6:8a:a9:72:c2:69:99:ad:3d:df:a3:47:07:4a:00:2c:8a:c5:
9d:6b:ef:2e:6e:42:38:9c:7e:32:fc:52:e3:10:cc:9a:fd:1d:
84:28:b9:59:e3:89:66:0c:57:f3:1e:ff:43:1b:a0:93:72:d6:
25:c5:ba:4c:38:a9:3a:26:2f:cd:5f:49:e5:34:36:b9:fc:b4:
cb:56:69:f4
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECbmgLzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NWQ5ZTkyNjZlZWNhYmMwZmQ0YTYwNzdlYjBiYThmYTlmM2JkZTI3MB4XDTIyMDEw
MTAxMDExMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzJhOTEwMzZjMmE0
ZmY1YWVhMThlYTkwNDViYTgwMGViZjcyMWZiMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMptEfSlzC1aCJVdRdTDbj7hImKM+VPPcUJIT4ASgCxOvaLj
39sTQDJ1jD2SFi5ErtG46Nvs1OAXKokMg5ijQFA+xppV8/iv40qMMJ9E4vfw4lL7
pp/PWNkOemKEiX2mIeoIPeeCn7HEC+CE0il3SvauiGob52LH0k+dRRP1jRZ5Igun
nwhFoqJg79olrIkauRNlQhn7vezI2O+9LsK2gZAawK3D/SBBx4yIeWWbdMfkMpNP
1oNDFvm/H1f0c68Y1Zs2HfekHuboKq1hl9Xn60SUTxzzeIX4HMrC5AMJO6FEWHsB
OXculkU2mnZEUr5M/M32teJvfwj+69AIH34dVe8CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRyqRA2wqT/WuoY6pBFuoAOv3IfsDAfBgNVHSMEGDAWgBRl2ekmbuyrwP1K
YHfrC6j6nzveJzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1pkbnBKbTdzcThEOVNtQjM2d3VvLXA4NzNpYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmIvYmE0MDJjLWIwMGUtNGEyNi1iZjUzLThlNzQ3ZTM0ZTE2Mi8x
L2Nxa1FOc0trXzFycUdPcVFSYnFBRHI5eUg3QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmIv
YmE0MDJjLWIwMGUtNGEyNi1iZjUzLThlNzQ3ZTM0ZTE2Mi8xL1pkbnBKbTdzcThE
OVNtQjM2d3VvLXA4NzNpYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAl/WMDANBAIAAjAHAwUDKgnWgDAN
BgkqhkiG9w0BAQsFAAOCAQEAkzse5jwShW08P+iRNOFKCfbkDW7XGzFyeyT2Lp0K
+UHh6PeVn/qh+LX/oAqTZXxxV8S6Y/MibzVit5itNaJ7ITvY5TvjRaO4Odpt7x3C
wXzcCcxsBTaKCgjI23vT+wOODBKl+NRJLnUfzdf1jNbYiLXYEztzw3wphZmKtWqb
t7k5T62zwv+0hhSWqRga/Gw+un6NH0VM4DvXnAWUIsbwCkYgK8TuoXycGNVAPTvx
O3LBpcx41oqpcsJpma0936NHB0oALIrFnWvvLm5COJx+MvxS4xDMmv0dhCi5WeOJ
ZgxX8x7/Qxugk3LWJcW6TDipOiYvzV9J5TQ2ufy0y1Zp9A==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:49 2023 by rpki-client on console-fra.rpki-client.org