Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/60fec7-0b51-4446-9b5d-c741c27b4e22/1/QJdplmx__uZJ4htP5aXIaPjvz_Q.roa
File: QJdplmx__uZJ4htP5aXIaPjvz_Q.roa (raw, json)
Hash identifier: 2Z7PegiwrbvX1sw6yF88nLJjOBV7DbYMnFq7OlWmQLM=
Subject key identifier: 40:97:69:96:6C:7F:FE:E6:49:E2:1B:4F:E5:A5:C8:68:F8:EF:CF:F4
Certificate issuer: /CN=3f96240998fce4124c3cb4dfbacbb0ed1618405a
Certificate serial: 094794B2
Authority key identifier: 3F:96:24:09:98:FC:E4:12:4C:3C:B4:DF:BA:CB:B0:ED:16:18:40:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P5YkCZj85BJMPLTfusuw7RYYQFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/60fec7-0b51-4446-9b5d-c741c27b4e22/1/QJdplmx__uZJ4htP5aXIaPjvz_Q.roa
Signing time: Sat 01 Jan 2022 03:51:19 +0000
ROA not before: Sat 01 Jan 2022 03:51:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198101
IP address blocks: 185.52.216.0/24 maxlen: 24
185.52.216.0/22 maxlen: 22
185.52.218.0/24 maxlen: 24
185.52.217.0/24 maxlen: 24
185.52.219.0/24 maxlen: 24
2a04:bf80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 155686066 (0x94794b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f96240998fce4124c3cb4dfbacbb0ed1618405a
Validity
Not Before: Jan 1 03:51:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=409769966c7ffee649e21b4fe5a5c868f8efcff4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:4e:4f:5e:47:f9:af:0b:22:a1:c1:59:be:e9:
ef:d2:9b:ca:46:5c:7f:13:d7:5f:eb:e5:52:38:7a:
22:c8:1d:45:4c:6e:d4:e2:2c:dd:a0:54:07:87:2c:
33:91:a1:a1:b7:64:4d:f5:2c:db:ea:ca:f7:f0:97:
ff:d9:52:ff:34:dd:2f:15:65:73:a3:36:a1:58:73:
82:12:d2:5b:16:26:32:f0:d2:22:70:fd:4d:37:60:
05:ce:f7:f6:f7:46:12:5a:93:9d:48:d8:27:fd:c0:
b1:9e:3a:ef:c5:98:40:28:5c:c0:03:43:01:3a:6a:
fe:53:e4:f0:0a:87:8f:65:05:e1:3f:f4:6b:4a:c2:
e4:81:38:f9:e9:d5:5c:ba:79:28:68:e1:59:17:a8:
f0:de:a1:24:a6:ac:f2:e2:3c:fa:44:c9:45:30:24:
f4:e0:62:72:10:8a:36:43:2f:a1:60:2e:4c:2c:bc:
a0:24:58:81:99:bc:e0:6d:2a:0b:d2:29:d9:ff:14:
af:b8:23:7d:ea:56:7c:33:75:87:b9:57:1f:cb:7c:
6d:57:d5:87:d2:fc:45:de:a9:76:79:b4:ca:78:c5:
c7:ec:be:3b:6d:c4:1b:7a:7d:26:51:4a:08:a3:4a:
61:23:bb:a1:05:fa:16:59:4a:6c:08:67:32:66:88:
f5:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:97:69:96:6C:7F:FE:E6:49:E2:1B:4F:E5:A5:C8:68:F8:EF:CF:F4
X509v3 Authority Key Identifier:
keyid:3F:96:24:09:98:FC:E4:12:4C:3C:B4:DF:BA:CB:B0:ED:16:18:40:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P5YkCZj85BJMPLTfusuw7RYYQFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/60fec7-0b51-4446-9b5d-c741c27b4e22/1/QJdplmx__uZJ4htP5aXIaPjvz_Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/60fec7-0b51-4446-9b5d-c741c27b4e22/1/P5YkCZj85BJMPLTfusuw7RYYQFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.52.216.0/22
IPv6:
2a04:bf80::/29
Signature Algorithm: sha256WithRSAEncryption
97:2c:90:2d:78:6f:19:de:6e:af:d8:6a:c0:b3:04:a2:08:9e:
18:eb:cb:6b:de:ff:00:f1:ef:fa:45:cd:06:af:81:7e:2a:54:
61:d1:a4:a4:7a:3a:b7:5d:0e:8b:49:78:09:82:c5:78:bc:da:
ed:60:4b:de:7d:0a:8d:b4:da:4a:35:44:30:06:d7:4b:65:7f:
88:3e:af:20:cc:53:8f:31:97:67:96:50:3b:7a:0c:db:0d:53:
26:db:a5:73:42:f6:8c:be:2f:29:5f:4f:ec:44:e7:80:a2:a2:
9d:98:37:30:2b:a9:4e:90:4e:f5:77:61:1e:0b:38:4e:3e:26:
dc:ab:3f:2b:39:62:e1:47:cf:a4:dd:48:8a:1b:5b:fd:27:80:
84:8e:2c:01:20:64:2d:97:91:1d:da:fe:c0:ee:13:95:5f:ba:
4b:8a:8f:2a:8f:fb:84:4f:d4:04:71:dc:3f:57:67:41:76:f1:
81:3c:17:b7:60:9f:b4:58:aa:53:89:ed:22:d7:fb:97:3b:1e:
ad:c2:d0:95:31:d4:c7:9e:b1:2c:36:e1:59:45:da:fe:65:5c:
9a:dd:43:20:1e:9f:04:cc:a0:fa:d5:86:b8:5f:45:ee:7e:bb:
fc:a7:8d:74:7e:57:76:19:82:cb:27:b3:93:4c:d4:c8:d4:32:
da:f0:82:77
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECUeUsjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
Zjk2MjQwOTk4ZmNlNDEyNGMzY2I0ZGZiYWNiYjBlZDE2MTg0MDVhMB4XDTIyMDEw
MTAzNTExOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDA5NzY5OTY2Yzdm
ZmVlNjQ5ZTIxYjRmZTVhNWM4NjhmOGVmY2ZmNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANhOT15H+a8LIqHBWb7p79KbykZcfxPXX+vlUjh6IsgdRUxu
1OIs3aBUB4csM5GhobdkTfUs2+rK9/CX/9lS/zTdLxVlc6M2oVhzghLSWxYmMvDS
InD9TTdgBc739vdGElqTnUjYJ/3AsZ4678WYQChcwANDATpq/lPk8AqHj2UF4T/0
a0rC5IE4+enVXLp5KGjhWReo8N6hJKas8uI8+kTJRTAk9OBichCKNkMvoWAuTCy8
oCRYgZm84G0qC9Ip2f8Ur7gjfepWfDN1h7lXH8t8bVfVh9L8Rd6pdnm0ynjFx+y+
O23EG3p9JlFKCKNKYSO7oQX6FllKbAhnMmaI9SkCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRAl2mWbH/+5kniG0/lpcho+O/P9DAfBgNVHSMEGDAWgBQ/liQJmPzkEkw8
tN+6y7DtFhhAWjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1A1WWtDWmo4NUJKTVBMVGZ1c3V3N1JZWVFGby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmYvNjBmZWM3LTBiNTEtNDQ0Ni05YjVkLWM3NDFjMjdiNGUyMi8x
L1FKZHBsbXhfX3VaSjRodFA1YVhJYVBqdnpfUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmYv
NjBmZWM3LTBiNTEtNDQ0Ni05YjVkLWM3NDFjMjdiNGUyMi8xL1A1WWtDWmo4NUJK
TVBMVGZ1c3V3N1JZWVFGby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArk02DANBAIAAjAHAwUDKgS/gDAN
BgkqhkiG9w0BAQsFAAOCAQEAlyyQLXhvGd5ur9hqwLMEogieGOvLa97/APHv+kXN
Bq+BfipUYdGkpHo6t10Oi0l4CYLFeLza7WBL3n0KjbTaSjVEMAbXS2V/iD6vIMxT
jzGXZ5ZQO3oM2w1TJtulc0L2jL4vKV9P7ETngKKinZg3MCupTpBO9XdhHgs4Tj4m
3Ks/Kzli4UfPpN1Iihtb/SeAhI4sASBkLZeRHdr+wO4TlV+6S4qPKo/7hE/UBHHc
P1dnQXbxgTwXt2CftFiqU4ntItf7lzsercLQlTHUx56xLDbhWUXa/mVcmt1DIB6f
BMyg+tWGuF9F7n67/KeNdH5XdhmCyyezk0zUyNQy2vCCdw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:19:32 2025 by rpki-client