Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/9b3453-ae79-4f3c-bc72-5d8fe9acef83/1/qn32HDkgMzJAf5MhdzFOR1Nsw3Y.roa
File: qn32HDkgMzJAf5MhdzFOR1Nsw3Y.roa (raw, json)
Hash identifier: THIJFYnfZToo2EUAYjW5iSujVfrNpbgXgRUHI/ttqRU=
Subject key identifier: AA:7D:F6:1C:39:20:33:32:40:7F:93:21:77:31:4E:47:53:6C:C3:76
Certificate issuer: /CN=774d215caedb050d6f6fe8426d5058afe29aa896
Certificate serial: 0CDC2E34
Authority key identifier: 77:4D:21:5C:AE:DB:05:0D:6F:6F:E8:42:6D:50:58:AF:E2:9A:A8:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d00hXK7bBQ1vb-hCbVBYr-KaqJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/9b3453-ae79-4f3c-bc72-5d8fe9acef83/1/qn32HDkgMzJAf5MhdzFOR1Nsw3Y.roa
Signing time: Sat 01 Jan 2022 04:04:15 +0000
ROA not before: Sat 01 Jan 2022 04:04:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47264
IP address blocks: 185.66.112.0/24 maxlen: 24
185.66.113.0/24 maxlen: 24
185.66.115.0/24 maxlen: 24
185.66.114.0/24 maxlen: 24
93.191.32.0/21 maxlen: 21
178.248.105.0/24 maxlen: 24
178.248.104.0/21 maxlen: 21
2a02:400::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 215756340 (0xcdc2e34)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=774d215caedb050d6f6fe8426d5058afe29aa896
Validity
Not Before: Jan 1 04:04:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aa7df61c39203332407f932177314e47536cc376
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:de:d3:c1:d1:2a:cb:c3:30:69:f5:bb:a0:32:
d3:d8:94:6e:4a:7f:35:64:13:43:57:89:9c:b4:b1:
e7:0d:29:19:1a:ed:4b:a7:8c:c5:c2:00:06:b7:7e:
f0:f9:0e:4d:9f:17:02:1e:f8:58:b1:45:6b:e3:16:
b3:68:cb:19:ec:79:e2:17:c4:c2:06:2d:0f:c0:ae:
12:88:72:36:9e:62:82:4e:ce:69:99:d7:d1:97:62:
b7:2b:4e:4b:20:80:68:10:87:53:09:71:66:7a:6f:
c7:4a:11:f5:7d:51:2b:a3:84:fd:ff:21:49:8a:3c:
73:52:6f:df:10:ba:42:6a:5d:74:bb:2b:a7:48:2d:
30:ca:00:78:84:49:8d:c2:2a:97:07:61:41:c7:9c:
34:c4:e9:de:06:12:85:22:42:8d:1c:d3:7b:55:d1:
4d:55:f1:01:40:4d:c5:fb:26:70:b4:c4:06:ca:19:
2d:58:69:f3:ba:4b:30:fe:b1:b8:b0:da:35:45:98:
a9:1e:23:27:28:5b:e4:48:8c:3a:84:05:e3:04:d2:
36:a4:13:b4:97:73:6e:f9:59:eb:7a:bd:d7:3b:d9:
17:13:7b:7c:22:76:fb:ea:14:0b:50:33:db:88:2e:
67:14:40:53:6c:70:cd:8c:07:fd:5d:dd:66:5e:56:
cf:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:7D:F6:1C:39:20:33:32:40:7F:93:21:77:31:4E:47:53:6C:C3:76
X509v3 Authority Key Identifier:
keyid:77:4D:21:5C:AE:DB:05:0D:6F:6F:E8:42:6D:50:58:AF:E2:9A:A8:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d00hXK7bBQ1vb-hCbVBYr-KaqJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/9b3453-ae79-4f3c-bc72-5d8fe9acef83/1/qn32HDkgMzJAf5MhdzFOR1Nsw3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/9b3453-ae79-4f3c-bc72-5d8fe9acef83/1/d00hXK7bBQ1vb-hCbVBYr-KaqJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.191.32.0/21
178.248.104.0/21
185.66.112.0/22
IPv6:
2a02:400::/32
Signature Algorithm: sha256WithRSAEncryption
30:11:fc:95:e3:5c:6c:2c:77:d2:58:49:d3:52:67:eb:21:d6:
41:ad:ef:99:ef:77:9b:50:6e:34:78:28:66:c3:2f:64:c8:af:
2d:60:46:dc:03:72:1a:fd:d7:db:ae:6b:e6:b4:b5:8a:be:6c:
c1:ab:3a:7b:cd:f2:cf:00:14:9f:f3:2f:49:d8:ee:f0:8c:cf:
0a:10:c2:cc:2c:ed:a2:bf:89:f2:27:13:6d:cf:2d:63:19:3c:
09:3c:61:c7:99:61:57:85:4a:0c:5a:54:1e:3d:07:9d:75:85:
1b:2a:28:32:55:a1:a0:0a:53:46:8b:29:23:f0:30:14:1a:05:
63:41:e2:1e:2d:86:f7:f0:6b:7f:1d:ec:ea:ad:f4:81:58:d8:
be:8f:b5:bf:77:55:e6:c9:28:82:9d:4d:f1:43:c7:25:ab:9c:
66:40:f3:fd:2b:26:4a:77:3f:1b:5b:60:57:aa:e6:5f:33:f6:
91:86:d2:c8:86:2d:bf:bc:4f:74:ee:9b:f2:84:66:3b:2d:65:
53:bc:c0:b2:76:50:be:a3:70:5b:a4:99:14:b7:49:d1:85:3b:
c5:19:f4:80:e1:bf:47:04:af:cf:c9:26:3a:fa:f7:57:2d:13:
8c:01:3a:97:f6:11:d4:9a:32:33:d3:e6:be:bd:c8:dc:c8:a1:
e7:e6:90:fd
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEDNwuNDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NzRkMjE1Y2FlZGIwNTBkNmY2ZmU4NDI2ZDUwNThhZmUyOWFhODk2MB4XDTIyMDEw
MTA0MDQxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWE3ZGY2MWMzOTIw
MzMzMjQwN2Y5MzIxNzczMTRlNDc1MzZjYzM3NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALje08HRKsvDMGn1u6Ay09iUbkp/NWQTQ1eJnLSx5w0pGRrt
S6eMxcIABrd+8PkOTZ8XAh74WLFFa+MWs2jLGex54hfEwgYtD8CuEohyNp5igk7O
aZnX0ZditytOSyCAaBCHUwlxZnpvx0oR9X1RK6OE/f8hSYo8c1Jv3xC6QmpddLsr
p0gtMMoAeIRJjcIqlwdhQcecNMTp3gYShSJCjRzTe1XRTVXxAUBNxfsmcLTEBsoZ
LVhp87pLMP6xuLDaNUWYqR4jJyhb5EiMOoQF4wTSNqQTtJdzbvlZ63q91zvZFxN7
fCJ2++oUC1Az24guZxRAU2xwzYwH/V3dZl5WzzUCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBSqffYcOSAzMkB/kyF3MU5HU2zDdjAfBgNVHSMEGDAWgBR3TSFcrtsFDW9v
6EJtUFiv4pqoljAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2QwMGhYSzdiQlExdmItaENiVkJZci1LYXFKWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTUvOWIzNDUzLWFlNzktNGYzYy1iYzcyLTVkOGZlOWFjZWY4My8x
L3FuMzJIRGtnTXpKQWY1TWhkekZPUjFOc3czWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTUv
OWIzNDUzLWFlNzktNGYzYy1iYzcyLTVkOGZlOWFjZWY4My8xL2QwMGhYSzdiQlEx
dmItaENiVkJZci1LYXFKWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEA12/IAMEA7L4aAMEArlCcDANBAIA
AjAHAwUAKgIEADANBgkqhkiG9w0BAQsFAAOCAQEAMBH8leNcbCx30lhJ01Jn6yHW
Qa3vme93m1BuNHgoZsMvZMivLWBG3ANyGv3X265r5rS1ir5swas6e83yzwAUn/Mv
Sdju8IzPChDCzCztor+J8icTbc8tYxk8CTxhx5lhV4VKDFpUHj0HnXWFGyooMlWh
oApTRospI/AwFBoFY0HiHi2G9/Brfx3s6q30gVjYvo+1v3dV5skogp1N8UPHJauc
ZkDz/SsmSnc/G1tgV6rmXzP2kYbSyIYtv7xPdO6b8oRmOy1lU7zAsnZQvqNwW6SZ
FLdJ0YU7xRn0gOG/RwSvz8kmOvr3Vy0TjAE6l/YR1JoyM9Pmvr3I3Mih5+aQ/Q==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:06 2023 by rpki-client on console.sobornost.net