Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/6ec39c-a9d4-4a12-810a-4f0650da545b/1/QLDxptYgsqKjR7w2tQlKBXAO6-M.roa
File: QLDxptYgsqKjR7w2tQlKBXAO6-M.roa (raw, json)
Hash identifier: YJzBfledpsXtsliEbkn/SFO3LJREEnFVV+hsPxzraR4=
Subject key identifier: 40:B0:F1:A6:D6:20:B2:A2:A3:47:BC:36:B5:09:4A:05:70:0E:EB:E3
Certificate issuer: /CN=3e50d1dd31bc7449bacc1864b01af994c547efd3
Certificate serial: 0C195EC5
Authority key identifier: 3E:50:D1:DD:31:BC:74:49:BA:CC:18:64:B0:1A:F9:94:C5:47:EF:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PlDR3TG8dEm6zBhksBr5lMVH79M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/6ec39c-a9d4-4a12-810a-4f0650da545b/1/QLDxptYgsqKjR7w2tQlKBXAO6-M.roa
Signing time: Fri 17 Jun 2022 08:08:44 +0000
ROA not before: Fri 17 Jun 2022 08:08:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43376
IP address blocks: 86.104.179.0/24 maxlen: 24
86.104.178.0/24 maxlen: 24
86.104.177.0/24 maxlen: 24
86.104.176.0/24 maxlen: 24
86.104.182.0/24 maxlen: 24
86.104.180.0/24 maxlen: 24
86.104.183.0/24 maxlen: 24
188.240.82.0/24 maxlen: 24
91.194.234.0/24 maxlen: 24
185.163.105.0/24 maxlen: 24
185.163.104.0/24 maxlen: 24
185.163.106.0/24 maxlen: 24
185.163.107.0/24 maxlen: 24
93.115.243.0/24 maxlen: 24
2a0b:8800:2::/48 maxlen: 48
2a0b:8800:3::/48 maxlen: 48
2a0b:8800:1::/48 maxlen: 48
2a0b:8800::/48 maxlen: 48
2001:67c:2170::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 202989253 (0xc195ec5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e50d1dd31bc7449bacc1864b01af994c547efd3
Validity
Not Before: Jun 17 08:08:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=40b0f1a6d620b2a2a347bc36b5094a05700eebe3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c4:96:04:ce:84:d2:f4:af:69:20:26:46:ba:
71:d8:46:ec:48:94:4b:64:31:f8:f6:fa:cf:4b:a0:
7e:18:4c:d3:a0:6c:9b:2d:49:7c:30:6f:44:ab:92:
42:7f:c1:13:2f:8f:62:8e:ae:23:cc:ac:c4:c7:cf:
c5:d1:cb:82:22:9c:81:06:16:62:83:28:3e:f3:5e:
c4:f9:c4:c2:29:31:51:8f:8f:1f:78:92:91:20:aa:
ac:fd:de:15:4f:9f:da:e5:26:4c:5b:e1:aa:1a:86:
f6:c4:6e:a4:b0:74:24:6c:0b:5d:e2:b8:ce:0f:0a:
1d:fe:eb:41:fa:d3:b6:e2:72:d8:8e:03:9f:d8:12:
9b:c6:27:e0:49:25:3a:ef:54:02:37:08:12:af:89:
a1:1a:63:89:2a:83:d7:7d:c7:38:bf:9e:d7:1c:2d:
b9:41:82:9f:7c:1b:12:96:9f:ca:cf:67:6a:72:ae:
e2:6a:ee:ef:34:f6:77:73:76:28:32:4d:20:6b:66:
fd:0c:28:35:a2:ba:b7:6c:c8:3f:13:31:ab:a8:cc:
66:df:c8:3b:9f:a1:96:29:af:a0:c8:ed:b0:c3:bd:
3e:68:a6:6e:91:7e:74:57:5a:0f:38:4b:46:13:77:
cc:47:ad:68:a4:39:36:b9:5e:b1:83:7a:6b:8b:8d:
ea:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:B0:F1:A6:D6:20:B2:A2:A3:47:BC:36:B5:09:4A:05:70:0E:EB:E3
X509v3 Authority Key Identifier:
keyid:3E:50:D1:DD:31:BC:74:49:BA:CC:18:64:B0:1A:F9:94:C5:47:EF:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PlDR3TG8dEm6zBhksBr5lMVH79M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/6ec39c-a9d4-4a12-810a-4f0650da545b/1/QLDxptYgsqKjR7w2tQlKBXAO6-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/6ec39c-a9d4-4a12-810a-4f0650da545b/1/PlDR3TG8dEm6zBhksBr5lMVH79M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.104.176.0-86.104.180.255
86.104.182.0/23
91.194.234.0/24
93.115.243.0/24
185.163.104.0/22
188.240.82.0/24
IPv6:
2001:67c:2170::/48
2a0b:8800::/46
Signature Algorithm: sha256WithRSAEncryption
43:dc:8e:4f:47:ea:00:a4:00:99:6d:aa:e7:a3:57:05:2f:62:
b5:3c:e7:22:49:d8:72:46:d3:b2:aa:17:16:e9:a1:12:97:01:
57:14:e6:08:eb:08:5e:1b:66:1f:76:eb:cc:8a:84:07:60:bd:
ba:a6:b9:33:6f:bb:91:38:92:7b:7c:61:1e:7b:1c:38:53:85:
1f:71:ed:51:73:5e:32:2a:10:93:ac:a9:4e:63:a0:c8:69:43:
4f:c4:28:57:25:91:47:e6:a3:52:13:ec:c1:9f:2d:2e:36:19:
e7:6c:16:28:04:5e:46:41:87:bf:e4:2e:1a:84:95:5c:f1:9e:
c0:b4:50:af:79:e0:fe:90:5c:25:c9:a8:6d:e5:90:11:c3:d6:
c7:bf:11:eb:cd:89:96:61:49:48:d4:1d:16:27:4d:dd:2d:8c:
0b:ca:21:ed:2d:9d:25:cc:9c:5b:e3:4e:ba:d8:26:0b:1e:71:
a3:2c:02:90:a4:7a:51:18:68:6a:90:80:f2:2e:6d:ad:55:54:
00:ef:7a:4f:01:c5:1c:da:28:63:08:6b:70:dd:82:51:8b:df:
c0:60:46:20:20:31:7a:2a:46:db:fc:39:81:34:0b:fc:e7:ee:
fd:45:e3:7c:f9:00:dd:0b:1b:72:40:45:2e:9e:43:80:4b:61:
b8:15:a3:21
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIEDBlexTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZTUwZDFkZDMxYmM3NDQ5YmFjYzE4NjRiMDFhZjk5NGM1NDdlZmQzMB4XDTIyMDYx
NzA4MDg0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDBiMGYxYTZkNjIw
YjJhMmEzNDdiYzM2YjUwOTRhMDU3MDBlZWJlMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALvElgTOhNL0r2kgJka6cdhG7EiUS2Qx+Pb6z0ugfhhM06Bs
my1JfDBvRKuSQn/BEy+PYo6uI8ysxMfPxdHLgiKcgQYWYoMoPvNexPnEwikxUY+P
H3iSkSCqrP3eFU+f2uUmTFvhqhqG9sRupLB0JGwLXeK4zg8KHf7rQfrTtuJy2I4D
n9gSm8Yn4EklOu9UAjcIEq+JoRpjiSqD133HOL+e1xwtuUGCn3wbEpafys9nanKu
4mru7zT2d3N2KDJNIGtm/QwoNaK6t2zIPxMxq6jMZt/IO5+hlimvoMjtsMO9Pmim
bpF+dFdaDzhLRhN3zEetaKQ5NrlesYN6a4uN6hMCAwEAAaOCAkkwggJFMB0GA1Ud
DgQWBBRAsPGm1iCyoqNHvDa1CUoFcA7r4zAfBgNVHSMEGDAWgBQ+UNHdMbx0SbrM
GGSwGvmUxUfv0zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1BsRFIzVEc4ZEVtNnpCaGtzQnI1bE1WSDc5TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvNmVjMzljLWE5ZDQtNGExMi04MTBhLTRmMDY1MGRhNTQ1Yi8x
L1FMRHhwdFlnc3FLalI3dzJ0UWxLQlhBTzYtTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
NmVjMzljLWE5ZDQtNGExMi04MTBhLTRmMDY1MGRhNTQ1Yi8xL1BsRFIzVEc4ZEVt
NnpCaGtzQnI1bE1WSDc5TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBf
BggrBgEFBQcBBwEB/wRQME4wMgQCAAEwLDAMAwQEVmiwAwQAVmi0AwQBVmi2AwQA
W8LqAwQAXXPzAwQCuaNoAwQAvPBSMBgEAgACMBIDBwAgAQZ8IXADBwIqC4gAAAAw
DQYJKoZIhvcNAQELBQADggEBAEPcjk9H6gCkAJltquejVwUvYrU85yJJ2HJG07Kq
FxbpoRKXAVcU5gjrCF4bZh9268yKhAdgvbqmuTNvu5E4knt8YR57HDhThR9x7VFz
XjIqEJOsqU5joMhpQ0/EKFclkUfmo1IT7MGfLS42GedsFigEXkZBh7/kLhqElVzx
nsC0UK954P6QXCXJqG3lkBHD1se/EevNiZZhSUjUHRYnTd0tjAvKIe0tnSXMnFvj
TrrYJgsecaMsApCkelEYaGqQgPIuba1VVADvek8BxRzaKGMIa3DdglGL38BgRiAg
MXoqRtv8OYE0C/zn7v1F43z5AN0LG3JARS6eQ4BLYbgVoyE=
-----END CERTIFICATE-----
Generated at Tue Apr 22 03:32:32 2025 by rpki-client