Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/QMW15Yi3gJQ-Wse9G6pyMxYzBsc.roa
File: QMW15Yi3gJQ-Wse9G6pyMxYzBsc.roa (raw, json)
Hash identifier: QJB0jPFcmtwfqmWqC5/0rTgQmVp+UxeRqqRfScVfExg=
Subject key identifier: 40:C5:B5:E5:88:B7:80:94:3E:5A:C7:BD:1B:AA:72:33:16:33:06:C7
Certificate issuer: /CN=4dd1b2587490ad061cb207176bdeec81a531588c
Certificate serial: 3695E21B
Authority key identifier: 4D:D1:B2:58:74:90:AD:06:1C:B2:07:17:6B:DE:EC:81:A5:31:58:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TdGyWHSQrQYcsgcXa97sgaUxWIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/QMW15Yi3gJQ-Wse9G6pyMxYzBsc.roa
Signing time: Sat 01 Jan 2022 01:01:07 +0000
ROA not before: Sat 01 Jan 2022 01:01:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 40009
IP address blocks: 80.231.16.0/23 maxlen: 23
5.23.20.0/24 maxlen: 24
80.231.162.0/23 maxlen: 23
80.231.163.0/24 maxlen: 24
80.231.162.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 915792411 (0x3695e21b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd1b2587490ad061cb207176bdeec81a531588c
Validity
Not Before: Jan 1 01:01:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=40c5b5e588b780943e5ac7bd1baa7233163306c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:14:1b:4c:7b:b0:97:eb:86:2f:8b:00:d0:fe:
da:a5:ca:60:58:f6:bb:8a:d3:cc:8b:34:ac:e5:9d:
2a:98:4a:b5:1e:37:ae:f0:5d:60:2b:3a:6d:c2:1a:
46:d2:78:d5:88:69:9b:5b:cf:69:22:22:e1:9b:da:
0e:18:27:f7:23:b3:c2:6b:8b:e0:91:03:77:46:a3:
57:41:21:22:57:c4:f7:cf:01:79:36:7a:25:09:3b:
7d:1c:2e:44:3f:dc:16:7a:00:98:a6:75:81:92:64:
ae:c8:0f:88:94:14:e9:53:78:14:94:d3:80:e5:d9:
26:6d:23:08:db:90:cf:a1:d4:56:09:4c:94:09:d7:
73:15:11:2d:53:bd:da:bf:29:98:62:fe:8c:3d:22:
52:94:ce:8c:00:5e:a4:0b:21:d4:ce:4d:68:b9:c5:
e0:f5:9b:18:01:a8:60:f4:53:2f:a1:3f:13:86:ea:
28:45:10:ea:48:64:77:c3:98:ba:70:97:36:ff:79:
0e:95:4d:ac:fa:21:30:19:74:28:07:22:a1:ca:f9:
54:bd:09:9b:9c:73:70:d9:80:0f:3c:92:55:01:bb:
11:b4:36:99:02:05:2f:b5:a6:dc:e5:5b:b8:83:57:
a5:ab:2b:de:4c:f4:1e:07:b5:d3:c6:ef:a5:f2:be:
22:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:C5:B5:E5:88:B7:80:94:3E:5A:C7:BD:1B:AA:72:33:16:33:06:C7
X509v3 Authority Key Identifier:
keyid:4D:D1:B2:58:74:90:AD:06:1C:B2:07:17:6B:DE:EC:81:A5:31:58:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TdGyWHSQrQYcsgcXa97sgaUxWIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/QMW15Yi3gJQ-Wse9G6pyMxYzBsc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/TdGyWHSQrQYcsgcXa97sgaUxWIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.23.20.0/24
80.231.16.0/23
80.231.162.0/23
Signature Algorithm: sha256WithRSAEncryption
ac:a5:13:5d:3e:63:41:11:14:54:b9:e8:54:8e:58:6a:c2:cd:
e3:06:eb:84:77:06:47:40:3b:93:ee:a5:65:9d:54:64:1c:38:
32:dd:ac:e2:c3:69:33:88:9b:de:aa:b2:53:6e:a3:c3:ae:34:
6c:7a:68:d1:74:8c:e6:3a:ab:9c:79:d4:e7:2f:92:b7:e4:f7:
4d:b2:24:eb:b1:b7:44:a6:5f:34:f7:69:cb:d7:55:f1:0a:90:
54:2e:b2:cc:e8:16:3b:5b:e4:87:40:27:97:d4:61:72:fb:3c:
3e:08:59:1b:a0:82:6d:4e:ca:87:c7:88:76:22:0c:0b:81:bd:
72:cb:ce:ed:be:46:c9:f6:06:30:f8:69:4f:00:70:83:86:75:
79:5d:d3:da:34:b9:a2:11:ec:70:f6:57:c1:c0:10:56:f8:14:
ae:b3:54:6a:2a:66:cd:27:d8:a7:f3:51:cd:56:8a:b3:1f:10:
52:78:d2:62:87:29:a8:37:31:45:41:26:c4:de:d7:77:a9:77:
4a:86:0d:b0:a7:e1:c1:45:03:66:6d:02:65:71:b5:1b:a6:7b:
4a:52:a3:5b:8f:1c:f8:ef:c6:d4:4e:9a:ca:55:f3:6f:24:b2:
5e:37:8c:fa:5b:8a:fc:d4:a8:39:90:b6:b9:7e:b9:ab:86:06:
83:75:8c:7a
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIENpXiGzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZGQxYjI1ODc0OTBhZDA2MWNiMjA3MTc2YmRlZWM4MWE1MzE1ODhjMB4XDTIyMDEw
MTAxMDEwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDBjNWI1ZTU4OGI3
ODA5NDNlNWFjN2JkMWJhYTcyMzMxNjMzMDZjNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJgUG0x7sJfrhi+LAND+2qXKYFj2u4rTzIs0rOWdKphKtR43
rvBdYCs6bcIaRtJ41Yhpm1vPaSIi4ZvaDhgn9yOzwmuL4JEDd0ajV0EhIlfE988B
eTZ6JQk7fRwuRD/cFnoAmKZ1gZJkrsgPiJQU6VN4FJTTgOXZJm0jCNuQz6HUVglM
lAnXcxURLVO92r8pmGL+jD0iUpTOjABepAsh1M5NaLnF4PWbGAGoYPRTL6E/E4bq
KEUQ6khkd8OYunCXNv95DpVNrPohMBl0KAciocr5VL0Jm5xzcNmADzySVQG7EbQ2
mQIFL7Wm3OVbuINXpasr3kz0Hge108bvpfK+IlsCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBRAxbXliLeAlD5ax70bqnIzFjMGxzAfBgNVHSMEGDAWgBRN0bJYdJCtBhyy
Bxdr3uyBpTFYjDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RkR3lXSFNRclFZY3NnY1hhOTdzZ2FVeFdJdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvMDFkMmFmLTFmMjEtNGI4MC1iNjY1LWRiNDYzYzVmYjBiNC8x
L1FNVzE1WWkzZ0pRLVdzZTlHNnB5TXhZekJzYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
MDFkMmFmLTFmMjEtNGI4MC1iNjY1LWRiNDYzYzVmYjBiNC8xL1RkR3lXSFNRclFZ
Y3NnY1hhOTdzZ2FVeFdJdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAAUXFAMEAVDnEAMEAVDnojANBgkq
hkiG9w0BAQsFAAOCAQEArKUTXT5jQREUVLnoVI5YasLN4wbrhHcGR0A7k+6lZZ1U
ZBw4Mt2s4sNpM4ib3qqyU26jw640bHpo0XSM5jqrnHnU5y+St+T3TbIk67G3RKZf
NPdpy9dV8QqQVC6yzOgWO1vkh0Anl9Rhcvs8PghZG6CCbU7Kh8eIdiIMC4G9csvO
7b5GyfYGMPhpTwBwg4Z1eV3T2jS5ohHscPZXwcAQVvgUrrNUaipmzSfYp/NRzVaK
sx8QUnjSYocpqDcxRUEmxN7Xd6l3SoYNsKfhwUUDZm0CZXG1G6Z7SlKjW48c+O/G
1E6aylXzbySyXjeM+luK/NSoOZC2uX65q4YGg3WMeg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:19 2024 by rpki-client on console-ams.rpki-client.org