Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/64c2fa-df54-47ff-a8c9-bfe0ccb79fcc/1/QMRW242-2rNE9-D3rduERp75v8U.roa
File: QMRW242-2rNE9-D3rduERp75v8U.roa (raw, json)
Hash identifier: 73K65HLGsTqzYqWqXu337EVKbam9IqvM2XWaRMIISYM=
Subject key identifier: 40:C4:56:DB:8D:BE:DA:B3:44:F7:E0:F7:AD:DB:84:46:9E:F9:BF:C5
Certificate issuer: /CN=ba0e1264e07b3708bcb9db5a14e7cc9270863958
Certificate serial: 381F915F
Authority key identifier: BA:0E:12:64:E0:7B:37:08:BC:B9:DB:5A:14:E7:CC:92:70:86:39:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ug4SZOB7Nwi8udtaFOfMknCGOVg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/64c2fa-df54-47ff-a8c9-bfe0ccb79fcc/1/QMRW242-2rNE9-D3rduERp75v8U.roa
Signing time: Wed 09 Feb 2022 10:42:34 +0000
ROA not before: Wed 09 Feb 2022 10:42:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50596
IP address blocks: 188.68.8.0/21 maxlen: 21
46.254.160.0/21 maxlen: 21
37.75.200.0/21 maxlen: 21
185.8.220.0/22 maxlen: 22
93.179.104.0/21 maxlen: 21
188.68.168.0/21 maxlen: 21
109.201.96.0/21 maxlen: 21
188.68.192.0/21 maxlen: 21
178.57.208.0/21 maxlen: 21
109.201.104.0/21 maxlen: 21
109.201.112.0/20 maxlen: 22
2a03:3cc0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 941592927 (0x381f915f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba0e1264e07b3708bcb9db5a14e7cc9270863958
Validity
Not Before: Feb 9 10:42:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=40c456db8dbedab344f7e0f7addb84469ef9bfc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:cc:c1:a1:c1:c4:a1:33:39:cb:1d:7a:21:e2:
72:9b:4b:78:87:1d:1d:f4:62:8c:aa:02:c1:21:42:
69:ec:86:88:55:d1:38:0d:60:db:e7:53:c9:3d:45:
a2:90:3a:7a:fa:dd:10:78:a0:a5:0b:49:28:bf:bd:
c1:2b:70:b4:59:41:4e:64:2a:75:f5:6b:f4:d2:21:
ee:47:01:49:71:ec:1a:94:31:d4:6c:da:49:2a:79:
94:fe:af:c7:36:07:e6:24:da:1f:e0:fc:0d:46:00:
56:59:7d:16:da:00:06:3b:de:5e:c3:33:20:5e:ad:
fc:1c:45:9e:1b:a8:3d:3c:c6:e0:67:d8:43:90:50:
16:94:f0:ae:d1:b6:f5:54:72:a5:5b:c2:66:8c:0a:
31:72:63:bd:f6:20:3d:72:1c:c8:fa:cc:54:02:65:
32:0f:7d:b9:b6:20:44:72:e9:e5:28:4f:07:72:5a:
04:c0:f5:be:4e:d0:02:14:51:8e:9a:7b:66:14:ec:
1a:79:b9:38:78:43:78:a6:a7:25:7e:c1:e0:cd:b3:
e4:1d:8b:a1:59:70:3e:19:da:0e:d3:41:8b:9f:cd:
e0:db:cd:88:6f:2e:13:7c:83:e4:f6:ae:12:d2:5f:
a9:d8:6c:34:dc:fa:4a:6f:f9:20:a3:6e:50:4e:a0:
17:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:C4:56:DB:8D:BE:DA:B3:44:F7:E0:F7:AD:DB:84:46:9E:F9:BF:C5
X509v3 Authority Key Identifier:
keyid:BA:0E:12:64:E0:7B:37:08:BC:B9:DB:5A:14:E7:CC:92:70:86:39:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ug4SZOB7Nwi8udtaFOfMknCGOVg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/64c2fa-df54-47ff-a8c9-bfe0ccb79fcc/1/QMRW242-2rNE9-D3rduERp75v8U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/64c2fa-df54-47ff-a8c9-bfe0ccb79fcc/1/ug4SZOB7Nwi8udtaFOfMknCGOVg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.75.200.0/21
46.254.160.0/21
93.179.104.0/21
109.201.96.0/19
178.57.208.0/21
185.8.220.0/22
188.68.8.0/21
188.68.168.0/21
188.68.192.0/21
IPv6:
2a03:3cc0::/29
Signature Algorithm: sha256WithRSAEncryption
55:08:97:c9:6a:ca:b5:75:22:dc:be:45:b3:84:8a:ec:ca:6a:
4c:87:63:e6:2b:0b:cd:cf:3a:85:29:ff:47:c4:de:9d:49:6d:
22:0b:3e:20:94:92:7e:5c:3a:ae:a7:3f:25:bc:b2:34:68:15:
bc:80:2a:66:23:78:31:83:40:cf:9e:e6:6f:e3:9f:92:50:d8:
01:98:3b:c1:2a:2f:e7:46:1d:5a:a4:55:29:11:14:95:57:eb:
8f:94:c0:29:6c:1d:1d:ec:1b:1a:b4:c9:da:c7:02:58:d1:ed:
cb:1b:1f:d8:cf:d8:2c:78:29:8d:c6:15:67:b6:d3:a4:81:48:
69:8d:13:95:d2:7f:19:5e:f6:0a:8e:bd:ee:70:4f:30:39:51:
f6:d8:67:c2:97:77:a7:75:c7:e4:70:6d:fc:56:1c:6f:e8:6c:
ab:9b:2b:32:b3:ed:f3:e1:61:ef:e5:4c:17:9f:07:f8:8c:de:
b1:e8:b4:be:ec:fe:df:b0:03:9a:1c:32:09:73:fa:14:17:cd:
ce:26:74:74:7e:71:84:2a:bd:a3:52:30:a0:48:74:f7:12:b9:
7f:09:35:54:79:b5:d0:4c:1b:8e:2d:0d:59:23:7e:9c:ff:29:
d1:fc:cb:16:4d:91:ca:b4:96:21:88:35:64:a6:e2:b5:74:aa:
bf:f0:ea:b3
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgIEOB+RXzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YTBlMTI2NGUwN2IzNzA4YmNiOWRiNWExNGU3Y2M5MjcwODYzOTU4MB4XDTIyMDIw
OTEwNDIzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDBjNDU2ZGI4ZGJl
ZGFiMzQ0ZjdlMGY3YWRkYjg0NDY5ZWY5YmZjNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANDMwaHBxKEzOcsdeiHicptLeIcdHfRijKoCwSFCaeyGiFXR
OA1g2+dTyT1FopA6evrdEHigpQtJKL+9wStwtFlBTmQqdfVr9NIh7kcBSXHsGpQx
1GzaSSp5lP6vxzYH5iTaH+D8DUYAVll9FtoABjveXsMzIF6t/BxFnhuoPTzG4GfY
Q5BQFpTwrtG29VRypVvCZowKMXJjvfYgPXIcyPrMVAJlMg99ubYgRHLp5ShPB3Ja
BMD1vk7QAhRRjpp7ZhTsGnm5OHhDeKanJX7B4M2z5B2LoVlwPhnaDtNBi5/N4NvN
iG8uE3yD5PauEtJfqdhsNNz6Sm/5IKNuUE6gF30CAwEAAaOCAkgwggJEMB0GA1Ud
DgQWBBRAxFbbjb7as0T34Pet24RGnvm/xTAfBgNVHSMEGDAWgBS6DhJk4Hs3CLy5
21oU58yScIY5WDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VnNFNaT0I3TndpOHVkdGFGT2ZNa25DR09WZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWEvNjRjMmZhLWRmNTQtNDdmZi1hOGM5LWJmZTBjY2I3OWZjYy8x
L1FNUlcyNDItMnJORTktRDNyZHVFUnA3NXY4VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWEv
NjRjMmZhLWRmNTQtNDdmZi1hOGM5LWJmZTBjY2I3OWZjYy8xL3VnNFNaT0I3Tndp
OHVkdGFGT2ZNa25DR09WZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBe
BggrBgEFBQcBBwEB/wRPME0wPAQCAAEwNgMEAyVLyAMEAy7+oAMEA12zaAMEBW3J
YAMEA7I50AMEArkI3AMEA7xECAMEA7xEqAMEA7xEwDANBAIAAjAHAwUDKgM8wDAN
BgkqhkiG9w0BAQsFAAOCAQEAVQiXyWrKtXUi3L5Fs4SK7MpqTIdj5isLzc86hSn/
R8TenUltIgs+IJSSflw6rqc/JbyyNGgVvIAqZiN4MYNAz57mb+OfklDYAZg7wSov
50YdWqRVKREUlVfrj5TAKWwdHewbGrTJ2scCWNHtyxsf2M/YLHgpjcYVZ7bTpIFI
aY0TldJ/GV72Co697nBPMDlR9thnwpd3p3XH5HBt/FYcb+hsq5srMrPt8+Fh7+VM
F58H+Izesei0vuz+37ADmhwyCXP6FBfNziZ0dH5xhCq9o1IwoEh09xK5fwk1VHm1
0Ewbji0NWSN+nP8p0fzLFk2RyrSWIYg1ZKbitXSqv/Dqsw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:11 2024 by rpki-client on console-fra.rpki-client.org