Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/a7c7c1-fc42-43a3-9ad8-70dad51e73fb/1/QHBHRc5iLpeX5ykByJ-YJNU2Tj4.roa
File: QHBHRc5iLpeX5ykByJ-YJNU2Tj4.roa (raw, json)
Hash identifier: K7aRusf+dl/3UOhYc2Qrs7b78J80jvGm/QlRmbq8TeA=
Subject key identifier: 40:70:47:45:CE:62:2E:97:97:E7:29:01:C8:9F:98:24:D5:36:4E:3E
Certificate issuer: /CN=86d542323c0e3051c9c7bb8ed1d1e8acfd3db834
Certificate serial: 33C64F0C
Authority key identifier: 86:D5:42:32:3C:0E:30:51:C9:C7:BB:8E:D1:D1:E8:AC:FD:3D:B8:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htVCMjwOMFHJx7uO0dHorP09uDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/a7c7c1-fc42-43a3-9ad8-70dad51e73fb/1/QHBHRc5iLpeX5ykByJ-YJNU2Tj4.roa
Signing time: Sat 01 Jan 2022 01:54:04 +0000
ROA not before: Sat 01 Jan 2022 01:54:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16175
IP address blocks: 80.89.32.0/19 maxlen: 19
77.110.192.0/18 maxlen: 18
141.0.224.0/19 maxlen: 19
2a00:e08::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 868634380 (0x33c64f0c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d542323c0e3051c9c7bb8ed1d1e8acfd3db834
Validity
Not Before: Jan 1 01:54:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=40704745ce622e9797e72901c89f9824d5364e3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:ba:d6:3d:45:ec:44:de:ac:a4:f1:74:71:9b:
c4:39:2c:33:78:50:95:de:02:3a:73:3d:bf:63:d8:
df:76:d4:17:51:9b:31:c7:85:fb:60:ec:37:5f:61:
b5:29:06:ce:af:4b:ee:76:0e:d3:11:c3:25:9a:6c:
1d:a2:aa:9a:df:91:a9:ae:dc:9a:b4:fd:03:cd:0b:
53:3c:f7:0a:0d:24:4d:3d:6f:80:98:62:00:c3:a4:
8c:06:0a:58:96:e0:38:cb:8e:ec:b1:67:33:6c:b5:
4d:e4:3a:a1:6a:8f:f6:d8:12:82:ff:c6:dd:1f:8a:
6c:28:0a:79:d9:01:7a:77:bd:66:a9:0d:29:1e:c3:
78:91:cb:a9:b9:13:10:32:6e:32:bf:fe:d4:3c:f0:
71:62:c6:df:12:33:db:7f:20:fa:cf:35:aa:3d:bf:
5a:c6:3f:67:61:8d:48:21:53:0f:27:d2:18:95:ad:
81:e3:08:87:ef:e9:13:f6:56:01:cc:7c:57:f0:89:
3e:3d:e6:08:e5:96:02:ff:18:a3:0f:aa:e5:12:b4:
24:bc:1b:6f:a0:fd:7a:66:1c:c5:dc:b5:d9:65:63:
92:84:f1:8a:17:77:cc:70:5f:43:68:66:9c:e4:db:
a4:9e:f3:d8:32:53:15:18:f8:b1:b9:2f:58:a0:d4:
10:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:70:47:45:CE:62:2E:97:97:E7:29:01:C8:9F:98:24:D5:36:4E:3E
X509v3 Authority Key Identifier:
keyid:86:D5:42:32:3C:0E:30:51:C9:C7:BB:8E:D1:D1:E8:AC:FD:3D:B8:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htVCMjwOMFHJx7uO0dHorP09uDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a7c7c1-fc42-43a3-9ad8-70dad51e73fb/1/QHBHRc5iLpeX5ykByJ-YJNU2Tj4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a7c7c1-fc42-43a3-9ad8-70dad51e73fb/1/htVCMjwOMFHJx7uO0dHorP09uDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.110.192.0/18
80.89.32.0/19
141.0.224.0/19
IPv6:
2a00:e08::/32
Signature Algorithm: sha256WithRSAEncryption
ac:bb:d1:7e:3b:02:74:2b:de:97:cf:77:91:d4:9f:2e:8d:b9:
df:5c:b0:a3:7d:14:26:0c:57:a4:3b:2e:bb:a2:39:c5:cf:61:
62:b4:35:e9:a6:31:32:ff:6c:86:c5:ec:9a:13:f1:c2:49:9f:
dc:d4:62:64:f2:d5:48:53:46:b2:6e:d5:ac:ce:fb:2e:af:57:
6d:2e:f6:c5:89:a8:ad:48:b0:17:69:65:34:b8:c7:dc:37:89:
7e:08:d8:09:45:36:81:fc:1f:ad:dd:17:3a:a1:e2:79:10:83:
ab:9c:2a:cb:49:94:7d:25:dc:04:d6:fd:f5:0d:1a:3a:74:2f:
30:9f:4a:df:52:58:98:18:98:c1:a3:fc:e5:93:bf:da:c0:63:
e7:13:c4:16:54:e5:5c:06:93:69:00:88:34:1d:2a:76:d8:93:
a1:27:15:c1:c1:82:57:89:7f:ef:f1:7f:43:84:19:eb:36:35:
4c:47:5a:53:60:9a:31:16:0c:c6:f1:44:6b:a5:f6:53:02:b6:
5b:61:e3:94:e8:67:50:c2:e3:93:54:a4:f8:85:a5:bc:be:70:
88:63:5a:e7:bc:01:47:74:89:b4:8c:9f:9b:55:cf:4b:c7:a7:
cf:b6:a7:28:38:5c:e5:8d:78:7a:53:d2:a3:e5:b5:0e:ec:84:
fd:8e:60:c4
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEM8ZPDDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NmQ1NDIzMjNjMGUzMDUxYzljN2JiOGVkMWQxZThhY2ZkM2RiODM0MB4XDTIyMDEw
MTAxNTQwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDA3MDQ3NDVjZTYy
MmU5Nzk3ZTcyOTAxYzg5Zjk4MjRkNTM2NGUzZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMu61j1F7ETerKTxdHGbxDksM3hQld4COnM9v2PY33bUF1Gb
MceF+2DsN19htSkGzq9L7nYO0xHDJZpsHaKqmt+Rqa7cmrT9A80LUzz3Cg0kTT1v
gJhiAMOkjAYKWJbgOMuO7LFnM2y1TeQ6oWqP9tgSgv/G3R+KbCgKedkBene9ZqkN
KR7DeJHLqbkTEDJuMr/+1DzwcWLG3xIz238g+s81qj2/WsY/Z2GNSCFTDyfSGJWt
geMIh+/pE/ZWAcx8V/CJPj3mCOWWAv8Yow+q5RK0JLwbb6D9emYcxdy12WVjkoTx
ihd3zHBfQ2hmnOTbpJ7z2DJTFRj4sbkvWKDUEIkCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBRAcEdFzmIul5fnKQHIn5gk1TZOPjAfBgNVHSMEGDAWgBSG1UIyPA4wUcnH
u47R0eis/T24NDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2h0VkNNandPTUZISng3dU8wZEhvclAwOXVEUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDMvYTdjN2MxLWZjNDItNDNhMy05YWQ4LTcwZGFkNTFlNzNmYi8x
L1FIQkhSYzVpTHBlWDV5a0J5Si1ZSk5VMlRqNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDMv
YTdjN2MxLWZjNDItNDNhMy05YWQ4LTcwZGFkNTFlNzNmYi8xL2h0VkNNandPTUZI
Sng3dU8wZEhvclAwOXVEUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEBk1uwAMEBVBZIAMEBY0A4DANBAIA
AjAHAwUAKgAOCDANBgkqhkiG9w0BAQsFAAOCAQEArLvRfjsCdCvel893kdSfLo25
31ywo30UJgxXpDsuu6I5xc9hYrQ16aYxMv9shsXsmhPxwkmf3NRiZPLVSFNGsm7V
rM77Lq9XbS72xYmorUiwF2llNLjH3DeJfgjYCUU2gfwfrd0XOqHieRCDq5wqy0mU
fSXcBNb99Q0aOnQvMJ9K31JYmBiYwaP85ZO/2sBj5xPEFlTlXAaTaQCINB0qdtiT
oScVwcGCV4l/7/F/Q4QZ6zY1TEdaU2CaMRYMxvFEa6X2UwK2W2HjlOhnUMLjk1Sk
+IWlvL5wiGNa57wBR3SJtIyfm1XPS8enz7anKDhc5Y14elPSo+W1DuyE/Y5gxA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:06 2024 by rpki-client on console-ams.rpki-client.org