Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/521438-3e04-4d72-88de-3622ac7d65cc/1/jMT1WnANIKhAVV4UeEcZQdIr5vk.roa
File: jMT1WnANIKhAVV4UeEcZQdIr5vk.roa (raw, json)
Hash identifier: Q8LUy1bon9AGFQiGk8p1PE0H/hyWQ3y1NYDdS9B9T/0=
Subject key identifier: 8C:C4:F5:5A:70:0D:20:A8:40:55:5E:14:78:47:19:41:D2:2B:E6:F9
Certificate issuer: /CN=40163dd4414ef3e792e00501f34efce9440a9c4e
Certificate serial: 061F5780
Authority key identifier: 40:16:3D:D4:41:4E:F3:E7:92:E0:05:01:F3:4E:FC:E9:44:0A:9C:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QBY91EFO8-eS4AUB80786UQKnE4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/521438-3e04-4d72-88de-3622ac7d65cc/1/jMT1WnANIKhAVV4UeEcZQdIr5vk.roa
Signing time: Sat 01 Jan 2022 09:55:14 +0000
ROA not before: Sat 01 Jan 2022 09:55:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201299
IP address blocks: 176.52.182.0/24 maxlen: 24
176.52.183.0/24 maxlen: 24
176.52.180.0/22 maxlen: 22
176.52.181.0/24 maxlen: 24
2a07:cbc0::/29 maxlen: 42
2a07:cbc0:140::/42 maxlen: 42
2a07:cbc0:1c0::/42 maxlen: 42
2a07:cbc0:200::/42 maxlen: 42
2a07:cbc0:180::/42 maxlen: 42
2a07:cbc0:100::/42 maxlen: 42
2a07:cbc0:300::/42 maxlen: 42
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102717312 (0x61f5780)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40163dd4414ef3e792e00501f34efce9440a9c4e
Validity
Not Before: Jan 1 09:55:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8cc4f55a700d20a840555e1478471941d22be6f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:54:8a:4f:05:da:7b:6b:f9:0c:cf:9c:64:85:
4c:87:b9:32:62:67:44:15:5f:14:d4:0b:b0:ea:97:
fa:94:4f:79:3f:ad:a6:48:af:40:7d:e0:52:1c:40:
c8:d4:3f:84:20:45:bb:78:aa:0d:37:88:68:16:7c:
f0:91:8a:1e:4a:cc:dd:5d:a1:80:75:73:f2:f6:5f:
60:71:a6:67:3a:ef:1f:7a:58:05:09:df:d2:3d:c5:
38:d2:fd:e7:59:11:fe:3f:a3:cb:cb:fc:c1:fd:61:
4f:95:71:e7:6f:6a:e7:9b:35:33:d4:68:e6:0b:63:
e0:45:40:51:12:54:7a:13:69:4f:99:ff:e4:8d:c9:
05:3e:ff:5c:3d:3c:e3:b4:a3:f2:66:ae:2d:61:d7:
81:ab:86:16:f6:7a:5d:ad:86:ee:25:7d:a7:e0:1b:
c4:f8:2d:b0:f6:34:7d:0d:8b:0d:4e:66:ed:49:c3:
fc:f9:26:a7:d3:5f:6e:b9:b1:ed:97:1b:a2:69:62:
b9:7b:c5:4e:38:f2:5c:e8:c3:bb:72:e0:99:15:fc:
96:c4:80:df:23:3e:77:01:33:19:65:33:51:09:92:
c1:a3:a6:10:c3:e4:c5:d2:34:e4:a2:04:01:75:b1:
03:96:11:ea:43:af:65:ef:82:fc:25:03:b6:8c:46:
bb:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:C4:F5:5A:70:0D:20:A8:40:55:5E:14:78:47:19:41:D2:2B:E6:F9
X509v3 Authority Key Identifier:
keyid:40:16:3D:D4:41:4E:F3:E7:92:E0:05:01:F3:4E:FC:E9:44:0A:9C:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QBY91EFO8-eS4AUB80786UQKnE4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/521438-3e04-4d72-88de-3622ac7d65cc/1/jMT1WnANIKhAVV4UeEcZQdIr5vk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/521438-3e04-4d72-88de-3622ac7d65cc/1/QBY91EFO8-eS4AUB80786UQKnE4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.52.180.0/22
IPv6:
2a07:cbc0::/29
Signature Algorithm: sha256WithRSAEncryption
35:cb:ba:e1:4a:38:93:94:2a:2b:0e:06:7f:99:5d:e5:70:58:
15:bc:24:15:72:a2:88:d5:10:b8:ae:14:38:25:4f:7d:7a:fb:
d0:5d:5b:d8:d4:df:dd:8d:44:6d:f2:91:78:59:cb:3f:03:22:
45:f9:71:93:b1:0d:39:6a:a1:57:2d:df:98:bf:4f:8d:92:10:
55:95:f8:f2:8b:10:29:0f:dd:95:f0:33:69:b7:23:3c:75:85:
c6:31:80:cf:7d:21:40:8c:86:81:53:a5:3d:af:7c:fa:98:60:
fc:8d:3c:e4:5a:b8:1a:c2:ce:f3:a9:2a:9c:ef:6f:ae:1b:9a:
d0:91:9f:dc:1e:f0:92:22:86:50:60:d1:7f:f3:73:25:6a:e6:
c7:b4:70:bb:d0:2b:cd:84:98:14:30:4e:ab:cf:0b:b0:bd:7c:
b0:68:f9:16:af:3d:28:d9:57:05:31:e5:b3:2d:ad:90:52:d1:
87:01:c3:f0:d4:a2:54:da:22:fb:6d:34:70:65:ed:1e:e0:80:
0f:35:28:ef:53:3c:36:16:a4:63:a0:84:7d:a4:97:f4:5a:92:
d0:d7:02:51:af:5a:64:72:5b:f6:b8:be:a4:e2:e0:18:72:72:
25:4d:ac:e9:f8:73:18:ed:8c:7b:ee:c4:69:7a:22:f2:f0:87:
88:69:7a:3e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBh9XgDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MDE2M2RkNDQxNGVmM2U3OTJlMDA1MDFmMzRlZmNlOTQ0MGE5YzRlMB4XDTIyMDEw
MTA5NTUxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGNjNGY1NWE3MDBk
MjBhODQwNTU1ZTE0Nzg0NzE5NDFkMjJiZTZmOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL5Uik8F2ntr+QzPnGSFTIe5MmJnRBVfFNQLsOqX+pRPeT+t
pkivQH3gUhxAyNQ/hCBFu3iqDTeIaBZ88JGKHkrM3V2hgHVz8vZfYHGmZzrvH3pY
BQnf0j3FONL951kR/j+jy8v8wf1hT5Vx529q55s1M9Ro5gtj4EVAURJUehNpT5n/
5I3JBT7/XD0847Sj8mauLWHXgauGFvZ6Xa2G7iV9p+AbxPgtsPY0fQ2LDU5m7UnD
/Pkmp9Nfbrmx7ZcbomliuXvFTjjyXOjDu3LgmRX8lsSA3yM+dwEzGWUzUQmSwaOm
EMPkxdI05KIEAXWxA5YR6kOvZe+C/CUDtoxGu3ECAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSMxPVacA0gqEBVXhR4RxlB0ivm+TAfBgNVHSMEGDAWgBRAFj3UQU7z55Lg
BQHzTvzpRAqcTjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FCWTkxRUZPOC1lUzRBVUI4MDc4NlVRS25FNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjMvNTIxNDM4LTNlMDQtNGQ3Mi04OGRlLTM2MjJhYzdkNjVjYy8x
L2pNVDFXbkFOSUtoQVZWNFVlRWNaUWRJcjV2ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjMv
NTIxNDM4LTNlMDQtNGQ3Mi04OGRlLTM2MjJhYzdkNjVjYy8xL1FCWTkxRUZPOC1l
UzRBVUI4MDc4NlVRS25FNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArA0tDANBAIAAjAHAwUDKgfLwDAN
BgkqhkiG9w0BAQsFAAOCAQEANcu64Uo4k5QqKw4Gf5ld5XBYFbwkFXKiiNUQuK4U
OCVPfXr70F1b2NTf3Y1EbfKReFnLPwMiRflxk7ENOWqhVy3fmL9PjZIQVZX48osQ
KQ/dlfAzabcjPHWFxjGAz30hQIyGgVOlPa98+phg/I085Fq4GsLO86kqnO9vrhua
0JGf3B7wkiKGUGDRf/NzJWrmx7Rwu9ArzYSYFDBOq88LsL18sGj5Fq89KNlXBTHl
sy2tkFLRhwHD8NSiVNoi+200cGXtHuCADzUo71M8NhakY6CEfaSX9FqS0NcCUa9a
ZHJb9ri+pOLgGHJyJU2s6fhzGO2Me+7EaXoi8vCHiGl6Pg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:29 2024 by rpki-client on console-fra.rpki-client.org