Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/QF9TrKgEpk4pfqPu-hSBwgne0ag.roa
File: QF9TrKgEpk4pfqPu-hSBwgne0ag.roa (raw, json)
Hash identifier: 9SE/AdSkCeep3LEkCFhGrYBC9S7j6EiNrBPKECPL9hE=
Subject key identifier: 40:5F:53:AC:A8:04:A6:4E:29:7E:A3:EE:FA:14:81:C2:09:DE:D1:A8
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 0184F114C3AFC703780D4770008115B0C9CD
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/QF9TrKgEpk4pfqPu-hSBwgne0ag.roa
Signing time: Thu 08 Dec 2022 09:33:00 +0000
ROA not before: Thu 08 Dec 2022 09:33:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209243
IP address blocks: 195.22.156.0/24 maxlen: 24
195.22.157.0/24 maxlen: 24
80.64.216.0/24 maxlen: 24
80.64.217.0/24 maxlen: 24
45.157.34.0/24 maxlen: 24
194.146.49.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f1:14:c3:af:c7:03:78:0d:47:70:00:81:15:b0:c9:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Dec 8 09:33:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=405f53aca804a64e297ea3eefa1481c209ded1a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:92:7e:ff:53:9b:42:6f:c5:55:02:43:9f:07:
9b:56:20:ea:0f:4d:c2:de:11:20:95:1a:d3:6c:a0:
4a:ae:d1:aa:e8:f4:52:c4:e5:9e:c3:1c:81:e2:cc:
00:eb:3d:6c:06:7a:19:d0:4a:99:fd:53:6e:03:45:
34:c3:31:bd:b0:ae:ad:b5:27:fa:c5:a6:e8:88:12:
73:b6:52:2a:3b:91:38:40:01:22:6e:78:3c:ca:e9:
74:d0:7f:a1:25:39:a4:30:a4:d9:89:57:fc:63:db:
81:cd:6d:72:ca:f8:e8:08:06:cf:87:e6:d1:37:96:
4e:da:28:d7:a5:3e:d8:fb:65:b9:69:e8:7f:20:54:
22:e3:76:3b:07:30:d3:cd:7e:62:20:e5:9f:b8:1f:
79:15:e1:13:0a:42:79:a6:c9:a1:39:9f:de:ca:ad:
2d:cb:62:6b:67:e8:32:d8:fb:e8:12:9a:68:7c:49:
49:61:a7:eb:cf:3d:59:8c:a7:30:e1:fc:28:0b:fb:
05:93:ce:3e:d4:42:6a:73:4e:ee:27:a7:84:e9:ca:
c0:8f:cd:2a:80:60:79:68:30:cb:39:93:47:20:47:
cf:40:f3:7c:a2:ba:3f:5c:df:ae:39:9f:48:00:88:
d3:6e:0b:d0:b6:59:51:c9:04:5b:a5:58:3f:6e:93:
c0:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:5F:53:AC:A8:04:A6:4E:29:7E:A3:EE:FA:14:81:C2:09:DE:D1:A8
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/QF9TrKgEpk4pfqPu-hSBwgne0ag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.34.0/24
80.64.216.0/23
194.146.49.0/24
195.22.156.0/23
Signature Algorithm: sha256WithRSAEncryption
6a:b4:c5:17:b1:1d:b9:23:5e:54:14:48:2a:b1:c0:b9:1c:32:
7e:ce:e0:99:f0:89:de:e0:72:00:b7:7e:35:c9:fc:b4:9b:cd:
50:dc:65:da:1c:ba:12:e0:32:dc:d9:b3:c0:ef:f4:b8:b1:9b:
a7:cf:bb:09:6a:52:c2:ed:b4:f7:10:4c:52:59:32:73:8c:a3:
ce:c4:41:b3:2e:53:d5:aa:0c:f7:32:7a:f5:56:ce:c4:ed:c8:
9b:89:01:4c:7f:97:ed:32:36:56:e0:9f:33:2f:ef:d3:be:8c:
f3:8f:44:d8:e3:3d:0d:1f:0d:39:5c:39:08:43:13:0c:ea:90:
80:c1:aa:73:a7:61:37:bd:48:53:dc:e3:96:8b:8c:bc:ff:47:
0f:0c:95:ba:fd:91:75:ec:08:10:36:64:d0:a6:5f:32:fc:24:
2f:57:c5:a6:45:e2:75:9c:a2:d4:13:4c:8c:72:f2:41:5d:99:
6e:92:8a:88:a7:1e:8f:0c:54:49:89:d7:34:e4:a0:71:76:88:
b3:ab:d6:21:5d:fd:15:bd:a8:62:6f:74:3b:4c:ab:80:ec:1b:
89:f1:00:b7:56:a4:7b:24:e9:83:26:67:ab:63:e0:75:41:3b:
91:15:ae:a9:df:7c:a3:98:1e:7b:a1:b3:39:b5:eb:df:46:e6:
21:e2:86:ab
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYTxFMOvxwN4DUdwAIEVsMnNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjIxMjA4MDkzMzAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDVmNTNhY2E4MDRhNjRlMjk3ZWEzZWVmYTE0ODFjMjA5ZGVkMWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5J+/1ObQm/FVQJDnwebViDqD03C
3hEglRrTbKBKrtGq6PRSxOWewxyB4swA6z1sBnoZ0EqZ/VNuA0U0wzG9sK6ttSf6
xaboiBJztlIqO5E4QAEibng8yul00H+hJTmkMKTZiVf8Y9uBzW1yyvjoCAbPh+bR
N5ZO2ijXpT7Y+2W5aeh/IFQi43Y7BzDTzX5iIOWfuB95FeETCkJ5psmhOZ/eyq0t
y2JrZ+gy2PvoEppofElJYafrzz1ZjKcw4fwoC/sFk84+1EJqc07uJ6eE6crAj80q
gGB5aDDLOZNHIEfPQPN8oro/XN+uOZ9IAIjTbgvQtllRyQRbpVg/bpPAuQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEBfU6yoBKZOKX6j7voUgcIJ3tGoMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvUUY5VHJLZ0VwazRwZnFQdS1oU0J3Z25lMGFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALZ0iAwQB
UEDYAwQAwpIxAwQBwxacMA0GCSqGSIb3DQEBCwUAA4IBAQBqtMUXsR25I15UFEgq
scC5HDJ+zuCZ8Ine4HIAt341yfy0m81Q3GXaHLoS4DLc2bPA7/S4sZunz7sJalLC
7bT3EExSWTJzjKPOxEGzLlPVqgz3Mnr1Vs7E7cibiQFMf5ftMjZW4J8zL+/Tvozz
j0TY4z0NHw05XDkIQxMM6pCAwapzp2E3vUhT3OOWi4y8/0cPDJW6/ZF17AgQNmTQ
pl8y/CQvV8WmReJ1nKLUE0yMcvJBXZlukoqIpx6PDFRJidc05KBxdoizq9YhXf0V
vahib3Q7TKuA7BuJ8QC3VqR7JOmDJmerY+B1QTuRFa6p33yjmB57obM5tevfRuYh
4oar
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:25 2024 by rpki-client on console-fra.rpki-client.org