Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/QM1n_LhJOQxi3ibQHji0PpxAAWI.roa
File: QM1n_LhJOQxi3ibQHji0PpxAAWI.roa (raw, json)
Hash identifier: emPKzWxJevdgaQgsW/4EmHlKxGk+E/NWccucorYZtvU=
Subject key identifier: 40:CD:67:FC:B8:49:39:0C:62:DE:26:D0:1E:38:B4:3E:9C:40:01:62
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 0893A3AC
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/QM1n_LhJOQxi3ibQHji0PpxAAWI.roa
Signing time: Mon 21 Feb 2022 11:03:54 +0000
ROA not before: Mon 21 Feb 2022 11:03:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208258
IP address blocks: 45.151.112.0/24 maxlen: 24
195.26.7.0/24 maxlen: 24
45.151.156.0/23 maxlen: 24
45.151.158.0/24 maxlen: 24
195.60.176.0/24 maxlen: 24
195.60.177.0/24 maxlen: 24
194.146.48.0/24 maxlen: 24
45.144.244.0/23 maxlen: 24
2a0b:3c40:20::/48 maxlen: 48
2a0e:5540:100::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 143893420 (0x893a3ac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Feb 21 11:03:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=40cd67fcb849390c62de26d01e38b43e9c400162
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:bc:c1:b1:f8:65:ea:48:a5:a5:5d:73:14:44:
00:0d:ab:9f:6d:95:9f:4c:e9:a3:85:eb:95:e2:94:
67:77:ff:54:ff:7a:b5:cb:53:b1:1f:98:e2:2e:f8:
9b:6d:9c:f6:b8:0d:e2:91:52:26:d3:d1:b9:c8:4f:
a6:8a:c3:85:92:3e:5e:b1:6e:7b:71:92:83:51:60:
4b:25:eb:3c:25:67:67:b0:b6:40:03:16:f7:4e:66:
01:1a:77:c7:1c:1e:6a:e8:2b:58:66:cd:5c:fd:f4:
61:6c:b4:04:03:33:7b:d4:31:c1:fb:31:66:96:1c:
ce:1c:13:d6:05:88:0c:cd:e8:6e:ac:4d:e5:45:49:
17:fd:2d:b8:68:40:2c:6f:ca:84:95:bb:28:b8:b5:
45:1f:47:6d:87:ad:68:8e:44:46:f1:21:97:df:93:
b9:45:ec:70:a6:3f:cf:52:e0:71:1b:76:7b:9f:77:
3d:d7:2a:2c:4e:a0:d0:1f:ff:fa:3f:28:58:c8:42:
50:59:44:34:fa:6a:29:b9:2d:3c:de:d3:59:30:6c:
41:42:6a:c0:21:5a:71:6e:2d:3f:40:6b:26:36:b4:
46:06:da:f5:62:b8:02:8d:58:02:2e:67:e6:73:1d:
5e:08:07:35:9b:13:00:88:b5:3e:9f:ea:40:d6:96:
d0:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:CD:67:FC:B8:49:39:0C:62:DE:26:D0:1E:38:B4:3E:9C:40:01:62
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/QM1n_LhJOQxi3ibQHji0PpxAAWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.244.0/23
45.151.112.0/24
45.151.156.0-45.151.158.255
194.146.48.0/24
195.26.7.0/24
195.60.176.0/23
IPv6:
2a0b:3c40:20::/48
2a0e:5540:100::/48
Signature Algorithm: sha256WithRSAEncryption
88:01:45:56:a3:2f:f6:22:50:84:e2:64:4d:1d:da:a1:9a:e6:
64:0b:54:94:48:e4:a3:6a:2e:ac:8c:e8:dc:46:3f:45:0b:58:
39:70:a7:ce:80:8b:70:02:48:01:df:fc:56:49:38:22:39:f3:
84:5c:c5:bc:96:d5:2a:b9:93:d1:0a:12:1f:f0:f1:d9:f3:c8:
0e:cc:c0:18:1c:1d:7a:3f:8a:c4:70:d4:9d:9b:fc:e5:7c:ca:
c2:2f:01:27:20:d0:94:8b:33:de:53:ba:bc:b4:df:7b:1a:f0:
99:96:3c:1d:bc:a0:ce:b7:b9:ff:dc:02:b9:8f:24:9e:c0:db:
8b:06:00:de:0e:ea:68:e1:c5:67:43:f7:00:88:c7:5b:f9:9c:
9b:c2:17:7b:2a:7e:69:5f:97:fa:9b:55:bb:f6:f1:90:af:c3:
11:33:98:4e:5c:51:fa:a1:27:ed:9a:07:15:e8:03:79:d1:61:
07:a3:77:2c:46:3e:96:34:39:1c:3b:ac:e7:a3:e8:bb:a6:b7:
98:94:f2:e6:05:13:64:1e:b9:b2:59:58:e8:41:17:0f:8a:4a:
3d:ec:e8:81:1c:5f:ce:f1:25:ae:3f:f8:87:66:d2:ba:6f:f3:
dd:5a:18:c6:cc:c7:98:3b:45:c1:fe:f9:84:de:36:5a:10:c4:
af:2f:c6:85
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIECJOjrDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NTU3Y2NkNDNhZmU4MTZlNDk1MzIyOGJmMTRhNzVkYzI5MDE0YjhkMB4XDTIyMDIy
MTExMDM1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDBjZDY3ZmNiODQ5
MzkwYzYyZGUyNmQwMWUzOGI0M2U5YzQwMDE2MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM28wbH4ZepIpaVdcxREAA2rn22Vn0zpo4XrleKUZ3f/VP96
tctTsR+Y4i74m22c9rgN4pFSJtPRuchPporDhZI+XrFue3GSg1FgSyXrPCVnZ7C2
QAMW905mARp3xxweaugrWGbNXP30YWy0BAMze9QxwfsxZpYczhwT1gWIDM3obqxN
5UVJF/0tuGhALG/KhJW7KLi1RR9HbYetaI5ERvEhl9+TuUXscKY/z1LgcRt2e593
PdcqLE6g0B//+j8oWMhCUFlENPpqKbktPN7TWTBsQUJqwCFacW4tP0BrJja0Rgba
9WK4Ao1YAi5n5nMdXggHNZsTAIi1Pp/qQNaW0PsCAwEAAaOCAkkwggJFMB0GA1Ud
DgQWBBRAzWf8uEk5DGLeJtAeOLQ+nEABYjAfBgNVHSMEGDAWgBS1V8zUOv6BbklT
IovxSnXcKQFLjTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RWZk0xRHItZ1c1SlV5S0w4VXAxM0NrQlM0MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGIvMTkwODQzLTE4MDMtNDQ2Mi1hNzk1LTZiYzc1NTc4YjRjMy8x
L1FNMW5fTGhKT1F4aTNpYlFIamkwUHB4QUFXSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGIv
MTkwODQzLTE4MDMtNDQ2Mi1hNzk1LTZiYzc1NTc4YjRjMy8xL3RWZk0xRHItZ1c1
SlV5S0w4VXAxM0NrQlM0MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBf
BggrBgEFBQcBBwEB/wRQME4wMgQCAAEwLAMEAS2Q9AMEAC2XcDAMAwQCLZecAwQA
LZeeAwQAwpIwAwQAwxoHAwQBwzywMBgEAgACMBIDBwAqCzxAACADBwAqDlVAAQAw
DQYJKoZIhvcNAQELBQADggEBAIgBRVajL/YiUITiZE0d2qGa5mQLVJRI5KNqLqyM
6NxGP0ULWDlwp86Ai3ACSAHf/FZJOCI584RcxbyW1Sq5k9EKEh/w8dnzyA7MwBgc
HXo/isRw1J2b/OV8ysIvAScg0JSLM95Tury033sa8JmWPB28oM63uf/cArmPJJ7A
24sGAN4O6mjhxWdD9wCIx1v5nJvCF3sqfmlfl/qbVbv28ZCvwxEzmE5cUfqhJ+2a
BxXoA3nRYQejdyxGPpY0ORw7rOej6Lumt5iU8uYFE2QeubJZWOhBFw+KSj3s6IEc
X87xJa4/+Idm0rpv891aGMbMx5g7RcH++YTeNloQxK8vxoU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:25 2024 by rpki-client on console-fra.rpki-client.org