Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/QB_K17nE1Y_rBexd1u9CCxMqK_U.roa
File: QB_K17nE1Y_rBexd1u9CCxMqK_U.roa (raw, json)
Hash identifier: vTuGBaaPw/D+PusXOp2eJXzYEPVEaaIsO3x0Pf1r+7Q=
Subject key identifier: 40:1F:CA:D7:B9:C4:D5:8F:EB:05:EC:5D:D6:EF:42:0B:13:2A:2B:F5
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 04D1E2AB
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/QB_K17nE1Y_rBexd1u9CCxMqK_U.roa
Signing time: Tue 22 Feb 2022 18:15:51 +0000
ROA not before: Tue 22 Feb 2022 18:15:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207967
IP address blocks: 193.233.120.0/22 maxlen: 22
193.233.124.0/23 maxlen: 23
193.233.126.0/23 maxlen: 23
193.233.96.0/22 maxlen: 22
193.233.104.0/22 maxlen: 22
193.233.112.0/22 maxlen: 22
193.233.108.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 80863915 (0x4d1e2ab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Feb 22 18:15:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=401fcad7b9c4d58feb05ec5dd6ef420b132a2bf5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:ab:39:37:c0:c9:3d:ae:f2:40:92:02:e3:da:
bf:bb:3b:90:d7:35:b0:0e:f8:f7:6c:c8:4b:52:d7:
8f:d7:e0:27:5b:db:a6:92:94:0d:87:ea:d5:d6:1d:
81:c6:b3:46:c3:f0:3e:7e:7b:3b:00:24:d0:88:6b:
9f:4a:e5:52:31:d2:cb:af:cd:08:a3:50:3a:03:a7:
8b:55:14:7c:57:6e:c4:37:cd:2d:7f:70:3c:a5:3f:
1e:a8:46:cd:d3:77:cc:38:b6:26:d1:0f:f3:5d:55:
7d:ef:b4:27:12:6d:ef:46:25:a9:7b:aa:bc:b6:c9:
31:11:53:b5:5d:a5:a5:b5:82:13:9d:9c:e9:c4:03:
6a:68:3b:82:86:81:a7:75:93:d1:b7:fd:85:14:5c:
7c:4f:ec:c3:e0:71:e3:33:01:42:a2:ca:b8:0d:3f:
e4:ca:2c:ef:f3:a4:cb:3a:e7:85:59:57:a7:76:4b:
de:86:c9:a6:de:46:3d:f1:a5:e4:8d:44:a6:1f:3f:
81:97:d3:be:41:17:7e:e2:b1:17:df:bf:72:49:01:
fc:34:93:e1:92:8c:a8:1c:a1:4d:1e:08:0c:53:f1:
97:2c:9b:65:71:4a:f8:0e:cb:cb:1c:b4:5c:7e:b8:
fc:57:45:de:19:dd:1c:3a:cb:3d:f1:f2:7f:88:12:
f1:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:1F:CA:D7:B9:C4:D5:8F:EB:05:EC:5D:D6:EF:42:0B:13:2A:2B:F5
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/QB_K17nE1Y_rBexd1u9CCxMqK_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.96.0/22
193.233.104.0-193.233.115.255
193.233.120.0/21
Signature Algorithm: sha256WithRSAEncryption
86:f9:fc:f5:70:7b:37:9a:38:40:79:16:ce:da:32:8f:54:95:
f0:76:81:1f:0f:47:7b:f8:07:9a:4f:b0:f6:6e:cf:da:03:a8:
ca:20:88:88:30:61:1f:96:39:f6:37:36:cf:9e:4e:e7:be:66:
3c:8d:2b:bf:34:99:2a:14:16:27:e6:d3:29:58:80:e8:24:d1:
76:e6:f3:a8:62:38:90:9f:d6:e4:69:77:85:7a:3a:93:17:ae:
ad:c0:10:cf:1d:52:69:13:45:d4:72:88:82:a1:ee:ee:c0:d0:
11:54:ab:43:45:4d:d0:6a:cb:79:e0:89:95:a6:e9:b3:ff:9b:
20:e6:82:35:7c:90:76:e1:17:dd:82:9e:24:6e:4a:f6:5b:07:
4b:d6:9d:2e:da:1f:10:9e:bd:bf:0a:66:09:2f:3d:14:7d:3d:
e1:d8:16:94:bc:30:c1:5b:57:0d:95:a6:fc:1e:6e:64:3f:83:
4c:b9:a2:50:5a:f9:91:b6:e3:7d:75:4d:e0:ca:5b:21:ae:68:
7a:7f:1e:17:2d:94:01:31:9f:0f:03:b9:67:54:ac:4a:3c:75:
fe:f4:4f:73:9b:ca:57:4f:b2:75:04:1e:3d:0a:3a:82:94:e3:
97:35:19:5e:34:9a:72:63:f3:9d:7a:eb:a9:4f:50:ab:8c:16:
c0:a5:fa:55
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEBNHiqzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NmQ2NDhiZGJhOTY1NDYxYjFlOGMxMWI5ZGQ0MzZjNjEzODI4NzNjMB4XDTIyMDIy
MjE4MTU1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDAxZmNhZDdiOWM0
ZDU4ZmViMDVlYzVkZDZlZjQyMGIxMzJhMmJmNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJarOTfAyT2u8kCSAuPav7s7kNc1sA7492zIS1LXj9fgJ1vb
ppKUDYfq1dYdgcazRsPwPn57OwAk0Ihrn0rlUjHSy6/NCKNQOgOni1UUfFduxDfN
LX9wPKU/HqhGzdN3zDi2JtEP811Vfe+0JxJt70YlqXuqvLbJMRFTtV2lpbWCE52c
6cQDamg7goaBp3WT0bf9hRRcfE/sw+Bx4zMBQqLKuA0/5Mos7/OkyzrnhVlXp3ZL
3obJpt5GPfGl5I1Eph8/gZfTvkEXfuKxF9+/ckkB/DST4ZKMqByhTR4IDFPxlyyb
ZXFK+A7Lyxy0XH64/FdF3hndHDrLPfHyf4gS8ckCAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBRAH8rXucTVj+sF7F3W70ILEyor9TAfBgNVHSMEGDAWgBSG1ki9upZUYbHo
wRud1DbGE4KHPDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2h0Wkl2YnFXVkdHeDZNRWJuZFEyeGhPQ2h6dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGMvYWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8x
L1FCX0sxN25FMVlfckJleGQxdTlDQ3hNcUtfVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGMv
YWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8xL2h0Wkl2YnFXVkdH
eDZNRWJuZFEyeGhPQ2h6dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGgMEAsHpYDAMAwQDweloAwQCwelwAwQD
wel4MA0GCSqGSIb3DQEBCwUAA4IBAQCG+fz1cHs3mjhAeRbO2jKPVJXwdoEfD0d7
+AeaT7D2bs/aA6jKIIiIMGEfljn2NzbPnk7nvmY8jSu/NJkqFBYn5tMpWIDoJNF2
5vOoYjiQn9bkaXeFejqTF66twBDPHVJpE0XUcoiCoe7uwNARVKtDRU3Qast54ImV
pumz/5sg5oI1fJB24Rfdgp4kbkr2WwdL1p0u2h8Qnr2/CmYJLz0UfT3h2BaUvDDB
W1cNlab8Hm5kP4NMuaJQWvmRtuN9dU3gylshrmh6fx4XLZQBMZ8PA7lnVKxKPHX+
9E9zm8pXT7J1BB49CjqClOOXNRleNJpyY/OdeuupT1CrjBbApfpV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:39 2024 by rpki-client on console-fra.rpki-client.org