Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/QPWs35Z5nv4S006OYZRFzMElqOw.roa
File: QPWs35Z5nv4S006OYZRFzMElqOw.roa (raw, json)
Hash identifier: AQhwXzLtxUg87Ag/3zooR3P+vRsApFA7yDeJztsxR2U=
Subject key identifier: 40:F5:AC:DF:96:79:9E:FE:12:D3:4E:8E:61:94:45:CC:C1:25:A8:EC
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 0182B59F0E89BD446293820EF8A547D1EDA6
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/QPWs35Z5nv4S006OYZRFzMElqOw.roa
Signing time: Fri 19 Aug 2022 10:21:16 +0000
ROA not before: Fri 19 Aug 2022 10:21:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 52000
IP address blocks: 193.233.171.0/24 maxlen: 24
193.233.175.0/24 maxlen: 24
193.233.197.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:b5:9f:0e:89:bd:44:62:93:82:0e:f8:a5:47:d1:ed:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Aug 19 10:21:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=40f5acdf96799efe12d34e8e619445ccc125a8ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:b3:59:fe:16:62:83:1f:c6:f4:0f:47:06:37:
2d:50:81:2f:ee:96:66:a9:a9:7e:81:8f:de:b8:77:
7a:81:86:29:96:37:9c:5e:65:cb:57:30:9f:f2:9e:
6f:fd:17:a5:f0:6f:67:8b:67:f6:3d:21:8d:3c:67:
98:26:43:d7:30:a2:54:8e:09:73:f7:7e:57:c0:91:
ac:cb:50:47:aa:70:6c:68:bb:31:b2:ad:87:80:71:
70:90:83:d7:d1:50:ec:15:8f:00:9b:d5:3a:5d:9e:
f5:55:a0:87:eb:a7:46:b3:f2:f2:63:ce:af:fb:0e:
da:14:d8:9a:df:6f:78:1d:1b:72:b5:d7:f5:d9:73:
48:00:91:5c:f7:85:27:c8:ce:e3:2d:33:c7:21:c5:
15:6e:ac:98:91:6d:f5:88:a2:44:be:ee:a7:d0:ab:
3b:64:49:70:3d:f9:00:9d:71:04:70:ce:e8:a6:b0:
74:bb:41:dc:73:0d:f9:f7:27:36:5e:11:da:35:f0:
bf:eb:fa:76:85:4d:ef:78:ad:86:57:3c:50:33:9b:
96:b3:61:4e:31:24:7f:d2:0f:ee:f9:a5:0a:8c:65:
c3:44:f7:ed:eb:d7:97:10:a3:8d:58:ec:36:7d:b1:
76:ca:59:3b:01:e4:86:dd:29:7f:17:4a:e9:36:b6:
b0:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:F5:AC:DF:96:79:9E:FE:12:D3:4E:8E:61:94:45:CC:C1:25:A8:EC
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/QPWs35Z5nv4S006OYZRFzMElqOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.171.0/24
193.233.175.0/24
193.233.197.0/24
Signature Algorithm: sha256WithRSAEncryption
03:ce:23:4b:4b:f1:a8:b1:4d:15:08:c2:eb:7d:19:63:c1:13:
09:29:12:fa:a6:f9:ba:8c:55:9e:df:9d:20:c6:ac:39:eb:8d:
8b:d0:f3:93:83:5f:06:f6:fe:f0:9f:95:ae:63:d8:4a:87:9a:
cb:a1:f4:3f:47:eb:62:17:d0:38:82:50:bc:da:0d:51:a1:d3:
d9:a6:35:6c:00:cc:c1:81:f5:53:e1:06:b6:35:2c:a5:6d:4d:
68:8d:8d:ab:2c:46:a7:04:59:59:d7:83:ea:f6:68:92:3d:8c:
3d:4c:4a:18:31:d6:73:ff:17:bf:96:d9:d3:03:f8:ad:88:a6:
b8:90:82:23:8b:03:25:55:c9:55:15:72:2a:b3:39:0b:0b:b2:
bb:70:49:a8:bd:b2:43:0c:f0:60:f1:1d:c5:bd:74:f4:c1:0e:
4f:68:a3:20:83:3c:89:5c:41:9f:b6:db:0a:ab:00:55:a1:22:
3a:56:19:0f:f6:01:d4:75:41:b1:90:39:82:be:d4:90:29:23:
2e:19:87:f7:1f:ee:23:8c:4d:28:1f:51:f1:a5:c6:9d:6f:fb:
3b:0f:65:2f:ae:7a:82:ab:a2:5e:ab:70:7f:dd:57:28:6e:50:
f2:13:73:bd:2f:93:28:b1:00:45:3b:a3:6f:3e:1e:95:4b:1b:
6e:06:cc:dc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYK1nw6JvURik4IO+KVH0e2mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjIwODE5MTAyMTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGY1YWNkZjk2Nzk5ZWZlMTJkMzRlOGU2MTk0NDVjY2MxMjVhOGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7bNZ/hZigx/G9A9HBjctUIEv7pZm
qal+gY/euHd6gYYpljecXmXLVzCf8p5v/Rel8G9ni2f2PSGNPGeYJkPXMKJUjglz
935XwJGsy1BHqnBsaLsxsq2HgHFwkIPX0VDsFY8Am9U6XZ71VaCH66dGs/LyY86v
+w7aFNia3294HRtytdf12XNIAJFc94UnyM7jLTPHIcUVbqyYkW31iKJEvu6n0Ks7
ZElwPfkAnXEEcM7oprB0u0Hccw359yc2XhHaNfC/6/p2hU3veK2GVzxQM5uWs2FO
MSR/0g/u+aUKjGXDRPft69eXEKONWOw2fbF2ylk7AeSG3Sl/F0rpNrawqwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFED1rN+WeZ7+EtNOjmGURczBJajsMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvUVBXczM1WjVudjRTMDA2T1laUkZ6TUVscU93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwemrAwQA
wemvAwQAwenFMA0GCSqGSIb3DQEBCwUAA4IBAQADziNLS/GosU0VCMLrfRljwRMJ
KRL6pvm6jFWe350gxqw5642L0POTg18G9v7wn5WuY9hKh5rLofQ/R+tiF9A4glC8
2g1RodPZpjVsAMzBgfVT4Qa2NSylbU1ojY2rLEanBFlZ14Pq9miSPYw9TEoYMdZz
/xe/ltnTA/itiKa4kIIjiwMlVclVFXIqszkLC7K7cEmovbJDDPBg8R3FvXT0wQ5P
aKMggzyJXEGfttsKqwBVoSI6VhkP9gHUdUGxkDmCvtSQKSMuGYf3H+4jjE0oH1Hx
pcadb/s7D2UvrnqCq6Jeq3B/3VcoblDyE3O9L5MosQBFO6NvPh6VSxtuBszc
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:38 2023 by rpki-client on console-fra.rpki-client.org