Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/Q_vhJfSq5U6lxpgkDk-Y5PGY53A.roa
File: Q_vhJfSq5U6lxpgkDk-Y5PGY53A.roa (raw, json)
Hash identifier: MdkZOUQq+otVCJGqwTrEF6NabUvc6W5zvYiYM45Anq8=
Subject key identifier: 43:FB:E1:25:F4:AA:E5:4E:A5:C6:98:24:0E:4F:98:E4:F1:98:E7:70
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0184E41D7FEE93A0D4FCFC1038014158A32E
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/Q_vhJfSq5U6lxpgkDk-Y5PGY53A.roa
Signing time: Mon 05 Dec 2022 21:07:29 +0000
ROA not before: Mon 05 Dec 2022 21:07:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7489
IP address blocks: 2.56.164.0/22 maxlen: 24
78.108.216.0/22 maxlen: 24
45.140.220.0/22 maxlen: 24
193.221.192.0/22 maxlen: 24
194.50.16.0/22 maxlen: 24
194.31.140.0/22 maxlen: 24
212.107.12.0/22 maxlen: 24
185.186.64.0/22 maxlen: 24
45.154.196.0/22 maxlen: 24
185.227.68.0/22 maxlen: 24
185.185.40.0/22 maxlen: 24
45.90.144.0/22 maxlen: 24
194.56.224.0/22 maxlen: 24
178.218.144.0/22 maxlen: 24
77.83.240.0/22 maxlen: 24
45.81.20.0/22 maxlen: 24
89.190.156.0/22 maxlen: 24
83.143.116.0/22 maxlen: 24
185.242.224.0/22 maxlen: 24
185.234.72.0/22 maxlen: 24
193.31.28.0/22 maxlen: 24
193.31.30.0/24 maxlen: 24
85.202.160.0/22 maxlen: 24
193.34.76.0/22 maxlen: 24
2a0b:7080:10::/48 maxlen: 48
2a0b:b87:ffb4::/48 maxlen: 48
2a0b:b82::/44 maxlen: 44
2a0b:b85::/32 maxlen: 32
2a0b:b87:fff0::/44 maxlen: 44
2a0b:7080:30::/44 maxlen: 44
2a0b:7080:10::/44 maxlen: 44
2a0b:7080:10::/45 maxlen: 45
2a0b:b87:ffda::/48 maxlen: 48
2a0d:77c7::/32 maxlen: 48
2a0b:7080:20::/44 maxlen: 48
2a0b:b87:ffec::/48 maxlen: 48
2a0b:b84::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e4:1d:7f:ee:93:a0:d4:fc:fc:10:38:01:41:58:a3:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Dec 5 21:07:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=43fbe125f4aae54ea5c698240e4f98e4f198e770
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:fc:d6:fc:2a:e3:17:97:f4:d4:4b:0d:dc:e0:
0d:2f:b1:c5:a1:a5:22:5f:66:32:10:b4:86:27:aa:
b1:fb:3c:04:77:6a:c1:4c:b7:19:0e:58:89:70:86:
da:64:40:28:dd:3a:17:53:63:86:b1:6c:8f:5d:84:
ea:c1:5a:17:97:0e:b7:16:fc:98:d8:56:e1:f5:ed:
56:86:b2:af:48:56:4a:44:dd:a7:ed:5e:da:fe:ea:
f9:90:7a:53:58:28:5a:0f:ac:9d:e1:09:68:2f:8f:
5a:7b:cc:ea:a0:47:eb:76:31:78:a6:c7:35:d0:90:
80:fd:55:ef:85:d9:4c:8c:91:70:22:17:5d:4a:34:
bf:3a:3c:e3:2c:43:8b:cd:3c:07:87:e9:82:4e:a9:
3e:28:5f:57:65:44:2f:67:d5:dc:52:05:9f:07:34:
72:0b:41:23:0a:cf:3e:3c:87:2c:68:4e:45:0c:40:
e4:ce:fd:73:1b:32:cd:46:cc:ab:a2:0f:66:4c:b2:
5f:2a:f1:1b:9a:35:47:91:46:82:a6:85:b7:56:0e:
32:1e:b9:5b:51:e1:b0:55:72:47:51:80:ea:bb:71:
a2:47:14:ce:26:dc:28:ba:7d:cc:cd:b2:fc:14:24:
43:10:c1:7d:69:03:05:3c:9c:a9:4b:b1:55:6a:63:
57:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:FB:E1:25:F4:AA:E5:4E:A5:C6:98:24:0E:4F:98:E4:F1:98:E7:70
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/Q_vhJfSq5U6lxpgkDk-Y5PGY53A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.164.0/22
45.81.20.0/22
45.90.144.0/22
45.140.220.0/22
45.154.196.0/22
77.83.240.0/22
78.108.216.0/22
83.143.116.0/22
85.202.160.0/22
89.190.156.0/22
178.218.144.0/22
185.185.40.0/22
185.186.64.0/22
185.227.68.0/22
185.234.72.0/22
185.242.224.0/22
193.31.28.0/22
193.34.76.0/22
193.221.192.0/22
194.31.140.0/22
194.50.16.0/22
194.56.224.0/22
212.107.12.0/22
IPv6:
2a0b:b82::/44
2a0b:b84::/31
2a0b:b87:ffb4::/48
2a0b:b87:ffda::/48
2a0b:b87:ffec::/48
2a0b:b87:fff0::/44
2a0b:7080:10::-2a0b:7080:3f:ffff:ffff:ffff:ffff:ffff
2a0d:77c7::/32
Signature Algorithm: sha256WithRSAEncryption
3b:02:b8:d4:4c:a1:de:77:01:d1:a7:bf:9b:96:d5:6d:85:22:
93:a1:82:03:24:f8:2a:05:1f:74:62:e7:e5:16:8e:b4:d0:74:
6f:58:49:58:a8:4c:a4:de:c2:23:a9:9b:d0:c3:c1:22:b3:c9:
69:f7:8f:a4:fd:e6:51:02:15:4f:5b:8e:62:ac:4d:80:2d:87:
28:fb:d6:7a:aa:25:b6:b1:d6:c1:e8:c9:44:bf:c0:e6:15:0a:
eb:2b:8e:d1:cd:27:bc:7e:b6:d8:80:8e:2f:0b:10:ef:cd:5b:
87:b1:fc:d7:11:d1:e8:f1:fb:04:6f:e9:8a:65:b3:c8:04:d3:
d2:c6:07:22:1f:e4:19:32:fc:49:61:54:ec:f1:4e:3e:2b:4f:
72:a2:b4:48:91:d5:24:11:f3:5b:ba:11:b0:e8:61:c9:3b:9b:
bd:f3:2d:76:ac:2a:75:d3:3f:1c:ef:37:87:cf:8a:b4:77:25:
26:d1:80:cd:5f:96:9e:2e:19:ad:97:fa:ae:c0:a2:34:a1:2c:
a5:9b:e5:2d:ef:d8:62:2e:fe:48:1a:63:40:44:54:84:89:16:
30:17:95:60:b4:78:93:80:81:32:27:af:ad:50:62:27:1a:ef:
33:72:a9:fc:60:12:6d:dd:5e:d9:63:78:fb:3a:40:8b:63:d8:
8e:72:6d:8c
-----BEGIN CERTIFICATE-----
MIIF3TCCBMWgAwIBAgISAYTkHX/uk6DU/PwQOAFBWKMuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjIxMjA1MjEwNzI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2ZiZTEyNWY0YWFlNTRlYTVjNjk4MjQwZTRmOThlNGYxOThlNzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvzW/CrjF5f01EsN3OANL7HFoaUi
X2YyELSGJ6qx+zwEd2rBTLcZDliJcIbaZEAo3ToXU2OGsWyPXYTqwVoXlw63FvyY
2Fbh9e1WhrKvSFZKRN2n7V7a/ur5kHpTWChaD6yd4QloL49ae8zqoEfrdjF4psc1
0JCA/VXvhdlMjJFwIhddSjS/OjzjLEOLzTwHh+mCTqk+KF9XZUQvZ9XcUgWfBzRy
C0EjCs8+PIcsaE5FDEDkzv1zGzLNRsyrog9mTLJfKvEbmjVHkUaCpoW3Vg4yHrlb
UeGwVXJHUYDqu3GiRxTOJtwoun3MzbL8FCRDEMF9aQMFPJypS7FVamNXWwIDAQAB
o4IC6TCCAuUwHQYDVR0OBBYEFEP74SX0quVOpcaYJA5PmOTxmOdwMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvUV92aEpmU3E1VTZseHBna0RrLVk1UEdZNTNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH+BggrBgEFBQcBBwEB/wSB7jCB6zCBkQQCAAEwgYoDBAIC
OKQDBAItURQDBAItWpADBAItjNwDBAItmsQDBAJNU/ADBAJObNgDBAJTj3QDBAJV
yqADBAJZvpwDBAKy2pADBAK5uSgDBAK5ukADBAK540QDBAK56kgDBAK58uADBALB
HxwDBALBIkwDBALB3cADBALCH4wDBALCMhADBALCOOADBALUawwwVQQCAAIwTwMH
BCoLC4IAAAMFASoLC4QDBwAqCwuH/7QDBwAqCwuH/9oDBwAqCwuH/+wDBwQqCwuH
//AwEgMHBCoLcIAAEAMHBioLcIAAAAMFACoNd8cwDQYJKoZIhvcNAQELBQADggEB
ADsCuNRMod53AdGnv5uW1W2FIpOhggMk+CoFH3Ri5+UWjrTQdG9YSVioTKTewiOp
m9DDwSKzyWn3j6T95lECFU9bjmKsTYAthyj71nqqJbax1sHoyUS/wOYVCusrjtHN
J7x+ttiAji8LEO/NW4ex/NcR0ejx+wRv6Ypls8gE09LGByIf5Bky/ElhVOzxTj4r
T3KitEiR1SQR81u6EbDoYck7m73zLXasKnXTPxzvN4fPirR3JSbRgM1flp4uGa2X
+q7AojShLKWb5S3v2GIu/kgaY0BEVISJFjAXlWC0eJOAgTInr61QYica7zNyqfxg
Em3dXtljePs6QItj2I5ybYw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:26 2023 by rpki-client on console-ams.rpki-client.org