Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/f621a7-e080-4255-926d-32ff31ceec8b/1/QVjEk84YZSFgzdDM-2K_RZe-nM4.roa
File: QVjEk84YZSFgzdDM-2K_RZe-nM4.roa (raw, json)
Hash identifier: WsfCdRLZ3jPAJzg6uLnFdzK97XrdoOkDkcoPtTwZ8hY=
Subject key identifier: 41:58:C4:93:CE:18:65:21:60:CD:D0:CC:FB:62:BF:45:97:BE:9C:CE
Certificate issuer: /CN=8d4dd2d06d920e403933fdb2cd1984893552579c
Certificate serial: 018570C2DF26FE926AF8E3F3F98DB4918C89
Authority key identifier: 8D:4D:D2:D0:6D:92:0E:40:39:33:FD:B2:CD:19:84:89:35:52:57:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jU3S0G2SDkA5M_2yzRmEiTVSV5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/f621a7-e080-4255-926d-32ff31ceec8b/1/QVjEk84YZSFgzdDM-2K_RZe-nM4.roa
Signing time: Mon 02 Jan 2023 04:34:57 +0000
ROA not before: Mon 02 Jan 2023 04:34:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39232
IP address blocks: 89.219.38.0/23 maxlen: 23
89.219.48.0/21 maxlen: 21
89.219.48.0/20 maxlen: 20
89.219.56.0/21 maxlen: 21
89.219.36.0/23 maxlen: 23
89.219.36.0/22 maxlen: 22
89.219.156.0/23 maxlen: 23
89.219.156.0/22 maxlen: 22
89.219.155.0/24 maxlen: 24
89.219.158.0/23 maxlen: 23
89.219.160.0/24 maxlen: 24
89.219.164.0/23 maxlen: 23
89.219.164.0/22 maxlen: 22
89.219.163.0/24 maxlen: 24
89.219.166.0/23 maxlen: 23
89.219.171.0/24 maxlen: 24
89.219.170.0/24 maxlen: 24
89.219.170.0/23 maxlen: 23
89.219.169.0/24 maxlen: 24
89.219.172.0/22 maxlen: 22
89.219.172.0/23 maxlen: 23
89.219.174.0/23 maxlen: 23
89.219.176.0/20 maxlen: 20
89.219.176.0/21 maxlen: 21
89.219.184.0/21 maxlen: 21
89.219.132.0/23 maxlen: 23
89.219.132.0/24 maxlen: 24
89.219.133.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:c2:df:26:fe:92:6a:f8:e3:f3:f9:8d:b4:91:8c:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d4dd2d06d920e403933fdb2cd1984893552579c
Validity
Not Before: Jan 2 04:34:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4158c493ce18652160cdd0ccfb62bf4597be9cce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:0c:bc:cf:99:b2:8d:e1:8b:87:01:69:b6:56:
ae:04:a9:73:06:f1:72:ae:3c:46:0d:6e:d1:40:6f:
27:fc:47:fb:61:04:19:81:41:22:b7:d8:a8:e3:f7:
d6:6b:af:17:0d:83:91:21:76:a9:ac:d0:06:b3:87:
d3:96:0d:70:10:0c:ce:63:18:5f:3f:9e:dc:01:6d:
23:04:ed:c9:ab:a0:71:37:c7:8a:9f:7f:f7:64:ab:
00:6e:b6:3f:ea:a2:12:36:b4:e8:bb:7a:01:e3:fe:
c4:c9:d8:7e:7d:4d:ad:61:ff:ac:53:30:06:ae:8c:
a5:e6:8e:e5:90:fb:88:75:a0:cf:70:12:e1:b9:c7:
65:6f:11:3a:d4:b9:e4:76:eb:37:d4:13:bd:82:ff:
c6:b2:bb:c8:e0:05:51:a8:45:1e:58:ac:9a:55:d9:
8a:c4:2a:7e:85:70:81:27:55:64:69:b5:31:f1:4f:
6c:79:f3:c5:18:a6:34:a9:d5:0b:56:81:a5:83:2a:
09:42:c1:7f:49:20:ed:8c:59:00:1e:0b:03:7e:48:
88:87:76:4b:f5:ed:23:e6:d6:8c:79:1b:06:7a:93:
52:dc:0b:da:d7:e5:b4:67:ab:d3:18:9f:ae:57:ed:
57:64:68:28:3c:2a:c8:2a:16:bf:7c:e5:05:45:ed:
b7:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:58:C4:93:CE:18:65:21:60:CD:D0:CC:FB:62:BF:45:97:BE:9C:CE
X509v3 Authority Key Identifier:
keyid:8D:4D:D2:D0:6D:92:0E:40:39:33:FD:B2:CD:19:84:89:35:52:57:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jU3S0G2SDkA5M_2yzRmEiTVSV5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/f621a7-e080-4255-926d-32ff31ceec8b/1/QVjEk84YZSFgzdDM-2K_RZe-nM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/f621a7-e080-4255-926d-32ff31ceec8b/1/jU3S0G2SDkA5M_2yzRmEiTVSV5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.219.36.0/22
89.219.48.0/20
89.219.132.0/23
89.219.155.0-89.219.160.255
89.219.163.0-89.219.167.255
89.219.169.0-89.219.191.255
Signature Algorithm: sha256WithRSAEncryption
8d:ea:dd:b7:cf:0d:ad:53:98:60:7b:8b:b0:57:f6:92:cb:54:
44:51:82:3e:2b:df:dc:2b:f9:bb:9a:1e:16:dd:78:25:c1:d6:
f1:a9:bc:2f:22:a5:81:5e:45:d0:21:4a:54:52:c6:e5:51:5e:
59:95:28:7c:5d:96:f9:e4:23:21:d6:c2:ca:5f:72:c9:1b:a8:
a3:a3:cb:16:ca:9f:09:54:a1:23:22:1a:59:08:a4:63:50:16:
cd:28:dd:25:ea:90:0d:17:2b:99:1b:a5:cf:e9:97:5b:89:73:
d3:65:6c:c8:da:e6:6a:b5:ba:8a:c4:42:0b:b7:39:ce:91:f0:
75:4d:72:b5:ed:ec:0a:36:f0:dc:24:3b:bf:64:d4:0c:6b:5e:
6e:46:05:c8:60:07:4f:a6:0c:c7:27:b0:08:91:d9:2c:3c:4b:
cd:40:c9:2f:87:f0:60:e1:86:a4:57:39:d0:6e:08:61:a3:3d:
c0:f0:77:06:75:fd:ac:c7:f2:56:df:74:09:05:9c:91:26:06:
b5:b7:49:1e:49:64:65:5b:99:41:ae:ef:61:e9:4d:88:14:7f:
36:93:9d:0c:90:5c:45:7f:ff:da:9c:b2:c8:fd:ea:d0:6a:62:
e3:26:b5:6f:c6:32:70:99:c4:e7:88:f9:9d:a4:51:10:cc:63:
f0:5e:90:6a
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYVwwt8m/pJq+OPz+Y20kYyJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNGRkMmQwNmQ5MjBlNDAzOTMzZmRiMmNkMTk4NDg5MzU1
MjU3OWMwHhcNMjMwMTAyMDQzNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTU4YzQ5M2NlMTg2NTIxNjBjZGQwY2NmYjYyYmY0NTk3YmU5Y2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwy8z5myjeGLhwFptlauBKlzBvFy
rjxGDW7RQG8n/Ef7YQQZgUEit9io4/fWa68XDYORIXaprNAGs4fTlg1wEAzOYxhf
P57cAW0jBO3Jq6BxN8eKn3/3ZKsAbrY/6qISNrTou3oB4/7Eydh+fU2tYf+sUzAG
royl5o7lkPuIdaDPcBLhucdlbxE61Lnkdus31BO9gv/GsrvI4AVRqEUeWKyaVdmK
xCp+hXCBJ1VkabUx8U9sefPFGKY0qdULVoGlgyoJQsF/SSDtjFkAHgsDfkiIh3ZL
9e0j5taMeRsGepNS3Ava1+W0Z6vTGJ+uV+1XZGgoPCrIKha/fOUFRe23CQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFEFYxJPOGGUhYM3QzPtiv0WXvpzOMB8GA1UdIwQY
MBaAFI1N0tBtkg5AOTP9ss0ZhIk1UlecMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalUzUzBHMlNEa0E1TV8yeXpSbUVpVFZTVjV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9mNjIxYTctZTA4MC00MjU1LTkyNmQt
MzJmZjMxY2VlYzhiLzEvUVZqRWs4NFlaU0ZnemRETS0yS19SWmUtbk00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9mNjIxYTctZTA4MC00MjU1LTkyNmQtMzJmZjMxY2VlYzhi
LzEvalUzUzBHMlNEa0E1TV8yeXpSbUVpVFZTVjV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQCWdskAwQE
WdswAwQBWduEMAwDBABZ25sDBABZ26AwDAMEAFnbowMEA1nboDAMAwQAWdupAwQG
WduAMA0GCSqGSIb3DQEBCwUAA4IBAQCN6t23zw2tU5hge4uwV/aSy1REUYI+K9/c
K/m7mh4W3XglwdbxqbwvIqWBXkXQIUpUUsblUV5ZlSh8XZb55CMh1sLKX3LJG6ij
o8sWyp8JVKEjIhpZCKRjUBbNKN0l6pANFyuZG6XP6ZdbiXPTZWzI2uZqtbqKxEIL
tznOkfB1TXK17ewKNvDcJDu/ZNQMa15uRgXIYAdPpgzHJ7AIkdksPEvNQMkvh/Bg
4YakVznQbghhoz3A8HcGdf2sx/JW33QJBZyRJga1t0keSWRlW5lBru9h6U2IFH82
k50MkFxFf//anLLI/erQamLjJrVvxjJwmcTniPmdpFEQzGPwXpBq
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:04:30 2025 by rpki-client