Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/29aea2-b6c8-4af9-ad84-03fb54187ee2/1/QLahBxO1fmpXP92LF3_TJzvM8Lo.roa
File: QLahBxO1fmpXP92LF3_TJzvM8Lo.roa (raw, json)
Hash identifier: HHC8hEdVyE08EcvVrQFmBDxcPBmmcspCe+3dWn0SKpg=
Subject key identifier: 40:B6:A1:07:13:B5:7E:6A:57:3F:DD:8B:17:7F:D3:27:3B:CC:F0:BA
Certificate issuer: /CN=bc9d7c42e917844cbc2de4a91c6c1701de5971b5
Certificate serial: 14E738BF
Authority key identifier: BC:9D:7C:42:E9:17:84:4C:BC:2D:E4:A9:1C:6C:17:01:DE:59:71:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vJ18QukXhEy8LeSpHGwXAd5ZcbU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/29aea2-b6c8-4af9-ad84-03fb54187ee2/1/QLahBxO1fmpXP92LF3_TJzvM8Lo.roa
Signing time: Sat 01 Jan 2022 09:58:58 +0000
ROA not before: Sat 01 Jan 2022 09:58:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34119
IP address blocks: 185.211.176.0/22 maxlen: 22
77.95.32.0/21 maxlen: 21
31.22.4.0/24 maxlen: 24
31.22.0.0/21 maxlen: 21
31.22.7.0/24 maxlen: 24
185.2.168.0/22 maxlen: 22
2a02:5300::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 350697663 (0x14e738bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc9d7c42e917844cbc2de4a91c6c1701de5971b5
Validity
Not Before: Jan 1 09:58:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=40b6a10713b57e6a573fdd8b177fd3273bccf0ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:4a:49:7e:7d:9f:27:f0:49:51:41:9a:d9:06:
7b:fd:ed:89:bc:65:4f:5b:f6:ed:f2:30:fc:1b:39:
e1:95:23:2b:bc:eb:08:c6:39:dd:15:79:be:14:a9:
49:29:b1:c9:b8:86:ec:77:c7:49:27:98:57:f6:d6:
7f:b5:91:93:c7:b3:f4:1c:8c:fc:2f:ec:48:08:08:
0d:f8:0d:3a:f8:cf:10:62:b5:2a:33:e4:31:26:21:
e7:82:8c:f8:15:e0:82:1a:a1:96:4e:6a:b9:ae:58:
98:9f:f2:c8:26:4e:ed:15:98:c8:38:06:b5:67:bb:
d2:92:a6:a0:76:d2:b7:fa:12:c4:11:c3:79:5a:d4:
f3:c4:d3:9d:6e:cb:7b:a1:92:7f:cd:81:93:48:27:
8f:07:d9:21:06:d1:54:5d:dc:44:3e:bd:08:b8:2f:
32:b9:bb:91:fd:33:5b:f1:2b:2d:15:79:88:93:98:
94:29:16:77:db:77:ab:fa:d7:18:82:89:3a:e4:21:
de:bd:78:51:90:7e:2a:8d:ac:b8:4d:b9:47:c6:01:
ca:e2:c9:95:26:a4:96:9b:e4:70:64:ca:b5:10:05:
a5:38:31:7a:59:f4:af:f3:75:a5:aa:9c:e8:e2:61:
bf:a5:a5:da:41:b9:90:82:0c:f5:fe:98:69:c2:b9:
59:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:B6:A1:07:13:B5:7E:6A:57:3F:DD:8B:17:7F:D3:27:3B:CC:F0:BA
X509v3 Authority Key Identifier:
keyid:BC:9D:7C:42:E9:17:84:4C:BC:2D:E4:A9:1C:6C:17:01:DE:59:71:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vJ18QukXhEy8LeSpHGwXAd5ZcbU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/29aea2-b6c8-4af9-ad84-03fb54187ee2/1/QLahBxO1fmpXP92LF3_TJzvM8Lo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/29aea2-b6c8-4af9-ad84-03fb54187ee2/1/vJ18QukXhEy8LeSpHGwXAd5ZcbU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.22.0.0/21
77.95.32.0/21
185.2.168.0/22
185.211.176.0/22
IPv6:
2a02:5300::/32
Signature Algorithm: sha256WithRSAEncryption
d8:54:61:2f:82:3e:ae:e7:43:7f:36:f5:48:b8:b6:41:1c:f9:
a5:ab:3d:2e:fd:79:cd:9c:55:19:83:e1:d1:9b:ac:fe:7c:f8:
a5:0d:07:19:1c:47:14:3a:4a:fc:1e:80:a8:be:74:97:fe:ed:
c8:9b:eb:ac:5a:63:8b:50:40:47:de:4b:2c:d5:75:f2:2a:ef:
52:72:85:92:3f:94:1e:83:4e:a3:35:d6:2a:92:9a:01:7d:45:
64:84:ad:dc:6e:7e:4d:c6:f8:9a:60:9d:f4:6a:80:00:3c:45:
4d:e5:5b:bf:56:1c:9f:2f:d3:08:b2:57:53:de:0d:af:8b:09:
2d:90:00:15:51:73:5c:aa:68:f6:90:1d:56:fd:02:0b:ac:8d:
34:0d:84:1e:13:46:8e:07:2d:5a:c5:77:2c:08:9f:ec:aa:1d:
7a:c5:9d:a3:1e:d3:55:a6:67:f7:75:88:69:75:1f:9d:8c:d5:
d6:30:7e:a5:1c:ff:85:c7:94:4c:0c:e3:ca:56:fa:ec:32:d3:
fe:28:ba:a8:39:64:65:0f:28:a9:0b:fd:12:ed:23:7d:5e:db:
a4:99:ae:1b:69:cd:2a:cc:8e:dc:84:63:0b:ec:20:ed:b4:f8:
ae:66:f8:54:49:bf:3b:b0:b7:0d:c0:42:69:2a:38:0a:36:0d:
c4:96:9b:17
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEFOc4vzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YzlkN2M0MmU5MTc4NDRjYmMyZGU0YTkxYzZjMTcwMWRlNTk3MWI1MB4XDTIyMDEw
MTA5NTg1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDBiNmExMDcxM2I1
N2U2YTU3M2ZkZDhiMTc3ZmQzMjczYmNjZjBiYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMxKSX59nyfwSVFBmtkGe/3tibxlT1v27fIw/Bs54ZUjK7zr
CMY53RV5vhSpSSmxybiG7HfHSSeYV/bWf7WRk8ez9ByM/C/sSAgIDfgNOvjPEGK1
KjPkMSYh54KM+BXgghqhlk5qua5YmJ/yyCZO7RWYyDgGtWe70pKmoHbSt/oSxBHD
eVrU88TTnW7Le6GSf82Bk0gnjwfZIQbRVF3cRD69CLgvMrm7kf0zW/ErLRV5iJOY
lCkWd9t3q/rXGIKJOuQh3r14UZB+Ko2suE25R8YByuLJlSaklpvkcGTKtRAFpTgx
eln0r/N1paqc6OJhv6Wl2kG5kIIM9f6YacK5WQcCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBRAtqEHE7V+alc/3YsXf9MnO8zwujAfBgNVHSMEGDAWgBS8nXxC6ReETLwt
5KkcbBcB3llxtTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZKMThRdWtYaEV5OExlU3BIR3dYQWQ1WmNiVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmQvMjlhZWEyLWI2YzgtNGFmOS1hZDg0LTAzZmI1NDE4N2VlMi8x
L1FMYWhCeE8xZm1wWFA5MkxGM19USnp2TThMby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQv
MjlhZWEyLWI2YzgtNGFmOS1hZDg0LTAzZmI1NDE4N2VlMi8xL3ZKMThRdWtYaEV5
OExlU3BIR3dYQWQ1WmNiVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAx8WAAMEA01fIAMEArkCqAMEArnT
sDANBAIAAjAHAwUAKgJTADANBgkqhkiG9w0BAQsFAAOCAQEA2FRhL4I+rudDfzb1
SLi2QRz5pas9Lv15zZxVGYPh0Zus/nz4pQ0HGRxHFDpK/B6AqL50l/7tyJvrrFpj
i1BAR95LLNV18irvUnKFkj+UHoNOozXWKpKaAX1FZISt3G5+Tcb4mmCd9GqAADxF
TeVbv1Ycny/TCLJXU94Nr4sJLZAAFVFzXKpo9pAdVv0CC6yNNA2EHhNGjgctWsV3
LAif7KodesWdox7TVaZn93WIaXUfnYzV1jB+pRz/hceUTAzjylb67DLT/ii6qDlk
ZQ8oqQv9Eu0jfV7bpJmuG2nNKsyO3IRjC+wg7bT4rmb4VEm/O7C3DcBCaSo4CjYN
xJabFw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:54 2023 by rpki-client on console-fra.rpki-client.org