Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/f77d51-ee1c-47a9-90bc-e0d2a1b6e8ac/1/QaejFvvLFjeATtdjb00z7vhBGlg.roa
File: QaejFvvLFjeATtdjb00z7vhBGlg.roa (raw, json)
Hash identifier: 2cPT+Y3rFjJNejxoconagpwxxE3JLrrA1s14OUeyJeI=
Subject key identifier: 41:A7:A3:16:FB:CB:16:37:80:4E:D7:63:6F:4D:33:EE:F8:41:1A:58
Certificate issuer: /CN=83bf36eb18ef9a57c5fb603ada400fe6b6688e6e
Certificate serial: 0182B9337DAD56A32695E2949C2073C95B68
Authority key identifier: 83:BF:36:EB:18:EF:9A:57:C5:FB:60:3A:DA:40:0F:E6:B6:68:8E:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g7826xjvmlfF-2A62kAP5rZojm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/f77d51-ee1c-47a9-90bc-e0d2a1b6e8ac/1/QaejFvvLFjeATtdjb00z7vhBGlg.roa
Signing time: Sat 20 Aug 2022 03:02:15 +0000
ROA not before: Sat 20 Aug 2022 03:02:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25591
IP address blocks: 80.242.96.0/22 maxlen: 22
80.242.104.0/22 maxlen: 22
80.242.100.0/22 maxlen: 22
80.242.108.0/22 maxlen: 22
93.190.176.0/22 maxlen: 22
93.190.180.0/22 maxlen: 22
37.75.216.0/22 maxlen: 22
37.75.220.0/22 maxlen: 22
31.3.24.0/22 maxlen: 22
31.3.28.0/22 maxlen: 22
185.14.16.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:b9:33:7d:ad:56:a3:26:95:e2:94:9c:20:73:c9:5b:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83bf36eb18ef9a57c5fb603ada400fe6b6688e6e
Validity
Not Before: Aug 20 03:02:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=41a7a316fbcb1637804ed7636f4d33eef8411a58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:cb:af:8f:55:c9:47:5f:4e:15:e0:68:92:02:
2a:88:e8:f4:7c:b9:97:de:9a:ec:6a:f2:a7:9a:3a:
3a:7f:9d:65:c8:04:ab:1b:c6:53:42:4f:46:d8:3d:
ae:37:33:b5:c3:b9:ea:80:bd:a4:b5:68:99:17:43:
49:e0:77:af:99:89:d2:3a:61:db:46:fb:ce:4d:98:
8c:83:61:03:e3:ae:43:2c:11:ed:14:6d:a9:5d:8c:
5a:9b:86:48:9f:9f:ae:be:d6:12:03:39:a4:2a:f6:
95:de:27:58:6e:36:44:51:97:a7:09:1c:a7:52:0a:
39:f3:67:5e:f5:de:77:f0:35:00:55:69:b5:cb:a9:
bb:8e:f0:c2:ed:81:18:fa:34:20:ae:4d:fc:35:c2:
5e:49:c4:ea:55:eb:50:77:ad:28:0f:c0:a3:1d:2e:
40:3e:f6:84:a9:e9:2e:18:63:eb:50:07:01:48:de:
0b:b5:b6:39:f9:d2:27:60:d2:d6:f6:85:27:bb:03:
b7:54:36:5d:0c:e4:4b:7e:66:48:91:de:d8:f8:2d:
58:f8:62:99:85:0e:bd:c4:8c:5e:7f:d6:d6:10:80:
f6:58:b7:6e:8f:de:d6:25:68:62:88:29:2a:71:c0:
59:37:ba:8e:66:34:bb:46:6c:ef:dd:b2:39:55:29:
b9:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:A7:A3:16:FB:CB:16:37:80:4E:D7:63:6F:4D:33:EE:F8:41:1A:58
X509v3 Authority Key Identifier:
keyid:83:BF:36:EB:18:EF:9A:57:C5:FB:60:3A:DA:40:0F:E6:B6:68:8E:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g7826xjvmlfF-2A62kAP5rZojm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/f77d51-ee1c-47a9-90bc-e0d2a1b6e8ac/1/QaejFvvLFjeATtdjb00z7vhBGlg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/f77d51-ee1c-47a9-90bc-e0d2a1b6e8ac/1/g7826xjvmlfF-2A62kAP5rZojm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.24.0/21
37.75.216.0/21
80.242.96.0/20
93.190.176.0/21
185.14.16.0/22
Signature Algorithm: sha256WithRSAEncryption
93:a4:6b:15:29:a5:01:8d:de:47:48:f2:d3:b5:92:d4:23:77:
8b:d2:b7:cb:21:e0:21:d6:8a:a6:6a:60:8a:dc:88:19:4d:29:
ec:5a:25:8c:b8:89:94:50:5f:c6:ea:3b:1d:bc:17:2e:13:94:
c4:02:45:27:bb:f8:e6:30:e8:7a:5e:91:46:87:63:7d:ec:25:
77:a5:82:ff:40:d5:d8:e4:8b:7b:f4:6e:44:d2:c4:94:32:ed:
0a:58:6d:df:74:13:22:12:de:0f:18:d2:ea:fd:a4:a9:da:d5:
91:53:a9:ec:f1:cf:cd:17:29:88:00:13:84:41:7c:5e:1a:c1:
a1:d5:fc:2b:ad:1f:7a:54:75:e1:91:89:62:da:aa:15:e9:07:
43:26:61:84:7a:8f:5d:b4:8a:77:82:30:34:e7:a5:09:1d:50:
07:b9:25:b6:1f:c7:46:36:07:3d:8f:31:15:73:b9:16:8e:65:
92:41:20:ae:21:41:93:45:10:70:b2:e1:1c:c2:66:47:47:63:
21:7f:95:74:b8:20:14:06:a1:6b:22:29:45:7b:42:3d:b0:de:
44:a6:3d:7b:83:e7:79:26:cd:27:e5:76:ed:c3:ca:5a:6e:c7:
9f:74:7c:fd:37:49:24:10:48:67:c3:b2:8f:2e:f3:96:ee:54:
7e:0b:40:e5
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYK5M32tVqMmleKUnCBzyVtoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzYmYzNmViMThlZjlhNTdjNWZiNjAzYWRhNDAwZmU2YjY2
ODhlNmUwHhcNMjIwODIwMDMwMjE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWE3YTMxNmZiY2IxNjM3ODA0ZWQ3NjM2ZjRkMzNlZWY4NDExYTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1suvj1XJR19OFeBokgIqiOj0fLmX
3prsavKnmjo6f51lyASrG8ZTQk9G2D2uNzO1w7nqgL2ktWiZF0NJ4HevmYnSOmHb
RvvOTZiMg2ED465DLBHtFG2pXYxam4ZIn5+uvtYSAzmkKvaV3idYbjZEUZenCRyn
Ugo582de9d538DUAVWm1y6m7jvDC7YEY+jQgrk38NcJeScTqVetQd60oD8CjHS5A
PvaEqekuGGPrUAcBSN4LtbY5+dInYNLW9oUnuwO3VDZdDORLfmZIkd7Y+C1Y+GKZ
hQ69xIxef9bWEID2WLduj97WJWhiiCkqccBZN7qOZjS7Rmzv3bI5VSm5pwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEGnoxb7yxY3gE7XY29NM+74QRpYMB8GA1UdIwQY
MBaAFIO/NusY75pXxftgOtpAD+a2aI5uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzc4MjZ4anZtbGZGLTJBNjJrQVA1clpvam00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9mNzdkNTEtZWUxYy00N2E5LTkwYmMt
ZTBkMmExYjZlOGFjLzEvUWFlakZ2dkxGamVBVHRkamIwMHo3dmhCR2xnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9mNzdkNTEtZWUxYy00N2E5LTkwYmMtZTBkMmExYjZlOGFj
LzEvZzc4MjZ4anZtbGZGLTJBNjJrQVA1clpvam00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDHwMYAwQD
JUvYAwQEUPJgAwQDXb6wAwQCuQ4QMA0GCSqGSIb3DQEBCwUAA4IBAQCTpGsVKaUB
jd5HSPLTtZLUI3eL0rfLIeAh1oqmamCK3IgZTSnsWiWMuImUUF/G6jsdvBcuE5TE
AkUnu/jmMOh6XpFGh2N97CV3pYL/QNXY5It79G5E0sSUMu0KWG3fdBMiEt4PGNLq
/aSp2tWRU6ns8c/NFymIABOEQXxeGsGh1fwrrR96VHXhkYli2qoV6QdDJmGEeo9d
tIp3gjA056UJHVAHuSW2H8dGNgc9jzEVc7kWjmWSQSCuIUGTRRBwsuEcwmZHR2Mh
f5V0uCAUBqFrIilFe0I9sN5Epj17g+d5Js0n5Xbtw8pabsefdHz9N0kkEEhnw7KP
LvOW7lR+C0Dl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:46 2024 by rpki-client on console-fra.rpki-client.org