Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/QQVZZcX03jeGcjcV7zII5lWh9zE.roa
File: QQVZZcX03jeGcjcV7zII5lWh9zE.roa (raw, json)
Hash identifier: Tu0Ghl4VXvqIEflP9U3GIPX1seGdk6+X2Z9LeJDAHO8=
Subject key identifier: 41:05:59:65:C5:F4:DE:37:86:72:37:15:EF:32:08:E6:55:A1:F7:31
Certificate issuer: /CN=bc4703e08ca0d6a310cbc643ffcb307ff6cdc65c
Certificate serial: 03ADA91E
Authority key identifier: BC:47:03:E0:8C:A0:D6:A3:10:CB:C6:43:FF:CB:30:7F:F6:CD:C6:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/QQVZZcX03jeGcjcV7zII5lWh9zE.roa
Signing time: Sat 01 Jan 2022 12:05:27 +0000
ROA not before: Sat 01 Jan 2022 12:05:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20552
IP address blocks: 185.119.15.0/24 maxlen: 24
185.119.12.0/24 maxlen: 24
185.119.12.0/22 maxlen: 22
185.119.14.0/24 maxlen: 24
185.119.13.0/24 maxlen: 24
185.24.200.0/22 maxlen: 22
217.168.128.0/20 maxlen: 20
217.168.129.0/24 maxlen: 24
217.168.141.0/24 maxlen: 24
185.52.171.0/24 maxlen: 24
185.52.168.0/22 maxlen: 22
185.52.170.0/24 maxlen: 24
164.40.240.0/24 maxlen: 24
164.40.241.0/24 maxlen: 24
164.40.240.0/21 maxlen: 21
164.40.246.0/24 maxlen: 24
91.216.30.0/24 maxlen: 24
164.40.245.0/24 maxlen: 24
164.40.243.0/24 maxlen: 24
164.40.242.0/24 maxlen: 24
164.40.244.0/24 maxlen: 24
164.40.247.0/24 maxlen: 24
2a02:d88::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61712670 (0x3ada91e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc4703e08ca0d6a310cbc643ffcb307ff6cdc65c
Validity
Not Before: Jan 1 12:05:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=41055965c5f4de3786723715ef3208e655a1f731
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:fc:be:dc:cc:4a:b2:8c:4a:af:d9:de:8c:e1:
e0:3c:68:d0:6c:47:28:1a:06:63:a5:cb:e1:d1:17:
33:49:38:72:0f:a8:8a:2a:b4:92:13:71:b4:b5:00:
bf:a5:2f:f4:02:b9:fc:6b:c5:e7:39:f2:d6:1a:47:
c0:e1:54:97:a2:a0:ff:6d:1c:d0:e1:15:b4:02:a1:
17:6c:23:42:ea:ed:57:60:b6:93:ee:64:0d:70:56:
3c:94:cb:14:9f:98:09:87:34:f7:db:76:9e:a0:87:
ae:73:5a:8b:82:7b:3b:11:37:e2:55:4b:a1:4f:0e:
e3:3c:5b:07:7e:56:2f:7a:c8:e4:4b:e0:85:ed:da:
89:be:5a:4e:6f:2f:5e:78:24:20:89:99:e6:45:0c:
3c:e3:b7:d5:ee:9b:3c:27:8e:34:ba:db:e0:ea:6a:
b0:fd:c8:25:cf:6c:44:4b:54:18:5d:58:3b:5f:10:
5a:af:f0:3f:64:ef:e7:f7:12:92:49:9c:b6:01:1d:
3b:a6:78:1c:9b:35:83:a3:30:79:74:59:9f:bf:f4:
5d:74:a1:99:aa:5a:f9:0e:18:e3:21:0c:0f:12:9f:
91:97:c3:72:3a:4d:3f:cd:f7:50:4b:f0:ca:00:5e:
85:7d:4e:2e:32:4c:b6:e3:4a:b5:11:27:f3:53:57:
7b:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:05:59:65:C5:F4:DE:37:86:72:37:15:EF:32:08:E6:55:A1:F7:31
X509v3 Authority Key Identifier:
keyid:BC:47:03:E0:8C:A0:D6:A3:10:CB:C6:43:FF:CB:30:7F:F6:CD:C6:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/QQVZZcX03jeGcjcV7zII5lWh9zE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.30.0/24
164.40.240.0/21
185.24.200.0/22
185.52.168.0/22
185.119.12.0/22
217.168.128.0/20
IPv6:
2a02:d88::/32
Signature Algorithm: sha256WithRSAEncryption
2b:d5:e1:51:aa:9d:5f:c1:22:46:61:57:44:ad:77:87:ca:5b:
b7:1b:37:42:cf:0d:2c:71:e1:d9:a8:58:0a:ed:26:0d:00:87:
10:6b:ac:88:ff:f6:97:21:f2:46:81:7b:9f:a5:ad:bf:b9:fb:
1c:9d:f1:51:23:be:23:e7:82:34:95:88:2d:95:2e:f3:fe:a0:
cb:a8:91:85:e5:3b:e0:3c:c9:62:6b:d9:1d:0f:31:d5:44:2e:
1e:9d:9e:b6:7b:ab:19:22:da:c4:c5:09:5a:ff:bb:0a:47:39:
06:49:32:ee:c2:cc:f2:06:ef:2e:f5:c8:33:c1:29:05:34:3f:
ef:cb:32:d4:8c:bc:85:d8:ce:0d:32:2f:bc:db:2c:37:2b:46:
61:15:80:57:9d:59:08:25:c5:f4:ff:1d:75:fb:e6:9b:c7:88:
73:18:4f:12:d7:01:52:9e:1f:ef:40:17:bc:c7:14:98:df:00:
7c:5a:bb:50:5f:c2:76:21:86:c8:99:dd:5f:c7:d5:55:bd:bc:
72:3d:9a:78:39:2c:ae:bf:33:31:62:9e:1f:0b:11:b6:b8:9c:
60:ed:8f:94:59:1f:c0:3a:03:3b:6c:b8:e2:50:3d:bb:80:24:
de:9a:6b:fb:43:0c:06:72:f1:1c:da:30:cb:0e:66:81:97:44:
45:64:16:51
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIEA62pHjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YzQ3MDNlMDhjYTBkNmEzMTBjYmM2NDNmZmNiMzA3ZmY2Y2RjNjVjMB4XDTIyMDEw
MTEyMDUyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDEwNTU5NjVjNWY0
ZGUzNzg2NzIzNzE1ZWYzMjA4ZTY1NWExZjczMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM/8vtzMSrKMSq/Z3ozh4Dxo0GxHKBoGY6XL4dEXM0k4cg+o
iiq0khNxtLUAv6Uv9AK5/GvF5zny1hpHwOFUl6Kg/20c0OEVtAKhF2wjQurtV2C2
k+5kDXBWPJTLFJ+YCYc099t2nqCHrnNai4J7OxE34lVLoU8O4zxbB35WL3rI5Evg
he3aib5aTm8vXngkIImZ5kUMPOO31e6bPCeONLrb4OpqsP3IJc9sREtUGF1YO18Q
Wq/wP2Tv5/cSkkmctgEdO6Z4HJs1g6MweXRZn7/0XXShmapa+Q4Y4yEMDxKfkZfD
cjpNP833UEvwygBehX1OLjJMtuNKtREn81NXe38CAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBRBBVllxfTeN4ZyNxXvMgjmVaH3MTAfBgNVHSMEGDAWgBS8RwPgjKDWoxDL
xkP/yzB/9s3GXDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZFY0Q0SXlnMXFNUXk4WkRfOHN3Zl9iTnhsdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzMvODYzYmEwLTA0NzYtNDNkNy04YmU3LTY2ZWRhMjI4ZmVjNy8x
L1FRVlpaY1gwM2plR2NqY1Y3eklJNWxXaDl6RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzMv
ODYzYmEwLTA0NzYtNDNkNy04YmU3LTY2ZWRhMjI4ZmVjNy8xL3ZFY0Q0SXlnMXFN
UXk4WkRfOHN3Zl9iTnhsdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEAFvYHgMEA6Qo8AMEArkYyAMEArk0
qAMEArl3DAMEBNmogDANBAIAAjAHAwUAKgINiDANBgkqhkiG9w0BAQsFAAOCAQEA
K9XhUaqdX8EiRmFXRK13h8pbtxs3Qs8NLHHh2ahYCu0mDQCHEGusiP/2lyHyRoF7
n6Wtv7n7HJ3xUSO+I+eCNJWILZUu8/6gy6iRheU74DzJYmvZHQ8x1UQuHp2etnur
GSLaxMUJWv+7Ckc5Bkky7sLM8gbvLvXIM8EpBTQ/78sy1Iy8hdjODTIvvNssNytG
YRWAV51ZCCXF9P8ddfvmm8eIcxhPEtcBUp4f70AXvMcUmN8AfFq7UF/CdiGGyJnd
X8fVVb28cj2aeDksrr8zMWKeHwsRtricYO2PlFkfwDoDO2y44lA9u4Ak3ppr+0MM
BnLxHNowyw5mgZdERWQWUQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:09 2024 by rpki-client on console-ams.rpki-client.org