Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/Qglowro7R68CcuqC3cL8bZ5Mj8I.roa
File: Qglowro7R68CcuqC3cL8bZ5Mj8I.roa (raw, json)
Hash identifier: EBBU3g1sw+uLiyLEdyUXC9S1mruoONFK0LJU5oQCLrM=
Subject key identifier: 42:09:68:C2:BA:3B:47:AF:02:72:EA:82:DD:C2:FC:6D:9E:4C:8F:C2
Certificate issuer: /CN=c64fa0ad8987149f05534724b45a2f4d5ebf475d
Certificate serial: 0183EA50423C62562F3ADFEF641C64DE509D
Authority key identifier: C6:4F:A0:AD:89:87:14:9F:05:53:47:24:B4:5A:2F:4D:5E:BF:47:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xk-grYmHFJ8FU0cktFovTV6_R10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/Qglowro7R68CcuqC3cL8bZ5Mj8I.roa
Signing time: Tue 18 Oct 2022 08:57:51 +0000
ROA not before: Tue 18 Oct 2022 08:57:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59645
IP address blocks: 193.104.168.0/24 maxlen: 24
195.191.196.0/23 maxlen: 24
2a06:d1c0:dead::/48 maxlen: 48
2a06:d1c0:deae::/48 maxlen: 48
2a06:d1c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ea:50:42:3c:62:56:2f:3a:df:ef:64:1c:64:de:50:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c64fa0ad8987149f05534724b45a2f4d5ebf475d
Validity
Not Before: Oct 18 08:57:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=420968c2ba3b47af0272ea82ddc2fc6d9e4c8fc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:cd:43:38:e7:0f:e5:c0:4e:b1:9a:b1:95:02:
39:5a:5b:05:d7:d8:f8:c1:fc:7e:65:7f:b7:24:4d:
f3:e9:aa:e1:6c:cb:08:db:68:4e:77:6c:a8:37:e0:
3b:a5:ca:8d:31:26:c0:d9:8e:ed:f4:39:a8:f7:ca:
fc:f4:cb:3d:a8:f0:be:b6:7d:19:4c:c5:59:5b:46:
66:78:4f:01:57:99:3c:52:81:66:c2:27:1e:a4:77:
95:0c:87:14:9e:a7:cd:9d:41:43:4f:8d:c2:39:0e:
15:73:c3:3b:0c:01:fb:e2:71:72:a4:13:f6:c2:b9:
26:e4:e3:11:8b:fb:55:a3:99:b2:f8:10:c0:a6:ac:
89:ef:6d:2a:58:1c:e0:c2:b6:52:2c:20:57:85:f1:
b9:fb:3e:b6:31:6f:bd:53:d6:91:ac:6c:7f:a6:fa:
9a:d8:c6:38:64:41:5c:52:93:26:bd:13:b4:d7:ef:
3c:35:a8:5a:09:43:be:1a:00:20:fc:9a:10:24:d9:
7b:a4:0d:3c:39:12:c3:72:3f:59:5b:9c:15:3a:b0:
c2:ca:16:7c:dd:f7:82:68:f1:19:89:9b:cb:10:6f:
2f:23:00:d6:27:a8:29:7d:e6:7f:62:79:90:15:c7:
d6:eb:42:e2:cf:b5:43:1f:0e:d2:82:27:62:d2:af:
e9:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:09:68:C2:BA:3B:47:AF:02:72:EA:82:DD:C2:FC:6D:9E:4C:8F:C2
X509v3 Authority Key Identifier:
keyid:C6:4F:A0:AD:89:87:14:9F:05:53:47:24:B4:5A:2F:4D:5E:BF:47:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xk-grYmHFJ8FU0cktFovTV6_R10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/Qglowro7R68CcuqC3cL8bZ5Mj8I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/xk-grYmHFJ8FU0cktFovTV6_R10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.104.168.0/24
195.191.196.0/23
IPv6:
2a06:d1c0::/29
Signature Algorithm: sha256WithRSAEncryption
1e:95:d9:12:fb:53:c7:53:28:6b:37:f9:cd:a6:0d:a0:13:3f:
43:81:17:ad:96:82:90:12:d6:51:d9:a3:15:0d:d1:e6:76:9a:
c6:f8:04:01:f3:36:d2:19:28:42:51:95:f0:9f:92:23:77:b0:
7a:fc:74:ec:46:24:91:a9:df:62:5d:3d:1d:b7:9a:52:ac:26:
a9:17:4e:6c:24:99:e2:a8:d4:92:82:c7:38:3a:ec:11:c3:c6:
64:ff:1d:35:f0:2b:83:b5:45:b9:92:91:72:f2:1d:62:65:d7:
fa:cc:9f:5a:5f:ba:52:8e:88:80:af:d9:43:f5:7b:c1:f4:5d:
dd:fb:35:f1:68:66:e1:e3:d5:e7:fb:0e:2d:8e:a3:4e:1d:fa:
0e:53:70:5e:f2:86:84:fb:d7:69:90:a7:0a:44:c1:c4:46:64:
c2:2b:dd:46:50:82:14:94:bd:05:3e:e2:3a:cd:c1:f5:13:b1:
ba:89:a0:72:70:db:15:46:87:36:3b:13:e8:a7:bc:6f:9a:38:
4b:96:b4:c6:d0:49:7d:87:b6:23:d1:2d:dd:86:b8:b2:67:1e:
0b:a2:23:4c:50:5b:a3:a3:48:67:70:b9:e0:41:bc:0f:3d:9e:
98:4e:e8:79:f2:8b:b4:4f:91:e2:35:8a:49:b4:3a:27:31:5b:
ae:5e:64:2a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYPqUEI8YlYvOt/vZBxk3lCdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NGZhMGFkODk4NzE0OWYwNTUzNDcyNGI0NWEyZjRkNWVi
ZjQ3NWQwHhcNMjIxMDE4MDg1NzUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjA5NjhjMmJhM2I0N2FmMDI3MmVhODJkZGMyZmM2ZDllNGM4ZmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjs1DOOcP5cBOsZqxlQI5WlsF19j4
wfx+ZX+3JE3z6arhbMsI22hOd2yoN+A7pcqNMSbA2Y7t9Dmo98r89Ms9qPC+tn0Z
TMVZW0ZmeE8BV5k8UoFmwicepHeVDIcUnqfNnUFDT43COQ4Vc8M7DAH74nFypBP2
wrkm5OMRi/tVo5my+BDApqyJ720qWBzgwrZSLCBXhfG5+z62MW+9U9aRrGx/pvqa
2MY4ZEFcUpMmvRO01+88NahaCUO+GgAg/JoQJNl7pA08ORLDcj9ZW5wVOrDCyhZ8
3feCaPEZiZvLEG8vIwDWJ6gpfeZ/YnmQFcfW60Liz7VDHw7Sgidi0q/ptwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEIJaMK6O0evAnLqgt3C/G2eTI/CMB8GA1UdIwQY
MBaAFMZPoK2JhxSfBVNHJLRaL01ev0ddMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGstZ3JZbUhGSjhGVTBja3RGb3ZUVjZfUjEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8yNDAxNWYtMDkxYy00YzVkLWI1YzEt
YmNmNzcwMjY5MzlkLzEvUWdsb3dybzdSNjhDY3VxQzNjTDhiWjVNajhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8yNDAxNWYtMDkxYy00YzVkLWI1YzEtYmNmNzcwMjY5Mzlk
LzEveGstZ3JZbUhGSjhGVTBja3RGb3ZUVjZfUjEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAwWioAwQB
w7/EMA0EAgACMAcDBQMqBtHAMA0GCSqGSIb3DQEBCwUAA4IBAQAeldkS+1PHUyhr
N/nNpg2gEz9DgRetloKQEtZR2aMVDdHmdprG+AQB8zbSGShCUZXwn5Ijd7B6/HTs
RiSRqd9iXT0dt5pSrCapF05sJJniqNSSgsc4OuwRw8Zk/x018CuDtUW5kpFy8h1i
Zdf6zJ9aX7pSjoiAr9lD9XvB9F3d+zXxaGbh49Xn+w4tjqNOHfoOU3Be8oaE+9dp
kKcKRMHERmTCK91GUIIUlL0FPuI6zcH1E7G6iaBycNsVRoc2OxPop7xvmjhLlrTG
0El9h7Yj0S3dhriyZx4LoiNMUFujo0hncLngQbwPPZ6YTuh58ou0T5HiNYpJtDon
MVuuXmQq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:36 2024 by rpki-client on console-fra.rpki-client.org