Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/67a32d-7bf8-4b04-aa05-80a91be83e4b/1/QCJyxtfucYDi08kkJPWTjKWon2o.roa
File: QCJyxtfucYDi08kkJPWTjKWon2o.roa (raw, json)
Hash identifier: 1eNUhC+19r1OYTANr2kHEeY7oyJ/KqhViVESxv50gqQ=
Subject key identifier: 40:22:72:C6:D7:EE:71:80:E2:D3:C9:24:24:F5:93:8C:A5:A8:9F:6A
Certificate issuer: /CN=2906f026b1fe636c9a5da011dc7fd69c581d02b8
Certificate serial: 06638828
Authority key identifier: 29:06:F0:26:B1:FE:63:6C:9A:5D:A0:11:DC:7F:D6:9C:58:1D:02:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQbwJrH-Y2yaXaAR3H_WnFgdArg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/67a32d-7bf8-4b04-aa05-80a91be83e4b/1/QCJyxtfucYDi08kkJPWTjKWon2o.roa
Signing time: Sat 01 Jan 2022 14:04:19 +0000
ROA not before: Sat 01 Jan 2022 14:04:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6279
IP address blocks: 37.17.184.0/24 maxlen: 24
37.17.186.0/24 maxlen: 24
37.17.189.0/24 maxlen: 24
37.17.188.0/24 maxlen: 24
37.17.191.0/24 maxlen: 24
37.17.190.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107186216 (0x6638828)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2906f026b1fe636c9a5da011dc7fd69c581d02b8
Validity
Not Before: Jan 1 14:04:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=402272c6d7ee7180e2d3c92424f5938ca5a89f6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:9a:ba:bb:20:f9:1f:1c:6e:04:63:af:9e:3e:
44:11:22:1a:44:d5:ee:24:fc:aa:e3:03:b6:e4:84:
04:d2:c2:89:fc:89:a8:a6:55:bb:cf:53:31:b4:0f:
66:33:5b:16:27:89:2f:a4:70:df:5d:82:4b:f7:48:
b9:fb:4c:7f:1f:46:97:c9:9c:aa:3f:e6:ef:6d:e9:
58:75:51:15:55:57:cd:13:55:65:fb:10:b6:03:8d:
3f:27:49:c8:3e:d5:e6:b1:fe:44:a8:5d:7d:5e:0a:
cd:8f:a8:f2:5e:8c:b6:d9:79:89:fa:de:0d:cc:1a:
22:5e:20:9d:3d:16:5e:a5:fa:8d:71:be:ff:0d:4b:
27:74:99:32:93:e9:dc:4a:75:36:70:c5:66:45:16:
7d:63:1a:67:39:fa:e7:25:ce:7f:2b:40:07:fe:35:
de:70:91:42:4c:c6:cf:c7:5b:09:c8:c2:78:68:11:
65:f0:31:6f:d0:a3:e5:59:80:f4:2b:e2:d3:40:eb:
ae:7d:5c:69:d2:64:4e:f1:78:4c:86:b4:87:f9:26:
29:e4:d6:d7:4f:0a:c6:78:e9:d9:f0:23:95:ae:50:
c0:3f:d7:79:c6:12:f1:ac:fc:e7:59:51:e8:c3:e1:
5f:95:5b:90:50:c2:2c:fb:57:e4:6d:00:7a:18:34:
d8:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:22:72:C6:D7:EE:71:80:E2:D3:C9:24:24:F5:93:8C:A5:A8:9F:6A
X509v3 Authority Key Identifier:
keyid:29:06:F0:26:B1:FE:63:6C:9A:5D:A0:11:DC:7F:D6:9C:58:1D:02:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQbwJrH-Y2yaXaAR3H_WnFgdArg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/67a32d-7bf8-4b04-aa05-80a91be83e4b/1/QCJyxtfucYDi08kkJPWTjKWon2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/67a32d-7bf8-4b04-aa05-80a91be83e4b/1/KQbwJrH-Y2yaXaAR3H_WnFgdArg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.17.184.0/24
37.17.186.0/24
37.17.188.0/22
Signature Algorithm: sha256WithRSAEncryption
dd:e0:55:b0:14:4c:ca:84:bb:55:c2:c1:a0:8e:04:42:04:4e:
eb:67:6c:f7:d3:e0:ec:0a:61:55:cf:8e:f3:2a:06:57:70:e6:
0e:73:79:3a:83:98:99:02:5d:8b:81:4f:8a:dc:c9:36:fc:58:
a9:0b:a0:0e:7a:72:ac:cb:b1:b4:06:af:a3:16:ad:a4:8d:83:
b1:02:b2:9b:7c:ec:9e:9d:b6:55:a4:c1:1f:82:45:f5:a5:b7:
bc:f0:0b:c7:9e:05:27:c5:17:d4:bc:89:ad:7f:84:b3:e1:37:
d9:38:ec:8b:4e:c7:c8:bc:eb:1c:50:ea:73:4e:7c:b6:f5:01:
88:7b:0a:3f:b3:3c:71:fa:2e:01:3e:54:34:43:9a:73:57:d0:
84:d9:a2:56:30:b9:84:15:de:9e:a1:c1:79:cb:33:21:56:e6:
82:9d:c6:04:13:ab:7d:1e:76:0e:f2:00:68:62:55:c5:30:81:
c6:69:b9:d5:0a:06:a7:4d:e6:d9:f3:a7:39:b3:8d:73:d2:5a:
bf:2d:75:26:dc:ef:37:6a:d8:c1:a0:26:ca:5b:60:b3:94:14:
4c:d6:09:ec:cb:ea:3a:fc:e4:69:74:79:08:74:b1:a4:be:de:
2d:9e:94:a3:16:b7:dc:ba:9b:f3:55:97:32:c0:58:e7:79:08:
2d:7e:25:7a
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEBmOIKDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OTA2ZjAyNmIxZmU2MzZjOWE1ZGEwMTFkYzdmZDY5YzU4MWQwMmI4MB4XDTIyMDEw
MTE0MDQxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDAyMjcyYzZkN2Vl
NzE4MGUyZDNjOTI0MjRmNTkzOGNhNWE4OWY2YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKeaursg+R8cbgRjr54+RBEiGkTV7iT8quMDtuSEBNLCifyJ
qKZVu89TMbQPZjNbFieJL6Rw312CS/dIuftMfx9Gl8mcqj/m723pWHVRFVVXzRNV
ZfsQtgONPydJyD7V5rH+RKhdfV4KzY+o8l6Mttl5ifreDcwaIl4gnT0WXqX6jXG+
/w1LJ3SZMpPp3Ep1NnDFZkUWfWMaZzn65yXOfytAB/413nCRQkzGz8dbCcjCeGgR
ZfAxb9Cj5VmA9Cvi00Drrn1cadJkTvF4TIa0h/kmKeTW108Kxnjp2fAjla5QwD/X
ecYS8az851lR6MPhX5VbkFDCLPtX5G0Aehg02OcCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBRAInLG1+5xgOLTySQk9ZOMpaifajAfBgNVHSMEGDAWgBQpBvAmsf5jbJpd
oBHcf9acWB0CuDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tRYndKckgtWTJ5YVhhQVIzSF9XbkZnZEFyZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2MvNjdhMzJkLTdiZjgtNGIwNC1hYTA1LTgwYTkxYmU4M2U0Yi8x
L1FDSnl4dGZ1Y1lEaTA4a2tKUFdUaktXb24yby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Mv
NjdhMzJkLTdiZjgtNGIwNC1hYTA1LTgwYTkxYmU4M2U0Yi8xL0tRYndKckgtWTJ5
YVhhQVIzSF9XbkZnZEFyZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEACURuAMEACURugMEAiURvDANBgkq
hkiG9w0BAQsFAAOCAQEA3eBVsBRMyoS7VcLBoI4EQgRO62ds99Pg7AphVc+O8yoG
V3DmDnN5OoOYmQJdi4FPitzJNvxYqQugDnpyrMuxtAavoxatpI2DsQKym3zsnp22
VaTBH4JF9aW3vPALx54FJ8UX1LyJrX+Es+E32Tjsi07HyLzrHFDqc058tvUBiHsK
P7M8cfouAT5UNEOac1fQhNmiVjC5hBXenqHBecszIVbmgp3GBBOrfR52DvIAaGJV
xTCBxmm51QoGp03m2fOnObONc9Javy11JtzvN2rYwaAmyltgs5QUTNYJ7MvqOvzk
aXR5CHSxpL7eLZ6Uoxa33Lqb81WXMsBY53kILX4leg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:12 2024 by rpki-client on console-ams.rpki-client.org