Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/76e3b3-ab55-4ac9-bb28-a4f333654cc9/1/QpSQwk-XzQvcmjJ_-0lvB4G7M4s.roa
File: QpSQwk-XzQvcmjJ_-0lvB4G7M4s.roa (raw, json)
Hash identifier: AuHhl1e9wSSHN2QEK8lyE50ExWZTxGhzFkXOjESj5SQ=
Subject key identifier: 42:94:90:C2:4F:97:CD:0B:DC:9A:32:7F:FB:49:6F:07:81:BB:33:8B
Certificate issuer: /CN=de52fee9542d63a68e49b2c8ed7838f8a0346b08
Certificate serial: AC44
Authority key identifier: DE:52:FE:E9:54:2D:63:A6:8E:49:B2:C8:ED:78:38:F8:A0:34:6B:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3lL-6VQtY6aOSbLI7Xg4-KA0awg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/76e3b3-ab55-4ac9-bb28-a4f333654cc9/1/QpSQwk-XzQvcmjJ_-0lvB4G7M4s.roa
Signing time: Thu 31 Mar 2022 11:15:44 +0000
ROA not before: Thu 31 Mar 2022 11:15:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202440
IP address blocks: 194.11.84.0/22 maxlen: 22
194.11.84.0/23 maxlen: 23
194.11.84.0/24 maxlen: 24
194.11.85.0/24 maxlen: 24
194.11.87.0/24 maxlen: 24
194.11.86.0/24 maxlen: 24
194.11.86.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44100 (0xac44)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de52fee9542d63a68e49b2c8ed7838f8a0346b08
Validity
Not Before: Mar 31 11:15:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=429490c24f97cd0bdc9a327ffb496f0781bb338b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:a8:1a:39:1c:09:97:5a:b3:90:82:11:b7:2b:
6c:56:69:be:f9:05:9a:ee:82:84:4c:20:b2:c7:65:
1f:52:24:a3:64:9f:75:41:c5:d8:fa:e8:04:cd:eb:
13:9d:cf:f4:9c:e2:58:fa:b1:88:69:9e:bb:4f:8e:
f4:1d:91:aa:15:e8:fb:b2:e8:07:47:60:dc:4e:20:
c8:89:db:15:9f:87:68:88:f9:e0:05:a8:16:53:ce:
be:ef:00:b0:ee:01:e7:7c:e8:89:1d:b8:8a:65:57:
e0:c2:00:af:5d:db:79:4a:9f:90:7d:3e:f2:67:87:
7b:1c:cb:93:6d:84:31:5b:7d:7b:7b:c9:79:18:8d:
4d:32:e2:b6:58:40:00:6b:b3:88:c4:e4:f2:3d:db:
34:34:42:79:65:04:69:de:37:9d:16:ba:23:fc:cd:
c4:61:96:17:f3:91:b2:42:99:ac:d0:d0:3a:97:1e:
d9:1b:74:d7:62:14:17:fe:f8:27:0c:d5:86:dc:b0:
bb:a4:ee:b2:53:70:6a:68:97:49:2a:b9:45:f1:49:
5c:dd:a8:e7:15:24:d6:25:21:89:a1:c2:7a:88:ca:
58:32:12:8c:3a:32:4c:7c:d1:0d:e9:da:50:42:6b:
5f:db:e1:06:4f:7e:c1:f7:8c:6f:9f:bb:90:7b:3a:
cb:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:94:90:C2:4F:97:CD:0B:DC:9A:32:7F:FB:49:6F:07:81:BB:33:8B
X509v3 Authority Key Identifier:
keyid:DE:52:FE:E9:54:2D:63:A6:8E:49:B2:C8:ED:78:38:F8:A0:34:6B:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3lL-6VQtY6aOSbLI7Xg4-KA0awg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/76e3b3-ab55-4ac9-bb28-a4f333654cc9/1/QpSQwk-XzQvcmjJ_-0lvB4G7M4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/76e3b3-ab55-4ac9-bb28-a4f333654cc9/1/3lL-6VQtY6aOSbLI7Xg4-KA0awg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.11.84.0/22
Signature Algorithm: sha256WithRSAEncryption
29:53:6b:00:b3:8e:d2:c0:fd:e6:fe:de:61:d5:24:76:9c:c5:
6b:d3:bc:b7:b0:76:0a:71:f8:65:ff:bc:54:77:5a:4d:4e:50:
8f:5c:82:b8:14:48:5a:6d:89:0f:b2:49:66:1b:f7:64:c5:36:
8a:48:e6:67:01:7d:ea:1d:80:1c:00:5e:80:1b:0c:95:36:2c:
4e:b0:10:f8:39:1f:40:e7:2b:2f:9c:af:48:ef:26:31:2c:6e:
e0:a1:a4:ab:ce:16:f9:f8:aa:a7:5b:31:74:e9:a9:ae:e1:23:
ca:63:b4:76:10:37:c2:4a:11:3a:16:52:1f:de:9e:4b:df:2b:
f9:13:71:79:2e:41:f9:7d:36:af:78:69:52:e8:a7:6e:12:73:
72:e0:79:b6:1d:0e:8b:16:9a:c9:00:32:f1:86:16:1a:6f:c0:
bd:09:bc:0e:d4:a6:67:29:85:09:4e:11:70:19:dd:31:9f:a2:
16:39:0b:43:02:58:f4:05:9d:58:3b:34:a8:9f:15:6a:16:b0:
59:36:46:49:19:9c:86:7c:d1:a7:a1:cf:ae:26:4c:0e:84:f4:
6d:d1:ba:a2:cf:85:41:3f:96:39:c2:18:4b:f1:07:47:e8:4e:
64:73:ab:de:a5:18:17:65:87:84:36:16:48:91:d8:30:a5:c7:
de:88:70:75
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAKxEMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGRl
NTJmZWU5NTQyZDYzYTY4ZTQ5YjJjOGVkNzgzOGY4YTAzNDZiMDgwHhcNMjIwMzMx
MTExNTQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg0Mjk0OTBjMjRmOTdj
ZDBiZGM5YTMyN2ZmYjQ5NmYwNzgxYmIzMzhiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA+6gaORwJl1qzkIIRtytsVmm++QWa7oKETCCyx2UfUiSjZJ91
QcXY+ugEzesTnc/0nOJY+rGIaZ67T470HZGqFej7sugHR2DcTiDIidsVn4doiPng
BagWU86+7wCw7gHnfOiJHbiKZVfgwgCvXdt5Sp+QfT7yZ4d7HMuTbYQxW317e8l5
GI1NMuK2WEAAa7OIxOTyPds0NEJ5ZQRp3jedFroj/M3EYZYX85GyQpms0NA6lx7Z
G3TXYhQX/vgnDNWG3LC7pO6yU3BqaJdJKrlF8Ulc3ajnFSTWJSGJocJ6iMpYMhKM
OjJMfNEN6dpQQmtf2+EGT37B94xvn7uQezrLewIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFEKUkMJPl80L3Joyf/tJbweBuzOLMB8GA1UdIwQYMBaAFN5S/ulULWOmjkmy
yO14OPigNGsIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
M2xMLTZWUXRZNmFPU2JMSTdYZzQtS0EwYXdnLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC80MC83NmUzYjMtYWI1NS00YWM5LWJiMjgtYTRmMzMzNjU0Y2M5LzEv
UXBTUXdrLVh6UXZjbWpKXy0wbHZCNEc3TTRzLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC83
NmUzYjMtYWI1NS00YWM5LWJiMjgtYTRmMzMzNjU0Y2M5LzEvM2xMLTZWUXRZNmFP
U2JMSTdYZzQtS0EwYXdnLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwgtUMA0GCSqGSIb3DQEBCwUAA4IB
AQApU2sAs47SwP3m/t5h1SR2nMVr07y3sHYKcfhl/7xUd1pNTlCPXIK4FEhabYkP
sklmG/dkxTaKSOZnAX3qHYAcAF6AGwyVNixOsBD4OR9A5ysvnK9I7yYxLG7goaSr
zhb5+KqnWzF06amu4SPKY7R2EDfCShE6FlIf3p5L3yv5E3F5LkH5fTaveGlS6Kdu
EnNy4Hm2HQ6LFprJADLxhhYab8C9CbwO1KZnKYUJThFwGd0xn6IWOQtDAlj0BZ1Y
OzSonxVqFrBZNkZJGZyGfNGnoc+uJkwOhPRt0bqiz4VBP5Y5whhL8QdH6E5kc6ve
pRgXZYeENhZIkdgwpcfeiHB1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:49 2024 by rpki-client on console-fra.rpki-client.org