Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/QtHf7HkaGsCby6Xdevlun9q6qBQ.roa
File: QtHf7HkaGsCby6Xdevlun9q6qBQ.roa (raw, json)
Hash identifier: qr4d5grgxhgmS45WxJpe/4d4PLpupGQBZOsZasfy1dA=
Subject key identifier: 42:D1:DF:EC:79:1A:1A:C0:9B:CB:A5:DD:7A:F9:6E:9F:DA:BA:A8:14
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 01855EC009B502EAD44BCD9C21802C0FA1F1
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/QtHf7HkaGsCby6Xdevlun9q6qBQ.roa
Signing time: Thu 29 Dec 2022 16:38:41 +0000
ROA not before: Thu 29 Dec 2022 16:38:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 5.105.138.0/23 maxlen: 24
5.105.142.0/23 maxlen: 24
5.105.164.0/23 maxlen: 24
91.200.212.0/22 maxlen: 24
5.105.68.0/23 maxlen: 24
5.105.94.0/23 maxlen: 24
5.105.112.0/23 maxlen: 24
5.105.114.0/23 maxlen: 24
5.105.29.0/24 maxlen: 24
5.105.248.0/23 maxlen: 24
5.105.186.0/23 maxlen: 24
5.105.198.0/23 maxlen: 24
5.105.206.0/23 maxlen: 24
5.105.202.0/23 maxlen: 24
85.255.176.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:5e:c0:09:b5:02:ea:d4:4b:cd:9c:21:80:2c:0f:a1:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Dec 29 16:38:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=42d1dfec791a1ac09bcba5dd7af96e9fdabaa814
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:46:74:e6:63:fa:28:3a:be:ae:f6:dc:db:91:
86:88:ee:5b:44:63:c1:9d:78:9d:94:92:ae:a8:1f:
5d:66:63:2b:c1:b3:67:0f:a9:39:6c:16:78:24:0b:
38:d4:cf:cf:4d:fb:88:87:d5:8e:ae:a5:c2:74:12:
b8:16:90:a5:94:fc:0c:e8:ea:44:4c:c9:8d:fa:0d:
1c:ec:d4:a5:82:f9:8d:0e:db:34:b4:35:ab:79:71:
3d:a8:06:36:d0:f9:cf:95:3d:58:03:1c:cd:51:c7:
b3:c0:44:a2:d9:a7:b5:41:a5:99:1d:9d:36:ea:0f:
aa:75:13:00:56:73:ec:28:d3:a7:ab:62:d6:73:17:
33:01:4a:94:a2:a3:39:ea:5b:ae:a6:9d:7a:28:ae:
a4:88:67:8c:2c:12:2c:ee:00:10:2a:c5:a7:67:d5:
f7:6a:4f:46:87:76:1e:61:2f:7e:a5:a8:c2:0c:16:
0b:07:67:a9:96:9c:8a:b4:2c:40:1d:82:e3:bb:ff:
1f:59:8f:d4:9c:47:a0:98:1e:f1:16:71:ac:7a:52:
58:43:40:79:9c:8b:92:5b:68:bf:dc:25:6c:a0:12:
17:8e:0b:3b:c1:99:60:b1:6a:b6:19:2d:08:78:58:
e9:46:b7:a2:4d:a3:a4:0d:74:66:07:b0:d8:6e:85:
60:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:D1:DF:EC:79:1A:1A:C0:9B:CB:A5:DD:7A:F9:6E:9F:DA:BA:A8:14
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/QtHf7HkaGsCby6Xdevlun9q6qBQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.29.0/24
5.105.68.0/23
5.105.94.0/23
5.105.112.0/22
5.105.138.0/23
5.105.142.0/23
5.105.164.0/23
5.105.186.0/23
5.105.198.0/23
5.105.202.0/23
5.105.206.0/23
5.105.248.0/23
85.255.176.0/21
91.200.212.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:12:06:b9:d5:45:28:f4:f2:f6:e5:60:a2:d2:d4:ed:b2:27:
e9:d5:f5:6c:f0:c3:4c:be:e6:d6:99:82:6a:44:2d:4f:37:f1:
b2:23:e3:31:ab:e3:61:97:f7:4b:95:41:62:4a:9b:fa:11:7c:
19:ec:a0:73:c8:68:c7:57:af:84:5a:55:57:36:0f:4f:90:7a:
22:1c:6f:21:df:19:04:25:18:53:4d:39:95:05:a8:73:ce:e3:
66:ae:e9:ae:a7:4f:4c:d6:fc:c1:97:c7:80:6c:e4:1e:3d:f8:
c3:db:e2:dd:76:ab:82:35:2a:94:08:e7:b7:c7:43:a1:51:ae:
42:35:05:2a:3d:9b:27:da:77:a5:5f:8c:da:f5:8e:61:8d:10:
55:a3:84:61:13:c9:86:7e:d9:03:b0:ac:fe:e8:1e:1b:27:51:
26:bd:f7:93:91:7d:b1:12:61:8c:29:ae:e1:2c:61:03:ba:8c:
a1:ad:c5:65:11:1f:a8:18:2d:14:d0:a3:bc:ab:3b:63:54:31:
ca:9f:32:ff:07:53:90:27:8a:62:f6:be:e3:70:b8:3a:61:2c:
a7:06:d7:c2:60:c9:0e:88:90:6c:c6:fb:b4:cc:45:b9:50:bb:
6c:e8:85:9a:23:f0:aa:04:9f:de:8a:5d:8f:c1:be:5e:01:ec:
e8:d2:1d:c3
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYVewAm1AurUS82cIYAsD6HxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjIxMjI5MTYzODQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmQxZGZlYzc5MWExYWMwOWJjYmE1ZGQ3YWY5NmU5ZmRhYmFhODE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0Z05mP6KDq+rvbc25GGiO5bRGPB
nXidlJKuqB9dZmMrwbNnD6k5bBZ4JAs41M/PTfuIh9WOrqXCdBK4FpCllPwM6OpE
TMmN+g0c7NSlgvmNDts0tDWreXE9qAY20PnPlT1YAxzNUcezwESi2ae1QaWZHZ02
6g+qdRMAVnPsKNOnq2LWcxczAUqUoqM56luupp16KK6kiGeMLBIs7gAQKsWnZ9X3
ak9Gh3YeYS9+pajCDBYLB2eplpyKtCxAHYLju/8fWY/UnEegmB7xFnGselJYQ0B5
nIuSW2i/3CVsoBIXjgs7wZlgsWq2GS0IeFjpRreiTaOkDXRmB7DYboVgLQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFELR3+x5GhrAm8ul3Xr5bp/auqgUMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvUXRIZjdIa2FHc0NieTZYZGV2bHVuOXE2cUJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQABWkdAwQB
BWlEAwQBBWleAwQCBWlwAwQBBWmKAwQBBWmOAwQBBWmkAwQBBWm6AwQBBWnGAwQB
BWnKAwQBBWnOAwQBBWn4AwQDVf+wAwQCW8jUMA0GCSqGSIb3DQEBCwUAA4IBAQAc
Ega51UUo9PL25WCi0tTtsifp1fVs8MNMvubWmYJqRC1PN/GyI+Mxq+Nhl/dLlUFi
Spv6EXwZ7KBzyGjHV6+EWlVXNg9PkHoiHG8h3xkEJRhTTTmVBahzzuNmrumup09M
1vzBl8eAbOQePfjD2+LddquCNSqUCOe3x0OhUa5CNQUqPZsn2nelX4za9Y5hjRBV
o4RhE8mGftkDsKz+6B4bJ1EmvfeTkX2xEmGMKa7hLGEDuoyhrcVlER+oGC0U0KO8
qztjVDHKnzL/B1OQJ4pi9r7jcLg6YSynBtfCYMkOiJBsxvu0zEW5ULts6IWaI/Cq
BJ/eil2Pwb5eAezo0h3D
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:17 2023 by rpki-client on console-fra.rpki-client.org