Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/Q-GB4pxLYYfOqPCmlG94cxhcFjo.roa
File: Q-GB4pxLYYfOqPCmlG94cxhcFjo.roa (raw, json)
Hash identifier: 0C4B1xHiuKit+m60DgoFPjRxAmn9BRJLcHIDQ8Bz6WQ=
Subject key identifier: 43:E1:81:E2:9C:4B:61:87:CE:A8:F0:A6:94:6F:78:73:18:5C:16:3A
Certificate issuer: /CN=95b30111b0b720a209f788c8b90f60380b465c2e
Certificate serial: 0183F5081A2EBCB59F3A76FE5BD132C8197A
Authority key identifier: 95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/Q-GB4pxLYYfOqPCmlG94cxhcFjo.roa
Signing time: Thu 20 Oct 2022 10:54:52 +0000
ROA not before: Thu 20 Oct 2022 10:54:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34471
IP address blocks: 176.56.64.0/19 maxlen: 24
185.5.84.0/22 maxlen: 24
193.246.154.0/24 maxlen: 24
193.246.156.0/23 maxlen: 24
193.246.155.0/24 maxlen: 24
89.40.84.0/22 maxlen: 24
185.176.104.0/22 maxlen: 24
46.28.160.0/24 maxlen: 24
31.25.176.0/21 maxlen: 24
185.176.107.0/24 maxlen: 24
91.242.148.0/22 maxlen: 24
109.235.16.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f5:08:1a:2e:bc:b5:9f:3a:76:fe:5b:d1:32:c8:19:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95b30111b0b720a209f788c8b90f60380b465c2e
Validity
Not Before: Oct 20 10:54:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=43e181e29c4b6187cea8f0a6946f7873185c163a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:f6:ca:e1:3d:60:2a:c2:af:31:d3:6f:f9:d8:
50:1b:6d:ba:30:a9:59:d4:09:7d:bd:30:b1:41:63:
60:4d:26:b2:61:26:3e:20:6c:85:15:1e:a3:51:81:
cb:94:0c:6d:17:82:68:4c:cb:f9:f5:50:3c:69:3f:
9c:a6:31:ff:f6:b7:b4:b2:7b:fc:a3:db:92:eb:59:
fa:e4:ba:17:64:fc:b4:17:49:c0:aa:2a:f8:22:ec:
cb:95:37:10:5f:89:a0:a8:6f:ff:d2:86:49:45:ea:
74:cb:92:3b:97:e8:88:8a:4c:ce:ac:7a:6f:c6:ba:
81:27:0e:6f:ff:63:34:79:50:bb:00:12:d1:23:21:
58:7a:90:c1:fd:75:12:2d:5b:c3:5d:17:a4:74:35:
c2:bb:1b:20:ad:7b:8a:6d:ca:db:91:b2:14:61:48:
72:74:c6:77:28:e9:d5:bc:a5:2f:3c:3f:c8:a0:3b:
bd:60:e6:2e:0d:e4:ec:22:9d:4e:6f:9f:e3:9c:2e:
36:d6:58:95:43:36:b5:8e:68:d8:17:9c:32:70:90:
66:cf:42:2d:82:2f:1a:80:a2:ba:22:8c:ac:9d:ff:
ad:e4:97:2f:9b:2b:95:a1:50:8f:35:ff:67:f4:25:
30:f7:4a:b3:74:af:26:cc:e3:4a:03:e3:d4:89:8d:
48:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:E1:81:E2:9C:4B:61:87:CE:A8:F0:A6:94:6F:78:73:18:5C:16:3A
X509v3 Authority Key Identifier:
keyid:95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/Q-GB4pxLYYfOqPCmlG94cxhcFjo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.176.0/21
46.28.160.0/24
89.40.84.0/22
91.242.148.0/22
109.235.16.0/21
176.56.64.0/19
185.5.84.0/22
185.176.104.0/22
193.246.154.0-193.246.157.255
Signature Algorithm: sha256WithRSAEncryption
5d:3d:0a:c6:b6:f3:73:97:cf:0d:e3:c8:49:11:9b:53:b9:95:
57:97:d1:8d:6d:02:de:ca:87:a6:16:ed:e9:47:84:a3:8a:ca:
c7:35:c0:fd:43:60:9a:4c:96:53:15:6d:6f:1a:9c:3c:d1:90:
fd:ff:a0:56:7d:f7:04:27:cf:e0:70:5d:ee:2d:26:bf:23:02:
e0:df:68:45:50:43:11:69:c6:21:5d:28:90:f7:d4:b3:81:90:
21:9a:c5:4e:c1:f2:f5:da:f5:12:bf:98:e0:20:aa:f7:e6:36:
c7:da:47:da:b3:b8:d1:9e:f3:f0:59:bc:57:0e:86:a7:f5:c3:
dc:d0:6f:30:6c:d0:2c:cf:c6:e0:e8:42:0e:32:10:e3:59:54:
8f:20:94:72:38:ec:76:82:8e:26:f8:f1:ae:ca:e8:e3:33:dc:
a5:32:19:01:52:6e:db:f0:2f:49:40:da:d7:ba:00:65:d4:29:
17:42:a6:51:21:5d:03:2d:c2:67:da:c4:2e:6d:47:39:d0:0e:
b8:11:98:6e:44:0e:53:05:de:01:56:69:5f:86:8c:bd:cd:03:
99:ed:de:0c:a9:52:37:c5:a1:aa:7e:34:8d:9e:2d:da:7f:a4:
48:86:01:96:4f:28:94:ee:00:bc:ac:20:e3:83:ce:85:ee:b9:
0f:0f:21:4c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYP1CBouvLWfOnb+W9EyyBl6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YjMwMTExYjBiNzIwYTIwOWY3ODhjOGI5MGY2MDM4MGI0
NjVjMmUwHhcNMjIxMDIwMTA1NDUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2UxODFlMjljNGI2MTg3Y2VhOGYwYTY5NDZmNzg3MzE4NWMxNjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlfbK4T1gKsKvMdNv+dhQG226MKlZ
1Al9vTCxQWNgTSayYSY+IGyFFR6jUYHLlAxtF4JoTMv59VA8aT+cpjH/9re0snv8
o9uS61n65LoXZPy0F0nAqir4IuzLlTcQX4mgqG//0oZJRep0y5I7l+iIikzOrHpv
xrqBJw5v/2M0eVC7ABLRIyFYepDB/XUSLVvDXRekdDXCuxsgrXuKbcrbkbIUYUhy
dMZ3KOnVvKUvPD/IoDu9YOYuDeTsIp1Ob5/jnC421liVQza1jmjYF5wycJBmz0It
gi8agKK6Ioysnf+t5JcvmyuVoVCPNf9n9CUw90qzdK8mzONKA+PUiY1IZwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFEPhgeKcS2GHzqjwppRveHMYXBY6MB8GA1UdIwQY
MBaAFJWzARGwtyCiCfeIyLkPYDgLRlwuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmIt
OTE2NDZiZjAxNTNkLzEvUS1HQjRweExZWWZPcVBDbWxHOTRjeGhjRmpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmItOTE2NDZiZjAxNTNk
LzEvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQDHxmwAwQA
LhygAwQCWShUAwQCW/KUAwQDbesQAwQFsDhAAwQCuQVUAwQCubBoMAwDBAHB9poD
BAHB9pwwDQYJKoZIhvcNAQELBQADggEBAF09Csa283OXzw3jyEkRm1O5lVeX0Y1t
At7Kh6YW7elHhKOKysc1wP1DYJpMllMVbW8anDzRkP3/oFZ99wQnz+BwXe4tJr8j
AuDfaEVQQxFpxiFdKJD31LOBkCGaxU7B8vXa9RK/mOAgqvfmNsfaR9qzuNGe8/BZ
vFcOhqf1w9zQbzBs0CzPxuDoQg4yEONZVI8glHI47HaCjib48a7K6OMz3KUyGQFS
btvwL0lA2te6AGXUKRdCplEhXQMtwmfaxC5tRznQDrgRmG5EDlMF3gFWaV+GjL3N
A5nt3gypUjfFoap+NI2eLdp/pEiGAZZPKJTuALysIOODzoXuuQ8PIUw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:18 2024 by rpki-client on console-fra.rpki-client.org