Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/QHzQCrdDPpuWiPva1SKnFbWHZwo.roa
File: QHzQCrdDPpuWiPva1SKnFbWHZwo.roa (raw, json)
Hash identifier: MjlnWjhwkrfltCl4Q+ruRrJdx+f04eMJB8c2l4994VI=
Subject key identifier: 40:7C:D0:0A:B7:43:3E:9B:96:88:FB:DA:D5:22:A7:15:B5:87:67:0A
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01850A94AD8E893D70AFAA903ED4D56FFD2E
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/QHzQCrdDPpuWiPva1SKnFbWHZwo.roa
Signing time: Tue 13 Dec 2022 08:23:13 +0000
ROA not before: Tue 13 Dec 2022 08:23:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58057
IP address blocks: 45.136.136.0/22 maxlen: 24
94.177.122.0/24 maxlen: 24
194.50.94.0/24 maxlen: 24
85.202.203.0/24 maxlen: 24
194.50.92.0/24 maxlen: 24
194.50.111.0/24 maxlen: 24
45.12.69.0/24 maxlen: 24
45.12.68.0/22 maxlen: 24
139.28.96.0/22 maxlen: 24
31.42.183.0/24 maxlen: 24
2a0e:97c0:260::/44 maxlen: 44
2a0e:b107:1165::/48 maxlen: 48
2a0c:3b80::/29 maxlen: 48
2a0e:97c1:200::/40 maxlen: 48
2001:7f8:119::/48 maxlen: 48
2a10:cc46:1000::/36 maxlen: 48
2a0e:97c0:170::/48 maxlen: 48
2a0e:b107:9f2::/48 maxlen: 48
2a10:cc40:250::/44 maxlen: 48
2a0f:e404:102::/48 maxlen: 48
2a09:4c0::/29 maxlen: 64
2a0e:b107:1786::/48 maxlen: 48
2a0e:97c4:100::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:0a:94:ad:8e:89:3d:70:af:aa:90:3e:d4:d5:6f:fd:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Dec 13 08:23:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=407cd00ab7433e9b9688fbdad522a715b587670a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:40:e4:5d:dc:af:56:5d:fa:52:4e:16:7b:5b:
e5:1e:6c:68:1a:bd:bc:a3:a9:ca:22:3b:81:62:59:
fe:f4:69:6a:20:9d:77:a4:e4:5d:d8:7b:0d:7a:4e:
c8:5c:52:e3:3b:4c:bb:cb:36:4b:c0:e5:88:65:b5:
9e:15:99:49:d2:55:e7:47:ef:f8:c3:ff:cf:90:46:
39:55:bf:f9:74:15:bc:5a:fe:62:4f:c8:83:02:b4:
d4:64:7a:15:64:1e:40:b4:75:d2:c9:45:88:21:4e:
10:9b:c4:7f:6c:d7:7e:ef:d6:09:46:54:6b:90:08:
dd:07:e7:52:e3:85:d4:12:9f:4f:cf:4f:7d:b1:2d:
27:f2:c8:33:3e:53:b7:82:c5:3d:17:43:bf:88:70:
80:6f:51:5e:26:41:09:ae:67:3b:89:63:73:32:ef:
4d:44:bc:7f:e7:a6:d0:fb:22:21:2b:eb:4b:ed:56:
af:7a:19:c2:18:52:f5:4b:a2:5e:0b:d6:ac:4a:dd:
30:c7:f6:95:40:c4:fd:48:a0:12:08:91:43:0a:73:
be:df:83:c3:6a:67:66:43:58:61:e7:43:20:6b:fe:
ae:c1:d1:8e:70:11:23:b0:fb:03:8e:a1:f8:aa:f9:
45:ae:5d:01:96:15:12:a9:db:be:8a:c5:98:ed:74:
be:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:7C:D0:0A:B7:43:3E:9B:96:88:FB:DA:D5:22:A7:15:B5:87:67:0A
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/QHzQCrdDPpuWiPva1SKnFbWHZwo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.183.0/24
45.12.68.0/22
45.136.136.0/22
85.202.203.0/24
94.177.122.0/24
139.28.96.0/22
194.50.92.0/24
194.50.94.0/24
194.50.111.0/24
IPv6:
2001:7f8:119::/48
2a09:4c0::/29
2a0c:3b80::/29
2a0e:97c0:170::/48
2a0e:97c0:260::/44
2a0e:97c1:200::/40
2a0e:97c4:100::/44
2a0e:b107:9f2::/48
2a0e:b107:1165::/48
2a0e:b107:1786::/48
2a0f:e404:102::/48
2a10:cc40:250::/44
2a10:cc46:1000::/36
Signature Algorithm: sha256WithRSAEncryption
4b:74:bd:43:bf:64:c2:8f:cb:3f:3e:06:14:fd:50:4a:7a:5a:
2e:6f:c4:06:20:61:42:0b:78:c7:4b:02:be:cb:54:8a:2e:72:
13:97:0b:a1:c1:d1:bc:97:da:c3:c5:51:35:71:63:2c:97:5a:
e9:aa:b4:4c:34:7b:73:d5:77:77:1b:96:df:bd:db:f2:ff:37:
86:ac:3a:2b:52:21:0a:76:c1:cd:bf:9e:a1:49:2e:5f:25:ff:
5e:22:61:e7:25:c2:e7:7e:78:3f:d5:e8:e6:71:85:c3:e1:19:
8c:b7:bb:32:79:87:96:b1:26:57:c2:24:d3:29:cc:92:fd:40:
06:bf:0c:e2:ff:44:11:25:c8:8e:9e:00:2b:a1:4d:54:2b:9a:
bc:b7:6d:f1:3c:e2:75:b6:00:35:01:31:be:a6:87:8e:95:6f:
fb:27:89:d2:25:9c:6f:6a:22:eb:fd:c1:19:59:e2:d2:c8:c3:
7d:c3:24:73:28:15:91:cd:c8:54:f4:f2:cd:7f:c0:03:e8:cb:
58:bd:c2:c8:cc:c9:85:46:b3:18:42:a9:d3:2d:f6:fb:28:80:
f8:8b:2f:15:bc:89:9d:3d:cc:32:58:9b:2b:01:f1:df:d6:13:
27:51:15:8e:2d:a5:48:49:f4:bf:67:97:4a:e5:a0:d5:13:85:
2f:81:bb:ba
-----BEGIN CERTIFICATE-----
MIIFpzCCBI+gAwIBAgISAYUKlK2OiT1wr6qQPtTVb/0uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMjEzMDgyMzEzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDdjZDAwYWI3NDMzZTliOTY4OGZiZGFkNTIyYTcxNWI1ODc2NzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA20DkXdyvVl36Uk4We1vlHmxoGr28
o6nKIjuBYln+9GlqIJ13pORd2HsNek7IXFLjO0y7yzZLwOWIZbWeFZlJ0lXnR+/4
w//PkEY5Vb/5dBW8Wv5iT8iDArTUZHoVZB5AtHXSyUWIIU4Qm8R/bNd+79YJRlRr
kAjdB+dS44XUEp9Pz099sS0n8sgzPlO3gsU9F0O/iHCAb1FeJkEJrmc7iWNzMu9N
RLx/56bQ+yIhK+tL7VavehnCGFL1S6JeC9asSt0wx/aVQMT9SKASCJFDCnO+34PD
amdmQ1hh50Mga/6uwdGOcBEjsPsDjqH4qvlFrl0BlhUSqdu+isWY7XS+qQIDAQAB
o4ICszCCAq8wHQYDVR0OBBYEFEB80Aq3Qz6bloj72tUipxW1h2cKMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvUUh6UUNyZERQcHVXaVB2YTFTS25GYldIWndvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHIBggrBgEFBQcBBwEB/wSBuDCBtTA8BAIAATA2AwQAHyq3
AwQCLQxEAwQCLYiIAwQAVcrLAwQAXrF6AwQCixxgAwQAwjJcAwQAwjJeAwQAwjJv
MHUEAgACMG8DBwAgAQf4ARkDBQMqCQTAAwUDKgw7gAMHACoOl8ABcAMHBCoOl8AC
YAMGACoOl8ECAwcEKg6XxAEAAwcAKg6xBwnyAwcAKg6xBxFlAwcAKg6xBxeGAwcA
Kg/kBAECAwcEKhDMQAJQAwYEKhDMRhAwDQYJKoZIhvcNAQELBQADggEBAEt0vUO/
ZMKPyz8+BhT9UEp6Wi5vxAYgYUILeMdLAr7LVIouchOXC6HB0byX2sPFUTVxYyyX
WumqtEw0e3PVd3cblt+92/L/N4asOitSIQp2wc2/nqFJLl8l/14iYeclwud+eD/V
6OZxhcPhGYy3uzJ5h5axJlfCJNMpzJL9QAa/DOL/RBElyI6eACuhTVQrmry3bfE8
4nW2ADUBMb6mh46Vb/snidIlnG9qIuv9wRlZ4tLIw33DJHMoFZHNyFT08s1/wAPo
y1i9wsjMyYVGsxhCqdMt9vsogPiLLxW8iZ09zDJYmysB8d/WEydRFY4tpUhJ9L9n
l0rloNUThS+Bu7o=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:59 2023 by rpki-client on console-ams.rpki-client.org