Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/QBtN88pDtZR0CR4Yc-f1Ne_F-g8.roa
File: QBtN88pDtZR0CR4Yc-f1Ne_F-g8.roa (raw, json)
Hash identifier: /axZtwybuicsC3hw3ohwiSg6xmFmv/bqlyY+/39nkCo=
Subject key identifier: 40:1B:4D:F3:CA:43:B5:94:74:09:1E:18:73:E7:F5:35:EF:C5:FA:0F
Certificate issuer: /CN=38a0c8826c18bcd513aaa7e52081ff9fd37919fb
Certificate serial: 05704952
Authority key identifier: 38:A0:C8:82:6C:18:BC:D5:13:AA:A7:E5:20:81:FF:9F:D3:79:19:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKDIgmwYvNUTqqflIIH_n9N5Gfs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/QBtN88pDtZR0CR4Yc-f1Ne_F-g8.roa
Signing time: Sat 01 Jan 2022 07:02:40 +0000
ROA not before: Sat 01 Jan 2022 07:02:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206853
IP address blocks: 192.33.163.0/24 maxlen: 24
188.127.252.0/24 maxlen: 24
192.35.205.0/24 maxlen: 24
176.110.105.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91244882 (0x5704952)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38a0c8826c18bcd513aaa7e52081ff9fd37919fb
Validity
Not Before: Jan 1 07:02:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=401b4df3ca43b59474091e1873e7f535efc5fa0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:31:83:35:c4:2d:78:f9:53:65:d9:be:3a:24:
d1:5a:2b:c0:f1:ee:25:d5:5b:50:03:3b:d9:82:94:
39:9c:f0:47:06:c2:ec:94:c1:4c:c3:14:20:77:75:
15:3a:b1:4e:bc:5d:44:fb:f4:c8:15:b2:bc:0f:18:
87:e5:ad:12:b7:3e:ab:7b:0f:50:cc:b4:5e:be:e6:
0a:d3:61:9f:bc:e6:a2:b9:82:81:06:14:32:ec:c2:
04:7c:9a:10:72:67:fc:15:66:f4:b4:2c:51:e7:2e:
b8:1f:88:72:1b:ca:d3:46:cd:ee:da:a6:4c:7d:16:
4b:65:6b:01:a7:44:55:f5:39:a4:bd:0b:1b:3d:bc:
79:6f:83:be:eb:22:7f:a0:43:65:df:b0:bd:d2:63:
d2:d2:6a:f4:be:92:cf:cf:91:c3:ea:ee:3a:d1:89:
e6:dd:52:ad:b1:1e:56:b8:6f:b8:5c:eb:a1:f6:db:
47:e3:f4:82:56:8c:80:2a:d7:d2:af:d0:96:b2:0d:
08:1a:8f:0a:b4:40:85:a8:ef:d8:6f:8e:02:dd:f2:
6d:4e:d2:b2:1e:7a:1b:1a:cb:61:8d:3b:49:bd:c5:
cc:69:13:0d:ce:ba:93:b3:70:31:14:6f:d1:cf:9c:
4a:6b:f3:35:af:52:f0:36:8c:47:d5:dd:17:c3:2d:
5e:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:1B:4D:F3:CA:43:B5:94:74:09:1E:18:73:E7:F5:35:EF:C5:FA:0F
X509v3 Authority Key Identifier:
keyid:38:A0:C8:82:6C:18:BC:D5:13:AA:A7:E5:20:81:FF:9F:D3:79:19:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKDIgmwYvNUTqqflIIH_n9N5Gfs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/QBtN88pDtZR0CR4Yc-f1Ne_F-g8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.110.105.0/24
188.127.252.0/24
192.33.163.0/24
192.35.205.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:44:aa:94:26:50:ed:33:77:48:3f:7a:27:5a:0c:79:57:7b:
a7:7b:a0:1f:3c:a6:86:19:25:3a:47:58:78:d9:b0:6d:83:d6:
1d:9a:be:fc:d3:09:d5:77:ed:c0:93:5d:64:50:20:d1:6e:df:
fe:1a:fa:50:ec:cd:e4:1d:37:65:7f:9d:d5:ed:d4:d7:f1:88:
37:69:8b:db:fb:f1:14:b7:cc:be:e9:9f:a2:77:f3:4e:f8:87:
06:65:a5:45:d1:cb:4c:99:4b:81:0b:e6:4d:b4:48:a7:73:9e:
96:c4:bb:a9:4a:82:48:c1:16:65:76:9f:00:38:5a:d2:f8:e2:
ac:b3:b4:54:31:79:53:21:12:ec:09:f8:69:33:7b:79:c7:5a:
f0:1a:84:5a:25:25:e4:bd:19:3a:bd:ee:0a:bb:d1:88:fb:98:
77:09:ba:9d:20:5e:be:b8:09:a3:ee:0b:58:7e:0c:55:56:16:
ea:e7:ba:c0:82:72:e8:fa:3d:9a:ff:bc:54:95:28:9c:d1:6e:
4a:52:aa:7e:14:8a:69:dc:71:bb:c1:bd:69:a7:a3:03:a9:83:
48:56:52:a4:cf:73:78:93:6f:58:e4:44:ff:b4:56:ce:eb:7c:
4e:4d:60:ed:ee:13:eb:6d:b6:4c:83:02:be:de:57:7d:c6:7b:
9a:ce:2b:58
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEBXBJUjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
OGEwYzg4MjZjMThiY2Q1MTNhYWE3ZTUyMDgxZmY5ZmQzNzkxOWZiMB4XDTIyMDEw
MTA3MDI0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDAxYjRkZjNjYTQz
YjU5NDc0MDkxZTE4NzNlN2Y1MzVlZmM1ZmEwZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI4xgzXELXj5U2XZvjok0VorwPHuJdVbUAM72YKUOZzwRwbC
7JTBTMMUIHd1FTqxTrxdRPv0yBWyvA8Yh+WtErc+q3sPUMy0Xr7mCtNhn7zmormC
gQYUMuzCBHyaEHJn/BVm9LQsUecuuB+IchvK00bN7tqmTH0WS2VrAadEVfU5pL0L
Gz28eW+Dvusif6BDZd+wvdJj0tJq9L6Sz8+Rw+ruOtGJ5t1SrbEeVrhvuFzrofbb
R+P0glaMgCrX0q/QlrINCBqPCrRAhajv2G+OAt3ybU7Ssh56GxrLYY07Sb3FzGkT
Dc66k7NwMRRv0c+cSmvzNa9S8DaMR9XdF8MtXrkCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBRAG03zykO1lHQJHhhz5/U178X6DzAfBgNVHSMEGDAWgBQ4oMiCbBi81ROq
p+Uggf+f03kZ+zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09LRElnbXdZdk5VVHFxZmxJSUhfbjlONUdmcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWYvMjk2MzhiLTEyY2EtNDllZi05NGU5LTA1MDJhNmE1NGFhYi8x
L1FCdE44OHBEdFpSMENSNFljLWYxTmVfRi1nOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWYv
Mjk2MzhiLTEyY2EtNDllZi05NGU5LTA1MDJhNmE1NGFhYi8xL09LRElnbXdZdk5V
VHFxZmxJSUhfbjlONUdmcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEALBuaQMEALx//AMEAMAhowMEAMAj
zTANBgkqhkiG9w0BAQsFAAOCAQEAnUSqlCZQ7TN3SD96J1oMeVd7p3ugHzymhhkl
OkdYeNmwbYPWHZq+/NMJ1XftwJNdZFAg0W7f/hr6UOzN5B03ZX+d1e3U1/GIN2mL
2/vxFLfMvumfonfzTviHBmWlRdHLTJlLgQvmTbRIp3OelsS7qUqCSMEWZXafADha
0vjirLO0VDF5UyES7An4aTN7ecda8BqEWiUl5L0ZOr3uCrvRiPuYdwm6nSBevrgJ
o+4LWH4MVVYW6ue6wIJy6Po9mv+8VJUonNFuSlKqfhSKadxxu8G9aaejA6mDSFZS
pM9zeJNvWORE/7RWzut8Tk1g7e4T6222TIMCvt5XfcZ7ms4rWA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:33 2024 by rpki-client on console-ams.rpki-client.org