Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/QYwqnyvzbc7VZaUbVWBw_ZF7BHk.roa
File: QYwqnyvzbc7VZaUbVWBw_ZF7BHk.roa (raw, json)
Hash identifier: wn8nWTptRv3sNvpPlr/pwzJJ2xO1Q8xrbOCmUGTVUsM=
Subject key identifier: 41:8C:2A:9F:2B:F3:6D:CE:D5:65:A5:1B:55:60:70:FD:91:7B:04:79
Certificate issuer: /CN=87d990131467b77d11162b79fbe3b06ca8ab2d39
Certificate serial: 37B267D7
Authority key identifier: 87:D9:90:13:14:67:B7:7D:11:16:2B:79:FB:E3:B0:6C:A8:AB:2D:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h9mQExRnt30RFit5--OwbKirLTk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/QYwqnyvzbc7VZaUbVWBw_ZF7BHk.roa
Signing time: Tue 25 Jan 2022 13:39:11 +0000
ROA not before: Tue 25 Jan 2022 13:39:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1299
IP address blocks: 23.90.192.0/18 maxlen: 24
185.87.100.0/22 maxlen: 24
185.20.16.0/22 maxlen: 24
185.134.156.0/22 maxlen: 24
45.133.68.0/22 maxlen: 24
79.99.160.0/21 maxlen: 24
185.133.80.0/22 maxlen: 24
92.119.232.0/22 maxlen: 24
185.197.108.0/22 maxlen: 24
5.183.248.0/22 maxlen: 24
45.89.76.0/22 maxlen: 24
45.92.180.0/22 maxlen: 24
185.48.252.0/22 maxlen: 24
45.129.218.0/24 maxlen: 24
45.129.216.0/24 maxlen: 24
185.163.136.0/22 maxlen: 24
45.129.217.0/24 maxlen: 24
185.241.140.0/22 maxlen: 24
88.218.12.0/22 maxlen: 24
185.191.36.0/22 maxlen: 24
185.163.212.0/22 maxlen: 24
185.86.88.0/22 maxlen: 24
45.86.96.0/22 maxlen: 24
185.163.220.0/22 maxlen: 24
185.163.228.0/22 maxlen: 24
31.204.80.0/21 maxlen: 24
2.59.144.0/22 maxlen: 24
185.186.88.0/22 maxlen: 24
185.169.156.0/22 maxlen: 24
185.132.64.0/22 maxlen: 24
45.142.108.0/22 maxlen: 24
185.135.176.0/22 maxlen: 24
195.216.140.0/22 maxlen: 24
46.18.124.0/24 maxlen: 24
46.18.125.0/24 maxlen: 24
46.18.120.0/22 maxlen: 24
46.18.126.0/23 maxlen: 24
185.254.8.0/22 maxlen: 24
185.138.116.0/22 maxlen: 24
5.10.128.0/21 maxlen: 24
45.80.252.0/22 maxlen: 24
185.98.116.0/22 maxlen: 24
45.152.16.0/22 maxlen: 24
62.192.156.0/22 maxlen: 24
2a00:41e0::/29 maxlen: 48
2a05:b780::/29 maxlen: 48
2a01:648::/29 maxlen: 48
2a00:6780::/29 maxlen: 48
2a05:c100::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 934438871 (0x37b267d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87d990131467b77d11162b79fbe3b06ca8ab2d39
Validity
Not Before: Jan 25 13:39:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=418c2a9f2bf36dced565a51b556070fd917b0479
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:44:c7:74:b9:af:6b:dd:99:ac:d2:b2:a8:ed:
7f:f9:1a:7b:a4:59:bd:f4:30:70:69:3a:16:28:3c:
2a:d4:1f:82:83:94:68:ee:5a:ab:6e:1b:41:7d:1f:
b3:8c:b9:97:3c:5f:48:d3:e7:a5:99:b3:b1:14:12:
a0:f0:13:78:cc:33:74:1e:ce:ae:da:7b:72:aa:2b:
1b:ac:6e:e2:47:6a:36:2f:91:b3:c0:30:f3:3d:76:
f3:e4:b7:8c:7b:5a:6f:b9:23:05:6e:58:fd:25:05:
b1:65:b9:1a:8b:6d:04:ee:c2:6f:98:c8:47:76:c3:
8e:52:c9:15:0d:99:cf:fb:ce:d3:16:f1:5a:f2:dc:
3e:76:a2:2b:94:1c:67:31:3e:cf:d1:57:f3:da:56:
93:00:f6:b3:43:34:a3:d6:da:ce:0e:21:54:18:4b:
7f:9b:df:03:a1:c6:15:7e:03:52:7d:73:32:6b:fb:
af:d9:3a:9d:79:b9:9f:39:89:23:57:67:fc:30:55:
65:88:6f:ec:ba:6c:27:b0:3a:7f:c6:ff:72:47:34:
3c:d7:46:37:ae:4d:4c:2e:9a:6f:8e:4f:3f:13:dd:
42:07:c4:a9:01:57:89:5f:f2:92:d7:b6:66:0d:cd:
c6:15:07:9b:7a:0a:27:97:21:2c:3e:f2:09:40:56:
b7:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:8C:2A:9F:2B:F3:6D:CE:D5:65:A5:1B:55:60:70:FD:91:7B:04:79
X509v3 Authority Key Identifier:
keyid:87:D9:90:13:14:67:B7:7D:11:16:2B:79:FB:E3:B0:6C:A8:AB:2D:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h9mQExRnt30RFit5--OwbKirLTk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/QYwqnyvzbc7VZaUbVWBw_ZF7BHk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/h9mQExRnt30RFit5--OwbKirLTk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.144.0/22
5.10.128.0/21
5.183.248.0/22
23.90.192.0/18
31.204.80.0/21
45.80.252.0/22
45.86.96.0/22
45.89.76.0/22
45.92.180.0/22
45.129.216.0-45.129.218.255
45.133.68.0/22
45.142.108.0/22
45.152.16.0/22
46.18.120.0/21
62.192.156.0/22
79.99.160.0/21
88.218.12.0/22
92.119.232.0/22
185.20.16.0/22
185.48.252.0/22
185.86.88.0/22
185.87.100.0/22
185.98.116.0/22
185.132.64.0/22
185.133.80.0/22
185.134.156.0/22
185.135.176.0/22
185.138.116.0/22
185.163.136.0/22
185.163.212.0/22
185.163.220.0/22
185.163.228.0/22
185.169.156.0/22
185.186.88.0/22
185.191.36.0/22
185.197.108.0/22
185.241.140.0/22
185.254.8.0/22
195.216.140.0/22
IPv6:
2a00:41e0::/29
2a00:6780::/29
2a01:648::/29
2a05:b780::/29
2a05:c100::/29
Signature Algorithm: sha256WithRSAEncryption
45:66:58:b2:9a:31:8d:4e:9f:92:cf:39:17:68:f1:06:83:4c:
c5:ce:49:5a:71:41:4f:df:bf:6f:0f:92:b2:04:bd:8c:2b:fa:
f7:a6:fd:ac:72:c5:52:8e:52:52:65:e6:fc:7b:1d:9c:f1:2f:
50:13:c7:d3:48:a1:de:46:ce:b5:dd:ef:04:93:4b:e4:24:a6:
f4:fa:e0:45:21:46:65:34:66:a2:67:71:2c:aa:b7:82:46:b1:
77:3f:ba:cb:4f:50:62:80:b9:b3:79:d9:0c:ec:ab:73:67:03:
0f:9e:14:dc:b6:cd:e2:b5:23:4b:ed:8c:00:31:39:86:72:83:
aa:76:54:25:fd:68:bd:f4:64:bb:81:0b:5d:c9:d3:9c:1c:d7:
a6:1f:ba:33:01:50:87:5f:90:6b:0c:da:56:47:65:15:51:85:
e3:db:3e:6a:a6:cc:26:24:cb:c1:57:0d:23:dc:3c:11:27:c5:
67:3c:43:71:61:26:bd:b4:64:99:7b:8f:71:47:f4:fe:42:80:
85:93:a4:45:47:dc:3b:08:70:5d:c1:08:45:00:fd:f4:6c:0e:
80:2b:7e:0e:94:71:0f:38:39:73:c1:1d:ac:61:c5:04:3e:73:
78:6d:48:f0:83:8f:40:49:f8:f8:13:f3:27:6e:4b:f4:72:7f:
85:5a:7d:73
-----BEGIN CERTIFICATE-----
MIIGDjCCBPagAwIBAgIEN7Jn1zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
N2Q5OTAxMzE0NjdiNzdkMTExNjJiNzlmYmUzYjA2Y2E4YWIyZDM5MB4XDTIyMDEy
NTEzMzkxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDE4YzJhOWYyYmYz
NmRjZWQ1NjVhNTFiNTU2MDcwZmQ5MTdiMDQ3OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALNEx3S5r2vdmazSsqjtf/kae6RZvfQwcGk6Fig8KtQfgoOU
aO5aq24bQX0fs4y5lzxfSNPnpZmzsRQSoPATeMwzdB7Ortp7cqorG6xu4kdqNi+R
s8Aw8z128+S3jHtab7kjBW5Y/SUFsWW5GottBO7Cb5jIR3bDjlLJFQ2Zz/vO0xbx
WvLcPnaiK5QcZzE+z9FX89pWkwD2s0M0o9bazg4hVBhLf5vfA6HGFX4DUn1zMmv7
r9k6nXm5nzmJI1dn/DBVZYhv7LpsJ7A6f8b/ckc0PNdGN65NTC6ab45PPxPdQgfE
qQFXiV/ykte2Zg3NxhUHm3oKJ5chLD7yCUBWt5kCAwEAAaOCAygwggMkMB0GA1Ud
DgQWBBRBjCqfK/NtztVlpRtVYHD9kXsEeTAfBgNVHSMEGDAWgBSH2ZATFGe3fREW
K3n747BsqKstOTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2g5bVFFeFJudDMwUkZpdDUtLU93YktpckxUay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjYvNWRlYTk3LTdlZjctNGRiMC05NGJjLWI4ZThiMzRkYjI5MC8x
L1FZd3FueXZ6YmM3VlphVWJWV0J3X1pGN0JIay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjYv
NWRlYTk3LTdlZjctNGRiMC05NGJjLWI4ZThiMzRkYjI5MC8xL2g5bVFFeFJudDMw
UkZpdDUtLU93YktpckxUay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
ATwGCCsGAQUFBwEHAQH/BIIBKzCCAScwgfkEAgABMIHyAwQCAjuQAwQDBQqAAwQC
Bbf4AwQGF1rAAwQDH8xQAwQCLVD8AwQCLVZgAwQCLVlMAwQCLVy0MAwDBAMtgdgD
BAAtgdoDBAIthUQDBAItjmwDBAItmBADBAMuEngDBAI+wJwDBANPY6ADBAJY2gwD
BAJcd+gDBAK5FBADBAK5MPwDBAK5VlgDBAK5V2QDBAK5YnQDBAK5hEADBAK5hVAD
BAK5hpwDBAK5h7ADBAK5inQDBAK5o4gDBAK5o9QDBAK5o9wDBAK5o+QDBAK5qZwD
BAK5ulgDBAK5vyQDBAK5xWwDBAK58YwDBAK5/ggDBALD2IwwKQQCAAIwIwMFAyoA
QeADBQMqAGeAAwUDKgEGSAMFAyoFt4ADBQMqBcEAMA0GCSqGSIb3DQEBCwUAA4IB
AQBFZliymjGNTp+SzzkXaPEGg0zFzklacUFP379vD5KyBL2MK/r3pv2scsVSjlJS
Zeb8ex2c8S9QE8fTSKHeRs613e8Ek0vkJKb0+uBFIUZlNGaiZ3EsqreCRrF3P7rL
T1BigLmzedkM7KtzZwMPnhTcts3itSNL7YwAMTmGcoOqdlQl/Wi99GS7gQtdydOc
HNemH7ozAVCHX5BrDNpWR2UVUYXj2z5qpswmJMvBVw0j3DwRJ8VnPENxYSa9tGSZ
e49xR/T+QoCFk6RFR9w7CHBdwQhFAP30bA6AK34OlHEPODlzwR2sYcUEPnN4bUjw
g49ASfj4E/Mnbkv0cn+FWn1z
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:15 2024 by rpki-client on console-ams.rpki-client.org