Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/914d39-3020-4b79-ad26-d87affb8bc61/1/kq76svPg-lbhQjMALH5bWhJMf8g.roa
File: kq76svPg-lbhQjMALH5bWhJMf8g.roa (raw, json)
Hash identifier: wa1RQPUs66dU1AAM3OxT0Y9GIRWH+hvNyEtuJZgX5ac=
Subject key identifier: 92:AE:FA:B2:F3:E0:FA:56:E1:42:33:00:2C:7E:5B:5A:12:4C:7F:C8
Certificate issuer: /CN=4b405caab34bbfde6b8ee66c600860c6ce96f32b
Certificate serial: 018B46A42D5FDA194C6F8F0EC30C17F95319
Authority key identifier: 4B:40:5C:AA:B3:4B:BF:DE:6B:8E:E6:6C:60:08:60:C6:CE:96:F3:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S0BcqrNLv95rjuZsYAhgxs6W8ys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/914d39-3020-4b79-ad26-d87affb8bc61/1/kq76svPg-lbhQjMALH5bWhJMf8g.roa
Signing time: Thu 19 Oct 2023 06:34:06 +0000
ROA not before: Thu 19 Oct 2023 06:34:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35434
IP address blocks: 195.82.188.0/22 maxlen: 22
83.230.48.0/22 maxlen: 22
213.227.72.0/22 maxlen: 22
212.106.138.0/23 maxlen: 23
212.106.160.0/21 maxlen: 21
195.82.160.0/21 maxlen: 21
195.82.172.0/23 maxlen: 23
195.82.168.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:46:a4:2d:5f:da:19:4c:6f:8f:0e:c3:0c:17:f9:53:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b405caab34bbfde6b8ee66c600860c6ce96f32b
Validity
Not Before: Oct 19 06:34:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=92aefab2f3e0fa56e14233002c7e5b5a124c7fc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:18:82:eb:18:8b:2a:e5:60:f4:2a:9a:8f:3c:
c4:92:5f:88:85:d8:8f:f3:3c:2a:b6:ce:7f:73:16:
a7:1d:8e:4d:cb:50:64:42:66:dc:fc:e7:c9:e7:bf:
89:db:60:16:dc:d2:46:b1:17:99:13:e3:f0:4d:bc:
66:b7:40:52:3d:fb:0f:2d:e2:8b:57:31:05:92:9f:
9e:cb:fd:05:59:66:89:68:1e:45:42:61:97:b0:7e:
cc:73:9f:cb:cc:cf:21:8d:9d:ad:d0:b3:da:67:38:
4f:a5:05:b8:eb:74:84:78:29:4a:e6:8b:9c:b9:f3:
e6:6d:7b:62:09:c9:2a:0d:32:43:61:c7:26:3f:e5:
2d:88:a7:07:7f:9c:26:48:63:98:fc:cb:35:97:03:
6f:5b:51:4c:92:d1:18:e0:d8:37:3f:b0:d2:69:0a:
03:5f:aa:02:c7:b7:97:92:45:2e:61:90:9b:d3:54:
f7:2b:93:0b:8e:f3:22:dd:04:e2:13:52:f8:45:78:
59:c8:cf:bd:28:cb:c1:3b:f1:12:53:a8:02:20:09:
3a:c3:be:26:bf:09:4d:41:6a:27:61:47:70:f1:99:
ec:bc:a4:a5:2e:b4:56:5d:65:e1:82:5b:81:d4:f8:
06:80:1a:19:0b:99:24:30:ee:70:4e:2c:ad:db:eb:
96:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:AE:FA:B2:F3:E0:FA:56:E1:42:33:00:2C:7E:5B:5A:12:4C:7F:C8
X509v3 Authority Key Identifier:
keyid:4B:40:5C:AA:B3:4B:BF:DE:6B:8E:E6:6C:60:08:60:C6:CE:96:F3:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S0BcqrNLv95rjuZsYAhgxs6W8ys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/914d39-3020-4b79-ad26-d87affb8bc61/1/kq76svPg-lbhQjMALH5bWhJMf8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/914d39-3020-4b79-ad26-d87affb8bc61/1/S0BcqrNLv95rjuZsYAhgxs6W8ys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.230.48.0/22
195.82.160.0-195.82.173.255
195.82.188.0/22
212.106.138.0/23
212.106.160.0/21
213.227.72.0/22
Signature Algorithm: sha256WithRSAEncryption
6d:9e:e0:06:29:0c:b6:d0:76:db:2d:bd:08:b3:32:85:66:e0:
68:d9:ca:f9:29:16:00:bf:84:8a:e5:fa:30:61:d6:ac:c8:0e:
5a:3c:91:62:d2:85:0f:0e:c2:f1:ee:f7:b3:fe:33:e7:c1:4b:
a4:74:2f:de:33:c4:59:5b:7f:77:5f:80:82:7b:99:cb:ae:52:
89:a0:7c:6c:63:c3:49:7e:cf:77:57:42:05:53:72:81:01:30:
d4:bf:2a:92:04:03:10:7c:00:e5:56:62:f4:57:27:c0:3f:d6:
ba:ee:4c:13:65:8c:16:55:e3:1e:a2:e9:96:38:37:a8:28:ee:
fe:e8:35:a5:11:f1:21:c9:2c:3b:de:4a:62:3f:30:8b:46:bd:
4c:fb:ca:27:d9:35:fb:a4:5a:b7:f2:79:0a:65:fc:26:98:d0:
68:5f:c6:ed:02:10:2d:43:3d:63:e5:01:e6:78:bf:de:be:29:
e1:f5:19:e7:fb:c8:5a:54:b5:82:36:8b:e3:2a:01:e6:17:e0:
04:86:9a:ac:de:8b:21:a8:e5:ad:99:9a:38:17:13:d0:72:30:
f9:86:a7:5e:50:3a:32:69:c2:7a:46:cd:34:37:53:94:bc:cd:
bc:1f:bb:43:49:fe:da:9f:ef:12:20:9f:3c:39:2a:16:a3:00:
f3:91:b3:3d
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYtGpC1f2hlMb48OwwwX+VMZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNDA1Y2FhYjM0YmJmZGU2YjhlZTY2YzYwMDg2MGM2Y2U5
NmYzMmIwHhcNMjMxMDE5MDYzNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmFlZmFiMmYzZTBmYTU2ZTE0MjMzMDAyYzdlNWI1YTEyNGM3ZmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhiC6xiLKuVg9CqajzzEkl+IhdiP
8zwqts5/cxanHY5Ny1BkQmbc/OfJ57+J22AW3NJGsReZE+PwTbxmt0BSPfsPLeKL
VzEFkp+ey/0FWWaJaB5FQmGXsH7Mc5/LzM8hjZ2t0LPaZzhPpQW463SEeClK5ouc
ufPmbXtiCckqDTJDYccmP+UtiKcHf5wmSGOY/Ms1lwNvW1FMktEY4Ng3P7DSaQoD
X6oCx7eXkkUuYZCb01T3K5MLjvMi3QTiE1L4RXhZyM+9KMvBO/ESU6gCIAk6w74m
vwlNQWonYUdw8ZnsvKSlLrRWXWXhgluB1PgGgBoZC5kkMO5wTiyt2+uWfwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFJKu+rLz4PpW4UIzACx+W1oSTH/IMB8GA1UdIwQY
MBaAFEtAXKqzS7/ea47mbGAIYMbOlvMrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzBCY3FyTkx2OTVyanVac1lBaGd4czZXOHlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS85MTRkMzktMzAyMC00Yjc5LWFkMjYt
ZDg3YWZmYjhiYzYxLzEva3E3NnN2UGctbGJoUWpNQUxINWJXaEpNZjhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS85MTRkMzktMzAyMC00Yjc5LWFkMjYtZDg3YWZmYjhiYzYx
LzEvUzBCY3FyTkx2OTVyanVac1lBaGd4czZXOHlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQCU+YwMAwD
BAXDUqADBAHDUqwDBALDUrwDBAHUaooDBAPUaqADBALV40gwDQYJKoZIhvcNAQEL
BQADggEBAG2e4AYpDLbQdtstvQizMoVm4GjZyvkpFgC/hIrl+jBh1qzIDlo8kWLS
hQ8OwvHu97P+M+fBS6R0L94zxFlbf3dfgIJ7mcuuUomgfGxjw0l+z3dXQgVTcoEB
MNS/KpIEAxB8AOVWYvRXJ8A/1rruTBNljBZV4x6i6ZY4N6go7v7oNaUR8SHJLDve
SmI/MItGvUz7yifZNfukWrfyeQpl/CaY0Ghfxu0CEC1DPWPlAeZ4v96+KeH1Gef7
yFpUtYI2i+MqAeYX4ASGmqzeiyGo5a2ZmjgXE9ByMPmGp15QOjJpwnpGzTQ3U5S8
zbwfu0NJ/tqf7xIgnzw5KhajAPORsz0=
-----END CERTIFICATE-----
Generated at Mon Apr 21 06:42:56 2025 by rpki-client