Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/31c267-f2e3-4fa9-9d41-336e5b3dd071/1/QR6zzUMvL-Hl3xMFvoI6gxgxwME.roa
File: QR6zzUMvL-Hl3xMFvoI6gxgxwME.roa (raw, json)
Hash identifier: 03TA86oKprKVQvfSp8ydOlEniOXNI6423X6dNAFfwbo=
Subject key identifier: 41:1E:B3:CD:43:2F:2F:E1:E5:DF:13:05:BE:82:3A:83:18:31:C0:C1
Certificate issuer: /CN=679252b9e21df8176cc538027895f7f4585666ab
Certificate serial: 0EA9A710
Authority key identifier: 67:92:52:B9:E2:1D:F8:17:6C:C5:38:02:78:95:F7:F4:58:56:66:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z5JSueId-BdsxTgCeJX39FhWZqs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/31c267-f2e3-4fa9-9d41-336e5b3dd071/1/QR6zzUMvL-Hl3xMFvoI6gxgxwME.roa
Signing time: Sat 01 Jan 2022 04:51:23 +0000
ROA not before: Sat 01 Jan 2022 04:51:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51468
IP address blocks: 185.164.12.0/22 maxlen: 22
193.202.110.0/24 maxlen: 24
91.198.169.0/24 maxlen: 24
77.111.240.0/22 maxlen: 22
195.47.247.0/24 maxlen: 24
46.30.208.0/21 maxlen: 21
104.37.32.0/21 maxlen: 21
195.206.121.0/24 maxlen: 24
2001:67c:28cc::/48 maxlen: 48
2a02:2350::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 245999376 (0xea9a710)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=679252b9e21df8176cc538027895f7f4585666ab
Validity
Not Before: Jan 1 04:51:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=411eb3cd432f2fe1e5df1305be823a831831c0c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:af:0f:86:70:17:e2:c4:53:9b:b1:c0:b3:09:
ab:7f:77:29:7b:c1:d6:d0:19:92:07:f3:1b:b5:f8:
ae:2b:63:05:23:47:e1:10:ba:0e:3b:ec:ab:af:c6:
5e:11:ed:3c:3b:23:90:80:05:d4:0a:91:64:4e:ea:
e7:34:e0:1b:bf:15:91:1e:c9:01:bb:37:b5:41:e9:
c7:31:19:6e:56:70:a8:52:9b:0c:9a:ac:f4:0b:a3:
46:c0:87:6a:1f:1b:ad:e2:93:cd:ad:17:78:47:59:
c0:be:1f:04:81:09:81:69:9f:2f:9d:9a:c7:ea:65:
2b:46:57:e6:5c:6b:b0:ad:5b:d6:a9:ac:6f:e6:6f:
b8:67:b5:f9:c4:14:ba:7a:67:77:13:f4:0b:a9:3f:
9b:1f:41:c6:d5:c4:ae:9a:93:dd:c2:32:06:3d:dd:
f8:1b:de:4a:6b:f1:33:c0:fe:0b:d5:c9:a1:dc:d9:
69:bf:af:26:e0:b4:94:bf:41:c8:c8:ff:a4:f7:a5:
3d:d3:41:c8:c3:8f:84:ce:9e:38:50:6b:5f:47:e6:
43:5c:0e:d4:64:49:29:e2:29:a6:14:9b:db:4b:06:
ed:56:77:a7:6f:5a:65:31:96:4d:5d:df:5f:83:f0:
43:2b:4c:ef:03:a4:f8:cb:78:75:a4:ef:a5:50:52:
90:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:1E:B3:CD:43:2F:2F:E1:E5:DF:13:05:BE:82:3A:83:18:31:C0:C1
X509v3 Authority Key Identifier:
keyid:67:92:52:B9:E2:1D:F8:17:6C:C5:38:02:78:95:F7:F4:58:56:66:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5JSueId-BdsxTgCeJX39FhWZqs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/31c267-f2e3-4fa9-9d41-336e5b3dd071/1/QR6zzUMvL-Hl3xMFvoI6gxgxwME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/31c267-f2e3-4fa9-9d41-336e5b3dd071/1/Z5JSueId-BdsxTgCeJX39FhWZqs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.30.208.0/21
77.111.240.0/22
91.198.169.0/24
104.37.32.0/21
185.164.12.0/22
193.202.110.0/24
195.47.247.0/24
195.206.121.0/24
IPv6:
2001:67c:28cc::/48
2a02:2350::/32
Signature Algorithm: sha256WithRSAEncryption
99:31:89:f7:1f:72:14:76:92:9b:aa:b4:1b:0d:a6:df:5f:af:
f4:34:1b:96:76:05:b9:9d:97:11:20:6a:a6:93:98:e5:6a:65:
f3:22:f0:50:e7:10:eb:a1:96:88:f2:1b:f9:21:29:29:3b:dd:
98:fd:55:42:fb:ff:10:2e:dc:f3:99:14:68:1c:89:dc:b5:a2:
b0:a2:71:f7:df:6e:c2:13:47:36:5d:65:e4:ac:ae:5b:ba:bb:
65:f0:83:fc:91:af:79:6a:9e:8c:a4:4e:4e:3f:01:56:9a:d7:
5a:28:5e:49:c0:28:73:65:b4:4c:14:e8:88:ed:89:f5:c5:bb:
5a:3a:c8:9d:02:c4:5b:48:0a:de:9b:04:ea:af:52:57:07:8e:
b6:af:91:9e:1b:72:d1:bb:03:ea:7a:1f:ba:11:ed:59:2b:bf:
ac:f4:43:e6:29:21:fb:09:a2:72:3c:19:68:5e:62:70:46:3e:
11:36:4f:12:4b:2e:41:2d:ea:d9:6a:1b:68:a2:1c:74:7f:dc:
61:b3:2b:9b:db:2b:2c:1c:7e:8c:74:6f:1f:f0:5b:cf:4d:fb:
12:51:62:23:c2:be:77:f4:50:d7:e8:b6:3f:a5:26:ba:8a:c4:
53:78:39:e3:b4:7d:2d:f3:cc:c8:4f:30:fa:c5:cc:c2:65:03:
5a:65:48:32
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIEDqmnEDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NzkyNTJiOWUyMWRmODE3NmNjNTM4MDI3ODk1ZjdmNDU4NTY2NmFiMB4XDTIyMDEw
MTA0NTEyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDExZWIzY2Q0MzJm
MmZlMWU1ZGYxMzA1YmU4MjNhODMxODMxYzBjMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANmvD4ZwF+LEU5uxwLMJq393KXvB1tAZkgfzG7X4ritjBSNH
4RC6Djvsq6/GXhHtPDsjkIAF1AqRZE7q5zTgG78VkR7JAbs3tUHpxzEZblZwqFKb
DJqs9AujRsCHah8breKTza0XeEdZwL4fBIEJgWmfL52ax+plK0ZX5lxrsK1b1qms
b+ZvuGe1+cQUunpndxP0C6k/mx9BxtXErpqT3cIyBj3d+BveSmvxM8D+C9XJodzZ
ab+vJuC0lL9ByMj/pPelPdNByMOPhM6eOFBrX0fmQ1wO1GRJKeIpphSb20sG7VZ3
p29aZTGWTV3fX4PwQytM7wOk+Mt4daTvpVBSkCkCAwEAAaOCAkswggJHMB0GA1Ud
DgQWBBRBHrPNQy8v4eXfEwW+gjqDGDHAwTAfBgNVHSMEGDAWgBRnklK54h34F2zF
OAJ4lff0WFZmqzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1o1SlN1ZUlkLUJkc3hUZ0NlSlgzOUZoV1pxcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzMvMzFjMjY3LWYyZTMtNGZhOS05ZDQxLTMzNmU1YjNkZDA3MS8x
L1FSNnp6VU12TC1IbDN4TUZ2b0k2Z3hneHdNRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzMv
MzFjMjY3LWYyZTMtNGZhOS05ZDQxLTMzNmU1YjNkZDA3MS8xL1o1SlN1ZUlkLUJk
c3hUZ0NlSlgzOUZoV1pxcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBh
BggrBgEFBQcBBwEB/wRSMFAwNgQCAAEwMAMEAy4e0AMEAk1v8AMEAFvGqQMEA2gl
IAMEArmkDAMEAMHKbgMEAMMv9wMEAMPOeTAWBAIAAjAQAwcAIAEGfCjMAwUAKgIj
UDANBgkqhkiG9w0BAQsFAAOCAQEAmTGJ9x9yFHaSm6q0Gw2m31+v9DQblnYFuZ2X
ESBqppOY5Wpl8yLwUOcQ66GWiPIb+SEpKTvdmP1VQvv/EC7c85kUaByJ3LWisKJx
999uwhNHNl1l5KyuW7q7ZfCD/JGveWqejKROTj8BVprXWiheScAoc2W0TBToiO2J
9cW7WjrInQLEW0gK3psE6q9SVweOtq+Rnhty0bsD6nofuhHtWSu/rPRD5ikh+wmi
cjwZaF5icEY+ETZPEksuQS3q2WobaKIcdH/cYbMrm9srLBx+jHRvH/Bbz037ElFi
I8K+d/RQ1+i2P6UmuorEU3g547R9LfPMyE8w+sXMwmUDWmVIMg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:57 2024 by rpki-client on console-fra.rpki-client.org