Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/62afef-70d1-4fe2-9edf-7f1e57487c1a/1/QahEuFnLnAX323RHd00kwW_6c9M.roa
File: QahEuFnLnAX323RHd00kwW_6c9M.roa (raw, json)
Hash identifier: mfLTnH63zES/E1fuQE6rrvwe+KzEYew8y482nxwX9eA=
Subject key identifier: 41:A8:44:B8:59:CB:9C:05:F7:DB:74:47:77:4D:24:C1:6F:FA:73:D3
Certificate issuer: /CN=a24b48edc7a325d7f1ae0f257c0e2835171bc9ae
Certificate serial: 0183ACA7ADB45C9841B33DB07AFCCBD20EAA
Authority key identifier: A2:4B:48:ED:C7:A3:25:D7:F1:AE:0F:25:7C:0E:28:35:17:1B:C9:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oktI7cejJdfxrg8lfA4oNRcbya4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/62afef-70d1-4fe2-9edf-7f1e57487c1a/1/QahEuFnLnAX323RHd00kwW_6c9M.roa
Signing time: Thu 06 Oct 2022 09:36:53 +0000
ROA not before: Thu 06 Oct 2022 09:36:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39704
IP address blocks: 5.22.248.0/21 maxlen: 21
185.103.16.0/22 maxlen: 22
185.94.168.0/24 maxlen: 24
194.50.163.0/24 maxlen: 24
46.182.216.0/21 maxlen: 21
91.192.36.0/22 maxlen: 22
213.132.192.0/22 maxlen: 22
213.132.192.0/19 maxlen: 19
213.132.197.0/24 maxlen: 24
213.132.196.0/22 maxlen: 22
213.132.196.0/24 maxlen: 24
94.124.88.0/21 maxlen: 21
213.132.195.0/24 maxlen: 24
213.132.200.0/22 maxlen: 22
213.132.210.0/23 maxlen: 23
2a00:1bd0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ac:a7:ad:b4:5c:98:41:b3:3d:b0:7a:fc:cb:d2:0e:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a24b48edc7a325d7f1ae0f257c0e2835171bc9ae
Validity
Not Before: Oct 6 09:36:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=41a844b859cb9c05f7db7447774d24c16ffa73d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:e7:39:a9:36:bc:e0:6c:10:6b:9e:c9:2e:e2:
8e:df:61:8e:7b:e7:37:eb:34:66:b9:89:cb:51:90:
35:a4:a2:9e:ea:df:fe:1f:df:25:fc:d6:da:39:ad:
0b:48:73:02:6a:d0:cb:ae:55:7d:13:20:d1:dc:13:
43:65:e0:8f:99:15:36:40:ca:61:88:a4:50:a6:9e:
6d:3b:3a:06:7f:5e:40:ae:2b:1a:ed:15:8d:40:42:
c4:ee:13:6f:90:ef:af:b2:c8:65:04:7f:81:e7:53:
ca:bf:0c:56:be:df:6d:c3:93:f3:69:ee:b8:18:81:
89:9d:c5:14:95:cd:18:d6:54:7d:42:e3:31:18:e1:
58:62:97:5a:2b:7d:d8:45:e9:76:ea:22:84:bf:08:
39:c4:48:d6:3d:0d:94:15:f7:3f:8b:14:bf:f5:3d:
ae:23:4b:6a:53:fe:dc:e1:c6:f6:5f:09:44:fc:1c:
6e:1f:fb:a9:a7:99:0a:f9:d3:29:5a:6f:ab:a1:dd:
01:d4:b0:87:4f:91:b7:0c:47:13:44:1a:33:99:a7:
75:19:9c:9e:4e:08:54:d5:cb:09:08:0e:7f:45:74:
fd:00:64:91:98:e0:f0:97:7a:f1:e6:3c:48:cf:5b:
6c:f9:c6:7c:6f:11:ae:65:3e:4b:a8:e2:e2:fb:f9:
ab:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:A8:44:B8:59:CB:9C:05:F7:DB:74:47:77:4D:24:C1:6F:FA:73:D3
X509v3 Authority Key Identifier:
keyid:A2:4B:48:ED:C7:A3:25:D7:F1:AE:0F:25:7C:0E:28:35:17:1B:C9:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oktI7cejJdfxrg8lfA4oNRcbya4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/62afef-70d1-4fe2-9edf-7f1e57487c1a/1/QahEuFnLnAX323RHd00kwW_6c9M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/62afef-70d1-4fe2-9edf-7f1e57487c1a/1/oktI7cejJdfxrg8lfA4oNRcbya4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.248.0/21
46.182.216.0/21
91.192.36.0/22
94.124.88.0/21
185.94.168.0/24
185.103.16.0/22
194.50.163.0/24
213.132.192.0/19
IPv6:
2a00:1bd0::/32
Signature Algorithm: sha256WithRSAEncryption
5b:dd:eb:71:f9:37:93:05:d4:b9:d0:35:60:da:1a:c5:49:31:
04:78:36:cc:59:71:49:cf:93:5e:cd:87:38:fd:3c:a6:63:4d:
49:09:39:78:4b:c8:b9:6a:26:44:10:e4:20:7c:12:2a:92:0d:
88:c2:49:e6:e7:79:42:60:56:83:5a:58:c2:c1:3d:92:38:34:
f3:32:fe:39:d2:05:9e:8d:ce:6f:28:e7:ec:e0:db:94:ae:b5:
c5:d3:cc:bd:dc:39:06:43:35:e3:e9:96:83:18:b3:9c:ce:89:
3e:7c:40:8b:53:c7:c5:99:f4:6c:c2:b0:98:a5:56:5d:50:dd:
36:d9:da:0f:84:6e:fa:0b:46:e5:85:b9:97:98:6e:e2:9f:c7:
a5:63:4d:34:6c:e1:da:0f:0d:cb:f7:75:6d:77:54:65:94:c9:
72:8f:6c:3b:27:5f:9f:a6:e6:5e:68:75:90:91:86:3c:9f:45:
c4:34:f9:72:f4:e3:8c:04:35:ca:b2:90:c5:a7:26:34:37:db:
64:2b:d8:f3:39:3a:16:89:21:80:00:4a:09:e2:0b:62:bb:3e:
d7:3c:79:ae:f1:2d:39:91:38:28:46:aa:e2:83:31:2b:2c:f8:
a2:17:ba:87:66:90:b6:d2:5a:93:da:ed:bb:dc:6e:c9:21:d6:
c0:4d:37:23
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYOsp620XJhBsz2wevzL0g6qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNGI0OGVkYzdhMzI1ZDdmMWFlMGYyNTdjMGUyODM1MTcx
YmM5YWUwHhcNMjIxMDA2MDkzNjUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWE4NDRiODU5Y2I5YzA1ZjdkYjc0NDc3NzRkMjRjMTZmZmE3M2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxuc5qTa84GwQa57JLuKO32GOe+c3
6zRmuYnLUZA1pKKe6t/+H98l/NbaOa0LSHMCatDLrlV9EyDR3BNDZeCPmRU2QMph
iKRQpp5tOzoGf15Arisa7RWNQELE7hNvkO+vsshlBH+B51PKvwxWvt9tw5Pzae64
GIGJncUUlc0Y1lR9QuMxGOFYYpdaK33YRel26iKEvwg5xEjWPQ2UFfc/ixS/9T2u
I0tqU/7c4cb2XwlE/BxuH/upp5kK+dMpWm+rod0B1LCHT5G3DEcTRBozmad1GZye
TghU1csJCA5/RXT9AGSRmODwl3rx5jxIz1ts+cZ8bxGuZT5LqOLi+/mrQwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFEGoRLhZy5wF99t0R3dNJMFv+nPTMB8GA1UdIwQY
MBaAFKJLSO3HoyXX8a4PJXwOKDUXG8muMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2t0STdjZWpKZGZ4cmc4bGZBNG9OUmNieWE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni82MmFmZWYtNzBkMS00ZmUyLTllZGYt
N2YxZTU3NDg3YzFhLzEvUWFoRXVGbkxuQVgzMjNSSGQwMGt3V182YzlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni82MmFmZWYtNzBkMS00ZmUyLTllZGYtN2YxZTU3NDg3YzFh
LzEvb2t0STdjZWpKZGZ4cmc4bGZBNG9OUmNieWE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDBRb4AwQD
LrbYAwQCW8AkAwQDXnxYAwQAuV6oAwQCuWcQAwQAwjKjAwQF1YTAMA0EAgACMAcD
BQAqABvQMA0GCSqGSIb3DQEBCwUAA4IBAQBb3etx+TeTBdS50DVg2hrFSTEEeDbM
WXFJz5NezYc4/TymY01JCTl4S8i5aiZEEOQgfBIqkg2Iwknm53lCYFaDWljCwT2S
ODTzMv450gWejc5vKOfs4NuUrrXF08y93DkGQzXj6ZaDGLOczok+fECLU8fFmfRs
wrCYpVZdUN022doPhG76C0blhbmXmG7in8elY000bOHaDw3L93Vtd1RllMlyj2w7
J1+fpuZeaHWQkYY8n0XENPly9OOMBDXKspDFpyY0N9tkK9jzOToWiSGAAEoJ4gti
uz7XPHmu8S05kTgoRqrigzErLPiiF7qHZpC20lqT2u273G7JIdbATTcj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:20 2024 by rpki-client on console-fra.rpki-client.org