Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/a39496-99a1-4c18-94a3-c170c65f0938/1/QKFbIc9HiEqHV_QCN6h1WfFLJMo.roa
File: QKFbIc9HiEqHV_QCN6h1WfFLJMo.roa (raw, json)
Hash identifier: Q/MAnD7fL0vNfcVEL/dbEMy/qS4bHkdE+OojYvWodLU=
Subject key identifier: 40:A1:5B:21:CF:47:88:4A:87:57:F4:02:37:A8:75:59:F1:4B:24:CA
Certificate issuer: /CN=e5484ab7509bcbbda351e200091742d43366b347
Certificate serial: 0268C5D3
Authority key identifier: E5:48:4A:B7:50:9B:CB:BD:A3:51:E2:00:09:17:42:D4:33:66:B3:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5UhKt1Cby72jUeIACRdC1DNms0c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/a39496-99a1-4c18-94a3-c170c65f0938/1/QKFbIc9HiEqHV_QCN6h1WfFLJMo.roa
Signing time: Sat 01 Jan 2022 08:59:22 +0000
ROA not before: Sat 01 Jan 2022 08:59:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42394
IP address blocks: 193.33.85.0/24 maxlen: 24
195.62.92.0/23 maxlen: 23
195.62.92.0/24 maxlen: 24
193.33.84.0/24 maxlen: 24
193.33.84.0/23 maxlen: 23
193.33.85.240/28 maxlen: 28
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40420819 (0x268c5d3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5484ab7509bcbbda351e200091742d43366b347
Validity
Not Before: Jan 1 08:59:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=40a15b21cf47884a8757f40237a87559f14b24ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:14:bc:80:6c:c4:93:52:a1:11:ab:4a:46:69:
85:90:56:4e:30:1d:0a:66:d1:10:c3:69:03:f9:3d:
10:65:0f:6f:60:5d:d5:9a:af:98:a0:a5:a7:7a:39:
93:c0:07:1a:a8:86:54:ba:37:c3:7a:39:3c:93:96:
db:34:29:9e:f4:95:50:c3:78:ad:8e:aa:2c:fe:a2:
f9:bf:6f:8b:78:4c:f7:ba:5b:26:ab:c7:8b:0e:60:
fe:7a:a1:82:8b:83:6f:1b:31:ac:e8:78:c3:41:11:
82:d9:26:f9:37:c0:30:3d:a7:44:41:7a:bb:b9:24:
06:2f:ad:49:14:57:04:b0:32:c4:ec:1f:c9:5b:fd:
1e:81:93:4f:86:34:9d:7f:64:33:ff:43:89:36:0d:
0c:5e:2a:15:b3:54:ed:ac:84:bc:39:bc:26:ab:35:
59:05:c2:6a:51:ed:80:9a:79:b1:b2:a6:3f:44:0f:
1e:b3:99:19:60:43:dc:34:65:d5:f1:8c:ca:2f:ad:
90:9c:01:a9:37:ef:a2:46:1f:e2:66:36:83:b4:b4:
b1:d7:b4:42:32:f3:77:6c:41:48:b7:d9:88:e1:5d:
c5:55:a9:ac:24:f8:23:84:6c:7a:7a:fc:28:b5:f7:
2f:49:15:ec:42:5a:d3:7e:9e:e9:80:6f:91:2a:54:
f7:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:A1:5B:21:CF:47:88:4A:87:57:F4:02:37:A8:75:59:F1:4B:24:CA
X509v3 Authority Key Identifier:
keyid:E5:48:4A:B7:50:9B:CB:BD:A3:51:E2:00:09:17:42:D4:33:66:B3:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5UhKt1Cby72jUeIACRdC1DNms0c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/a39496-99a1-4c18-94a3-c170c65f0938/1/QKFbIc9HiEqHV_QCN6h1WfFLJMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/a39496-99a1-4c18-94a3-c170c65f0938/1/5UhKt1Cby72jUeIACRdC1DNms0c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.33.84.0/23
195.62.92.0/23
Signature Algorithm: sha256WithRSAEncryption
45:17:87:44:ee:db:d7:4a:80:59:f8:08:f1:98:8a:ec:c5:66:
4a:47:08:15:e9:35:6c:46:c6:64:52:c8:ed:10:99:4e:4b:7c:
6f:4d:68:c0:9e:75:2a:3a:69:2e:86:92:d6:0d:89:f6:7b:0f:
f7:b5:c7:04:8b:6f:2f:d5:e9:b3:93:0c:9a:16:65:7e:4c:57:
ed:f4:d2:23:d3:c7:fc:8e:aa:02:5f:a1:e5:80:39:b2:85:3e:
fe:e7:03:03:c0:95:8e:ca:00:06:61:7c:92:60:23:7a:d6:87:
fa:d0:ff:54:bb:89:84:55:f4:d4:5e:2d:a0:a2:05:18:13:8f:
40:3d:1b:df:dc:f7:13:8a:32:65:66:e5:9b:44:f3:fe:ee:cb:
84:3b:89:d3:52:fb:e3:94:ee:a1:29:54:41:03:82:d5:ad:95:
63:9c:18:83:15:4f:7e:90:ae:04:62:7a:da:13:6e:70:a8:7a:
b1:8c:29:11:4d:de:04:7d:bc:79:24:8b:72:fe:d1:6d:f5:6f:
36:c2:04:e5:66:ff:49:0f:66:bd:82:44:d4:11:8c:c8:41:6f:
ae:9d:e8:22:a5:05:ab:bd:ac:84:1d:b6:16:e6:08:19:fc:e8:
22:d9:c7:2f:41:ae:d1:6f:a1:31:ce:21:33:88:84:80:71:02:
24:74:1f:6a
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAmjF0zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NTQ4NGFiNzUwOWJjYmJkYTM1MWUyMDAwOTE3NDJkNDMzNjZiMzQ3MB4XDTIyMDEw
MTA4NTkyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDBhMTViMjFjZjQ3
ODg0YTg3NTdmNDAyMzdhODc1NTlmMTRiMjRjYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKoUvIBsxJNSoRGrSkZphZBWTjAdCmbREMNpA/k9EGUPb2Bd
1ZqvmKClp3o5k8AHGqiGVLo3w3o5PJOW2zQpnvSVUMN4rY6qLP6i+b9vi3hM97pb
JqvHiw5g/nqhgouDbxsxrOh4w0ERgtkm+TfAMD2nREF6u7kkBi+tSRRXBLAyxOwf
yVv9HoGTT4Y0nX9kM/9DiTYNDF4qFbNU7ayEvDm8Jqs1WQXCalHtgJp5sbKmP0QP
HrOZGWBD3DRl1fGMyi+tkJwBqTfvokYf4mY2g7S0sde0QjLzd2xBSLfZiOFdxVWp
rCT4I4Rsenr8KLX3L0kV7EJa036e6YBvkSpU93ECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRAoVshz0eISodX9AI3qHVZ8UskyjAfBgNVHSMEGDAWgBTlSEq3UJvLvaNR
4gAJF0LUM2azRzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVVaEt0MUNieTcyalVlSUFDUmRDMURObXMwYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2YvYTM5NDk2LTk5YTEtNGMxOC05NGEzLWMxNzBjNjVmMDkzOC8x
L1FLRmJJYzlIaUVxSFZfUUNONmgxV2ZGTEpNby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Yv
YTM5NDk2LTk5YTEtNGMxOC05NGEzLWMxNzBjNjVmMDkzOC8xLzVVaEt0MUNieTcy
alVlSUFDUmRDMURObXMwYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAcEhVAMEAcM+XDANBgkqhkiG9w0B
AQsFAAOCAQEARReHRO7b10qAWfgI8ZiK7MVmSkcIFek1bEbGZFLI7RCZTkt8b01o
wJ51KjppLoaS1g2J9nsP97XHBItvL9Xps5MMmhZlfkxX7fTSI9PH/I6qAl+h5YA5
soU+/ucDA8CVjsoABmF8kmAjetaH+tD/VLuJhFX01F4toKIFGBOPQD0b39z3E4oy
ZWblm0Tz/u7LhDuJ01L745TuoSlUQQOC1a2VY5wYgxVPfpCuBGJ62hNucKh6sYwp
EU3eBH28eSSLcv7RbfVvNsIE5Wb/SQ9mvYJE1BGMyEFvrp3oIqUFq72shB22FuYI
GfzoItnHL0Gu0W+hMc4hM4iEgHECJHQfag==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:32 2023 by rpki-client on console-fra.rpki-client.org