Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/Q-ubnBxRtRHXCgdqg9TYJXsDFkM.roa
File: Q-ubnBxRtRHXCgdqg9TYJXsDFkM.roa (raw, json)
Hash identifier: 4NAOmFfvbqQHzo3++jzYQ+u5U1r7Q0F9L+KLWdHriYM=
Subject key identifier: 43:EB:9B:9C:1C:51:B5:11:D7:0A:07:6A:83:D4:D8:25:7B:03:16:43
Certificate issuer: /CN=408025c7de0400e0f3c88d4a122a317e32c5e21c
Certificate serial: 018529EF981C40816BF376BEB584816576C4
Authority key identifier: 40:80:25:C7:DE:04:00:E0:F3:C8:8D:4A:12:2A:31:7E:32:C5:E2:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QIAlx94EAODzyI1KEioxfjLF4hw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/Q-ubnBxRtRHXCgdqg9TYJXsDFkM.roa
Signing time: Mon 19 Dec 2022 10:30:45 +0000
ROA not before: Mon 19 Dec 2022 10:30:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50613
IP address blocks: 82.221.96.0/19 maxlen: 19
82.221.100.0/23 maxlen: 23
82.221.105.0/24 maxlen: 24
82.221.104.0/24 maxlen: 24
193.107.84.0/22 maxlen: 22
82.221.111.0/24 maxlen: 24
82.221.113.0/24 maxlen: 24
82.221.131.0/24 maxlen: 24
82.221.128.0/19 maxlen: 19
82.221.139.0/24 maxlen: 24
82.221.146.0/24 maxlen: 24
2a02:f48:2000::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:29:ef:98:1c:40:81:6b:f3:76:be:b5:84:81:65:76:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=408025c7de0400e0f3c88d4a122a317e32c5e21c
Validity
Not Before: Dec 19 10:30:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=43eb9b9c1c51b511d70a076a83d4d8257b031643
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:fa:dc:1e:2d:25:ff:c5:18:ef:26:cd:eb:4b:
d5:97:97:fd:48:74:26:f1:9b:e8:c6:38:4a:c4:aa:
22:da:81:11:90:64:37:ce:2c:6d:3c:9f:14:09:e0:
2b:02:0c:48:dc:e8:97:45:5e:d0:09:0d:9f:de:dc:
6c:97:67:16:5f:8e:7a:8d:ec:19:21:dd:43:51:92:
dd:0f:00:80:de:3f:c5:ce:fc:a9:8e:fc:43:24:51:
39:35:73:69:28:93:f3:74:a8:a3:29:83:62:77:57:
1d:47:75:f5:9e:1c:45:72:f6:8a:d1:f1:76:64:dd:
02:65:e5:b4:98:b9:5e:9d:a4:4a:64:a4:46:05:ed:
b1:f1:68:5b:8b:6d:20:b2:e2:4b:59:40:74:f4:f1:
bd:f6:fb:ab:a0:ba:80:94:65:08:9a:fd:9f:44:2e:
db:d9:02:36:c5:78:d7:7e:69:04:ec:5d:2a:63:2d:
a4:cf:49:ea:a4:06:98:b6:27:46:55:34:12:b2:e6:
e3:e0:fe:78:c2:2a:3b:c4:14:61:eb:f1:56:03:45:
57:4b:88:ea:c9:e6:3f:b3:11:c3:86:3a:0b:5a:f0:
80:90:36:18:23:df:53:b9:74:f9:ea:5a:ca:f8:ff:
a0:87:f9:99:90:72:7e:ab:ac:88:88:b8:e3:cb:db:
17:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:EB:9B:9C:1C:51:B5:11:D7:0A:07:6A:83:D4:D8:25:7B:03:16:43
X509v3 Authority Key Identifier:
keyid:40:80:25:C7:DE:04:00:E0:F3:C8:8D:4A:12:2A:31:7E:32:C5:E2:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIAlx94EAODzyI1KEioxfjLF4hw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/Q-ubnBxRtRHXCgdqg9TYJXsDFkM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/QIAlx94EAODzyI1KEioxfjLF4hw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.221.96.0-82.221.159.255
193.107.84.0/22
IPv6:
2a02:f48:2000::/40
Signature Algorithm: sha256WithRSAEncryption
30:83:ae:5e:dd:10:7b:35:55:21:54:a2:05:53:d4:f2:5d:0e:
bf:49:e8:e1:7b:aa:ed:c1:87:2f:74:1d:d6:30:6f:a9:a1:30:
07:0f:da:d8:d1:87:3b:fc:e1:5a:7a:dd:ac:85:53:70:ae:39:
7c:5a:1f:6f:ab:55:a9:b7:3d:e1:1e:fb:ce:a1:de:20:b8:77:
b3:0f:21:33:48:4a:3c:19:35:4f:93:65:3d:d0:cc:b8:7d:86:
cd:56:26:77:a3:0e:e1:0b:57:f8:04:50:bf:15:39:db:7c:9c:
1d:4c:89:84:0a:05:32:6e:de:9a:43:0c:89:59:5e:46:fc:9b:
99:70:ef:7a:37:4c:ff:20:d9:a7:55:60:20:77:75:ee:1b:9e:
ec:82:4d:97:57:49:43:f1:e9:12:d4:07:de:d0:1b:33:91:a3:
4d:ff:4a:e3:e8:9c:5e:30:c4:06:1a:0a:de:d8:eb:4f:dd:87:
e5:ee:8a:14:f1:9b:a5:b9:92:24:23:cd:78:a7:b6:32:07:8d:
a1:7f:2b:0c:21:93:5b:e2:5e:93:27:e1:7c:d5:8c:04:39:dd:
0a:b1:27:c2:d7:05:ef:ab:cb:d0:36:2e:ed:f1:53:27:13:44:
89:c9:3a:3d:6b:91:dd:47:37:43:a4:9b:65:10:d6:f9:c7:37:
ff:f9:aa:99
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYUp75gcQIFr83a+tYSBZXbEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwODAyNWM3ZGUwNDAwZTBmM2M4OGQ0YTEyMmEzMTdlMzJj
NWUyMWMwHhcNMjIxMjE5MTAzMDQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2ViOWI5YzFjNTFiNTExZDcwYTA3NmE4M2Q0ZDgyNTdiMDMxNjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvPrcHi0l/8UY7ybN60vVl5f9SHQm
8ZvoxjhKxKoi2oERkGQ3zixtPJ8UCeArAgxI3OiXRV7QCQ2f3txsl2cWX456jewZ
Id1DUZLdDwCA3j/FzvypjvxDJFE5NXNpKJPzdKijKYNid1cdR3X1nhxFcvaK0fF2
ZN0CZeW0mLlenaRKZKRGBe2x8Whbi20gsuJLWUB09PG99vuroLqAlGUImv2fRC7b
2QI2xXjXfmkE7F0qYy2kz0nqpAaYtidGVTQSsubj4P54wio7xBRh6/FWA0VXS4jq
yeY/sxHDhjoLWvCAkDYYI99TuXT56lrK+P+gh/mZkHJ+q6yIiLjjy9sXLwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFEPrm5wcUbUR1woHaoPU2CV7AxZDMB8GA1UdIwQY
MBaAFECAJcfeBADg88iNShIqMX4yxeIcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUlBbHg5NEVBT0R6eUkxS0Vpb3hmakxGNGh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy81OTMwM2QtNzQ4YS00Nzk3LTgxMWUt
ZmVlMmU4ZDQwODRmLzEvUS11Ym5CeFJ0UkhYQ2dkcWc5VFlKWHNERmtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy81OTMwM2QtNzQ4YS00Nzk3LTgxMWUtZmVlMmU4ZDQwODRm
LzEvUUlBbHg5NEVBT0R6eUkxS0Vpb3hmakxGNGh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAaBAIAATAUMAwDBAVS3WAD
BAVS3YADBALBa1QwDgQCAAIwCAMGACoCD0ggMA0GCSqGSIb3DQEBCwUAA4IBAQAw
g65e3RB7NVUhVKIFU9TyXQ6/Sejhe6rtwYcvdB3WMG+poTAHD9rY0Yc7/OFaet2s
hVNwrjl8Wh9vq1Wptz3hHvvOod4guHezDyEzSEo8GTVPk2U90My4fYbNViZ3ow7h
C1f4BFC/FTnbfJwdTImECgUybt6aQwyJWV5G/JuZcO96N0z/INmnVWAgd3XuG57s
gk2XV0lD8ekS1Afe0BszkaNN/0rj6JxeMMQGGgre2OtP3Yfl7ooU8ZuluZIkI814
p7YyB42hfysMIZNb4l6TJ+F81YwEOd0KsSfC1wXvq8vQNi7t8VMnE0SJyTo9a5Hd
RzdDpJtlENb5xzf/+aqZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:57 2024 by rpki-client on console-ams.rpki-client.org