Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/8a684b-0375-40e5-b726-ce7985b56093/1/_QMDbM6dgdERlRMmpGv_191ysaA.roa
File: _QMDbM6dgdERlRMmpGv_191ysaA.roa (raw, json)
Hash identifier: I+grFTz4dyz1nfaoFjmxrL9b/vEhiCCyWisAyClDtyQ=
Subject key identifier: FD:03:03:6C:CE:9D:81:D1:11:95:13:26:A4:6B:FF:D7:DD:72:B1:A0
Certificate issuer: /CN=0d814a5f08fb47711d7160b027f996dfb612f045
Certificate serial: 018380C43F9027F36952B83012BE02C5A24E
Authority key identifier: 0D:81:4A:5F:08:FB:47:71:1D:71:60:B0:27:F9:96:DF:B6:12:F0:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DYFKXwj7R3EdcWCwJ_mW37YS8EU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/8a684b-0375-40e5-b726-ce7985b56093/1/_QMDbM6dgdERlRMmpGv_191ysaA.roa
Signing time: Tue 27 Sep 2022 21:04:48 +0000
ROA not before: Tue 27 Sep 2022 21:04:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35132
IP address blocks: 178.249.120.0/21 maxlen: 21
185.243.176.0/22 maxlen: 22
217.149.112.0/20 maxlen: 20
185.186.132.0/22 maxlen: 22
109.122.48.0/21 maxlen: 21
62.50.160.0/19 maxlen: 19
185.141.156.0/22 maxlen: 22
185.214.16.0/22 maxlen: 22
37.32.48.0/21 maxlen: 21
89.20.224.0/19 maxlen: 19
93.89.32.0/20 maxlen: 20
185.197.220.0/22 maxlen: 22
95.111.160.0/19 maxlen: 19
2a02:1660::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:80:c4:3f:90:27:f3:69:52:b8:30:12:be:02:c5:a2:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d814a5f08fb47711d7160b027f996dfb612f045
Validity
Not Before: Sep 27 21:04:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fd03036cce9d81d111951326a46bffd7dd72b1a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:fe:97:8f:41:34:43:2c:ff:be:72:86:5a:af:
2e:af:fd:05:2d:de:e6:ab:07:92:ca:8a:1e:15:96:
57:85:6c:cf:3b:f2:e5:6b:7b:5b:69:d4:ca:2b:d1:
73:8b:67:7d:0f:05:e5:e4:6b:a2:cb:ea:da:a2:16:
46:f0:49:97:fc:f5:58:8c:da:81:12:61:48:2a:e6:
55:04:13:3a:b3:df:e0:1b:a7:e8:05:b0:8d:8e:d2:
36:dc:54:52:3a:3e:30:8b:44:ac:0f:c4:0d:c5:04:
36:d4:ca:40:a9:cb:8a:33:51:46:ef:c4:59:31:40:
e3:86:60:34:68:1b:ed:06:d0:25:28:3b:eb:f7:b5:
1c:68:19:9f:de:00:a5:ca:d7:09:ce:3c:64:14:af:
d0:3d:66:9e:39:9c:01:05:de:0c:4b:c1:39:d4:42:
61:b8:87:aa:91:f2:84:41:c0:d0:21:76:ad:2e:98:
80:57:8f:62:48:1b:8f:a9:e8:11:b9:1e:63:77:9d:
cd:fb:6e:43:41:80:99:9a:30:09:3c:db:fb:ef:39:
6a:2d:5b:72:be:7a:90:9b:75:bb:59:1b:5d:90:0e:
65:0f:29:0d:95:f9:db:86:39:23:71:49:09:b4:38:
a0:4a:4f:31:ed:8e:c0:fd:d4:b9:0b:43:10:30:6a:
0e:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:03:03:6C:CE:9D:81:D1:11:95:13:26:A4:6B:FF:D7:DD:72:B1:A0
X509v3 Authority Key Identifier:
keyid:0D:81:4A:5F:08:FB:47:71:1D:71:60:B0:27:F9:96:DF:B6:12:F0:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DYFKXwj7R3EdcWCwJ_mW37YS8EU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/8a684b-0375-40e5-b726-ce7985b56093/1/_QMDbM6dgdERlRMmpGv_191ysaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/8a684b-0375-40e5-b726-ce7985b56093/1/DYFKXwj7R3EdcWCwJ_mW37YS8EU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.48.0/21
62.50.160.0/19
89.20.224.0/19
93.89.32.0/20
95.111.160.0/19
109.122.48.0/21
178.249.120.0/21
185.141.156.0/22
185.186.132.0/22
185.197.220.0/22
185.214.16.0/22
185.243.176.0/22
217.149.112.0/20
IPv6:
2a02:1660::/32
Signature Algorithm: sha256WithRSAEncryption
00:2c:7b:a6:c3:66:f4:36:71:57:0a:72:5f:16:f7:1e:d6:f6:
94:1f:8b:a2:6b:9f:13:63:fc:fb:a6:1e:86:84:c3:f5:86:56:
a4:69:50:89:07:9c:46:62:cc:0a:8c:5d:af:6c:60:b2:6a:b9:
97:1d:c2:87:28:99:72:d2:2c:08:0c:94:d0:bb:53:02:54:68:
19:35:ad:4f:27:1c:82:ce:57:4e:c9:df:e1:3f:33:2e:9b:4e:
6a:e8:66:b2:c5:1b:ce:a5:0d:98:51:70:9e:2e:1c:37:64:9e:
b7:6b:35:ca:e3:19:84:c4:63:d0:9b:2b:77:94:b0:8b:be:e0:
1f:50:7b:0c:85:9f:c4:75:88:17:f8:09:ec:2e:12:66:0a:08:
b0:f1:0d:a9:14:62:47:c0:83:56:e0:e0:4d:8b:2f:05:c3:06:
48:09:b4:18:21:0d:97:42:6c:ad:6b:96:7e:3d:4d:7c:9a:df:
88:ba:69:b3:b0:ce:9f:af:70:cd:a9:79:0c:11:ba:e0:e5:ad:
78:af:e0:d4:26:a2:e0:07:1f:23:51:0d:7a:09:ae:c2:0b:be:
fb:18:e5:48:b3:24:a9:5f:e9:5c:98:3e:ef:80:84:df:54:ee:
d6:d3:25:83:ca:3c:b5:21:af:1b:39:19:bd:25:e8:fd:e9:8f:
46:90:3d:85
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAYOAxD+QJ/NpUrgwEr4CxaJOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkODE0YTVmMDhmYjQ3NzExZDcxNjBiMDI3Zjk5NmRmYjYx
MmYwNDUwHhcNMjIwOTI3MjEwNDQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDAzMDM2Y2NlOWQ4MWQxMTE5NTEzMjZhNDZiZmZkN2RkNzJiMWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhv6Xj0E0Qyz/vnKGWq8ur/0FLd7m
qweSyooeFZZXhWzPO/Lla3tbadTKK9Fzi2d9DwXl5Guiy+raohZG8EmX/PVYjNqB
EmFIKuZVBBM6s9/gG6foBbCNjtI23FRSOj4wi0SsD8QNxQQ21MpAqcuKM1FG78RZ
MUDjhmA0aBvtBtAlKDvr97UcaBmf3gClytcJzjxkFK/QPWaeOZwBBd4MS8E51EJh
uIeqkfKEQcDQIXatLpiAV49iSBuPqegRuR5jd53N+25DQYCZmjAJPNv77zlqLVty
vnqQm3W7WRtdkA5lDykNlfnbhjkjcUkJtDigSk8x7Y7A/dS5C0MQMGoOQwIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFP0DA2zOnYHREZUTJqRr/9fdcrGgMB8GA1UdIwQY
MBaAFA2BSl8I+0dxHXFgsCf5lt+2EvBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFlGS1h3ajdSM0VkY1dDd0pfbVczN1lTOEVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC84YTY4NGItMDM3NS00MGU1LWI3MjYt
Y2U3OTg1YjU2MDkzLzEvX1FNRGJNNmRnZEVSbFJNbXBHdl8xOTF5c2FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC84YTY4NGItMDM3NS00MGU1LWI3MjYtY2U3OTg1YjU2MDkz
LzEvRFlGS1h3ajdSM0VkY1dDd0pfbVczN1lTOEVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBUBAIAATBOAwQDJSAwAwQF
PjKgAwQFWRTgAwQEXVkgAwQFX2+gAwQDbXowAwQDsvl4AwQCuY2cAwQCubqEAwQC
ucXcAwQCudYQAwQCufOwAwQE2ZVwMA0EAgACMAcDBQAqAhZgMA0GCSqGSIb3DQEB
CwUAA4IBAQAALHumw2b0NnFXCnJfFvce1vaUH4uia58TY/z7ph6GhMP1hlakaVCJ
B5xGYswKjF2vbGCyarmXHcKHKJly0iwIDJTQu1MCVGgZNa1PJxyCzldOyd/hPzMu
m05q6GayxRvOpQ2YUXCeLhw3ZJ63azXK4xmExGPQmyt3lLCLvuAfUHsMhZ/EdYgX
+AnsLhJmCgiw8Q2pFGJHwINW4OBNiy8FwwZICbQYIQ2XQmyta5Z+PU18mt+Iummz
sM6fr3DNqXkMEbrg5a14r+DUJqLgBx8jUQ16Ca7CC777GOVIsySpX+lcmD7vgITf
VO7W0yWDyjy1Ia8bORm9Jej96Y9GkD2F
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:49 2024 by rpki-client on console-ams.rpki-client.org