Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/QuARKxsUruUUezs5d9D7Bw6jCY0.roa
File: QuARKxsUruUUezs5d9D7Bw6jCY0.roa (raw, json)
Hash identifier: d5IV0fR75/vWBS9LA+XyN1BSS9tPl2dcgL9RrYLRkjM=
Subject key identifier: 42:E0:11:2B:1B:14:AE:E5:14:7B:3B:39:77:D0:FB:07:0E:A3:09:8D
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 0182C3FDA31595416F60FFE08E6B90CC98C9
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/QuARKxsUruUUezs5d9D7Bw6jCY0.roa
Signing time: Mon 22 Aug 2022 05:19:15 +0000
ROA not before: Mon 22 Aug 2022 05:19:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204650
IP address blocks: 185.215.231.0/24 maxlen: 24
185.124.172.0/22 maxlen: 22
185.124.175.0/24 maxlen: 24
37.32.44.0/24 maxlen: 24
37.32.44.0/22 maxlen: 22
37.32.47.0/24 maxlen: 24
37.32.45.0/24 maxlen: 24
185.243.48.0/23 maxlen: 23
185.243.48.0/22 maxlen: 22
178.239.150.0/24 maxlen: 24
178.239.155.0/24 maxlen: 24
178.239.154.0/24 maxlen: 24
178.239.154.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:c3:fd:a3:15:95:41:6f:60:ff:e0:8e:6b:90:cc:98:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Aug 22 05:19:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=42e0112b1b14aee5147b3b3977d0fb070ea3098d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:76:4b:a1:85:ab:51:ff:04:cd:7a:79:64:a9:
c3:45:fa:13:31:dd:4d:d8:bc:96:a5:2b:37:ea:67:
78:a1:93:e5:fa:10:19:bf:08:20:5e:90:36:8b:58:
9b:00:04:01:41:4b:b6:8b:e5:f9:42:e0:ec:ac:b8:
7e:c6:be:f0:fd:84:6b:40:c6:8c:5e:d2:a0:a7:91:
31:0e:a2:ab:0f:43:c7:55:ef:38:0d:42:6f:a8:6d:
3a:f0:8f:fb:40:f2:dc:8e:af:68:15:34:6a:62:df:
1d:28:9f:5a:c5:5b:a8:bd:ac:e7:a1:64:f4:39:75:
a5:c6:9b:af:88:fd:51:84:7e:19:59:f6:b7:76:bf:
15:82:ab:f6:7d:02:9f:cf:60:4a:3f:46:ec:72:b4:
70:d7:cf:b9:59:19:bb:01:9c:d1:76:78:46:48:0c:
e5:cc:5e:4e:42:4d:21:20:f0:19:22:69:f9:c6:eb:
15:bb:d4:79:1c:25:8a:75:e2:22:3c:f9:3c:7d:49:
01:ac:67:55:fa:1e:89:3d:70:0a:5f:7d:62:14:29:
56:0f:68:55:b7:fd:90:a2:3b:82:62:2a:ea:1c:19:
da:0b:4f:6d:4a:7e:3e:6c:8a:53:cc:a6:b2:5d:82:
80:bc:01:b0:51:c1:06:b4:8a:19:36:ab:90:77:6c:
1d:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:E0:11:2B:1B:14:AE:E5:14:7B:3B:39:77:D0:FB:07:0E:A3:09:8D
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/QuARKxsUruUUezs5d9D7Bw6jCY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.44.0/22
178.239.150.0/24
178.239.154.0/23
185.124.172.0/22
185.215.231.0/24
185.243.48.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:ec:5b:74:07:a0:88:0c:5d:32:0e:ae:07:47:a5:f5:60:80:
21:1b:78:12:22:dd:27:39:6a:20:fb:46:80:78:21:4a:c4:92:
e9:de:46:fd:a3:1e:14:aa:9a:7a:dd:6d:39:29:1b:bc:20:7f:
74:e3:04:5c:f6:ee:29:69:fc:9b:44:35:7a:5f:83:5f:39:f9:
7d:0b:1c:24:92:74:c4:12:0d:7b:3a:61:20:e6:90:cf:d4:fe:
3d:37:79:13:a7:f3:79:ab:96:86:b2:58:dd:02:97:87:5c:cb:
0e:66:e9:14:f0:83:bf:da:0b:c5:9e:d8:02:a2:6f:17:20:e8:
7e:ed:b5:a3:5d:8a:51:c6:8d:37:bc:7f:17:bc:7f:87:97:a4:
16:3d:e4:aa:d6:57:52:e2:9d:61:45:8d:a0:7b:51:fe:2a:47:
9f:85:97:93:6f:50:03:48:23:e3:2e:1f:6e:f0:01:7c:21:b5:
b3:48:d2:c1:de:6f:db:7e:18:dc:f8:34:51:88:9c:39:2a:6e:
48:a5:d3:e0:d8:c0:0d:d2:48:02:84:4a:45:37:f6:c2:43:7a:
9c:26:43:77:94:9f:57:67:f2:45:32:45:99:2b:4a:d0:ad:33:
a8:d3:74:79:a8:a0:ae:f8:42:23:a9:54:42:57:7b:57:cf:69:
41:8f:1b:14
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYLD/aMVlUFvYP/gjmuQzJjJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjIwODIyMDUxOTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmUwMTEyYjFiMTRhZWU1MTQ3YjNiMzk3N2QwZmIwNzBlYTMwOThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy3ZLoYWrUf8EzXp5ZKnDRfoTMd1N
2LyWpSs36md4oZPl+hAZvwggXpA2i1ibAAQBQUu2i+X5QuDsrLh+xr7w/YRrQMaM
XtKgp5ExDqKrD0PHVe84DUJvqG068I/7QPLcjq9oFTRqYt8dKJ9axVuovaznoWT0
OXWlxpuviP1RhH4ZWfa3dr8Vgqv2fQKfz2BKP0bscrRw18+5WRm7AZzRdnhGSAzl
zF5OQk0hIPAZImn5xusVu9R5HCWKdeIiPPk8fUkBrGdV+h6JPXAKX31iFClWD2hV
t/2QojuCYirqHBnaC09tSn4+bIpTzKayXYKAvAGwUcEGtIoZNquQd2wd0QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFELgESsbFK7lFHs7OXfQ+wcOowmNMB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvUXVBUkt4c1VydVVVZXpzNWQ5RDdCdzZqQ1kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCJSAsAwQA
su+WAwQBsu+aAwQCuXysAwQAudfnAwQCufMwMA0GCSqGSIb3DQEBCwUAA4IBAQCh
7Ft0B6CIDF0yDq4HR6X1YIAhG3gSIt0nOWog+0aAeCFKxJLp3kb9ox4Uqpp63W05
KRu8IH904wRc9u4pafybRDV6X4NfOfl9CxwkknTEEg17OmEg5pDP1P49N3kTp/N5
q5aGsljdApeHXMsOZukU8IO/2gvFntgCom8XIOh+7bWjXYpRxo03vH8XvH+Hl6QW
PeSq1ldS4p1hRY2ge1H+KkefhZeTb1ADSCPjLh9u8AF8IbWzSNLB3m/bfhjc+DRR
iJw5Km5IpdPg2MAN0kgChEpFN/bCQ3qcJkN3lJ9XZ/JFMkWZK0rQrTOo03R5qKCu
+EIjqVRCV3tXz2lBjxsU
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:33 2023 by rpki-client on console-fra.rpki-client.org