Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/QDWQgYo48cEi89ABi9dFFxtW2fs.roa
File: QDWQgYo48cEi89ABi9dFFxtW2fs.roa (raw, json)
Hash identifier: 7Z+MES69D1p9sV/pFQ/x+cntVLH+PVm5B3tR7vuNl44=
Subject key identifier: 40:35:90:81:8A:38:F1:C1:22:F3:D0:01:8B:D7:45:17:1B:56:D9:FB
Certificate issuer: /CN=f93ac6cd2240249bba60171f086e9101cc87ca24
Certificate serial: 0183A7DEB3A92784760A3F0CFDB53770971D
Authority key identifier: F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/QDWQgYo48cEi89ABi9dFFxtW2fs.roa
Signing time: Wed 05 Oct 2022 11:18:53 +0000
ROA not before: Wed 05 Oct 2022 11:18:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 40676
IP address blocks: 147.189.131.0/24 maxlen: 24
147.189.128.0/24 maxlen: 24
147.189.134.0/24 maxlen: 24
147.189.135.0/24 maxlen: 24
147.189.138.0/24 maxlen: 24
45.14.113.0/24 maxlen: 24
176.111.217.0/24 maxlen: 24
2.56.8.0/24 maxlen: 24
2.56.9.0/24 maxlen: 24
5.183.76.0/24 maxlen: 24
2a0e:c80:323::/48 maxlen: 48
2a0e:c80:403::/48 maxlen: 48
2a0e:c80:3::/48 maxlen: 48
2a0e:c80:743::/48 maxlen: 48
2a0f:9980:195::/48 maxlen: 48
2a0f:9980:598::/48 maxlen: 48
2a0f:9980:936::/48 maxlen: 48
2a0f:9980:6::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:a7:de:b3:a9:27:84:76:0a:3f:0c:fd:b5:37:70:97:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f93ac6cd2240249bba60171f086e9101cc87ca24
Validity
Not Before: Oct 5 11:18:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=403590818a38f1c122f3d0018bd745171b56d9fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:c5:78:de:f5:dc:46:a2:71:a1:43:07:ce:3d:
f5:71:75:a8:72:bc:83:30:6d:3d:f6:ff:aa:32:4b:
18:de:6a:98:74:fa:d5:29:7f:36:cc:5b:fc:b3:6a:
b0:ab:a1:83:e6:c7:8d:57:b2:09:37:3b:4e:c9:e8:
2f:e8:69:6e:3e:f7:53:19:12:ac:55:d7:64:f4:d5:
8c:93:a7:ce:0d:19:f7:f6:53:a3:be:56:ad:05:ce:
ed:13:c5:b0:08:fb:ed:c2:2d:26:1b:ae:a4:37:1f:
b4:da:56:cf:c5:c8:11:59:b5:fd:3a:fc:d1:4a:53:
56:67:f0:dc:85:e7:f4:af:27:98:54:5e:5a:f8:c0:
e4:5f:f0:50:8c:85:db:61:df:cc:3f:a9:0b:7f:d7:
26:50:2c:69:4f:08:b3:5e:31:c7:9f:38:0c:b4:5d:
bb:4c:18:92:51:e4:d3:ce:90:5e:f4:c2:2f:23:f6:
03:ce:c6:bd:9d:62:c5:8c:e5:fe:ef:d4:9b:cd:49:
f5:08:73:9e:11:42:4f:26:c8:8b:47:a0:50:49:9d:
62:7e:3b:15:2a:f9:91:b2:4f:0c:bd:15:b6:2f:15:
22:5b:fc:da:4b:58:db:73:7c:f4:f3:46:36:c9:04:
23:cc:d6:90:31:03:de:82:7f:ef:98:c4:7c:3d:1f:
a3:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:35:90:81:8A:38:F1:C1:22:F3:D0:01:8B:D7:45:17:1B:56:D9:FB
X509v3 Authority Key Identifier:
keyid:F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/QDWQgYo48cEi89ABi9dFFxtW2fs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.8.0/23
5.183.76.0/24
45.14.113.0/24
147.189.128.0/24
147.189.131.0/24
147.189.134.0/23
147.189.138.0/24
176.111.217.0/24
IPv6:
2a0e:c80:3::/48
2a0e:c80:323::/48
2a0e:c80:403::/48
2a0e:c80:743::/48
2a0f:9980:6::/48
2a0f:9980:195::/48
2a0f:9980:598::/48
2a0f:9980:936::/48
Signature Algorithm: sha256WithRSAEncryption
42:bd:c6:33:3c:29:c6:7c:1a:ae:13:91:cf:2c:87:e2:45:27:
fd:2d:57:7c:b5:22:95:eb:03:cd:c9:9b:fd:06:fd:0d:17:ae:
0d:fd:44:11:75:5b:7b:ff:b6:04:38:e9:e8:d4:ed:89:42:23:
70:b2:aa:9e:06:2a:26:c7:f3:0a:c9:e9:c9:cb:64:f4:ee:af:
a5:13:a4:ad:f7:c1:cc:2d:14:e9:51:e6:68:09:b8:bf:13:f2:
0f:d5:f5:bd:87:bb:3d:cd:2e:f5:83:a9:ba:02:78:58:31:45:
b6:ff:8a:33:25:ee:f8:aa:49:82:6c:41:c4:ed:cb:27:8c:7e:
d2:e5:54:48:2c:88:63:67:00:f4:4b:bd:8a:c2:be:22:9f:45:
70:be:e5:fa:a2:6a:62:2f:39:37:9b:49:92:ab:65:67:7e:4b:
19:9b:8a:c6:67:c7:dd:77:bb:e0:15:48:43:f2:b9:0b:fc:2e:
42:c3:fe:03:92:58:a8:5a:ce:84:da:5f:74:cd:b3:b4:19:c9:
6b:c0:49:ee:1d:55:ae:c9:be:91:69:7e:b3:0c:2a:25:8c:76:
ac:9f:00:ce:1a:a2:53:3a:de:0c:cd:1d:d3:f4:d5:69:44:0c:
ee:6c:43:b6:04:47:3f:1d:09:82:ae:1f:5f:41:74:71:99:57:
ea:3e:cf:8f
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAYOn3rOpJ4R2Cj8M/bU3cJcdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5M2FjNmNkMjI0MDI0OWJiYTYwMTcxZjA4NmU5MTAxY2M4
N2NhMjQwHhcNMjIxMDA1MTExODUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDM1OTA4MThhMzhmMWMxMjJmM2QwMDE4YmQ3NDUxNzFiNTZkOWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsV43vXcRqJxoUMHzj31cXWocryD
MG099v+qMksY3mqYdPrVKX82zFv8s2qwq6GD5seNV7IJNztOyegv6GluPvdTGRKs
Vddk9NWMk6fODRn39lOjvlatBc7tE8WwCPvtwi0mG66kNx+02lbPxcgRWbX9OvzR
SlNWZ/Dchef0ryeYVF5a+MDkX/BQjIXbYd/MP6kLf9cmUCxpTwizXjHHnzgMtF27
TBiSUeTTzpBe9MIvI/YDzsa9nWLFjOX+79SbzUn1CHOeEUJPJsiLR6BQSZ1ifjsV
KvmRsk8MvRW2LxUiW/zaS1jbc3z080Y2yQQjzNaQMQPegn/vmMR8PR+j9wIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFEA1kIGKOPHBIvPQAYvXRRcbVtn7MB8GA1UdIwQY
MBaAFPk6xs0iQCSbumAXHwhukQHMh8okMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Uckd6U0pBSkp1NllCY2ZDRzZSQWN5SHlpUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgvYjAzMjEzLTVlODAtNDkzMS04MWNl
LWY3NTJkODE2MDVmYi8xL1FEV1FnWW80OGNFaTg5QUJpOWRGRnh0VzJmcy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTgvYjAzMjEzLTVlODAtNDkzMS04MWNlLWY3NTJkODE2MDVm
Yi8xLzEtVHJHelNKQUpKdTZZQmNmQ0c2UkFjeUh5aVEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgZsGCCsGAQUFBwEHAQH/BIGLMIGIMDYEAgABMDADBAEC
OAgDBAAFt0wDBAAtDnEDBACTvYADBACTvYMDBAGTvYYDBACTvYoDBACwb9kwTgQC
AAIwSAMHACoODIAAAwMHACoODIADIwMHACoODIAEAwMHACoODIAHQwMHACoPmYAA
BgMHACoPmYABlQMHACoPmYAFmAMHACoPmYAJNjANBgkqhkiG9w0BAQsFAAOCAQEA
Qr3GMzwpxnwarhORzyyH4kUn/S1XfLUilesDzcmb/Qb9DReuDf1EEXVbe/+2BDjp
6NTtiUIjcLKqngYqJsfzCsnpyctk9O6vpROkrffBzC0U6VHmaAm4vxPyD9X1vYe7
Pc0u9YOpugJ4WDFFtv+KMyXu+KpJgmxBxO3LJ4x+0uVUSCyIY2cA9Eu9isK+Ip9F
cL7l+qJqYi85N5tJkqtlZ35LGZuKxmfH3Xe74BVIQ/K5C/wuQsP+A5JYqFrOhNpf
dM2ztBnJa8BJ7h1Vrsm+kWl+swwqJYx2rJ8AzhqiUzreDM0d0/TVaUQM7mxDtgRH
Px0Jgq4fX0F0cZlX6j7Pjw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:34 2023 by rpki-client on console-ams.rpki-client.org