Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/10ebcc-c832-4d33-88b5-bef872daece7/1/QKd7EOc5Mbbd1IMYN3w51eIVk2c.roa
File: QKd7EOc5Mbbd1IMYN3w51eIVk2c.roa (raw, json)
Hash identifier: alYY/tsHsdU03bu19dbmDhXkXNbGtok/yYNJTGpqRfo=
Subject key identifier: 40:A7:7B:10:E7:39:31:B6:DD:D4:83:18:37:7C:39:D5:E2:15:93:67
Certificate issuer: /CN=1f0614e195c1656a28e8b19b22784e8b55bb4533
Certificate serial: 06C532ED
Authority key identifier: 1F:06:14:E1:95:C1:65:6A:28:E8:B1:9B:22:78:4E:8B:55:BB:45:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HwYU4ZXBZWoo6LGbInhOi1W7RTM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/10ebcc-c832-4d33-88b5-bef872daece7/1/QKd7EOc5Mbbd1IMYN3w51eIVk2c.roa
Signing time: Tue 14 Jun 2022 06:17:36 +0000
ROA not before: Tue 14 Jun 2022 06:17:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51373
IP address blocks: 185.44.217.0/24 maxlen: 24
185.44.216.0/24 maxlen: 24
185.44.216.0/22 maxlen: 22
185.44.219.0/24 maxlen: 24
185.44.218.0/24 maxlen: 24
185.80.59.0/24 maxlen: 24
193.33.8.0/23 maxlen: 23
94.24.79.0/24 maxlen: 24
91.218.159.0/24 maxlen: 24
91.218.158.0/24 maxlen: 24
91.218.157.0/24 maxlen: 24
91.218.156.0/24 maxlen: 24
91.218.156.0/22 maxlen: 22
94.24.28.0/24 maxlen: 24
178.251.120.0/24 maxlen: 24
2a04:9a40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 113586925 (0x6c532ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f0614e195c1656a28e8b19b22784e8b55bb4533
Validity
Not Before: Jun 14 06:17:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=40a77b10e73931b6ddd48318377c39d5e2159367
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:5e:97:c2:f0:81:36:f9:7c:75:05:46:e2:7d:
68:6c:23:49:ca:41:d4:12:7d:db:77:a4:cb:75:22:
73:b7:2c:8f:bb:f3:f2:f6:66:9c:a4:1f:36:9d:b0:
08:b4:73:a4:ec:40:f2:af:b9:72:98:dd:1a:9f:33:
c8:37:8d:67:de:a2:f0:25:eb:7d:a8:5f:b3:05:ac:
2c:89:b9:cf:12:2f:f8:3e:ed:fc:1a:07:75:b6:60:
0f:e2:47:46:cc:99:5b:47:84:7b:0f:26:01:75:a0:
58:d8:e8:a6:95:22:34:61:7f:7c:91:a5:09:03:2c:
71:de:94:de:85:29:9d:79:41:df:49:ed:6a:a6:f8:
e2:4b:55:45:13:f9:1e:41:b1:3f:97:fe:ce:c8:15:
c8:f0:0e:4d:c7:ca:1f:86:e0:e8:5a:b3:d0:e4:00:
26:f4:9b:22:30:b8:dd:8b:09:1a:7a:01:fa:f1:be:
e4:c4:9c:d3:b9:b0:41:e9:24:b1:63:5f:6b:9d:40:
08:50:33:b5:62:aa:31:ef:72:24:40:d7:9b:f1:7e:
d1:b7:15:13:22:96:db:23:13:33:a4:84:c5:55:5e:
cb:c9:62:15:0a:13:69:11:50:21:52:29:e4:26:cc:
bd:0d:e3:89:ea:29:f4:82:dd:51:2f:40:4c:d4:fc:
70:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:A7:7B:10:E7:39:31:B6:DD:D4:83:18:37:7C:39:D5:E2:15:93:67
X509v3 Authority Key Identifier:
keyid:1F:06:14:E1:95:C1:65:6A:28:E8:B1:9B:22:78:4E:8B:55:BB:45:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HwYU4ZXBZWoo6LGbInhOi1W7RTM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/10ebcc-c832-4d33-88b5-bef872daece7/1/QKd7EOc5Mbbd1IMYN3w51eIVk2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/10ebcc-c832-4d33-88b5-bef872daece7/1/HwYU4ZXBZWoo6LGbInhOi1W7RTM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.218.156.0/22
94.24.28.0/24
94.24.79.0/24
178.251.120.0/24
185.44.216.0/22
185.80.59.0/24
193.33.8.0/23
IPv6:
2a04:9a40::/29
Signature Algorithm: sha256WithRSAEncryption
40:bc:40:45:a1:08:c9:fe:71:b5:61:b7:ea:bc:36:54:20:0d:
b2:58:f5:08:30:2b:df:23:0e:20:b3:24:aa:db:69:fe:90:fe:
98:b5:ab:77:f4:18:41:65:9a:65:6b:f9:8e:49:85:2c:19:39:
79:12:c6:5c:af:f8:44:85:f3:82:f2:2c:79:ee:55:e1:08:46:
7c:b8:59:e1:c8:b7:c3:d6:eb:ed:70:7b:4c:03:1e:90:c6:5b:
69:e0:27:c5:33:79:a7:69:0e:d8:b6:7a:8e:35:d7:5b:b9:4a:
bb:1a:17:d4:31:cd:5b:6f:40:a4:25:e5:18:de:50:75:3b:97:
f4:37:e2:b9:19:cd:c1:b1:91:f1:2d:fa:9d:9f:c1:66:67:4a:
42:5b:c1:20:22:a2:7f:3d:3b:1c:3f:08:ed:2f:29:d4:7f:9b:
85:44:ee:df:88:e2:a0:b4:53:c0:7d:8b:29:16:00:e3:7d:3d:
f6:3b:91:f4:12:12:70:d1:cb:86:84:61:13:2f:a6:8e:b6:2c:
cc:d6:07:20:dc:7f:aa:47:79:82:03:5b:0a:19:93:15:d8:96:
26:cd:ca:cd:1f:13:8d:92:3d:5e:7f:0b:70:44:2f:79:17:6a:
0a:48:9f:fc:c3:93:ac:c5:98:56:59:db:49:cb:68:74:8d:5a:
06:b3:3d:84
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIEBsUy7TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZjA2MTRlMTk1YzE2NTZhMjhlOGIxOWIyMjc4NGU4YjU1YmI0NTMzMB4XDTIyMDYx
NDA2MTczNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDBhNzdiMTBlNzM5
MzFiNmRkZDQ4MzE4Mzc3YzM5ZDVlMjE1OTM2NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMdel8LwgTb5fHUFRuJ9aGwjScpB1BJ923eky3Uic7csj7vz
8vZmnKQfNp2wCLRzpOxA8q+5cpjdGp8zyDeNZ96i8CXrfahfswWsLIm5zxIv+D7t
/BoHdbZgD+JHRsyZW0eEew8mAXWgWNjoppUiNGF/fJGlCQMscd6U3oUpnXlB30nt
aqb44ktVRRP5HkGxP5f+zsgVyPAOTcfKH4bg6Fqz0OQAJvSbIjC43YsJGnoB+vG+
5MSc07mwQekksWNfa51ACFAztWKqMe9yJEDXm/F+0bcVEyKW2yMTM6SExVVey8li
FQoTaRFQIVIp5CbMvQ3jieop9ILdUS9ATNT8cLkCAwEAAaOCAjwwggI4MB0GA1Ud
DgQWBBRAp3sQ5zkxtt3Ugxg3fDnV4hWTZzAfBgNVHSMEGDAWgBQfBhThlcFlaijo
sZsieE6LVbtFMzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0h3WVU0WlhCWldvbzZMR2JJbmhPaTFXN1JUTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWUvMTBlYmNjLWM4MzItNGQzMy04OGI1LWJlZjg3MmRhZWNlNy8x
L1FLZDdFT2M1TWJiZDFJTVlOM3c1MWVJVmsyYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWUv
MTBlYmNjLWM4MzItNGQzMy04OGI1LWJlZjg3MmRhZWNlNy8xL0h3WVU0WlhCWldv
bzZMR2JJbmhPaTFXN1JUTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBS
BggrBgEFBQcBBwEB/wRDMEEwMAQCAAEwKgMEAlvanAMEAF4YHAMEAF4YTwMEALL7
eAMEArks2AMEALlQOwMEAcEhCDANBAIAAjAHAwUDKgSaQDANBgkqhkiG9w0BAQsF
AAOCAQEAQLxARaEIyf5xtWG36rw2VCANslj1CDAr3yMOILMkqttp/pD+mLWrd/QY
QWWaZWv5jkmFLBk5eRLGXK/4RIXzgvIsee5V4QhGfLhZ4ci3w9br7XB7TAMekMZb
aeAnxTN5p2kO2LZ6jjXXW7lKuxoX1DHNW29ApCXlGN5QdTuX9DfiuRnNwbGR8S36
nZ/BZmdKQlvBICKifz07HD8I7S8p1H+bhUTu34jioLRTwH2LKRYA43099juR9BIS
cNHLhoRhEy+mjrYszNYHINx/qkd5ggNbChmTFdiWJs3KzR8TjZI9Xn8LcEQveRdq
Ckif/MOTrMWYVlnbSctodI1aBrM9hA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:51 2023 by rpki-client on console-ams.rpki-client.org