Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/QzI_8D79Tn7NhCHjI7cBunOIzxs.roa
File: QzI_8D79Tn7NhCHjI7cBunOIzxs.roa (raw, json)
Hash identifier: FYnqZGdw13sjbg5zfgWXSD4INVMSrqwhcY/0C0KZ2fw=
Subject key identifier: 43:32:3F:F0:3E:FD:4E:7E:CD:84:21:E3:23:B7:01:BA:73:88:CF:1B
Certificate issuer: /CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Certificate serial: 0183B1075E430816A5DAA711C27CC34538FB
Authority key identifier: 87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/QzI_8D79Tn7NhCHjI7cBunOIzxs.roa
Signing time: Fri 07 Oct 2022 05:59:53 +0000
ROA not before: Fri 07 Oct 2022 05:59:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8447
IP address blocks: 212.183.0.0/17 maxlen: 17
80.75.56.0/21 maxlen: 21
192.164.128.0/19 maxlen: 19
178.188.0.0/14 maxlen: 14
93.82.0.0/15 maxlen: 15
213.33.63.0/24 maxlen: 24
188.45.0.0/16 maxlen: 16
193.187.212.0/22 maxlen: 22
192.164.64.0/21 maxlen: 21
193.187.216.0/21 maxlen: 21
193.187.224.0/20 maxlen: 20
192.164.80.0/20 maxlen: 20
91.112.0.0/14 maxlen: 14
193.187.240.0/22 maxlen: 22
192.164.96.0/19 maxlen: 19
213.33.0.0/17 maxlen: 17
80.75.34.0/24 maxlen: 24
80.75.32.0/19 maxlen: 19
192.164.224.0/19 maxlen: 19
88.116.0.0/15 maxlen: 15
93.111.0.0/16 maxlen: 16
195.3.64.0/18 maxlen: 18
188.20.0.0/14 maxlen: 14
89.144.192.0/18 maxlen: 18
46.74.0.0/15 maxlen: 15
194.48.124.0/22 maxlen: 22
194.48.128.0/21 maxlen: 21
194.48.136.0/22 maxlen: 22
194.48.136.0/24 maxlen: 24
192.164.208.0/20 maxlen: 20
176.66.0.0/18 maxlen: 18
80.240.224.0/20 maxlen: 20
192.164.0.0/19 maxlen: 19
88.116.217.0/24 maxlen: 24
192.164.32.0/22 maxlen: 22
192.164.40.0/21 maxlen: 21
192.164.39.0/24 maxlen: 24
176.66.128.0/17 maxlen: 17
192.164.48.0/20 maxlen: 20
92.248.0.0/17 maxlen: 17
84.20.160.0/19 maxlen: 19
80.120.0.0/14 maxlen: 14
46.206.0.0/15 maxlen: 15
62.46.0.0/15 maxlen: 15
2001:4bb8::/29 maxlen: 29
2001:890::/29 maxlen: 29
2001:870::/29 maxlen: 29
2001:850::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:b1:07:5e:43:08:16:a5:da:a7:11:c2:7c:c3:45:38:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Validity
Not Before: Oct 7 05:59:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=43323ff03efd4e7ecd8421e323b701ba7388cf1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:44:4a:b4:dd:62:7e:6b:d0:42:ac:83:db:39:
1f:65:c6:21:fc:47:da:f8:d0:f5:8c:7e:09:66:0b:
e3:64:52:2d:16:e2:9e:66:e9:b3:10:b9:26:0c:60:
9b:47:9f:06:3f:03:55:12:98:2f:7a:92:0f:0a:c1:
15:5b:6c:f9:9e:8d:e4:da:5c:59:ec:70:0d:ef:2d:
8d:8e:5c:d0:47:a4:c6:5b:e1:74:3b:67:1c:a2:4f:
bb:cb:95:09:57:03:a8:45:ee:a2:cf:0f:02:f3:f7:
e7:3c:7c:36:0c:c0:6e:82:90:28:9e:f9:5c:a7:6e:
3a:ec:51:e1:87:27:0f:2d:7e:68:78:ad:0d:d7:14:
6f:37:23:98:e1:04:b5:9b:75:6a:47:04:ad:4e:5e:
83:a7:35:8f:95:9d:1b:7d:c8:aa:78:33:50:07:49:
88:78:9d:14:8e:b1:47:7c:bd:a2:c8:cc:13:5a:a6:
35:f3:5f:5e:7d:59:98:6f:65:4d:83:68:0a:d4:a5:
15:75:a5:51:f9:b3:b7:75:4e:37:43:4e:a3:b0:56:
53:cc:f2:f1:e0:09:13:13:f0:4c:22:15:fa:9c:23:
b6:2a:a2:42:59:a3:f3:3a:eb:08:de:77:c8:4f:fc:
6e:06:ed:d4:64:8f:51:41:2c:8f:c3:7b:1a:91:28:
35:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:32:3F:F0:3E:FD:4E:7E:CD:84:21:E3:23:B7:01:BA:73:88:CF:1B
X509v3 Authority Key Identifier:
keyid:87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/QzI_8D79Tn7NhCHjI7cBunOIzxs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.74.0.0/15
46.206.0.0/15
62.46.0.0/15
80.75.32.0/19
80.120.0.0/14
80.240.224.0/20
84.20.160.0/19
88.116.0.0/15
89.144.192.0/18
91.112.0.0/14
92.248.0.0/17
93.82.0.0/15
93.111.0.0/16
176.66.0.0/18
176.66.128.0/17
178.188.0.0/14
188.20.0.0/14
188.45.0.0/16
192.164.0.0-192.164.35.255
192.164.39.0-192.164.71.255
192.164.80.0-192.164.159.255
192.164.208.0-192.164.255.255
193.187.212.0-193.187.243.255
194.48.124.0-194.48.139.255
195.3.64.0/18
212.183.0.0/17
213.33.0.0/17
IPv6:
2001:850::/29
2001:870::/29
2001:890::/29
2001:4bb8::/29
Signature Algorithm: sha256WithRSAEncryption
33:88:3f:6a:1d:a5:71:09:ab:49:94:3b:b4:73:8d:ba:bf:9e:
b6:72:52:a9:02:39:2c:de:03:8d:78:14:1a:55:92:0a:19:75:
4e:b1:7d:82:1a:e0:6a:25:ba:47:f8:cd:7e:4b:66:fc:1e:f3:
25:78:7a:a7:6e:30:df:23:e5:8f:c0:7e:54:60:1e:53:74:92:
8a:1b:14:15:51:c6:88:69:f4:6a:24:15:25:e4:c6:0b:77:de:
15:04:56:12:22:6b:67:29:c9:fa:e5:42:37:c6:a4:ad:b0:22:
f9:ad:3a:9f:db:79:dd:05:7e:14:bf:da:ba:b7:44:9e:be:36:
76:60:d7:c9:12:66:54:6c:90:70:9d:82:b4:98:99:73:36:f5:
cb:37:99:b5:e8:d3:a6:d5:12:48:96:aa:6a:ab:be:be:30:18:
4e:b9:3b:e0:08:d4:75:e8:91:df:20:1d:b3:68:86:3e:1d:65:
3d:b6:1a:62:86:6e:3d:b7:96:93:a1:6a:2c:63:c7:a3:61:47:
0e:6c:dd:a3:d7:db:c4:37:c1:3d:12:ef:b0:bc:60:56:e4:3f:
ad:76:e0:72:3b:0e:cd:e4:d7:a2:9d:99:05:9d:5c:7f:e4:03:
d6:69:72:23:7f:65:8e:ac:e8:34:e6:4a:da:dc:a3:40:88:aa:
e0:70:3d:48
-----BEGIN CERTIFICATE-----
MIIF5jCCBM6gAwIBAgISAYOxB15DCBal2qcRwnzDRTj7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MGM1ODlhNGYyMmE5Y2EyZmY5OWI0YzQ4ZjhiZGY0OTI4
NzE3MjUwHhcNMjIxMDA3MDU1OTUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzMyM2ZmMDNlZmQ0ZTdlY2Q4NDIxZTMyM2I3MDFiYTczODhjZjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwERKtN1ifmvQQqyD2zkfZcYh/Efa
+ND1jH4JZgvjZFItFuKeZumzELkmDGCbR58GPwNVEpgvepIPCsEVW2z5no3k2lxZ
7HAN7y2NjlzQR6TGW+F0O2ccok+7y5UJVwOoRe6izw8C8/fnPHw2DMBugpAonvlc
p2467FHhhycPLX5oeK0N1xRvNyOY4QS1m3VqRwStTl6DpzWPlZ0bfciqeDNQB0mI
eJ0UjrFHfL2iyMwTWqY1819efVmYb2VNg2gK1KUVdaVR+bO3dU43Q06jsFZTzPLx
4AkTE/BMIhX6nCO2KqJCWaPzOusI3nfIT/xuBu3UZI9RQSyPw3sakSg1aQIDAQAB
o4IC8jCCAu4wHQYDVR0OBBYEFEMyP/A+/U5+zYQh4yO3AbpziM8bMB8GA1UdIwQY
MBaAFIcMWJpPIqnKL/mbTEj4vfSShxclMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWIt
ODQ5ZDNhNmI5YzJkLzEvUXpJXzhENzlUbjdOaENIakk3Y0J1bk9JenhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWItODQ5ZDNhNmI5YzJk
LzEvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBgYIKwYBBQUHAQcBAf8EgfYwgfMwgcwEAgABMIHFAwMB
LkoDAwEuzgMDAT4uAwQFUEsgAwMCUHgDBARQ8OADBAVUFKADAwFYdAMEBlmQwAMD
AltwAwQHXPgAAwMBXVIDAwBdbwMEBrBCAAMEB7BCgAMDArK8AwMCvBQDAwC8LTAL
AwMCwKQDBALApCAwDAMEAMCkJwMEA8CkQDAMAwQEwKRQAwQFwKSAMAsDBATApNAD
AwDApDAMAwQCwbvUAwQCwbvwMAwDBALCMHwDBALCMIgDBAbDA0ADBAfUtwADBAfV
IQAwIgQCAAIwHAMFAyABCFADBQMgAQhwAwUDIAEIkAMFAyABS7gwDQYJKoZIhvcN
AQELBQADggEBADOIP2odpXEJq0mUO7Rzjbq/nrZyUqkCOSzeA414FBpVkgoZdU6x
fYIa4Golukf4zX5LZvwe8yV4eqduMN8j5Y/AflRgHlN0koobFBVRxohp9GokFSXk
xgt33hUEVhIia2cpyfrlQjfGpK2wIvmtOp/bed0FfhS/2rq3RJ6+NnZg18kSZlRs
kHCdgrSYmXM29cs3mbXo06bVEkiWqmqrvr4wGE65O+AI1HXokd8gHbNohj4dZT22
GmKGbj23lpOhaixjx6NhRw5s3aPX28Q3wT0S77C8YFbkP6124HI7Ds3k16KdmQWd
XH/kA9ZpciN/ZY6s6DTmStrco0CIquBwPUg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:38 2024 by rpki-client on console-fra.rpki-client.org