Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/QM8GLX4_39IQx5FWT628njieyfU.roa
File: QM8GLX4_39IQx5FWT628njieyfU.roa (raw, json)
Hash identifier: e6YthTYjEOgxNkN+Q4amWAQcn/sB9RWvcvbKUdSls7E=
Subject key identifier: 40:CF:06:2D:7E:3F:DF:D2:10:C7:91:56:4F:AD:BC:9E:38:9E:C9:F5
Certificate issuer: /CN=5b52634a2eb03f8565b5e33dc2b9f49041f7cfb0
Certificate serial: 018837BBF80FB7053F638B67016D23AD3E29
Authority key identifier: 5B:52:63:4A:2E:B0:3F:85:65:B5:E3:3D:C2:B9:F4:90:41:F7:CF:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/QM8GLX4_39IQx5FWT628njieyfU.roa
Signing time: Sat 20 May 2023 05:57:25 +0000
ROA not before: Sat 20 May 2023 05:57:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41689
IP address blocks: 188.0.240.0/23 maxlen: 32
185.112.36.0/22 maxlen: 32
185.112.32.0/22 maxlen: 32
77.238.120.0/22 maxlen: 32
93.115.144.0/21 maxlen: 32
46.143.0.0/17 maxlen: 32
37.156.144.0/22 maxlen: 32
89.235.96.0/22 maxlen: 32
185.120.220.0/22 maxlen: 32
185.120.248.0/22 maxlen: 32
176.65.240.0/22 maxlen: 32
31.25.128.0/21 maxlen: 32
176.65.252.0/23 maxlen: 32
176.65.254.0/23 maxlen: 32
128.65.176.0/20 maxlen: 32
79.127.0.0/17 maxlen: 32
185.98.112.0/22 maxlen: 32
89.41.40.0/22 maxlen: 32
93.118.180.0/22 maxlen: 32
185.99.212.0/22 maxlen: 32
185.109.244.0/22 maxlen: 32
185.49.84.0/22 maxlen: 32
185.109.248.0/22 maxlen: 32
31.7.64.0/20 maxlen: 32
178.22.120.0/21 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:37:bb:f8:0f:b7:05:3f:63:8b:67:01:6d:23:ad:3e:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b52634a2eb03f8565b5e33dc2b9f49041f7cfb0
Validity
Not Before: May 20 05:57:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40cf062d7e3fdfd210c791564fadbc9e389ec9f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:bc:f7:b7:a1:f4:1d:cd:67:8d:e9:66:08:5a:
f8:d6:6f:b5:c4:bb:72:47:aa:0c:cd:08:25:c6:9b:
70:24:8c:14:2b:e7:1a:0d:26:9a:11:e0:e8:e1:73:
d7:5e:f5:4a:13:db:3d:29:14:fa:df:39:78:a4:79:
f6:76:67:a2:24:11:a5:4f:ee:08:43:9b:34:68:4f:
01:51:08:7b:81:77:b9:42:9c:1e:f9:0d:f2:34:bb:
ff:9c:39:16:5d:da:ae:27:ce:40:30:e4:7c:f3:7f:
45:6e:8f:72:ad:42:1f:db:45:0b:86:8b:f1:b8:5f:
22:42:a0:97:6c:bc:e0:81:65:06:fd:3c:5e:00:1d:
71:a3:28:78:d4:4d:95:27:2a:e8:a4:42:4a:e2:23:
fe:d5:40:b8:5f:aa:e3:ca:4c:23:30:50:52:af:85:
6f:4e:98:55:27:c5:a3:e3:f1:4f:09:d5:47:7c:04:
15:be:6e:78:29:b9:a3:b9:b0:4f:17:cb:7b:68:92:
8d:56:81:22:d6:ed:89:6f:d1:39:ff:21:09:f6:a8:
06:29:d0:71:23:89:89:fb:9e:48:35:76:a1:9e:bc:
1d:18:4c:5a:74:65:89:69:a3:c4:b6:76:9a:1a:33:
28:d4:0a:6a:ec:26:6a:3b:1e:fa:d7:7d:e7:77:92:
f0:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:CF:06:2D:7E:3F:DF:D2:10:C7:91:56:4F:AD:BC:9E:38:9E:C9:F5
X509v3 Authority Key Identifier:
keyid:5B:52:63:4A:2E:B0:3F:85:65:B5:E3:3D:C2:B9:F4:90:41:F7:CF:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/QM8GLX4_39IQx5FWT628njieyfU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/W1JjSi6wP4VlteM9wrn0kEH3z7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.7.64.0/20
31.25.128.0/21
37.156.144.0/22
46.143.0.0/17
77.238.120.0/22
79.127.0.0/17
89.41.40.0/22
89.235.96.0/22
93.115.144.0/21
93.118.180.0/22
128.65.176.0/20
176.65.240.0/22
176.65.252.0/22
178.22.120.0/21
185.49.84.0/22
185.98.112.0/22
185.99.212.0/22
185.109.244.0-185.109.251.255
185.112.32.0/21
185.120.220.0/22
185.120.248.0/22
188.0.240.0/23
Signature Algorithm: sha256WithRSAEncryption
cb:94:46:2c:08:7b:0d:7c:6f:ce:bc:c8:89:e8:60:1d:ce:5e:
35:96:b6:b4:0c:a6:b5:53:a7:b9:f8:9b:dc:c5:f9:64:ff:98:
ec:13:1d:41:94:a0:53:09:a3:d3:d7:cd:0e:34:ab:8c:47:7e:
a6:99:39:cb:99:bc:f8:01:7b:7c:69:03:a5:84:3a:79:8a:03:
4a:c6:f2:c7:11:c8:e3:b6:22:41:94:6f:8a:a9:3b:5d:fe:6e:
94:40:98:d3:02:7b:a9:f0:7a:75:67:e8:9a:66:32:e7:94:84:
7e:4d:b2:98:fb:92:e2:ab:bb:a3:36:97:d8:89:4c:4d:fe:d2:
45:23:53:23:a1:2d:cd:90:bd:c3:0f:19:b2:7a:c3:92:c8:f5:
df:17:60:b1:3a:a7:6d:08:62:24:00:0d:9e:70:be:19:cf:59:
e4:89:be:07:18:fa:c3:d8:85:9c:da:76:4a:84:66:62:7d:0e:
03:61:6a:d7:cd:7a:4b:74:51:16:b8:67:47:55:3a:22:bf:88:
83:19:e6:27:a2:e4:f3:44:92:31:ea:0d:a7:81:6e:00:13:42:
d2:e8:8e:15:f3:cc:66:3a:08:e0:53:60:5c:89:f6:df:33:23:
cd:91:bc:d2:31:0f:09:bc:e4:91:54:fc:97:66:19:49:06:ea:
e3:e6:4e:3d
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAYg3u/gPtwU/Y4tnAW0jrT4pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNTI2MzRhMmViMDNmODU2NWI1ZTMzZGMyYjlmNDkwNDFm
N2NmYjAwHhcNMjMwNTIwMDU1NzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGNmMDYyZDdlM2ZkZmQyMTBjNzkxNTY0ZmFkYmM5ZTM4OWVjOWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkrz3t6H0Hc1njelmCFr41m+1xLty
R6oMzQglxptwJIwUK+caDSaaEeDo4XPXXvVKE9s9KRT63zl4pHn2dmeiJBGlT+4I
Q5s0aE8BUQh7gXe5Qpwe+Q3yNLv/nDkWXdquJ85AMOR8839Fbo9yrUIf20ULhovx
uF8iQqCXbLzggWUG/TxeAB1xoyh41E2VJyropEJK4iP+1UC4X6rjykwjMFBSr4Vv
TphVJ8Wj4/FPCdVHfAQVvm54KbmjubBPF8t7aJKNVoEi1u2Jb9E5/yEJ9qgGKdBx
I4mJ+55INXahnrwdGExadGWJaaPEtnaaGjMo1Apq7CZqOx76133nd5LwFQIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFEDPBi1+P9/SEMeRVk+tvJ44nsn1MB8GA1UdIwQY
MBaAFFtSY0ousD+FZbXjPcK59JBB98+wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzFKalNpNndQNFZsdGVNOXdybjBrRUgzejdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83YTViNDQtNmIxOC00MmQzLWE4ZDUt
ZGM2NTU0ZmQxMjM1LzEvUU04R0xYNF8zOUlReDVGV1Q2MjhuamlleWZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83YTViNDQtNmIxOC00MmQzLWE4ZDUtZGM2NTU0ZmQxMjM1
LzEvVzFKalNpNndQNFZsdGVNOXdybjBrRUgzejdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBkwQCAAEwgYwDBAQf
B0ADBAMfGYADBAIlnJADBAcujwADBAJN7ngDBAdPfwADBAJZKSgDBAJZ62ADBANd
c5ADBAJddrQDBASAQbADBAKwQfADBAKwQfwDBAOyFngDBAK5MVQDBAK5YnADBAK5
Y9QwDAMEArlt9AMEArlt+AMEA7lwIAMEArl43AMEArl4+AMEAbwA8DANBgkqhkiG
9w0BAQsFAAOCAQEAy5RGLAh7DXxvzrzIiehgHc5eNZa2tAymtVOnufib3MX5ZP+Y
7BMdQZSgUwmj09fNDjSrjEd+ppk5y5m8+AF7fGkDpYQ6eYoDSsbyxxHI47YiQZRv
iqk7Xf5ulECY0wJ7qfB6dWfommYy55SEfk2ymPuS4qu7ozaX2IlMTf7SRSNTI6Et
zZC9ww8ZsnrDksj13xdgsTqnbQhiJAANnnC+Gc9Z5Im+Bxj6w9iFnNp2SoRmYn0O
A2Fq1816S3RRFrhnR1U6Ir+IgxnmJ6Lk80SSMeoNp4FuABNC0uiOFfPMZjoI4FNg
XIn23zMjzZG80jEPCbzkkVT8l2YZSQbq4+ZOPQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:20:09 2025 by rpki-client