Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/QqRPvQi44fM-yC0shO3a2JIHps8.roa
File: QqRPvQi44fM-yC0shO3a2JIHps8.roa (raw, json)
Hash identifier: w8qjDlw2dJsGzXBw2kQEC/3Kl2EtL5q2EXdTaudER28=
Subject key identifier: 42:A4:4F:BD:08:B8:E1:F3:3E:C8:2D:2C:84:ED:DA:D8:92:07:A6:CF
Certificate issuer: /CN=a86580e18ad6ff8dc942be883c16de8b731f9605
Certificate serial: 01891ADCFD4AF442BE55880C97619E36154D
Authority key identifier: A8:65:80:E1:8A:D6:FF:8D:C9:42:BE:88:3C:16:DE:8B:73:1F:96:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qGWA4YrW_43JQr6IPBbei3MflgU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/QqRPvQi44fM-yC0shO3a2JIHps8.roa
Signing time: Mon 03 Jul 2023 08:27:17 +0000
ROA not before: Mon 03 Jul 2023 08:27:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39686
IP address blocks: 144.178.192.0/19 maxlen: 24
144.178.224.0/20 maxlen: 24
185.184.204.0/22 maxlen: 24
144.178.96.0/21 maxlen: 24
45.11.164.0/22 maxlen: 24
161.51.64.0/19 maxlen: 24
144.178.108.0/22 maxlen: 24
144.178.112.0/22 maxlen: 24
144.178.120.0/21 maxlen: 24
93.95.248.0/21 maxlen: 24
144.178.240.0/21 maxlen: 24
89.20.160.0/19 maxlen: 24
144.178.248.0/22 maxlen: 24
144.178.64.0/19 maxlen: 24
2a01:9bc0::/29 maxlen: 48
2a02:fe8::/32 maxlen: 48
2a02:fe9::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:1a:dc:fd:4a:f4:42:be:55:88:0c:97:61:9e:36:15:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a86580e18ad6ff8dc942be883c16de8b731f9605
Validity
Not Before: Jul 3 08:27:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=42a44fbd08b8e1f33ec82d2c84eddad89207a6cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:a5:82:ea:23:00:dd:15:e1:e7:74:59:6f:b1:
d3:bd:e7:1b:24:b1:66:54:40:33:8b:e6:54:f6:df:
09:c9:fa:ed:99:f7:8f:cf:11:b2:ef:97:5a:dc:d5:
a0:82:34:d3:6c:af:af:1d:a2:38:fd:44:11:c1:87:
b1:67:0a:32:9e:b0:60:09:75:65:a3:8a:fa:d6:22:
65:c4:de:29:24:69:af:09:df:67:bf:f0:82:22:ad:
50:1c:09:0e:99:df:5b:50:30:fc:e5:aa:18:53:2b:
0a:3f:d9:ec:26:9b:93:49:be:96:b0:28:d5:64:6a:
32:f9:03:a9:c3:81:c9:1c:dd:cd:0f:1f:94:b5:00:
99:a7:eb:3e:e8:0c:3f:05:1b:4c:b9:04:b2:34:c9:
63:03:aa:a7:94:34:76:df:29:29:38:4b:58:78:47:
12:1c:8d:fc:28:a3:75:83:a0:bd:d8:ed:e7:37:ce:
2a:08:a6:57:48:95:4e:73:71:ef:93:75:68:fc:51:
ff:9a:a4:ab:90:30:31:b6:09:40:66:31:67:31:d5:
80:99:d7:fa:47:a0:95:1a:c6:4f:3f:53:75:06:3f:
f7:d9:98:01:42:c6:46:6c:49:7d:8b:d4:32:09:7e:
a4:83:9b:5a:d7:c4:3f:24:c7:61:7e:a7:d3:31:29:
6b:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:A4:4F:BD:08:B8:E1:F3:3E:C8:2D:2C:84:ED:DA:D8:92:07:A6:CF
X509v3 Authority Key Identifier:
keyid:A8:65:80:E1:8A:D6:FF:8D:C9:42:BE:88:3C:16:DE:8B:73:1F:96:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qGWA4YrW_43JQr6IPBbei3MflgU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/QqRPvQi44fM-yC0shO3a2JIHps8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/qGWA4YrW_43JQr6IPBbei3MflgU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.164.0/22
89.20.160.0/19
93.95.248.0/21
144.178.64.0-144.178.103.255
144.178.108.0-144.178.115.255
144.178.120.0/21
144.178.192.0-144.178.251.255
161.51.64.0/19
185.184.204.0/22
IPv6:
2a01:9bc0::/29
2a02:fe8::/31
Signature Algorithm: sha256WithRSAEncryption
07:a1:98:80:b4:6d:2c:57:35:fb:d4:cf:ed:80:0d:7d:d2:20:
ff:8c:75:1b:12:84:e4:f5:78:d3:ae:3d:96:95:f2:4c:d3:37:
2a:0b:19:7b:d0:ba:46:b9:23:24:6c:96:68:30:f1:4a:02:bc:
9b:c5:10:c0:36:39:ed:f5:a8:58:8c:3d:8a:68:45:fa:31:27:
8b:11:40:15:ef:4e:1a:fe:9a:ee:f4:00:4a:49:85:d2:38:ec:
d3:a4:73:5b:9c:4c:e1:c9:a1:3f:f7:30:30:6b:1e:03:0f:54:
7e:a9:56:b5:c6:83:ff:d2:b4:b8:eb:dd:c7:b5:23:49:5e:5c:
91:25:5e:ef:8d:43:81:eb:53:31:ba:db:0c:be:f4:85:2b:df:
32:db:ec:f4:1e:ec:97:73:f9:1c:38:47:54:c0:5e:8a:2c:9e:
87:c5:a2:64:dd:3a:94:66:85:ed:2d:c4:6b:30:8b:2e:c2:03:
6b:4f:26:78:2c:67:ba:c3:7f:26:12:01:9f:5a:f1:ed:83:b8:
c9:9f:c2:46:b3:73:17:03:2f:f6:02:6e:16:c7:34:4f:b1:32:
c8:22:6b:06:c7:53:71:93:6e:6d:17:a8:d2:73:44:07:8d:36:
e1:19:b3:91:f8:3e:8d:7c:43:f9:8e:ef:c5:f7:4d:12:3d:2f:
62:d8:78:81
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAYka3P1K9EK+VYgMl2GeNhVNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NjU4MGUxOGFkNmZmOGRjOTQyYmU4ODNjMTZkZThiNzMx
Zjk2MDUwHhcNMjMwNzAzMDgyNzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmE0NGZiZDA4YjhlMWYzM2VjODJkMmM4NGVkZGFkODkyMDdhNmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6WC6iMA3RXh53RZb7HTvecbJLFm
VEAzi+ZU9t8JyfrtmfePzxGy75da3NWggjTTbK+vHaI4/UQRwYexZwoynrBgCXVl
o4r61iJlxN4pJGmvCd9nv/CCIq1QHAkOmd9bUDD85aoYUysKP9nsJpuTSb6WsCjV
ZGoy+QOpw4HJHN3NDx+UtQCZp+s+6Aw/BRtMuQSyNMljA6qnlDR23ykpOEtYeEcS
HI38KKN1g6C92O3nN84qCKZXSJVOc3Hvk3Vo/FH/mqSrkDAxtglAZjFnMdWAmdf6
R6CVGsZPP1N1Bj/32ZgBQsZGbEl9i9QyCX6kg5ta18Q/JMdhfqfTMSlrCQIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFEKkT70IuOHzPsgtLITt2tiSB6bPMB8GA1UdIwQY
MBaAFKhlgOGK1v+NyUK+iDwW3otzH5YFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUdXQTRZcldfNDNKUXI2SVBCYmVpM01mbGdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9lMjlkY2UtYTE3NC00Yjc3LTg5YWEt
MjM2ZTkyZmM2YTU5LzEvUXFSUHZRaTQ0Zk0teUMwc2hPM2EySklIcHM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS9lMjlkY2UtYTE3NC00Yjc3LTg5YWEtMjM2ZTkyZmM2YTU5
LzEvcUdXQTRZcldfNDNKUXI2SVBCYmVpM01mbGdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBUBAIAATBOAwQCLQukAwQF
WRSgAwQDXV/4MAwDBAaQskADBAOQsmAwDAMEApCybAMEApCycAMEA5CyeDAMAwQG
kLLAAwQCkLL4AwQFoTNAAwQCubjMMBQEAgACMA4DBQMqAZvAAwUBKgIP6DANBgkq
hkiG9w0BAQsFAAOCAQEAB6GYgLRtLFc1+9TP7YANfdIg/4x1GxKE5PV40649lpXy
TNM3KgsZe9C6RrkjJGyWaDDxSgK8m8UQwDY57fWoWIw9imhF+jEnixFAFe9OGv6a
7vQASkmF0jjs06RzW5xM4cmhP/cwMGseAw9UfqlWtcaD/9K0uOvdx7UjSV5ckSVe
741DgetTMbrbDL70hSvfMtvs9B7sl3P5HDhHVMBeiiyeh8WiZN06lGaF7S3EazCL
LsIDa08meCxnusN/JhIBn1rx7YO4yZ/CRrNzFwMv9gJuFsc0T7EyyCJrBsdTcZNu
bReo0nNEB4024Rmzkfg+jXxD+Y7vxfdNEj0vYth4gQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:59:12 2025 by rpki-client