Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/QHiWoKmpq3YSZPC7XNim-oGudn4.roa
File: QHiWoKmpq3YSZPC7XNim-oGudn4.roa (raw, json)
Hash identifier: YZamRxOwtvWAzPWRri9uy0i17cu8qn6UfiiZRKAEgSc=
Subject key identifier: 40:78:96:A0:A9:A9:AB:76:12:64:F0:BB:5C:D8:A6:FA:81:AE:76:7E
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0CA5BBE3
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/QHiWoKmpq3YSZPC7XNim-oGudn4.roa
Signing time: Sat 01 Jan 2022 05:04:50 +0000
ROA not before: Sat 01 Jan 2022 05:04:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8038
IP address blocks: 203.25.124.0/24 maxlen: 24
37.46.151.0/24 maxlen: 24
194.5.84.0/24 maxlen: 24
193.84.134.0/24 maxlen: 24
194.242.3.0/24 maxlen: 24
193.26.114.0/24 maxlen: 24
45.144.224.0/24 maxlen: 24
185.165.44.0/24 maxlen: 24
46.229.255.0/24 maxlen: 24
185.150.0.0/24 maxlen: 24
91.190.107.0/24 maxlen: 24
185.217.118.0/24 maxlen: 24
185.228.226.0/24 maxlen: 24
185.244.220.0/24 maxlen: 24
89.31.218.0/24 maxlen: 24
194.76.134.0/24 maxlen: 24
45.133.0.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 212188131 (0xca5bbe3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 05:04:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=407896a0a9a9ab761264f0bb5cd8a6fa81ae767e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:95:03:d3:0b:2b:ea:70:3e:c5:50:46:19:d9:
9d:20:65:79:11:99:f2:7f:39:01:a6:cd:85:4a:9a:
3b:59:76:3a:e2:81:36:03:d8:4e:f6:6a:ca:62:e3:
05:8f:b5:59:cb:29:d2:5b:73:42:da:da:7b:23:31:
f4:51:a8:e1:01:2b:05:2e:0b:c9:1d:7c:7b:91:8d:
79:b4:0d:91:04:e9:1b:22:c4:38:7f:a0:eb:0d:db:
e9:78:31:30:5d:1c:b7:5a:39:bb:64:45:82:9f:c3:
84:51:e3:e9:7f:8e:38:8e:31:78:1b:c0:fe:26:31:
6f:92:59:79:bc:1c:ed:f4:b5:49:d4:06:3b:bb:04:
73:e1:c1:e2:3b:d2:75:5a:12:ab:d5:fe:d6:ff:9c:
15:48:bf:38:ce:d6:6c:2e:be:7e:94:d0:eb:17:d2:
88:87:97:b7:d4:80:a0:36:64:ce:6b:8c:c5:67:35:
22:69:ba:73:39:c1:b1:cc:2d:e1:3d:ff:c5:a2:ac:
5d:f8:43:30:21:f8:a8:95:a0:4f:ff:d0:81:8c:5d:
36:8c:9f:13:93:ea:a3:e7:35:84:b8:13:3c:de:12:
f0:3d:cd:78:f4:04:01:39:5e:6e:eb:fa:e7:84:11:
88:1f:05:29:c3:ea:07:7d:ee:fd:b6:b1:c9:0d:3c:
45:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:78:96:A0:A9:A9:AB:76:12:64:F0:BB:5C:D8:A6:FA:81:AE:76:7E
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/QHiWoKmpq3YSZPC7XNim-oGudn4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.151.0/24
45.133.0.0/24
45.144.224.0/24
46.229.255.0/24
89.31.218.0/24
91.190.107.0/24
185.150.0.0/24
185.165.44.0/24
185.217.118.0/24
185.228.226.0/24
185.244.220.0/24
193.26.114.0/24
193.84.134.0/24
194.5.84.0/24
194.76.134.0/24
194.242.3.0/24
203.25.124.0/24
Signature Algorithm: sha256WithRSAEncryption
03:86:fd:44:7c:a7:d5:fd:65:1e:de:1c:cc:d5:00:55:b0:8d:
47:03:71:f9:8c:1c:86:90:79:e6:f3:0b:af:cf:05:63:0d:cc:
ae:be:16:5e:20:f0:4f:2d:2b:33:99:52:a6:d0:95:c3:0b:45:
dc:8d:94:56:d2:ab:ca:9c:20:30:1b:c1:e8:65:1c:3a:1f:bb:
19:4f:cc:5e:c1:bc:7f:34:16:a2:12:b5:f4:57:33:20:bf:8a:
b0:44:5d:ab:20:d2:a4:e4:be:98:62:29:be:b7:70:93:c1:9a:
92:12:b0:86:ba:19:39:74:a1:eb:24:b2:a3:e1:84:7b:17:d2:
4f:75:2d:11:27:dc:69:e3:68:f9:4b:14:4a:bc:8d:92:79:17:
c7:2e:86:51:01:f7:b5:73:cb:6d:32:0e:b0:aa:64:2e:89:55:
04:96:d6:7a:68:56:86:23:53:a8:64:ee:83:1b:4c:d3:2d:09:
37:f2:2a:44:88:84:a5:56:6e:55:29:c6:f1:e3:72:14:9d:cd:
72:90:ec:60:b4:cd:f5:a6:50:c7:52:e0:2b:e8:0f:8d:46:84:
2a:1e:40:1e:b1:33:97:e3:e6:63:e5:9e:c5:6c:c4:d9:e6:94:
1d:f4:c0:b1:68:8b:90:dc:b1:6c:8e:34:43:e7:af:f8:2b:d1:
e9:a6:6b:2c
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIEDKW74zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NmMyYTRiN2Q1ZDczYzViNTcwNDYyMjNiZjMwZWI2NTMwMDViMGUyMB4XDTIyMDEw
MTA1MDQ1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDA3ODk2YTBhOWE5
YWI3NjEyNjRmMGJiNWNkOGE2ZmE4MWFlNzY3ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALOVA9MLK+pwPsVQRhnZnSBleRGZ8n85AabNhUqaO1l2OuKB
NgPYTvZqymLjBY+1Wcsp0ltzQtraeyMx9FGo4QErBS4LyR18e5GNebQNkQTpGyLE
OH+g6w3b6XgxMF0ct1o5u2RFgp/DhFHj6X+OOI4xeBvA/iYxb5JZebwc7fS1SdQG
O7sEc+HB4jvSdVoSq9X+1v+cFUi/OM7WbC6+fpTQ6xfSiIeXt9SAoDZkzmuMxWc1
Imm6cznBscwt4T3/xaKsXfhDMCH4qJWgT//QgYxdNoyfE5Pqo+c1hLgTPN4S8D3N
ePQEATlebuv654QRiB8FKcPqB33u/baxyQ08RTUCAwEAAaOCAmkwggJlMB0GA1Ud
DgQWBBRAeJagqamrdhJk8Ltc2Kb6ga52fjAfBgNVHSMEGDAWgBQ2wqS31dc8W1cE
YiO/MOtlMAWw4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05zS2t0OVhYUEZ0WEJHSWp2ekRyWlRBRnNPSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvOGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8x
L1FIaVdvS21wcTNZU1pQQzdYTmltLW9HdWRuNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
OGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8xL05zS2t0OVhYUEZ0
WEJHSWp2ekRyWlRBRnNPSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB/
BggrBgEFBQcBBwEB/wRwMG4wbAQCAAEwZgMEACUulwMEAC2FAAMEAC2Q4AMEAC7l
/wMEAFkf2gMEAFu+awMEALmWAAMEALmlLAMEALnZdgMEALnk4gMEALn03AMEAMEa
cgMEAMFUhgMEAMIFVAMEAMJMhgMEAMLyAwMEAMsZfDANBgkqhkiG9w0BAQsFAAOC
AQEAA4b9RHyn1f1lHt4czNUAVbCNRwNx+YwchpB55vMLr88FYw3Mrr4WXiDwTy0r
M5lSptCVwwtF3I2UVtKrypwgMBvB6GUcOh+7GU/MXsG8fzQWohK19FczIL+KsERd
qyDSpOS+mGIpvrdwk8GakhKwhroZOXSh6ySyo+GEexfST3UtESfcaeNo+UsUSryN
knkXxy6GUQH3tXPLbTIOsKpkLolVBJbWemhWhiNTqGTugxtM0y0JN/IqRIiEpVZu
VSnG8eNyFJ3NcpDsYLTN9aZQx1LgK+gPjUaEKh5AHrEzl+PmY+WexWzE2eaUHfTA
sWiLkNyxbI40Q+ev+CvR6aZrLA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:55 2023 by rpki-client on console-ams.rpki-client.org