Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/0cb2f9-8ef9-4eeb-962a-d8b4e0d0d6d5/1/QYagjJCuyWJhuIch_bwgwYA6sT4.roa
File: QYagjJCuyWJhuIch_bwgwYA6sT4.roa (raw, json)
Hash identifier: FHRqeMySKxF5FvmPEnsfCNMbyyScofPfmnL6Wz7ekZ0=
Subject key identifier: 41:86:A0:8C:90:AE:C9:62:61:B8:87:21:FD:BC:20:C1:80:3A:B1:3E
Certificate issuer: /CN=dc3884021d1b02e8c16b555743dfeb9da8e48e31
Certificate serial: 3015B4A9
Authority key identifier: DC:38:84:02:1D:1B:02:E8:C1:6B:55:57:43:DF:EB:9D:A8:E4:8E:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3DiEAh0bAujBa1VXQ9_rnajkjjE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/0cb2f9-8ef9-4eeb-962a-d8b4e0d0d6d5/1/QYagjJCuyWJhuIch_bwgwYA6sT4.roa
Signing time: Sat 01 Jan 2022 00:53:46 +0000
ROA not before: Sat 01 Jan 2022 00:53:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20853
IP address blocks: 185.73.228.0/22 maxlen: 32
185.7.104.0/22 maxlen: 32
79.133.192.0/19 maxlen: 32
77.95.236.0/22 maxlen: 32
77.95.234.0/23 maxlen: 32
185.40.196.0/22 maxlen: 32
91.250.243.0/24 maxlen: 32
31.31.168.0/21 maxlen: 32
80.72.32.0/20 maxlen: 32
185.30.124.0/22 maxlen: 32
2a05:4480::/29 maxlen: 29
2a00:c90::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 806728873 (0x3015b4a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc3884021d1b02e8c16b555743dfeb9da8e48e31
Validity
Not Before: Jan 1 00:53:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4186a08c90aec96261b88721fdbc20c1803ab13e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d3:98:e6:9d:6f:1c:c9:9a:aa:1c:09:2f:b4:
54:f2:4d:29:c3:ea:00:bc:06:11:5b:72:5e:f2:ea:
bb:32:01:62:37:1a:12:49:d3:d2:1c:72:52:1f:5e:
a4:59:6e:1d:e5:4d:c9:43:0b:45:d5:79:10:07:11:
88:08:6b:5d:81:7f:12:17:4f:40:06:17:75:6f:4d:
fc:d1:b4:37:b1:9a:f5:bb:39:75:ed:b7:14:44:e4:
ad:33:ab:67:19:15:a1:7d:02:ce:a1:f9:7a:07:a5:
b8:39:86:f6:42:20:78:cd:79:a7:a3:91:cd:3c:4e:
16:93:5f:af:43:b8:d5:8f:4a:e6:23:39:3b:86:e6:
0c:10:76:39:29:d3:4f:29:1c:24:ac:2c:3a:11:4d:
b3:75:02:ce:11:f1:83:00:7d:c1:0b:76:70:bc:7d:
da:84:77:e8:55:88:ed:c9:66:33:47:cb:c4:43:19:
33:7a:f5:48:04:d3:08:24:4a:f1:c2:60:7c:1a:4b:
07:1e:4e:f6:7a:a0:5d:b2:45:de:2f:2b:24:91:6f:
6e:38:87:0a:8e:f1:43:19:f3:72:11:29:d8:3c:d5:
8e:6d:4c:b5:fd:8e:aa:0f:46:79:9f:14:3c:b6:70:
08:38:3a:66:8f:5a:2e:ec:51:52:fe:65:7a:ca:d5:
7f:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:86:A0:8C:90:AE:C9:62:61:B8:87:21:FD:BC:20:C1:80:3A:B1:3E
X509v3 Authority Key Identifier:
keyid:DC:38:84:02:1D:1B:02:E8:C1:6B:55:57:43:DF:EB:9D:A8:E4:8E:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3DiEAh0bAujBa1VXQ9_rnajkjjE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/0cb2f9-8ef9-4eeb-962a-d8b4e0d0d6d5/1/QYagjJCuyWJhuIch_bwgwYA6sT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/0cb2f9-8ef9-4eeb-962a-d8b4e0d0d6d5/1/3DiEAh0bAujBa1VXQ9_rnajkjjE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.31.168.0/21
77.95.234.0-77.95.239.255
79.133.192.0/19
80.72.32.0/20
91.250.243.0/24
185.7.104.0/22
185.30.124.0/22
185.40.196.0/22
185.73.228.0/22
IPv6:
2a00:c90::/32
2a05:4480::/29
Signature Algorithm: sha256WithRSAEncryption
24:d8:cb:b5:da:3f:d2:d2:5a:c1:18:d3:03:95:29:c0:0e:70:
30:64:5b:c0:0e:19:47:ea:de:35:92:c2:01:43:6c:9d:c4:7f:
c8:80:4a:bd:93:d7:03:d4:f5:7b:59:4d:1d:57:a3:37:fd:6f:
b1:11:0d:df:3d:9d:1d:fe:c7:dc:54:6a:76:fa:cb:24:75:6f:
4c:45:93:c0:35:9d:a3:00:00:b7:71:eb:71:ee:4f:9c:e6:d6:
a3:27:4f:ef:a4:86:9d:e5:55:ce:92:41:c2:38:3f:14:64:27:
99:81:aa:5c:21:fb:12:ad:3a:31:f0:dd:36:17:eb:76:eb:f3:
7b:ab:79:90:1f:0e:d8:d7:91:a6:87:e7:ac:de:1a:29:68:7a:
c2:fa:e6:a6:14:d9:10:27:1e:66:49:76:6b:33:cc:a4:be:c7:
6f:7e:54:13:e3:75:c9:42:0a:94:f7:ed:44:10:5f:5f:e4:2d:
50:2b:39:24:74:64:d2:0a:75:10:a3:7a:6c:80:57:9b:17:46:
4c:5b:77:d8:45:73:7f:ed:89:89:c5:03:c2:bc:1f:d1:f7:10:
dd:f1:10:d6:f9:05:1c:84:d7:3b:82:f1:b1:e2:b4:59:c7:5b:
ed:e4:f2:3f:40:e5:08:a7:89:89:b1:16:14:0e:0a:96:b5:12:
f6:69:5b:15
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIEMBW0qTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YzM4ODQwMjFkMWIwMmU4YzE2YjU1NTc0M2RmZWI5ZGE4ZTQ4ZTMxMB4XDTIyMDEw
MTAwNTM0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDE4NmEwOGM5MGFl
Yzk2MjYxYjg4NzIxZmRiYzIwYzE4MDNhYjEzZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALLTmOadbxzJmqocCS+0VPJNKcPqALwGEVtyXvLquzIBYjca
EknT0hxyUh9epFluHeVNyUMLRdV5EAcRiAhrXYF/EhdPQAYXdW9N/NG0N7Ga9bs5
de23FETkrTOrZxkVoX0CzqH5egeluDmG9kIgeM15p6ORzTxOFpNfr0O41Y9K5iM5
O4bmDBB2OSnTTykcJKwsOhFNs3UCzhHxgwB9wQt2cLx92oR36FWI7clmM0fLxEMZ
M3r1SATTCCRK8cJgfBpLBx5O9nqgXbJF3i8rJJFvbjiHCo7xQxnzchEp2DzVjm1M
tf2Oqg9GeZ8UPLZwCDg6Zo9aLuxRUv5lesrVfxcCAwEAAaOCAlcwggJTMB0GA1Ud
DgQWBBRBhqCMkK7JYmG4hyH9vCDBgDqxPjAfBgNVHSMEGDAWgBTcOIQCHRsC6MFr
VVdD3+udqOSOMTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNEaUVBaDBiQXVqQmExVlhROV9ybmFqa2pqRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvMGNiMmY5LThlZjktNGVlYi05NjJhLWQ4YjRlMGQwZDZkNS8x
L1FZYWdqSkN1eVdKaHVJY2hfYndnd1lBNnNUNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
MGNiMmY5LThlZjktNGVlYi05NjJhLWQ4YjRlMGQwZDZkNS8xLzNEaUVBaDBiQXVq
QmExVlhROV9ybmFqa2pqRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBt
BggrBgEFBQcBBwEB/wReMFwwRAQCAAEwPgMEAx8fqDAMAwQBTV/qAwQETV/gAwQF
T4XAAwQEUEggAwQAW/rzAwQCuQdoAwQCuR58AwQCuSjEAwQCuUnkMBQEAgACMA4D
BQAqAAyQAwUDKgVEgDANBgkqhkiG9w0BAQsFAAOCAQEAJNjLtdo/0tJawRjTA5Up
wA5wMGRbwA4ZR+reNZLCAUNsncR/yIBKvZPXA9T1e1lNHVejN/1vsREN3z2dHf7H
3FRqdvrLJHVvTEWTwDWdowAAt3Hrce5PnObWoydP76SGneVVzpJBwjg/FGQnmYGq
XCH7Eq06MfDdNhfrduvze6t5kB8O2NeRpofnrN4aKWh6wvrmphTZECceZkl2azPM
pL7Hb35UE+N1yUIKlPftRBBfX+QtUCs5JHRk0gp1EKN6bIBXmxdGTFt32EVzf+2J
icUDwrwf0fcQ3fEQ1vkFHITXO4LxseK0Wcdb7eTyP0DlCKeJibEWFA4KlrUS9mlb
FQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:35 2023 by rpki-client on console-fra.rpki-client.org