Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/QKpxDEPWj7GqL-KObCIDSuYU4uk.roa
File: QKpxDEPWj7GqL-KObCIDSuYU4uk.roa (raw, json)
Hash identifier: 0NLeQT0ECH7knuGUtzzDUtYG7qxl0z1y4UX3o1wIr6M=
Subject key identifier: 40:AA:71:0C:43:D6:8F:B1:AA:2F:E2:8E:6C:22:03:4A:E6:14:E2:E9
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0185056152029A09D3C2061C278BD61CEA58
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/QKpxDEPWj7GqL-KObCIDSuYU4uk.roa
Signing time: Mon 12 Dec 2022 08:09:02 +0000
ROA not before: Mon 12 Dec 2022 08:09:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31088
IP address blocks: 193.201.228.0/22 maxlen: 24
212.69.96.0/19 maxlen: 24
212.14.160.0/19 maxlen: 24
188.162.0.0/16 maxlen: 24
195.230.64.0/19 maxlen: 24
195.16.96.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
195.5.128.0/19 maxlen: 24
212.44.64.0/19 maxlen: 24
212.119.160.0/19 maxlen: 24
213.154.160.0/19 maxlen: 24
195.78.116.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:05:61:52:02:9a:09:d3:c2:06:1c:27:8b:d6:1c:ea:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 12 08:09:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=40aa710c43d68fb1aa2fe28e6c22034ae614e2e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:63:9c:4c:1a:44:9d:79:a5:f6:d3:c9:af:88:
87:7a:17:91:fe:08:76:f7:dd:8f:93:81:2d:27:c4:
1a:6a:8a:46:ca:75:99:d4:d7:2d:09:65:b5:23:1f:
f5:b5:69:2b:b8:67:9b:ba:45:18:bf:43:d8:4d:01:
4c:be:d5:73:7d:34:f4:be:a5:44:ee:30:e7:85:0d:
7a:5e:55:6e:f1:78:99:ee:a7:79:69:d6:b7:12:df:
cc:3a:73:e5:bb:74:62:4a:f7:61:aa:1f:c6:a4:de:
29:9d:49:01:50:f0:12:0e:d8:f9:5e:c4:86:fb:f9:
95:dc:3f:2a:5b:de:88:fa:63:13:6f:60:ac:e2:b5:
14:8e:30:5b:b9:30:e2:52:f4:00:d2:9b:09:33:4d:
4b:a8:70:ec:4e:8b:38:83:7e:81:aa:58:bf:32:1a:
a5:97:e4:46:df:fb:f6:fa:7b:9f:32:2f:87:10:a0:
f9:8f:92:a2:e0:ec:51:e2:b6:0a:72:fd:96:6e:07:
dc:a8:ab:b0:81:5b:9b:3c:b8:b5:5a:ef:7f:61:30:
86:6a:32:33:39:8d:b9:fb:d7:b0:ab:1f:08:21:0f:
d7:4e:3b:9f:b0:72:b4:0f:19:97:f5:d3:12:06:fe:
df:da:f5:88:af:9b:56:3b:0b:05:85:2c:b4:9b:f1:
6f:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:AA:71:0C:43:D6:8F:B1:AA:2F:E2:8E:6C:22:03:4A:E6:14:E2:E9
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/QKpxDEPWj7GqL-KObCIDSuYU4uk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
Signature Algorithm: sha256WithRSAEncryption
5f:3b:e1:17:fa:92:1a:18:c6:7e:e6:a7:1f:2b:b9:c4:75:3a:
e8:c4:48:b7:8a:9a:4f:87:26:f6:9a:34:60:e2:74:0c:b2:d4:
c2:08:11:80:55:b1:50:61:c5:74:5f:86:6c:aa:67:47:08:ea:
39:e4:1e:b8:c1:7f:e1:16:fb:b4:cd:5c:5a:ca:80:ec:0b:62:
1d:e4:f8:86:f4:14:f1:31:86:16:fa:e7:95:e7:2d:86:af:46:
83:c9:57:01:84:62:60:bc:77:a3:c4:14:43:16:ea:77:82:a8:
4a:08:4e:6e:c0:9c:a2:f9:59:5c:25:00:e8:3f:e0:f9:01:f3:
cf:1c:1e:41:dd:43:a3:1b:37:08:d5:76:7f:14:42:18:4f:c3:
a4:59:42:7d:58:57:b2:34:1f:94:c0:15:8b:0a:b2:82:b1:3c:
cd:79:d5:0a:33:12:db:a3:a5:1f:3b:06:49:ca:86:16:31:8b:
04:64:e9:39:57:ad:03:b7:ef:7e:aa:26:c4:44:0f:cf:45:53:
d7:9c:fe:9f:dc:7c:bb:5b:58:c7:94:24:59:d0:04:c1:77:fa:
7c:b5:f4:5a:90:8b:b3:4c:40:77:68:43:f7:7c:53:c2:cf:0c:
a3:b1:25:dd:cc:6f:42:2a:b4:73:89:0b:a1:84:ab:b7:47:40:
38:47:8e:e3
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAYUFYVICmgnTwgYcJ4vWHOpYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjEyMDgwOTAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGFhNzEwYzQzZDY4ZmIxYWEyZmUyOGU2YzIyMDM0YWU2MTRlMmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmGOcTBpEnXml9tPJr4iHeheR/gh2
992Pk4EtJ8QaaopGynWZ1NctCWW1Ix/1tWkruGebukUYv0PYTQFMvtVzfTT0vqVE
7jDnhQ16XlVu8XiZ7qd5ada3Et/MOnPlu3RiSvdhqh/GpN4pnUkBUPASDtj5XsSG
+/mV3D8qW96I+mMTb2Cs4rUUjjBbuTDiUvQA0psJM01LqHDsTos4g36Bqli/Mhql
l+RG3/v2+nufMi+HEKD5j5Ki4OxR4rYKcv2WbgfcqKuwgVubPLi1Wu9/YTCGajIz
OY25+9ewqx8IIQ/XTjufsHK0DxmX9dMSBv7f2vWIr5tWOwsFhSy0m/FvyQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFECqcQxD1o+xqi/ijmwiA0rmFOLpMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvUUtweERFUFdqN0dxTC1LT2JDSURTdVlVNHVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzBNBAIAATBHAwMAvKIDBALB
yeQDBAXDBYADBAXDEGADBAHDTnQDBADDlW8DBAXD5kADBAXUDqADBAXULEADBAXU
RWADBAXUd6ADBAXVmqAwDQYJKoZIhvcNAQELBQADggEBAF874Rf6khoYxn7mpx8r
ucR1OujESLeKmk+HJvaaNGDidAyy1MIIEYBVsVBhxXRfhmyqZ0cI6jnkHrjBf+EW
+7TNXFrKgOwLYh3k+Ib0FPExhhb655XnLYavRoPJVwGEYmC8d6PEFEMW6neCqEoI
Tm7AnKL5WVwlAOg/4PkB888cHkHdQ6MbNwjVdn8UQhhPw6RZQn1YV7I0H5TAFYsK
soKxPM151QozEtujpR87BknKhhYxiwRk6TlXrQO3736qJsRED89FU9ec/p/cfLtb
WMeUJFnQBMF3+ny19FqQi7NMQHdoQ/d8U8LPDKOxJd3Mb0IqtHOJC6GEq7dHQDhH
juM=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:39 2025 by rpki-client