Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/fe36aa-a6ae-4063-b2fa-9ca251c0548b/1/QVJ_bfi_4IIKJDDUhy6EF0MO08A.roa
File: QVJ_bfi_4IIKJDDUhy6EF0MO08A.roa (raw, json)
Hash identifier: 8NWCVVWm0gOqf8Xto9PM5my2Ul2TjcEOeUPRpFTMMeY=
Subject key identifier: 41:52:7F:6D:F8:BF:E0:82:0A:24:30:D4:87:2E:84:17:43:0E:D3:C0
Certificate issuer: /CN=d51e6799bc5ca285a376372f0b6345dffc87b8c0
Certificate serial: 01856EC1F4454B47FBE9983D8EC5EA0F10FD
Authority key identifier: D5:1E:67:99:BC:5C:A2:85:A3:76:37:2F:0B:63:45:DF:FC:87:B8:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1R5nmbxcooWjdjcvC2NF3_yHuMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/fe36aa-a6ae-4063-b2fa-9ca251c0548b/1/QVJ_bfi_4IIKJDDUhy6EF0MO08A.roa
Signing time: Sun 01 Jan 2023 19:14:42 +0000
ROA not before: Sun 01 Jan 2023 19:14:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212961
IP address blocks: 194.180.144.0/22 maxlen: 22
194.180.148.0/23 maxlen: 23
31.216.132.0/22 maxlen: 22
2a0c:abc0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c1:f4:45:4b:47:fb:e9:98:3d:8e:c5:ea:0f:10:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d51e6799bc5ca285a376372f0b6345dffc87b8c0
Validity
Not Before: Jan 1 19:14:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41527f6df8bfe0820a2430d4872e8417430ed3c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:24:ee:f3:9b:2c:29:2b:83:be:fb:53:98:eb:
1a:94:51:bf:06:73:a1:1b:ac:60:0b:d9:bb:54:21:
a4:a6:9f:e3:03:fb:a0:0c:10:8c:9b:17:d0:4b:1d:
18:4a:92:53:22:af:c6:cc:58:01:f6:92:4e:cd:b8:
53:8b:25:62:7f:72:3b:fc:7c:43:d3:66:12:b7:0d:
6e:c9:5f:12:7b:1a:77:a6:dc:30:46:85:9e:68:47:
b2:d7:4b:f9:93:fc:56:d6:7d:be:ae:6f:04:ee:93:
c3:86:ce:0f:ba:ba:bd:19:d3:72:7f:25:ff:10:4b:
90:6f:a7:30:e2:e0:93:ef:5f:e1:34:fe:61:60:dc:
ab:45:bb:39:6d:c8:2f:02:fa:3d:8d:fa:cf:8f:bd:
a7:c4:0c:1d:d0:fa:91:32:f3:be:61:46:95:12:3c:
df:a3:55:80:73:8c:b8:38:2f:3a:0d:62:d2:15:91:
dc:7b:88:27:d0:63:8c:54:97:9f:07:bd:98:ee:c8:
8b:c3:0d:97:21:97:3d:ba:5d:71:44:70:9e:9a:b0:
40:47:41:af:04:23:f3:f3:92:43:13:47:7a:01:c6:
9f:0d:6d:4e:bd:f4:d0:6b:50:15:0e:fe:5e:a1:bf:
32:d3:ee:b5:63:bf:d4:56:28:12:21:0c:31:46:1a:
6e:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:52:7F:6D:F8:BF:E0:82:0A:24:30:D4:87:2E:84:17:43:0E:D3:C0
X509v3 Authority Key Identifier:
keyid:D5:1E:67:99:BC:5C:A2:85:A3:76:37:2F:0B:63:45:DF:FC:87:B8:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1R5nmbxcooWjdjcvC2NF3_yHuMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/fe36aa-a6ae-4063-b2fa-9ca251c0548b/1/QVJ_bfi_4IIKJDDUhy6EF0MO08A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/fe36aa-a6ae-4063-b2fa-9ca251c0548b/1/1R5nmbxcooWjdjcvC2NF3_yHuMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.216.132.0/22
194.180.144.0-194.180.149.255
IPv6:
2a0c:abc0::/29
Signature Algorithm: sha256WithRSAEncryption
76:04:54:6b:2e:89:9d:07:a0:14:68:0c:bb:fe:81:35:13:df:
a3:2c:b6:79:06:84:c9:d7:c7:6d:b3:96:50:df:5a:05:17:43:
c5:26:d8:b5:25:77:4a:96:8c:b1:cc:51:4e:a9:3e:78:6e:6e:
6c:d2:6b:8a:cc:04:e9:b8:ac:66:67:e8:2d:f4:f3:c2:6b:07:
91:5b:b6:02:54:ae:9a:d0:de:dd:34:f2:0f:dd:95:61:d0:59:
28:a5:8f:29:06:c5:f6:a6:71:46:c1:31:bd:b9:1d:3b:67:f9:
d7:60:80:e8:57:13:f9:5d:e6:79:37:2e:e1:3a:b7:6d:ab:2b:
f1:86:e7:53:5c:7f:19:75:67:5d:4a:0b:59:80:f3:7f:7f:af:
5b:9d:80:15:81:f3:25:40:df:43:5d:9b:8f:61:f9:6c:a8:e0:
56:29:ac:a0:6a:8f:bd:df:0d:53:82:a4:23:f7:a5:14:a5:9f:
9a:43:84:bb:c8:ff:9a:9e:d2:59:94:0c:ff:3c:4a:5e:c4:71:
b4:f6:7a:b7:c3:13:4e:7f:c1:79:fa:b0:81:17:fa:44:2c:e8:
e3:bb:ca:bc:79:48:e9:19:04:a5:96:ea:0d:23:ca:6e:78:7c:
1e:22:87:4d:50:0d:71:5e:97:5e:cd:06:f8:96:3c:f9:ca:42:
2d:5c:14:b8
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVuwfRFS0f76Zg9jsXqDxD9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MWU2Nzk5YmM1Y2EyODVhMzc2MzcyZjBiNjM0NWRmZmM4
N2I4YzAwHhcNMjMwMTAxMTkxNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTUyN2Y2ZGY4YmZlMDgyMGEyNDMwZDQ4NzJlODQxNzQzMGVkM2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSTu85ssKSuDvvtTmOsalFG/BnOh
G6xgC9m7VCGkpp/jA/ugDBCMmxfQSx0YSpJTIq/GzFgB9pJOzbhTiyVif3I7/HxD
02YStw1uyV8Sexp3ptwwRoWeaEey10v5k/xW1n2+rm8E7pPDhs4Purq9GdNyfyX/
EEuQb6cw4uCT71/hNP5hYNyrRbs5bcgvAvo9jfrPj72nxAwd0PqRMvO+YUaVEjzf
o1WAc4y4OC86DWLSFZHce4gn0GOMVJefB72Y7siLww2XIZc9ul1xRHCemrBAR0Gv
BCPz85JDE0d6AcafDW1OvfTQa1AVDv5eob8y0+61Y7/UVigSIQwxRhpuCwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFEFSf234v+CCCiQw1IcuhBdDDtPAMB8GA1UdIwQY
MBaAFNUeZ5m8XKKFo3Y3LwtjRd/8h7jAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVI1bm1ieGNvb1dqZGpjdkMyTkYzX3lIdU1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9mZTM2YWEtYTZhZS00MDYzLWIyZmEt
OWNhMjUxYzA1NDhiLzEvUVZKX2JmaV80SUlLSkREVWh5NkVGME1PMDhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9mZTM2YWEtYTZhZS00MDYzLWIyZmEtOWNhMjUxYzA1NDhi
LzEvMVI1bm1ieGNvb1dqZGpjdkMyTkYzX3lIdU1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQCH9iEMAwD
BATCtJADBAHCtJQwDQQCAAIwBwMFAyoMq8AwDQYJKoZIhvcNAQELBQADggEBAHYE
VGsuiZ0HoBRoDLv+gTUT36MstnkGhMnXx22zllDfWgUXQ8Um2LUld0qWjLHMUU6p
PnhubmzSa4rMBOm4rGZn6C3088JrB5FbtgJUrprQ3t008g/dlWHQWSiljykGxfam
cUbBMb25HTtn+ddggOhXE/ld5nk3LuE6t22rK/GG51Ncfxl1Z11KC1mA839/r1ud
gBWB8yVA30Ndm49h+Wyo4FYprKBqj73fDVOCpCP3pRSln5pDhLvI/5qe0lmUDP88
Sl7EcbT2erfDE05/wXn6sIEX+kQs6OO7yrx5SOkZBKWW6g0jym54fB4ih01QDXFe
l17NBviWPPnKQi1cFLg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:58 2025 by rpki-client