Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/fb39ed-7c73-4478-901d-65a899a60366/1/Qkg3YrzjOvYjakXnVW3X_b023i4.roa
File: Qkg3YrzjOvYjakXnVW3X_b023i4.roa (raw, json)
Hash identifier: e3bf8lP4mQYdHg1MDJtP1ZD2pU2qTg6Tj1v1f5e5gK0=
Subject key identifier: 42:48:37:62:BC:E3:3A:F6:23:6A:45:E7:55:6D:D7:FD:BD:36:DE:2E
Certificate issuer: /CN=449b18e3296d795d3a9c959be25c70aaab365200
Certificate serial: 341BDAD2
Authority key identifier: 44:9B:18:E3:29:6D:79:5D:3A:9C:95:9B:E2:5C:70:AA:AB:36:52:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RJsY4ylteV06nJWb4lxwqqs2UgA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/fb39ed-7c73-4478-901d-65a899a60366/1/Qkg3YrzjOvYjakXnVW3X_b023i4.roa
Signing time: Sat 01 Jan 2022 12:55:27 +0000
ROA not before: Sat 01 Jan 2022 12:55:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49808
IP address blocks: 63.247.208.0/20 maxlen: 24
185.21.96.0/22 maxlen: 23
162.211.104.0/22 maxlen: 24
109.68.104.0/21 maxlen: 21
185.44.210.0/23 maxlen: 24
198.89.232.0/21 maxlen: 24
139.178.96.0/19 maxlen: 19
5.159.0.0/21 maxlen: 22
31.193.160.0/21 maxlen: 21
85.193.160.0/20 maxlen: 24
85.118.184.0/21 maxlen: 21
185.16.112.0/22 maxlen: 22
89.249.184.0/21 maxlen: 21
86.109.24.0/21 maxlen: 24
145.40.32.0/19 maxlen: 24
193.41.207.0/24 maxlen: 24
162.213.160.0/22 maxlen: 24
194.107.144.0/24 maxlen: 32
2a03:c100::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 874240722 (0x341bdad2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=449b18e3296d795d3a9c959be25c70aaab365200
Validity
Not Before: Jan 1 12:55:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=42483762bce33af6236a45e7556dd7fdbd36de2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:2a:9c:0d:6b:5d:0a:9d:80:24:b5:7a:93:8e:
58:1f:17:12:8f:a2:02:65:83:f2:59:39:d1:93:46:
ca:1c:e3:11:e3:13:14:8a:e7:dc:0e:05:c6:14:a0:
ef:57:6a:21:a9:45:85:8c:59:84:45:dc:50:04:a1:
e2:67:f1:b5:bf:5c:fc:ec:f7:b2:e5:41:99:08:8e:
28:5b:52:00:c8:d9:43:85:35:a8:6e:bd:e4:40:e6:
71:66:d2:8e:e1:72:b3:d3:5b:64:78:93:37:b2:c9:
0b:c1:50:1a:2c:e1:61:b4:0e:c5:29:78:4a:57:f5:
10:30:15:56:39:15:71:6e:22:56:82:18:4f:c4:7d:
e2:88:6f:30:6e:01:c7:15:f0:f3:78:38:22:62:54:
fa:a3:c1:73:ce:80:47:86:00:12:f1:4a:e3:a9:17:
c9:76:f3:73:9e:8d:a0:b1:9d:34:bd:5b:ef:40:fe:
11:ef:c6:54:09:4f:58:2c:b4:6e:77:88:35:3c:e1:
00:fb:3d:03:46:1b:79:3b:00:f6:3f:b6:88:1b:6c:
19:2e:72:2f:a4:ee:c3:18:86:45:da:0f:14:37:4f:
1f:d0:b7:ae:66:09:87:50:e1:7c:6a:e1:34:02:dd:
18:27:fc:39:c8:d9:a5:9d:73:49:a0:27:03:5d:f5:
44:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:48:37:62:BC:E3:3A:F6:23:6A:45:E7:55:6D:D7:FD:BD:36:DE:2E
X509v3 Authority Key Identifier:
keyid:44:9B:18:E3:29:6D:79:5D:3A:9C:95:9B:E2:5C:70:AA:AB:36:52:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RJsY4ylteV06nJWb4lxwqqs2UgA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/fb39ed-7c73-4478-901d-65a899a60366/1/Qkg3YrzjOvYjakXnVW3X_b023i4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/fb39ed-7c73-4478-901d-65a899a60366/1/RJsY4ylteV06nJWb4lxwqqs2UgA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.0.0/21
31.193.160.0/21
63.247.208.0/20
85.118.184.0/21
85.193.160.0/20
86.109.24.0/21
89.249.184.0/21
109.68.104.0/21
139.178.96.0/19
145.40.32.0/19
162.211.104.0/22
162.213.160.0/22
185.16.112.0/22
185.21.96.0/22
185.44.210.0/23
193.41.207.0/24
194.107.144.0/24
198.89.232.0/21
IPv6:
2a03:c100::/32
Signature Algorithm: sha256WithRSAEncryption
22:e2:28:d5:a7:f9:19:7c:5c:a6:13:28:ac:c8:3d:4f:b1:62:
5f:38:02:9c:44:58:c7:ad:26:45:46:02:be:60:91:4d:99:c6:
4a:26:0f:08:a6:dc:95:df:da:9f:d5:36:6e:32:bb:bb:de:6e:
80:9d:2e:c7:79:60:a7:3f:26:25:71:b6:5e:31:27:d9:ea:34:
2d:90:b7:6c:3f:3c:56:29:0b:0c:29:b3:b8:37:30:4e:56:1c:
34:75:1b:7e:57:a6:2b:1e:2e:74:86:42:e2:00:29:22:01:7d:
00:51:7f:07:76:fe:4e:40:bb:e7:21:af:0f:58:9b:82:70:65:
47:fa:f5:97:08:6a:20:79:eb:b4:c5:71:ec:b5:06:32:8c:64:
30:ae:94:85:a7:87:61:f8:0d:09:ca:ac:b0:71:95:18:3e:4b:
1b:fc:3e:c2:08:ee:37:f9:e2:25:6d:90:4f:d9:6b:e5:23:a9:
9c:83:0c:bc:aa:b0:5e:96:dd:cd:8c:17:58:65:b4:fc:4d:86:
c1:b0:e6:c7:e1:81:85:3c:a4:47:4b:dc:53:28:e0:93:9e:cf:
d7:5a:12:7e:b8:ea:aa:8e:38:58:b2:7e:66:f5:49:d1:99:73:
33:df:94:69:11:df:8f:b0:95:7f:d3:3f:b5:6d:ad:4a:bb:61:
6e:bf:13:5d
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgIENBva0jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NDliMThlMzI5NmQ3OTVkM2E5Yzk1OWJlMjVjNzBhYWFiMzY1MjAwMB4XDTIyMDEw
MTEyNTUyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDI0ODM3NjJiY2Uz
M2FmNjIzNmE0NWU3NTU2ZGQ3ZmRiZDM2ZGUyZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJAqnA1rXQqdgCS1epOOWB8XEo+iAmWD8lk50ZNGyhzjEeMT
FIrn3A4FxhSg71dqIalFhYxZhEXcUASh4mfxtb9c/Oz3suVBmQiOKFtSAMjZQ4U1
qG695EDmcWbSjuFys9NbZHiTN7LJC8FQGizhYbQOxSl4Slf1EDAVVjkVcW4iVoIY
T8R94ohvMG4BxxXw83g4ImJU+qPBc86AR4YAEvFK46kXyXbzc56NoLGdNL1b70D+
Ee/GVAlPWCy0bneINTzhAPs9A0YbeTsA9j+2iBtsGS5yL6TuwxiGRdoPFDdPH9C3
rmYJh1DhfGrhNALdGCf8OcjZpZ1zSaAnA131RGUCAwEAAaOCAoEwggJ9MB0GA1Ud
DgQWBBRCSDdivOM69iNqRedVbdf9vTbeLjAfBgNVHSMEGDAWgBREmxjjKW15XTqc
lZviXHCqqzZSADAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1JKc1k0eWx0ZVYwNm5KV2I0bHh3cXFzMlVnQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTAvZmIzOWVkLTdjNzMtNDQ3OC05MDFkLTY1YTg5OWE2MDM2Ni8x
L1FrZzNZcnpqT3ZZamFrWG5WVzNYX2IwMjNpNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTAv
ZmIzOWVkLTdjNzMtNDQ3OC05MDFkLTY1YTg5OWE2MDM2Ni8xL1JKc1k0eWx0ZVYw
Nm5KV2I0bHh3cXFzMlVnQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
lgYIKwYBBQUHAQcBAf8EgYYwgYMwcgQCAAEwbAMEAwWfAAMEAx/BoAMEBD/30AME
A1V2uAMEBFXBoAMEA1ZtGAMEA1n5uAMEA21EaAMEBYuyYAMEBZEoIAMEAqLTaAME
AqLVoAMEArkQcAMEArkVYAMEAbks0gMEAMEpzwMEAMJrkAMEA8ZZ6DANBAIAAjAH
AwUAKgPBADANBgkqhkiG9w0BAQsFAAOCAQEAIuIo1af5GXxcphMorMg9T7FiXzgC
nERYx60mRUYCvmCRTZnGSiYPCKbcld/an9U2bjK7u95ugJ0ux3lgpz8mJXG2XjEn
2eo0LZC3bD88VikLDCmzuDcwTlYcNHUbflemKx4udIZC4gApIgF9AFF/B3b+TkC7
5yGvD1ibgnBlR/r1lwhqIHnrtMVx7LUGMoxkMK6UhaeHYfgNCcqssHGVGD5LG/w+
wgjuN/niJW2QT9lr5SOpnIMMvKqwXpbdzYwXWGW0/E2GwbDmx+GBhTykR0vcUyjg
k57P11oSfrjqqo44WLJ+ZvVJ0ZlzM9+UaRHfj7CVf9M/tW2tSrthbr8TXQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:56 2024 by rpki-client on console-fra.rpki-client.org