Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/QIs3NUoK5K-vTs-JLd4WkTBoxYM.roa
File: QIs3NUoK5K-vTs-JLd4WkTBoxYM.roa (raw, json)
Hash identifier: H2FqhcHIeF24DFTPmu/52AIxWa5aa46l2AREq4OwOkQ=
Subject key identifier: 40:8B:37:35:4A:0A:E4:AF:AF:4E:CF:89:2D:DE:16:91:30:68:C5:83
Certificate issuer: /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial: 0186EF080C311F4F25A6293F53FBDF5261D1
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/QIs3NUoK5K-vTs-JLd4WkTBoxYM.roa
Signing time: Fri 17 Mar 2023 10:05:27 +0000
ROA not before: Fri 17 Mar 2023 10:05:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39486
IP address blocks: 193.161.128.0/22 maxlen: 24
171.22.252.0/24 maxlen: 32
194.104.104.0/22 maxlen: 24
45.134.79.0/24 maxlen: 32
87.239.254.0/24 maxlen: 32
185.184.228.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ef:08:0c:31:1f:4f:25:a6:29:3f:53:fb:df:52:61:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Validity
Not Before: Mar 17 10:05:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=408b37354a0ae4afaf4ecf892dde16913068c583
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:59:39:cb:c3:f7:65:89:6b:49:e9:6a:df:a6:
a3:4c:2d:d1:3d:eb:40:65:93:79:50:82:ef:1b:11:
c4:62:4f:c7:86:2b:e2:e3:c1:96:0a:9d:c4:db:48:
d8:04:6f:dd:fe:f1:f6:3e:e1:8d:62:39:7b:03:f9:
d5:79:e5:7c:a6:f2:6c:ec:6d:d2:10:fc:d2:86:5d:
6b:1c:0a:55:bf:93:8b:97:a2:1c:33:42:01:3f:34:
1b:08:f3:64:53:24:c8:6b:f2:19:89:c6:17:a4:12:
17:4a:52:6a:3b:c7:cb:39:c9:68:fb:ce:6b:cd:a3:
40:63:33:60:08:28:49:dc:fa:57:01:91:2a:d0:5e:
da:1c:fe:3e:56:0c:45:02:44:3a:4e:89:b3:69:e7:
38:0d:e7:d2:63:a2:63:ba:b6:4a:64:b0:09:b9:ba:
a5:97:5a:28:fd:1a:47:43:9f:b2:84:f6:04:99:81:
53:de:a5:6e:a6:cc:4d:3f:7e:2b:80:e5:ba:d2:61:
83:39:b2:10:63:8c:5f:d4:8a:a0:cf:94:0e:25:07:
19:39:ea:44:35:db:24:6b:f6:fe:ac:e2:b3:fb:1c:
77:85:e6:ed:ed:8f:85:6d:20:08:28:fc:a8:06:0d:
1b:be:d7:62:f5:21:94:aa:cf:50:c8:1c:e7:48:dd:
af:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:8B:37:35:4A:0A:E4:AF:AF:4E:CF:89:2D:DE:16:91:30:68:C5:83
X509v3 Authority Key Identifier:
keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/QIs3NUoK5K-vTs-JLd4WkTBoxYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.79.0/24
87.239.254.0/24
171.22.252.0/24
185.184.228.0/24
193.161.128.0/22
194.104.104.0/22
Signature Algorithm: sha256WithRSAEncryption
ca:47:ba:54:75:ea:a1:13:c6:47:d7:79:f2:8c:bc:51:e3:d3:
06:42:36:2f:10:7c:8f:1a:e4:d9:44:92:48:d0:52:27:7d:8f:
b8:80:4e:06:95:db:1a:32:e9:f1:09:0e:9a:05:60:cd:48:68:
bb:57:51:6e:27:10:89:df:99:7e:5c:fc:ca:4b:e3:43:c8:83:
de:16:c2:a9:26:85:34:a2:fc:de:01:04:95:cc:b0:27:70:62:
f9:c3:98:92:95:e4:08:56:ef:5f:72:46:34:ef:6d:df:2e:dc:
fd:df:50:16:3a:1f:c6:3c:0e:5c:a7:d7:50:d9:a2:97:23:a9:
99:6a:db:3c:6c:d0:6f:c1:14:6b:50:43:4b:11:e1:20:05:2e:
15:89:a4:4e:87:62:b5:74:62:22:4a:21:f7:9d:98:b7:bd:b0:
9c:01:12:ad:6f:7b:7f:f6:6d:d6:c4:5f:6a:54:d5:4b:17:02:
d3:ec:f8:f4:16:18:10:ef:24:74:e2:90:0d:27:f7:c8:ba:e5:
06:6e:8a:11:9e:81:03:ca:c3:1a:06:c5:e1:a3:13:77:e2:76:
3d:d1:d4:4c:33:77:93:a5:a6:76:4e:dd:16:59:89:29:f9:b7:
1f:f9:a7:bf:43:2e:98:09:3e:0b:cd:25:24:47:b3:db:95:80:
d3:64:0c:1a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYbvCAwxH08lpik/U/vfUmHRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx
OWE3NGUwHhcNMjMwMzE3MTAwNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDhiMzczNTRhMGFlNGFmYWY0ZWNmODkyZGRlMTY5MTMwNjhjNTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1k5y8P3ZYlrSelq36ajTC3RPetA
ZZN5UILvGxHEYk/Hhivi48GWCp3E20jYBG/d/vH2PuGNYjl7A/nVeeV8pvJs7G3S
EPzShl1rHApVv5OLl6IcM0IBPzQbCPNkUyTIa/IZicYXpBIXSlJqO8fLOclo+85r
zaNAYzNgCChJ3PpXAZEq0F7aHP4+VgxFAkQ6Tomzaec4DefSY6JjurZKZLAJubql
l1oo/RpHQ5+yhPYEmYFT3qVupsxNP34rgOW60mGDObIQY4xf1Iqgz5QOJQcZOepE
Ndska/b+rOKz+xx3hebt7Y+FbSAIKPyoBg0bvtdi9SGUqs9QyBznSN2vJwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFECLNzVKCuSvr07PiS3eFpEwaMWDMB8GA1UdIwQY
MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct
OTViMDhlMzY2MGNmLzEvUUlzM05Vb0s1Sy12VHMtSkxkNFdrVEJveFlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTctOTViMDhlMzY2MGNm
LzEva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALYZPAwQA
V+/+AwQAqxb8AwQAubjkAwQCwaGAAwQCwmhoMA0GCSqGSIb3DQEBCwUAA4IBAQDK
R7pUdeqhE8ZH13nyjLxR49MGQjYvEHyPGuTZRJJI0FInfY+4gE4GldsaMunxCQ6a
BWDNSGi7V1FuJxCJ35l+XPzKS+NDyIPeFsKpJoU0ovzeAQSVzLAncGL5w5iSleQI
Vu9fckY0723fLtz931AWOh/GPA5cp9dQ2aKXI6mZats8bNBvwRRrUENLEeEgBS4V
iaROh2K1dGIiSiH3nZi3vbCcARKtb3t/9m3WxF9qVNVLFwLT7Pj0FhgQ7yR04pAN
J/fIuuUGbooRnoEDysMaBsXhoxN34nY90dRMM3eTpaZ2Tt0WWYkp+bcf+ae/Qy6Y
CT4LzSUkR7PblYDTZAwa
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:00:33 2025 by rpki-client