Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/ad3696-f36f-4df0-b2de-c1e9362b1a51/1/QGFb7bC86PxMsPPDOQaaAlsNsM0.roa
File: QGFb7bC86PxMsPPDOQaaAlsNsM0.roa (raw, json)
Hash identifier: pu5HjxCXonkcyX6+I2NWJ2ANuiEW+g7qhWiiu4dCSGk=
Subject key identifier: 40:61:5B:ED:B0:BC:E8:FC:4C:B0:F3:C3:39:06:9A:02:5B:0D:B0:CD
Certificate issuer: /CN=5af4de6e73c8e053cb640b74d2b912abd90b0580
Certificate serial: 0642A065
Authority key identifier: 5A:F4:DE:6E:73:C8:E0:53:CB:64:0B:74:D2:B9:12:AB:D9:0B:05:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WvTebnPI4FPLZAt00rkSq9kLBYA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/ad3696-f36f-4df0-b2de-c1e9362b1a51/1/QGFb7bC86PxMsPPDOQaaAlsNsM0.roa
Signing time: Sat 01 Jan 2022 07:03:26 +0000
ROA not before: Sat 01 Jan 2022 07:03:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44795
IP address blocks: 62.128.160.0/19 maxlen: 19
82.214.240.0/21 maxlen: 21
82.214.244.0/22 maxlen: 22
195.238.32.0/19 maxlen: 19
62.128.168.0/21 maxlen: 21
62.128.168.0/22 maxlen: 22
62.128.172.0/22 maxlen: 22
128.65.64.0/19 maxlen: 19
82.214.192.0/18 maxlen: 18
82.214.210.0/24 maxlen: 24
185.117.52.0/22 maxlen: 22
82.214.240.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 105029733 (0x642a065)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5af4de6e73c8e053cb640b74d2b912abd90b0580
Validity
Not Before: Jan 1 07:03:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=40615bedb0bce8fc4cb0f3c339069a025b0db0cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:9c:16:13:85:81:52:1b:e3:93:cb:5f:25:7f:
a6:b5:0a:8a:40:25:73:87:42:71:73:44:0f:ca:00:
06:d1:4b:73:99:85:45:29:5a:05:e3:db:3a:ff:52:
df:ee:e8:2c:b5:f8:f3:dd:17:b2:74:4b:ec:2f:01:
6c:bf:47:d1:7d:5a:56:8f:e6:54:79:49:29:c3:17:
71:64:2b:fb:8c:b7:6a:c9:94:65:d5:f3:00:48:1e:
92:8f:4e:78:93:c1:f0:25:87:cd:ee:5f:b8:d5:cb:
e9:26:b9:2b:da:03:66:ba:49:1e:63:e9:63:e8:d0:
5b:54:ab:09:85:15:86:e1:a5:b9:29:54:8e:ff:e5:
9c:8d:61:75:02:a0:72:fc:82:cd:74:4a:b5:bb:6c:
db:00:b4:7e:88:3a:79:8a:ed:d5:20:22:ea:0b:47:
af:45:21:c3:99:77:20:ad:ee:8d:bc:7d:42:90:e0:
0a:fb:ff:f7:8b:54:b0:8f:4a:59:29:8e:4b:41:0b:
95:ec:dd:e7:9f:3c:2b:66:58:97:6d:2a:4a:8b:4d:
f9:f3:6e:3e:26:4e:c1:4b:b9:81:7a:a0:9d:72:82:
8a:64:d5:cb:a9:24:30:b2:80:97:91:71:59:2a:51:
55:35:89:57:0b:4f:a5:2e:66:25:ca:40:da:46:a1:
ab:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:61:5B:ED:B0:BC:E8:FC:4C:B0:F3:C3:39:06:9A:02:5B:0D:B0:CD
X509v3 Authority Key Identifier:
keyid:5A:F4:DE:6E:73:C8:E0:53:CB:64:0B:74:D2:B9:12:AB:D9:0B:05:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WvTebnPI4FPLZAt00rkSq9kLBYA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/ad3696-f36f-4df0-b2de-c1e9362b1a51/1/QGFb7bC86PxMsPPDOQaaAlsNsM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/ad3696-f36f-4df0-b2de-c1e9362b1a51/1/WvTebnPI4FPLZAt00rkSq9kLBYA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.128.160.0/19
82.214.192.0/18
128.65.64.0/19
185.117.52.0/22
195.238.32.0/19
Signature Algorithm: sha256WithRSAEncryption
67:75:cb:38:69:e6:6d:3e:46:cb:f0:2e:e3:dd:0e:e1:7c:36:
ee:44:85:6d:c5:91:0d:a3:6c:71:a0:1c:52:30:dd:98:dd:68:
6a:0c:9a:80:9d:58:3b:5b:3e:3b:4a:e4:91:a3:21:5e:df:76:
1b:ac:82:c2:4d:90:77:13:86:c4:c3:6a:19:b3:f1:85:3f:18:
dd:aa:bf:f0:fd:ed:1f:eb:6e:2f:63:3f:8f:ab:29:60:24:13:
01:43:bd:d0:3d:67:fd:e2:9f:60:d8:a5:ec:0a:ae:57:54:1c:
19:ce:ae:a4:10:02:c5:18:c1:5d:16:ac:53:f5:18:ec:50:1a:
85:5e:7a:f7:40:87:bd:31:8b:e8:ad:ac:70:28:c6:e1:21:20:
82:1d:7c:5b:c9:94:58:72:43:ce:4f:e9:29:3e:27:ad:85:19:
05:0c:e2:62:94:6a:1d:2e:ae:75:47:57:15:9b:0e:7a:60:ba:
03:ae:5a:b7:e6:91:04:bb:6f:db:9a:f6:65:72:51:ac:37:cc:
ec:0a:72:8b:7e:53:e0:54:07:5d:6d:58:a8:5a:09:79:0e:38:
3b:aa:e8:6b:bf:85:fa:72:c5:df:dc:0c:4c:03:77:1d:a7:90:
8d:93:5f:8d:0d:36:47:10:72:d5:65:4b:c3:6e:a4:1d:e1:1d:
a1:50:e7:f2
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEBkKgZTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YWY0ZGU2ZTczYzhlMDUzY2I2NDBiNzRkMmI5MTJhYmQ5MGIwNTgwMB4XDTIyMDEw
MTA3MDMyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDA2MTViZWRiMGJj
ZThmYzRjYjBmM2MzMzkwNjlhMDI1YjBkYjBjZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALWcFhOFgVIb45PLXyV/prUKikAlc4dCcXNED8oABtFLc5mF
RSlaBePbOv9S3+7oLLX4890XsnRL7C8BbL9H0X1aVo/mVHlJKcMXcWQr+4y3asmU
ZdXzAEgeko9OeJPB8CWHze5fuNXL6Sa5K9oDZrpJHmPpY+jQW1SrCYUVhuGluSlU
jv/lnI1hdQKgcvyCzXRKtbts2wC0fog6eYrt1SAi6gtHr0Uhw5l3IK3ujbx9QpDg
Cvv/94tUsI9KWSmOS0ELlezd5588K2ZYl20qSotN+fNuPiZOwUu5gXqgnXKCimTV
y6kkMLKAl5FxWSpRVTWJVwtPpS5mJcpA2kahqz8CAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBRAYVvtsLzo/Eyw88M5BpoCWw2wzTAfBgNVHSMEGDAWgBRa9N5uc8jgU8tk
C3TSuRKr2QsFgDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1d2VGViblBJNEZQTFpBdDAwcmtTcTlrTEJZQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjYvYWQzNjk2LWYzNmYtNGRmMC1iMmRlLWMxZTkzNjJiMWE1MS8x
L1FHRmI3YkM4NlB4TXNQUERPUWFhQWxzTnNNMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjYv
YWQzNjk2LWYzNmYtNGRmMC1iMmRlLWMxZTkzNjJiMWE1MS8xL1d2VGViblBJNEZQ
TFpBdDAwcmtTcTlrTEJZQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEBT6AoAMEBlLWwAMEBYBBQAMEArl1
NAMEBcPuIDANBgkqhkiG9w0BAQsFAAOCAQEAZ3XLOGnmbT5Gy/Au490O4Xw27kSF
bcWRDaNscaAcUjDdmN1oagyagJ1YO1s+O0rkkaMhXt92G6yCwk2QdxOGxMNqGbPx
hT8Y3aq/8P3tH+tuL2M/j6spYCQTAUO90D1n/eKfYNil7AquV1QcGc6upBACxRjB
XRasU/UY7FAahV5690CHvTGL6K2scCjG4SEggh18W8mUWHJDzk/pKT4nrYUZBQzi
YpRqHS6udUdXFZsOemC6A65at+aRBLtv25r2ZXJRrDfM7Apyi35T4FQHXW1YqFoJ
eQ44O6roa7+F+nLF39wMTAN3HaeQjZNfjQ02RxBy1WVLw26kHeEdoVDn8g==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:32 2023 by rpki-client on console.sobornost.net