Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/07cdcf-8875-4770-8c75-41b745bf53db/1/QOJZRy-JKeW3idWkNCeU7exqqcI.roa
File: QOJZRy-JKeW3idWkNCeU7exqqcI.roa (raw, json)
Hash identifier: jgYZnPJRj13rdBKNeEkTgkLAPQJ2++c+IapYPunpsw4=
Subject key identifier: 40:E2:59:47:2F:89:29:E5:B7:89:D5:A4:34:27:94:ED:EC:6A:A9:C2
Certificate issuer: /CN=49378660f5f01923946c35d94be5ccd7d2b71051
Certificate serial: 0182EA5A599069444B8EB848ADC13A98C26D
Authority key identifier: 49:37:86:60:F5:F0:19:23:94:6C:35:D9:4B:E5:CC:D7:D2:B7:10:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/STeGYPXwGSOUbDXZS-XM19K3EFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/07cdcf-8875-4770-8c75-41b745bf53db/1/QOJZRy-JKeW3idWkNCeU7exqqcI.roa
Signing time: Mon 29 Aug 2022 16:06:05 +0000
ROA not before: Mon 29 Aug 2022 16:06:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203593
IP address blocks: 185.129.253.0/24 maxlen: 24
185.129.252.0/24 maxlen: 24
185.129.254.0/24 maxlen: 24
185.129.255.0/24 maxlen: 24
157.97.163.0/24 maxlen: 24
193.254.202.0/24 maxlen: 24
193.254.203.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ea:5a:59:90:69:44:4b:8e:b8:48:ad:c1:3a:98:c2:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49378660f5f01923946c35d94be5ccd7d2b71051
Validity
Not Before: Aug 29 16:06:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=40e259472f8929e5b789d5a4342794edec6aa9c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:5e:76:cf:a6:de:e4:72:d2:63:e1:76:28:eb:
74:75:85:b7:89:fb:60:92:8e:c7:49:90:99:9e:fa:
28:bd:22:7a:ee:21:60:54:ac:50:73:b7:e6:f8:75:
6b:fe:52:e7:d1:77:6d:b6:89:fe:c7:7f:1e:4c:c5:
9e:b8:a4:a1:bd:43:89:96:7b:67:7d:1e:f8:72:e1:
8e:1e:51:38:f0:87:5e:d7:3a:4d:9a:a3:80:6b:7b:
04:ee:5d:8d:74:7d:e4:45:2c:c3:28:e6:52:5a:5d:
7c:c2:2f:64:5b:59:ac:ba:42:36:75:8f:bf:d1:2f:
15:61:6e:c3:2b:76:bb:fb:d0:35:f4:c3:0d:26:56:
f6:6d:62:3a:1f:be:cc:05:8c:10:aa:51:ff:59:0c:
43:05:a9:0c:af:0c:01:83:57:e3:5f:0c:47:2a:ec:
6c:d6:47:c4:fa:56:80:d2:a3:c3:9e:d5:4e:57:b6:
3f:b1:06:c5:a3:46:f1:ae:b4:c2:bb:56:cf:a9:94:
0b:06:d2:a2:4d:79:e0:92:be:ac:29:10:0e:8f:a2:
dd:e6:f1:0d:e1:fe:99:95:85:e6:91:dc:84:7e:80:
10:cf:c9:76:b8:48:22:3f:81:a2:06:3c:d5:2e:e6:
1f:dd:8a:27:c8:4c:35:60:62:7b:28:ae:c0:6a:e3:
a7:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:E2:59:47:2F:89:29:E5:B7:89:D5:A4:34:27:94:ED:EC:6A:A9:C2
X509v3 Authority Key Identifier:
keyid:49:37:86:60:F5:F0:19:23:94:6C:35:D9:4B:E5:CC:D7:D2:B7:10:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/STeGYPXwGSOUbDXZS-XM19K3EFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/07cdcf-8875-4770-8c75-41b745bf53db/1/QOJZRy-JKeW3idWkNCeU7exqqcI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/07cdcf-8875-4770-8c75-41b745bf53db/1/STeGYPXwGSOUbDXZS-XM19K3EFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.97.163.0/24
185.129.252.0/22
193.254.202.0/23
Signature Algorithm: sha256WithRSAEncryption
89:ea:14:cb:98:f7:99:f8:d3:50:f4:45:98:dd:78:00:e9:ab:
f2:4a:fa:64:e6:a4:fe:ad:cb:22:b7:dc:ff:fb:5c:6b:d7:c4:
76:30:eb:ca:1e:b5:b4:40:84:16:62:18:4a:05:94:0d:29:5b:
ed:f4:20:4a:7a:ec:84:ba:7e:7c:c2:ed:f6:85:81:18:89:42:
34:b9:30:45:f7:83:3a:b7:cf:51:c1:2d:36:eb:37:1b:92:e5:
11:70:55:2b:49:01:96:22:49:fa:b7:61:ae:85:83:ef:fd:f6:
a3:d8:86:a9:d3:7b:e6:10:84:90:84:a6:b7:0a:c3:33:4e:c0:
46:44:2b:7b:65:9a:c3:93:1e:7a:86:95:8f:f0:15:78:71:c6:
04:ce:2b:7d:32:11:c3:d2:02:ed:ad:92:46:93:91:5b:a3:a1:
06:d9:90:11:30:4d:d9:bf:03:fe:41:b6:91:74:8a:02:ab:c5:
ff:3f:ec:ee:26:3a:20:2d:fe:e7:c7:ea:9a:24:02:8a:d4:53:
b7:27:31:57:2a:ad:d6:76:ae:90:d4:8b:d8:e9:84:eb:1d:c1:
bf:d0:22:24:0a:32:82:04:91:4c:85:ef:37:01:06:e9:ce:a0:
31:cb:85:b1:4d:8d:31:eb:cc:a1:29:b0:da:03:16:49:01:59:
d9:5c:bb:de
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYLqWlmQaURLjrhIrcE6mMJtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5Mzc4NjYwZjVmMDE5MjM5NDZjMzVkOTRiZTVjY2Q3ZDJi
NzEwNTEwHhcNMjIwODI5MTYwNjA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGUyNTk0NzJmODkyOWU1Yjc4OWQ1YTQzNDI3OTRlZGVjNmFhOWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtV52z6be5HLSY+F2KOt0dYW3iftg
ko7HSZCZnvoovSJ67iFgVKxQc7fm+HVr/lLn0Xdtton+x38eTMWeuKShvUOJlntn
fR74cuGOHlE48Ide1zpNmqOAa3sE7l2NdH3kRSzDKOZSWl18wi9kW1msukI2dY+/
0S8VYW7DK3a7+9A19MMNJlb2bWI6H77MBYwQqlH/WQxDBakMrwwBg1fjXwxHKuxs
1kfE+laA0qPDntVOV7Y/sQbFo0bxrrTCu1bPqZQLBtKiTXngkr6sKRAOj6Ld5vEN
4f6ZlYXmkdyEfoAQz8l2uEgiP4GiBjzVLuYf3YonyEw1YGJ7KK7AauOnjQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEDiWUcviSnlt4nVpDQnlO3saqnCMB8GA1UdIwQY
MBaAFEk3hmD18BkjlGw12UvlzNfStxBRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1RlR1lQWHdHU09VYkRYWlMtWE0xOUszRUZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8wN2NkY2YtODg3NS00NzcwLThjNzUt
NDFiNzQ1YmY1M2RiLzEvUU9KWlJ5LUpLZVczaWRXa05DZVU3ZXhxcWNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8wN2NkY2YtODg3NS00NzcwLThjNzUtNDFiNzQ1YmY1M2Ri
LzEvU1RlR1lQWHdHU09VYkRYWlMtWE0xOUszRUZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAnWGjAwQC
uYH8AwQBwf7KMA0GCSqGSIb3DQEBCwUAA4IBAQCJ6hTLmPeZ+NNQ9EWY3XgA6avy
Svpk5qT+rcsit9z/+1xr18R2MOvKHrW0QIQWYhhKBZQNKVvt9CBKeuyEun58wu32
hYEYiUI0uTBF94M6t89RwS026zcbkuURcFUrSQGWIkn6t2GuhYPv/faj2Iap03vm
EISQhKa3CsMzTsBGRCt7ZZrDkx56hpWP8BV4ccYEzit9MhHD0gLtrZJGk5Fbo6EG
2ZARME3ZvwP+QbaRdIoCq8X/P+zuJjogLf7nx+qaJAKK1FO3JzFXKq3Wdq6Q1IvY
6YTrHcG/0CIkCjKCBJFMhe83AQbpzqAxy4WxTY0x68yhKbDaAxZJAVnZXLve
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:21 2023 by rpki-client on console.sobornost.net