Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/36ba9d-33af-4cf3-a27d-fa718ac9d758/1/QpJX2VpBKXnw1rLwqvX1ZPtLauk.roa
File: QpJX2VpBKXnw1rLwqvX1ZPtLauk.roa (raw, json)
Hash identifier: bffQyUTMzxWAdhgZD+9/tX8XWY9gbKEwOIo/KG1l3OM=
Subject key identifier: 42:92:57:D9:5A:41:29:79:F0:D6:B2:F0:AA:F5:F5:64:FB:4B:6A:E9
Certificate issuer: /CN=b409168fdb52e9b7d1a7a5e8f518edfbc2c3f9af
Certificate serial: 018563788CDEC955D02A7B445C68BC248D05
Authority key identifier: B4:09:16:8F:DB:52:E9:B7:D1:A7:A5:E8:F5:18:ED:FB:C2:C3:F9:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tAkWj9tS6bfRp6Xo9Rjt-8LD-a8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/36ba9d-33af-4cf3-a27d-fa718ac9d758/1/QpJX2VpBKXnw1rLwqvX1ZPtLauk.roa
Signing time: Fri 30 Dec 2022 14:38:42 +0000
ROA not before: Fri 30 Dec 2022 14:38:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41421
IP address blocks: 91.132.112.0/23 maxlen: 23
185.194.212.0/22 maxlen: 24
188.65.40.0/21 maxlen: 21
37.157.200.0/21 maxlen: 21
193.91.4.0/24 maxlen: 24
193.91.12.0/23 maxlen: 23
31.214.137.0/24 maxlen: 24
93.115.39.0/24 maxlen: 24
89.250.192.0/20 maxlen: 20
31.214.138.0/24 maxlen: 24
194.5.180.0/24 maxlen: 24
31.214.140.0/24 maxlen: 24
31.214.145.0/24 maxlen: 24
185.53.132.0/22 maxlen: 24
159.253.240.0/21 maxlen: 21
185.128.156.0/22 maxlen: 22
2a02:4c80::/32 maxlen: 32
2a01:b8e0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:63:78:8c:de:c9:55:d0:2a:7b:44:5c:68:bc:24:8d:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b409168fdb52e9b7d1a7a5e8f518edfbc2c3f9af
Validity
Not Before: Dec 30 14:38:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=429257d95a412979f0d6b2f0aaf5f564fb4b6ae9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:39:0b:bf:88:b7:bc:d1:ef:33:81:eb:63:99:
e9:be:7b:53:96:3b:6b:80:e6:cb:ef:83:ec:16:dd:
99:40:52:ed:bf:d7:17:f6:e9:2e:90:9b:34:35:11:
4e:94:20:9f:e4:f7:dc:a9:70:97:03:de:05:33:cb:
da:b7:35:64:0e:0f:56:d0:ac:63:d0:79:8f:9f:ac:
10:e3:c0:10:4a:bf:a7:a3:2e:e7:ad:53:6d:e4:15:
ec:33:98:50:f1:6b:64:61:bf:ea:be:e4:30:78:1d:
85:9e:a8:ef:3d:9f:43:28:5d:9e:48:98:d2:e3:f3:
71:86:3b:bc:f9:61:c7:32:bb:0c:bb:e5:de:79:82:
98:14:40:8d:e2:99:70:f9:a4:b0:52:7a:37:79:05:
c1:86:bf:b5:a7:96:31:5e:1e:a0:37:0d:1a:a3:8c:
43:5f:68:0a:45:33:93:b9:8a:96:34:79:0e:cf:62:
e2:b7:5d:00:6f:91:32:d2:7c:83:cd:8a:8a:7c:1d:
54:71:a1:da:e9:79:66:26:31:b0:79:b0:8b:64:fe:
6c:98:1f:d8:46:24:94:b8:d6:27:81:9a:eb:cf:49:
d4:6c:33:14:30:b3:ea:23:2b:8a:31:5c:f8:b3:80:
06:11:ec:06:cc:a7:60:f9:e7:d1:86:1e:ff:bc:ee:
1f:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:92:57:D9:5A:41:29:79:F0:D6:B2:F0:AA:F5:F5:64:FB:4B:6A:E9
X509v3 Authority Key Identifier:
keyid:B4:09:16:8F:DB:52:E9:B7:D1:A7:A5:E8:F5:18:ED:FB:C2:C3:F9:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tAkWj9tS6bfRp6Xo9Rjt-8LD-a8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/36ba9d-33af-4cf3-a27d-fa718ac9d758/1/QpJX2VpBKXnw1rLwqvX1ZPtLauk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/36ba9d-33af-4cf3-a27d-fa718ac9d758/1/tAkWj9tS6bfRp6Xo9Rjt-8LD-a8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.214.137.0-31.214.138.255
31.214.140.0/24
31.214.145.0/24
37.157.200.0/21
89.250.192.0/20
91.132.112.0/23
93.115.39.0/24
159.253.240.0/21
185.53.132.0/22
185.128.156.0/22
185.194.212.0/22
188.65.40.0/21
193.91.4.0/24
193.91.12.0/23
194.5.180.0/24
IPv6:
2a01:b8e0::/32
2a02:4c80::/32
Signature Algorithm: sha256WithRSAEncryption
1d:64:29:40:6f:9f:b9:90:34:7b:7f:1e:dd:62:1c:ae:17:1f:
38:01:f4:95:51:08:2d:9b:22:7d:d0:20:fb:bd:56:94:80:9a:
d7:6c:00:99:86:b7:9f:c6:61:46:23:07:66:c5:7c:13:98:3f:
51:0e:32:2e:e9:57:39:a8:8f:a0:7a:90:a5:59:d9:5f:52:f8:
04:56:be:bb:53:58:ad:dd:d0:82:e2:64:8f:42:6c:e9:d8:fe:
a6:1b:3a:ad:90:45:8b:f9:8e:5c:3f:e8:46:25:ba:2a:c7:5e:
3e:61:fc:9c:d5:f6:04:9a:24:e3:b9:8a:8e:38:19:0b:49:d2:
45:dd:d5:91:8c:8e:1b:e2:82:01:33:7d:38:6f:52:c1:4e:cf:
0b:56:95:11:3e:d7:79:c9:af:18:11:c3:13:7d:b3:2b:65:2b:
8f:15:f5:73:55:a7:3b:4d:f2:4b:17:e9:89:76:a8:f1:d8:ad:
07:9a:55:36:31:02:e1:dd:37:6d:78:fe:e2:4a:7b:86:b3:4d:
a0:ae:fa:e6:cf:c1:06:98:d5:ae:bc:97:2f:4c:3c:23:84:da:
d2:6f:05:f0:bc:60:e0:3a:89:62:48:a4:9b:3d:08:67:9d:d7:
e9:cb:d9:dd:5c:93:aa:fb:ce:75:54:00:f7:90:cd:80:df:92:
ad:f6:98:7d
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAYVjeIzeyVXQKntEXGi8JI0FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MDkxNjhmZGI1MmU5YjdkMWE3YTVlOGY1MThlZGZiYzJj
M2Y5YWYwHhcNMjIxMjMwMTQzODQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjkyNTdkOTVhNDEyOTc5ZjBkNmIyZjBhYWY1ZjU2NGZiNGI2YWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzkLv4i3vNHvM4HrY5npvntTljtr
gObL74PsFt2ZQFLtv9cX9ukukJs0NRFOlCCf5PfcqXCXA94FM8vatzVkDg9W0Kxj
0HmPn6wQ48AQSr+noy7nrVNt5BXsM5hQ8WtkYb/qvuQweB2FnqjvPZ9DKF2eSJjS
4/Nxhju8+WHHMrsMu+XeeYKYFECN4plw+aSwUno3eQXBhr+1p5YxXh6gNw0ao4xD
X2gKRTOTuYqWNHkOz2Lit10Ab5Ey0nyDzYqKfB1UcaHa6XlmJjGwebCLZP5smB/Y
RiSUuNYngZrrz0nUbDMUMLPqIyuKMVz4s4AGEewGzKdg+efRhh7/vO4fAwIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFEKSV9laQSl58Nay8Kr19WT7S2rpMB8GA1UdIwQY
MBaAFLQJFo/bUum30ael6PUY7fvCw/mvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEFrV2o5dFM2YmZScDZYbzlSanQtOExELWE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8zNmJhOWQtMzNhZi00Y2YzLWEyN2Qt
ZmE3MThhYzlkNzU4LzEvUXBKWDJWcEJLWG53MXJMd3F2WDFaUHRMYXVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8zNmJhOWQtMzNhZi00Y2YzLWEyN2QtZmE3MThhYzlkNzU4
LzEvdEFrV2o5dFM2YmZScDZYbzlSanQtOExELWE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDBoBAIAATBiMAwDBAAf
1okDBAAf1ooDBAAf1owDBAAf1pEDBAMlncgDBARZ+sADBAFbhHADBABdcycDBAOf
/fADBAK5NYQDBAK5gJwDBAK5wtQDBAO8QSgDBADBWwQDBAHBWwwDBADCBbQwFAQC
AAIwDgMFACoBuOADBQAqAkyAMA0GCSqGSIb3DQEBCwUAA4IBAQAdZClAb5+5kDR7
fx7dYhyuFx84AfSVUQgtmyJ90CD7vVaUgJrXbACZhrefxmFGIwdmxXwTmD9RDjIu
6Vc5qI+gepClWdlfUvgEVr67U1it3dCC4mSPQmzp2P6mGzqtkEWL+Y5cP+hGJboq
x14+Yfyc1fYEmiTjuYqOOBkLSdJF3dWRjI4b4oIBM304b1LBTs8LVpURPtd5ya8Y
EcMTfbMrZSuPFfVzVac7TfJLF+mJdqjx2K0HmlU2MQLh3TdteP7iSnuGs02grvrm
z8EGmNWuvJcvTDwjhNrSbwXwvGDgOoliSKSbPQhnndfpy9ndXJOq+851VAD3kM2A
35Kt9ph9
-----END CERTIFICATE-----
Generated at Tue Apr 29 05:27:26 2025 by rpki-client