Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6afa3c-c069-4604-9df8-7b3f82ee2587/1/qyt8ttACzG0Oz7pYUi8HIJpgJzk.roa
File: qyt8ttACzG0Oz7pYUi8HIJpgJzk.roa (raw, json)
Hash identifier: IbyxAAtqILPyLm6Vz2/fp1EaARGZW8G+8IC+yi95iaQ=
Subject key identifier: AB:2B:7C:B6:D0:02:CC:6D:0E:CF:BA:58:52:2F:07:20:9A:60:27:39
Certificate issuer: /CN=31fa64addcb0f86580c388912341cc47c39c4aed
Certificate serial: 01842DFAD084809EE8369E7AB1175C2A1CEA
Authority key identifier: 31:FA:64:AD:DC:B0:F8:65:80:C3:88:91:23:41:CC:47:C3:9C:4A:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mfpkrdyw-GWAw4iRI0HMR8OcSu0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6afa3c-c069-4604-9df8-7b3f82ee2587/1/qyt8ttACzG0Oz7pYUi8HIJpgJzk.roa
Signing time: Mon 31 Oct 2022 12:18:42 +0000
ROA not before: Mon 31 Oct 2022 12:18:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202334
IP address blocks: 185.85.255.0/24 maxlen: 24
185.243.138.0/24 maxlen: 24
185.243.137.0/24 maxlen: 24
185.243.139.0/24 maxlen: 24
185.243.136.0/24 maxlen: 24
2a0c:fd80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:2d:fa:d0:84:80:9e:e8:36:9e:7a:b1:17:5c:2a:1c:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31fa64addcb0f86580c388912341cc47c39c4aed
Validity
Not Before: Oct 31 12:18:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ab2b7cb6d002cc6d0ecfba58522f07209a602739
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:cd:de:fd:cf:8a:3f:b2:a9:f8:ec:58:c2:d2:
1a:cf:7b:8d:d9:2a:03:7c:1f:8f:6c:96:73:7f:c8:
20:d9:53:0b:b1:1d:ee:77:f7:dd:e5:4a:52:69:49:
89:2a:fb:e2:6f:e0:ad:0b:05:9c:9c:e1:84:b9:a1:
1e:d3:9f:50:ac:88:95:eb:cb:07:9a:48:72:d7:a5:
2d:fb:d5:79:58:9e:db:91:71:95:3e:33:62:4c:e5:
4c:03:cf:57:c4:e2:df:62:1f:c7:6a:97:16:08:c5:
54:ed:20:4f:8d:5d:01:31:b0:fd:27:c3:db:ef:d1:
9f:79:e1:9f:1f:06:28:6d:52:ab:27:dd:cf:4f:1d:
0b:b0:9b:b6:08:a3:cd:a8:ef:56:c1:12:4f:2c:1d:
5a:c3:a1:85:12:ff:16:b4:62:6c:74:00:da:e3:f1:
de:9b:45:96:f0:88:b3:5c:a3:70:41:9f:74:70:14:
22:e5:f2:1b:f1:7b:48:40:25:49:bb:5a:69:3b:57:
b3:0c:3e:8e:92:ec:86:ba:e8:bb:11:51:b4:8c:c5:
2e:d7:ad:83:cf:e6:62:71:6d:cb:bf:0c:96:d0:64:
94:14:1e:f8:70:84:55:48:cc:05:39:e0:28:7a:f5:
e9:fb:c5:62:e7:8a:8b:56:e6:4b:d9:87:02:c7:a0:
50:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:2B:7C:B6:D0:02:CC:6D:0E:CF:BA:58:52:2F:07:20:9A:60:27:39
X509v3 Authority Key Identifier:
keyid:31:FA:64:AD:DC:B0:F8:65:80:C3:88:91:23:41:CC:47:C3:9C:4A:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mfpkrdyw-GWAw4iRI0HMR8OcSu0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6afa3c-c069-4604-9df8-7b3f82ee2587/1/qyt8ttACzG0Oz7pYUi8HIJpgJzk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6afa3c-c069-4604-9df8-7b3f82ee2587/1/Mfpkrdyw-GWAw4iRI0HMR8OcSu0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.85.255.0/24
185.243.136.0/22
IPv6:
2a0c:fd80::/29
Signature Algorithm: sha256WithRSAEncryption
18:ed:fe:f6:64:f2:eb:66:1d:0a:91:c8:b8:6f:be:ac:e7:a5:
2d:7b:c2:93:aa:3d:27:be:28:ab:cd:47:42:f3:b7:e0:f4:bb:
1b:de:bf:17:35:4e:df:be:ed:1b:f0:e5:23:5c:70:17:f5:c7:
4b:8d:2c:23:ad:87:d6:aa:e6:3a:26:ea:be:1c:9a:ce:7d:12:
b6:2c:42:4d:c3:64:ee:76:e6:db:6f:1a:af:cf:d1:07:e6:df:
68:7b:69:2c:b3:06:38:9f:e3:44:63:2f:ea:64:64:df:8a:9b:
58:78:5b:64:4c:f2:42:17:19:20:88:1d:24:30:ac:9f:b0:89:
ed:c5:83:a4:fd:8f:b3:df:98:73:f6:af:c5:fb:76:db:a3:4a:
e2:58:1c:3f:a4:34:ca:77:90:a9:1e:9c:f4:ae:f2:90:98:99:
81:26:63:de:cc:6b:8b:a4:2e:21:4e:57:5e:8b:0b:f8:87:01:
b1:8c:b3:c2:88:2c:aa:51:76:67:7b:c4:e1:fb:2a:b8:45:be:
e3:73:34:73:8c:5c:67:11:53:af:59:a3:c7:7e:fb:29:7e:a9:
7f:31:12:a8:dd:5b:82:a6:54:2a:35:4f:b4:44:a4:6c:4e:61:
30:c8:49:8f:06:9e:4e:2e:f3:22:cf:f3:67:15:95:b0:0a:34:
0f:92:da:cb
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYQt+tCEgJ7oNp56sRdcKhzqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxZmE2NGFkZGNiMGY4NjU4MGMzODg5MTIzNDFjYzQ3YzM5
YzRhZWQwHhcNMjIxMDMxMTIxODQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjJiN2NiNmQwMDJjYzZkMGVjZmJhNTg1MjJmMDcyMDlhNjAyNzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl83e/c+KP7Kp+OxYwtIaz3uN2SoD
fB+PbJZzf8gg2VMLsR3ud/fd5UpSaUmJKvvib+CtCwWcnOGEuaEe059QrIiV68sH
mkhy16Ut+9V5WJ7bkXGVPjNiTOVMA89XxOLfYh/HapcWCMVU7SBPjV0BMbD9J8Pb
79GfeeGfHwYobVKrJ93PTx0LsJu2CKPNqO9WwRJPLB1aw6GFEv8WtGJsdADa4/He
m0WW8IizXKNwQZ90cBQi5fIb8XtIQCVJu1ppO1ezDD6OkuyGuui7EVG0jMUu162D
z+ZicW3LvwyW0GSUFB74cIRVSMwFOeAoevXp+8Vi54qLVuZL2YcCx6BQewIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKsrfLbQAsxtDs+6WFIvByCaYCc5MB8GA1UdIwQY
MBaAFDH6ZK3csPhlgMOIkSNBzEfDnErtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWZwa3JkeXctR1dBdzRpUkkwSE1SOE9jU3UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YWZhM2MtYzA2OS00NjA0LTlkZjgt
N2IzZjgyZWUyNTg3LzEvcXl0OHR0QUN6RzBPejdwWVVpOEhJSnBnSnprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YWZhM2MtYzA2OS00NjA0LTlkZjgtN2IzZjgyZWUyNTg3
LzEvTWZwa3JkeXctR1dBdzRpUkkwSE1SOE9jU3UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuVX/AwQC
ufOIMA0EAgACMAcDBQMqDP2AMA0GCSqGSIb3DQEBCwUAA4IBAQAY7f72ZPLrZh0K
kci4b76s56Ute8KTqj0nviirzUdC87fg9Lsb3r8XNU7fvu0b8OUjXHAX9cdLjSwj
rYfWquY6Juq+HJrOfRK2LEJNw2Tudubbbxqvz9EH5t9oe2ksswY4n+NEYy/qZGTf
iptYeFtkTPJCFxkgiB0kMKyfsIntxYOk/Y+z35hz9q/F+3bbo0riWBw/pDTKd5Cp
Hpz0rvKQmJmBJmPezGuLpC4hTldeiwv4hwGxjLPCiCyqUXZne8Th+yq4Rb7jczRz
jFxnEVOvWaPHfvspfql/MRKo3VuCplQqNU+0RKRsTmEwyEmPBp5OLvMiz/NnFZWw
CjQPktrL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:28 2024 by rpki-client on console-ams.rpki-client.org