Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/bd0d13-e983-4ff9-b507-5e656f1b4876/1/1SQPGkicpCrJaHVx916dSHNpCBo.roa
File: 1SQPGkicpCrJaHVx916dSHNpCBo.roa (raw, json)
Hash identifier: aoVIR70dvoAPWSqyHMv9fBcKuj1t0h8mqbOWN9T/iFg=
Subject key identifier: D5:24:0F:1A:48:9C:A4:2A:C9:68:75:71:F7:5E:9D:48:73:69:08:1A
Certificate issuer: /CN=be49fb190f4bd0f5815a8e579f366ad58d5d41f9
Certificate serial: 04955982
Authority key identifier: BE:49:FB:19:0F:4B:D0:F5:81:5A:8E:57:9F:36:6A:D5:8D:5D:41:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vkn7GQ9L0PWBWo5XnzZq1Y1dQfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/bd0d13-e983-4ff9-b507-5e656f1b4876/1/1SQPGkicpCrJaHVx916dSHNpCBo.roa
Signing time: Sat 01 Jan 2022 10:03:31 +0000
ROA not before: Sat 01 Jan 2022 10:03:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43463
IP address blocks: 185.244.251.0/24 maxlen: 24
185.244.250.0/24 maxlen: 24
185.244.249.0/24 maxlen: 24
91.224.93.0/24 maxlen: 24
193.46.83.0/24 maxlen: 24
185.36.80.0/24 maxlen: 24
185.36.83.0/24 maxlen: 24
185.36.82.0/24 maxlen: 24
185.169.4.0/24 maxlen: 24
185.255.192.0/22 maxlen: 22
2a00:ea60:200::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76896642 (0x4955982)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be49fb190f4bd0f5815a8e579f366ad58d5d41f9
Validity
Not Before: Jan 1 10:03:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d5240f1a489ca42ac9687571f75e9d487369081a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:3e:89:b2:e2:4c:62:e2:76:c6:26:5b:0d:0e:
27:54:ea:04:93:88:b3:2a:8d:f5:64:34:af:da:09:
a7:e2:70:cf:8d:6d:3b:9b:8d:5b:ef:6d:87:a9:b4:
32:9c:bb:e7:91:62:ad:59:9d:51:a5:76:d9:29:7c:
84:38:c6:13:74:aa:ba:0f:28:5f:58:bc:e5:dc:f8:
bb:da:f3:bb:3b:96:1b:b4:59:63:22:ea:8e:ed:06:
09:00:e4:b3:0d:90:3a:eb:43:b6:19:27:ad:ea:7f:
75:49:c4:9d:7c:db:d9:1b:53:cf:ae:21:6f:a6:a9:
0e:08:94:fc:6d:18:a8:48:da:4b:35:e9:41:7b:aa:
70:ec:05:80:c0:38:0e:54:fd:16:b0:42:63:47:75:
77:3c:f1:2d:af:70:0f:50:66:73:e2:52:f1:c3:fb:
29:d9:7e:bb:ed:66:af:63:ea:64:36:9a:83:ef:68:
cf:68:26:89:c4:6a:60:b2:22:b9:73:e0:51:91:53:
e5:dc:e7:41:41:c4:18:41:96:03:96:05:36:18:de:
0e:15:d5:77:d0:26:73:de:43:76:09:6e:a0:6a:d1:
ab:03:01:8a:c1:43:4a:59:06:4b:f6:ff:41:1b:08:
ff:54:75:c7:ee:b0:8d:dd:d8:c9:da:ab:7a:6c:91:
4a:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:24:0F:1A:48:9C:A4:2A:C9:68:75:71:F7:5E:9D:48:73:69:08:1A
X509v3 Authority Key Identifier:
keyid:BE:49:FB:19:0F:4B:D0:F5:81:5A:8E:57:9F:36:6A:D5:8D:5D:41:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vkn7GQ9L0PWBWo5XnzZq1Y1dQfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bd0d13-e983-4ff9-b507-5e656f1b4876/1/1SQPGkicpCrJaHVx916dSHNpCBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bd0d13-e983-4ff9-b507-5e656f1b4876/1/vkn7GQ9L0PWBWo5XnzZq1Y1dQfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.224.93.0/24
185.36.80.0/24
185.36.82.0/23
185.169.4.0/24
185.244.249.0-185.244.251.255
185.255.192.0/22
193.46.83.0/24
IPv6:
2a00:ea60:200::/40
Signature Algorithm: sha256WithRSAEncryption
7b:5d:72:22:c1:0c:77:a0:38:ba:52:d5:5b:cf:b0:a8:83:34:
42:1a:f1:3e:65:af:73:0e:3b:e7:16:88:80:85:4b:3b:d6:1f:
6a:5a:3a:21:07:0f:43:84:63:5e:09:ba:63:c9:ff:31:8e:b6:
8d:e1:48:7e:a2:e7:7a:bc:18:52:ff:58:d2:f4:bf:f1:67:77:
bb:16:2e:b3:df:34:a9:b4:a6:51:5e:eb:fc:5b:d7:f0:11:a6:
8e:86:39:64:a1:31:ff:79:bf:6c:80:68:76:68:fd:98:b8:ae:
c2:10:47:ab:2c:5b:f4:04:a6:f7:a9:bd:64:f7:29:4c:55:29:
ee:1c:db:83:69:16:1c:c0:bb:11:57:e6:32:42:13:9d:6a:e8:
13:53:03:9e:4c:d0:fb:6c:30:5a:7d:b2:19:3b:7a:19:cc:ab:
ea:ef:65:67:c4:5b:c3:4e:80:7c:74:fd:15:06:50:c3:69:2f:
b1:12:be:f5:1f:d6:83:ce:ea:1b:53:2b:30:6b:39:b4:73:83:
93:3c:9c:0e:71:4f:86:c8:99:b3:d8:11:af:d1:c1:5d:82:fa:
56:fc:21:dc:83:80:da:4a:39:cc:2c:8b:cf:0b:ce:88:1d:42:
a0:44:66:ef:e7:e5:47:3c:12:08:a2:28:c7:5e:b9:d7:52:db:
86:94:ee:52
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIEBJVZgjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZTQ5ZmIxOTBmNGJkMGY1ODE1YThlNTc5ZjM2NmFkNThkNWQ0MWY5MB4XDTIyMDEw
MTEwMDMzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDUyNDBmMWE0ODlj
YTQyYWM5Njg3NTcxZjc1ZTlkNDg3MzY5MDgxYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALo+ibLiTGLidsYmWw0OJ1TqBJOIsyqN9WQ0r9oJp+Jwz41t
O5uNW+9th6m0Mpy755FirVmdUaV22Sl8hDjGE3Squg8oX1i85dz4u9rzuzuWG7RZ
YyLqju0GCQDksw2QOutDthknrep/dUnEnXzb2RtTz64hb6apDgiU/G0YqEjaSzXp
QXuqcOwFgMA4DlT9FrBCY0d1dzzxLa9wD1Bmc+JS8cP7Kdl+u+1mr2PqZDaag+9o
z2gmicRqYLIiuXPgUZFT5dznQUHEGEGWA5YFNhjeDhXVd9Amc95DdgluoGrRqwMB
isFDSlkGS/b/QRsI/1R1x+6wjd3YydqremyRSrMCAwEAAaOCAkUwggJBMB0GA1Ud
DgQWBBTVJA8aSJykKslodXH3Xp1Ic2kIGjAfBgNVHSMEGDAWgBS+SfsZD0vQ9YFa
jlefNmrVjV1B+TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZrbjdHUTlMMFBXQldvNVhuelpxMVkxZFFmay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTYvYmQwZDEzLWU5ODMtNGZmOS1iNTA3LTVlNjU2ZjFiNDg3Ni8x
LzFTUVBHa2ljcENySmFIVng5MTZkU0hOcENCby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTYv
YmQwZDEzLWU5ODMtNGZmOS1iNTA3LTVlNjU2ZjFiNDg3Ni8xL3ZrbjdHUTlMMFBX
QldvNVhuelpxMVkxZFFmay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBb
BggrBgEFBQcBBwEB/wRMMEowOAQCAAEwMgMEAFvgXQMEALkkUAMEAbkkUgMEALmp
BDAMAwQAufT5AwQCufT4AwQCuf/AAwQAwS5TMA4EAgACMAgDBgAqAOpgAjANBgkq
hkiG9w0BAQsFAAOCAQEAe11yIsEMd6A4ulLVW8+wqIM0QhrxPmWvcw475xaIgIVL
O9Yfalo6IQcPQ4RjXgm6Y8n/MY62jeFIfqLnerwYUv9Y0vS/8Wd3uxYus980qbSm
UV7r/FvX8BGmjoY5ZKEx/3m/bIBodmj9mLiuwhBHqyxb9ASm96m9ZPcpTFUp7hzb
g2kWHMC7EVfmMkITnWroE1MDnkzQ+2wwWn2yGTt6Gcyr6u9lZ8Rbw06AfHT9FQZQ
w2kvsRK+9R/Wg87qG1MrMGs5tHODkzycDnFPhsiZs9gRr9HBXYL6Vvwh3IOA2ko5
zCyLzwvOiB1CoERm7+flRzwSCKIox16511LbhpTuUg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:30 2023 by rpki-client on console-ams.rpki-client.org