Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/6e457e-366d-440b-af2c-5cadbdcf2215/1/q3Kh6db0sPtrfgMaVIP4s7cnaRM.roa
File: q3Kh6db0sPtrfgMaVIP4s7cnaRM.roa (raw, json)
Hash identifier: eFq8JwYhVPUJY0FJ9FmHqemzep2i5tObUzEeuwcoVIU=
Subject key identifier: AB:72:A1:E9:D6:F4:B0:FB:6B:7E:03:1A:54:83:F8:B3:B7:27:69:13
Certificate issuer: /CN=e49dbf3c44468e52411d4861856bf0bdc79063e4
Certificate serial: 0182F9A8252A71EBDA9DAEBC1D1C1731C4BF
Authority key identifier: E4:9D:BF:3C:44:46:8E:52:41:1D:48:61:85:6B:F0:BD:C7:90:63:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5J2_PERGjlJBHUhhhWvwvceQY-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/6e457e-366d-440b-af2c-5cadbdcf2215/1/q3Kh6db0sPtrfgMaVIP4s7cnaRM.roa
Signing time: Thu 01 Sep 2022 15:25:22 +0000
ROA not before: Thu 01 Sep 2022 15:25:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56975
IP address blocks: 185.108.220.0/24 maxlen: 24
185.108.223.0/24 maxlen: 24
185.108.222.0/24 maxlen: 24
2a00:e000::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:f9:a8:25:2a:71:eb:da:9d:ae:bc:1d:1c:17:31:c4:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e49dbf3c44468e52411d4861856bf0bdc79063e4
Validity
Not Before: Sep 1 15:25:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ab72a1e9d6f4b0fb6b7e031a5483f8b3b7276913
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:1f:8c:dc:67:4d:01:43:c5:be:2a:f8:f1:b3:
e9:e9:d9:93:f4:a3:62:a4:15:a4:e0:cf:83:fb:8c:
57:02:22:43:31:22:ba:08:9e:28:16:b7:f2:e1:8f:
08:8f:8e:a6:49:00:ae:25:9e:67:e9:4c:08:7a:ad:
2a:38:d0:b2:32:b1:4a:21:1b:1a:e0:e5:f0:e7:1d:
9a:ea:7f:e4:f1:e8:00:c1:0c:db:2b:ed:ee:95:87:
08:d9:1a:55:99:ec:8d:0a:29:83:d8:30:68:84:9a:
2c:59:fc:7d:c6:f6:42:d8:48:ed:67:3f:6b:f9:9f:
2d:55:f0:ce:39:25:c3:08:4c:c3:23:19:0d:d8:be:
06:33:32:26:a6:24:4e:e4:7f:42:fa:79:59:9d:59:
c9:3b:19:71:1d:56:71:b4:6a:28:13:82:7c:f6:4e:
11:f1:1b:2c:d7:87:b2:4a:ec:98:32:d6:05:9d:48:
ad:55:13:33:09:a3:d5:0e:d4:53:40:78:b8:d2:49:
32:0b:2f:4e:a8:61:ea:12:79:53:71:ea:bc:29:9c:
82:6c:6a:09:11:2a:f7:33:1d:d0:d0:f0:33:96:85:
2b:c7:01:2f:4c:74:4c:e2:fb:d2:c4:64:d5:22:d1:
90:dc:92:f6:78:2f:ae:31:98:34:9f:29:db:fd:fd:
74:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:72:A1:E9:D6:F4:B0:FB:6B:7E:03:1A:54:83:F8:B3:B7:27:69:13
X509v3 Authority Key Identifier:
keyid:E4:9D:BF:3C:44:46:8E:52:41:1D:48:61:85:6B:F0:BD:C7:90:63:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5J2_PERGjlJBHUhhhWvwvceQY-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/6e457e-366d-440b-af2c-5cadbdcf2215/1/q3Kh6db0sPtrfgMaVIP4s7cnaRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/6e457e-366d-440b-af2c-5cadbdcf2215/1/5J2_PERGjlJBHUhhhWvwvceQY-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.108.220.0/24
185.108.222.0/23
IPv6:
2a00:e000::/48
Signature Algorithm: sha256WithRSAEncryption
1d:31:72:fd:97:f0:3f:38:72:7a:f9:f7:9c:ba:8c:f9:61:db:
c6:8c:41:ef:b8:3f:59:bc:99:de:ad:9d:fb:05:24:52:62:ba:
88:4e:a6:e5:f2:50:6d:17:66:e9:d5:0e:95:9d:60:ef:90:54:
c7:d3:5e:cd:17:ce:6a:b4:8b:73:24:14:5b:d4:6a:76:6e:dd:
e9:23:97:db:eb:a3:a5:4e:1c:f0:7d:81:d9:df:9c:5f:b5:16:
f3:d9:5b:22:e2:bb:28:36:63:96:55:83:ac:2b:67:eb:62:55:
aa:ba:6e:47:8a:3d:33:0a:81:8c:04:17:2b:3d:db:c3:49:b5:
f1:0b:11:cd:a6:95:b2:ca:ab:64:64:36:27:36:7f:10:48:43:
bd:57:d5:4a:ca:90:15:b7:79:ee:f4:34:be:eb:6b:9b:49:f3:
ce:e2:a2:66:18:78:40:ce:2e:b3:bc:f8:7a:32:ae:49:ea:23:
91:ba:a4:d7:fc:aa:3e:f6:d5:14:f9:2e:51:ec:02:21:4f:79:
74:bd:a0:6d:6f:cd:2a:97:f9:65:79:42:e2:17:74:58:47:45:
f2:47:72:d3:71:89:a2:2f:a2:56:27:57:5d:d4:91:ab:ee:d2:
2c:e6:28:58:92:e9:fb:ea:20:07:ec:0d:c8:89:4b:b0:4a:5b:
9d:5a:90:81
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYL5qCUqcevana68HRwXMcS/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0OWRiZjNjNDQ0NjhlNTI0MTFkNDg2MTg1NmJmMGJkYzc5
MDYzZTQwHhcNMjIwOTAxMTUyNTIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjcyYTFlOWQ2ZjRiMGZiNmI3ZTAzMWE1NDgzZjhiM2I3Mjc2OTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjB+M3GdNAUPFvir48bPp6dmT9KNi
pBWk4M+D+4xXAiJDMSK6CJ4oFrfy4Y8Ij46mSQCuJZ5n6UwIeq0qONCyMrFKIRsa
4OXw5x2a6n/k8egAwQzbK+3ulYcI2RpVmeyNCimD2DBohJosWfx9xvZC2EjtZz9r
+Z8tVfDOOSXDCEzDIxkN2L4GMzImpiRO5H9C+nlZnVnJOxlxHVZxtGooE4J89k4R
8Rss14eySuyYMtYFnUitVRMzCaPVDtRTQHi40kkyCy9OqGHqEnlTceq8KZyCbGoJ
ESr3Mx3Q0PAzloUrxwEvTHRM4vvSxGTVItGQ3JL2eC+uMZg0nynb/f10TwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFKtyoenW9LD7a34DGlSD+LO3J2kTMB8GA1UdIwQY
MBaAFOSdvzxERo5SQR1IYYVr8L3HkGPkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUoyX1BFUkdqbEpCSFVoaGhXdnd2Y2VRWS1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS82ZTQ1N2UtMzY2ZC00NDBiLWFmMmMt
NWNhZGJkY2YyMjE1LzEvcTNLaDZkYjBzUHRyZmdNYVZJUDRzN2NuYVJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS82ZTQ1N2UtMzY2ZC00NDBiLWFmMmMtNWNhZGJkY2YyMjE1
LzEvNUoyX1BFUkdqbEpCSFVoaGhXdnd2Y2VRWS1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAuWzcAwQB
uWzeMA8EAgACMAkDBwAqAOAAAAAwDQYJKoZIhvcNAQELBQADggEBAB0xcv2X8D84
cnr595y6jPlh28aMQe+4P1m8md6tnfsFJFJiuohOpuXyUG0XZunVDpWdYO+QVMfT
Xs0Xzmq0i3MkFFvUanZu3ekjl9vro6VOHPB9gdnfnF+1FvPZWyLiuyg2Y5ZVg6wr
Z+tiVaq6bkeKPTMKgYwEFys928NJtfELEc2mlbLKq2RkNic2fxBIQ71X1UrKkBW3
ee70NL7ra5tJ887iomYYeEDOLrO8+HoyrknqI5G6pNf8qj721RT5LlHsAiFPeXS9
oG1vzSqX+WV5QuIXdFhHRfJHctNxiaIvolYnV13Ukavu0izmKFiS6fvqIAfsDciJ
S7BKW51akIE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:28 2023 by rpki-client on console-fra.rpki-client.org