Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/DeU2u64fTlt6vajoBcGr8DQipH0.roa
File: DeU2u64fTlt6vajoBcGr8DQipH0.roa (raw, json)
Hash identifier: iBdSqd1nT67ThIH5AXaUU+NNne89kwMUopmkf8hX3sQ=
Subject key identifier: 0D:E5:36:BB:AE:1F:4E:5B:7A:BD:A8:E8:05:C1:AB:F0:34:22:A4:7D
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 388467C5
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/DeU2u64fTlt6vajoBcGr8DQipH0.roa
Signing time: Sat 01 Jan 2022 05:54:19 +0000
ROA not before: Sat 01 Jan 2022 05:54:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43513
IP address blocks: 85.254.142.0/23 maxlen: 23
85.254.145.0/24 maxlen: 24
159.148.102.0/24 maxlen: 24
85.254.32.0/21 maxlen: 21
85.254.49.74/32 maxlen: 32
85.254.49.75/32 maxlen: 32
85.254.49.72/32 maxlen: 32
85.254.49.73/32 maxlen: 32
85.254.5.0/24 maxlen: 24
159.148.198.0/23 maxlen: 23
159.148.200.0/24 maxlen: 24
85.254.16.0/22 maxlen: 22
85.254.24.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 948201413 (0x388467c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 1 05:54:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0de536bbae1f4e5b7abda8e805c1abf03422a47d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e9:16:37:f2:91:7d:4b:58:eb:b4:c1:1d:24:
72:2f:e4:7d:f1:6a:c6:74:2c:93:3f:13:82:80:85:
35:d1:68:9b:2c:b9:f6:97:09:25:a1:74:a5:58:75:
8a:1e:f2:40:51:8f:77:0a:00:5a:d5:0e:5e:3f:4b:
40:ee:a6:dd:5c:9d:42:55:56:e8:d5:b2:c5:05:87:
f3:6b:d5:43:9d:ff:97:28:48:12:8c:c9:ac:32:90:
a7:04:53:e0:ee:64:b5:2d:1d:57:02:35:dc:cc:a8:
f5:c5:45:f0:78:05:92:aa:a4:42:2b:9f:bb:25:3e:
92:5c:d7:ae:39:96:ee:b5:5c:3b:bc:45:c4:d6:7b:
84:7f:42:1e:c1:65:a0:ec:9b:f1:ca:c5:0c:47:bb:
a8:2e:13:f1:5c:a4:de:16:2d:3f:e2:20:26:8e:e8:
ea:c0:49:b2:f1:27:14:66:fc:9f:52:73:1b:48:9c:
f8:ea:47:63:6e:46:f4:92:78:91:9f:b7:14:d2:29:
e4:3c:9f:b2:9c:d8:b1:5b:b7:46:64:d8:c8:41:4d:
38:8d:77:6f:3c:cf:cf:7c:00:23:e1:3e:d3:16:26:
0b:a0:0b:91:e5:29:7c:07:48:64:03:09:c6:25:de:
5f:45:a6:b9:4d:8e:8c:07:35:37:13:3b:ce:a7:89:
ab:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:E5:36:BB:AE:1F:4E:5B:7A:BD:A8:E8:05:C1:AB:F0:34:22:A4:7D
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/DeU2u64fTlt6vajoBcGr8DQipH0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.5.0/24
85.254.16.0/22
85.254.24.0/22
85.254.32.0/21
85.254.49.72/30
85.254.142.0/23
85.254.145.0/24
159.148.102.0/24
159.148.198.0-159.148.200.255
Signature Algorithm: sha256WithRSAEncryption
5a:e4:49:88:44:44:9d:db:75:16:05:0d:e8:04:0b:60:bc:64:
e2:ec:b5:f3:72:ef:a9:0c:f2:5b:f7:ab:bf:39:1e:c0:9c:36:
e3:0e:d2:c0:23:b2:4e:92:c9:3a:26:a2:11:1f:49:3e:f2:a9:
96:8b:45:16:01:b8:79:ad:94:0a:80:c5:69:93:7d:f2:b9:86:
1a:0b:c0:c7:f2:f7:a6:e4:99:5e:e7:f4:23:73:20:2e:4b:ac:
96:dc:2f:b4:e5:6c:63:43:88:49:a5:ed:db:c0:83:3c:8d:28:
1e:1d:2c:bb:ca:a2:bf:6a:df:d7:1c:16:73:98:09:79:77:a4:
26:5a:c0:bf:77:59:bb:51:fb:d7:8a:0c:cf:57:db:f5:09:6d:
ce:4c:93:b6:2c:95:f8:b6:93:3c:e6:9f:64:6f:7d:64:ac:46:
a0:d3:fc:8a:a3:2b:e8:0e:ba:42:85:34:d8:b3:82:1d:a2:c4:
1c:0a:c0:c8:1d:cc:20:0f:d8:0a:a5:2b:c5:5c:50:55:f8:c0:
ed:f1:0b:e0:ba:e3:b8:9a:15:1f:ed:c2:cc:6d:62:ee:1e:4f:
a3:84:87:92:91:e7:2c:bd:ee:54:be:3f:0d:bd:03:14:c1:a8:
25:ab:b3:7e:28:23:aa:23:6b:13:f8:9a:dd:73:1e:4a:13:3e:
83:68:73:19
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIEOIRnxTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YjA5NTJjOGJhOGRhZGIxZDM0ZGU2YzZhOTM4NjRhNjA5ZmM0MWVjMB4XDTIyMDEw
MTA1NTQxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGRlNTM2YmJhZTFm
NGU1YjdhYmRhOGU4MDVjMWFiZjAzNDIyYTQ3ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMPpFjfykX1LWOu0wR0kci/kffFqxnQskz8TgoCFNdFomyy5
9pcJJaF0pVh1ih7yQFGPdwoAWtUOXj9LQO6m3VydQlVW6NWyxQWH82vVQ53/lyhI
EozJrDKQpwRT4O5ktS0dVwI13Myo9cVF8HgFkqqkQiufuyU+klzXrjmW7rVcO7xF
xNZ7hH9CHsFloOyb8crFDEe7qC4T8Vyk3hYtP+IgJo7o6sBJsvEnFGb8n1JzG0ic
+OpHY25G9JJ4kZ+3FNIp5DyfspzYsVu3RmTYyEFNOI13bzzPz3wAI+E+0xYmC6AL
keUpfAdIZAMJxiXeX0WmuU2OjAc1NxM7zqeJq2UCAwEAAaOCAkIwggI+MB0GA1Ud
DgQWBBQN5Ta7rh9OW3q9qOgFwavwNCKkfTAfBgNVHSMEGDAWgBSrCVLIuo2tsdNN
5sapOGSmCfxB7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3F3bFN5THFOcmJIVFRlYkdxVGhrcGduOFFldy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGUvMzU1NWZlLTEyY2QtNDAyYS1hODEwLTU1NTRkNmUxNjg2Zi8x
L0RlVTJ1NjRmVGx0NnZham9CY0dyOERRaXBIMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGUv
MzU1NWZlLTEyY2QtNDAyYS1hODEwLTU1NTRkNmUxNjg2Zi8xL3F3bFN5THFOcmJI
VFRlYkdxVGhrcGduOFFldy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBY
BggrBgEFBQcBBwEB/wRJMEcwRQQCAAEwPwMEAFX+BQMEAlX+EAMEAlX+GAMEA1X+
IAMFAlX+MUgDBAFV/o4DBABV/pEDBACflGYwDAMEAZ+UxgMEAJ+UyDANBgkqhkiG
9w0BAQsFAAOCAQEAWuRJiEREndt1FgUN6AQLYLxk4uy183LvqQzyW/ervzkewJw2
4w7SwCOyTpLJOiaiER9JPvKplotFFgG4ea2UCoDFaZN98rmGGgvAx/L3puSZXuf0
I3MgLkusltwvtOVsY0OISaXt28CDPI0oHh0su8qiv2rf1xwWc5gJeXekJlrAv3dZ
u1H714oMz1fb9QltzkyTtiyV+LaTPOafZG99ZKxGoNP8iqMr6A66QoU02LOCHaLE
HArAyB3MIA/YCqUrxVxQVfjA7fEL4LrjuJoVH+3CzG1i7h5Po4SHkpHnLL3uVL4/
Db0DFMGoJauzfigjqiNrE/ia3XMeShM+g2hzGQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:37 2023 by rpki-client on console-ams.rpki-client.org