Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/d6a422-3612-45af-83ab-d24b68966e0e/1/LQ_eN16CKEUwAgW0yZl_Cuxpemk.roa
File: LQ_eN16CKEUwAgW0yZl_Cuxpemk.roa (raw, json)
Hash identifier: 9DbHABlQIZwkAREPkozBVztc5lqp21t12HJdG2+CBIw=
Subject key identifier: 2D:0F:DE:37:5E:82:28:45:30:02:05:B4:C9:99:7F:0A:EC:69:7A:69
Certificate issuer: /CN=a15e3f974b5f974656ccf4d45596caad1b9096d4
Certificate serial: 0DC86F63
Authority key identifier: A1:5E:3F:97:4B:5F:97:46:56:CC:F4:D4:55:96:CA:AD:1B:90:96:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oV4_l0tfl0ZWzPTUVZbKrRuQltQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/d6a422-3612-45af-83ab-d24b68966e0e/1/LQ_eN16CKEUwAgW0yZl_Cuxpemk.roa
Signing time: Sat 01 Jan 2022 11:05:21 +0000
ROA not before: Sat 01 Jan 2022 11:05:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205376
IP address blocks: 185.220.151.0/24 maxlen: 24
185.220.150.0/24 maxlen: 24
185.220.149.0/24 maxlen: 24
185.220.148.0/22 maxlen: 24
185.220.148.0/24 maxlen: 24
2a0b:f840::/32 maxlen: 32
2a0b:f841::/32 maxlen: 32
2a0b:f840::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 231239523 (0xdc86f63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a15e3f974b5f974656ccf4d45596caad1b9096d4
Validity
Not Before: Jan 1 11:05:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2d0fde375e822845300205b4c9997f0aec697a69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ed:04:c5:98:8d:db:db:99:dc:e5:a5:2a:55:
45:f5:9f:2d:8f:cc:93:84:64:88:62:c0:ec:77:0a:
a6:e3:1e:84:18:18:af:7a:56:f7:3f:97:59:a6:49:
a6:2d:f2:bf:c2:ac:f6:6e:44:9f:14:0c:77:e5:72:
76:4b:0c:61:60:32:84:cd:bb:aa:f2:b7:98:a6:21:
29:bc:fc:4d:88:82:82:a7:8b:46:6b:ad:4a:84:3e:
36:78:b5:9e:b3:76:0c:42:a9:22:cb:0c:90:a6:20:
a2:d9:b7:d2:33:ab:31:b0:fa:38:ca:fc:5d:be:94:
b6:23:0d:9c:1b:d6:d8:18:6d:3b:b6:d1:ad:e5:c0:
7b:e0:7f:f9:b5:d4:72:34:27:c9:b5:55:ed:09:d1:
1b:94:27:59:ec:8e:f5:94:2f:0f:7c:32:8e:c3:e7:
c1:e0:ac:31:65:28:fa:76:f3:66:6b:7f:e3:5c:69:
81:aa:c1:b9:b7:8f:a9:a5:3a:45:b9:e8:12:55:bb:
e3:ef:ff:65:ac:5a:b8:57:c6:c6:21:36:e0:db:a1:
24:c8:6b:b4:f2:f1:39:78:71:d9:13:98:75:a1:47:
ca:5e:8d:d3:d3:36:6e:02:59:b6:d9:d6:24:80:d2:
9a:28:1f:81:57:c2:f1:9c:8e:2d:55:2b:6a:67:4b:
26:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:0F:DE:37:5E:82:28:45:30:02:05:B4:C9:99:7F:0A:EC:69:7A:69
X509v3 Authority Key Identifier:
keyid:A1:5E:3F:97:4B:5F:97:46:56:CC:F4:D4:55:96:CA:AD:1B:90:96:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oV4_l0tfl0ZWzPTUVZbKrRuQltQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/d6a422-3612-45af-83ab-d24b68966e0e/1/LQ_eN16CKEUwAgW0yZl_Cuxpemk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/d6a422-3612-45af-83ab-d24b68966e0e/1/oV4_l0tfl0ZWzPTUVZbKrRuQltQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.148.0/22
IPv6:
2a0b:f840::/29
Signature Algorithm: sha256WithRSAEncryption
be:08:d7:b1:50:a9:95:b3:75:9f:e2:ff:ba:eb:3b:79:32:8f:
84:e3:69:45:24:3c:4d:b1:8d:0f:a4:93:83:2c:9d:19:a8:73:
a3:08:4b:dc:37:94:28:e3:e5:90:4c:eb:75:8b:bf:5f:a5:f1:
e2:ff:7c:01:01:a7:f9:02:a6:92:97:a6:62:31:88:2c:e7:f2:
c7:e3:c8:a8:dd:ec:9d:71:48:01:f6:ca:51:7e:fb:14:ee:4d:
57:6c:f9:5e:bd:ff:0e:83:33:ad:cf:7c:ec:62:bc:3a:ea:7a:
51:fa:fc:3c:58:78:8a:bf:96:c6:11:67:7b:69:3a:47:40:b4:
21:6c:f2:37:92:a8:d8:33:97:c7:44:f0:be:ba:61:32:67:02:
46:ac:0b:1a:e2:7d:7e:d5:b1:d5:e7:4b:d6:a1:ec:f0:c3:06:
39:44:5e:aa:9b:ee:38:73:22:66:c2:f6:7c:e8:ed:52:fd:da:
24:76:bc:1f:b4:1f:b7:eb:d3:c5:6a:fe:40:2a:0a:f3:4a:f2:
8b:41:58:d9:39:31:72:33:18:84:f3:c4:f3:16:18:4c:81:cc:
c9:c7:54:5d:52:f5:ae:dc:74:bd:25:81:6f:fa:23:7c:e8:82:
f2:2d:fb:1f:c4:d2:67:d1:57:99:8b:1d:29:de:97:a3:d5:b9:
71:fa:3a:04
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEDchvYzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MTVlM2Y5NzRiNWY5NzQ2NTZjY2Y0ZDQ1NTk2Y2FhZDFiOTA5NmQ0MB4XDTIyMDEw
MTExMDUyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmQwZmRlMzc1ZTgy
Mjg0NTMwMDIwNWI0Yzk5OTdmMGFlYzY5N2E2OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKDtBMWYjdvbmdzlpSpVRfWfLY/Mk4RkiGLA7HcKpuMehBgY
r3pW9z+XWaZJpi3yv8Ks9m5EnxQMd+VydksMYWAyhM27qvK3mKYhKbz8TYiCgqeL
RmutSoQ+Nni1nrN2DEKpIssMkKYgotm30jOrMbD6OMr8Xb6UtiMNnBvW2BhtO7bR
reXAe+B/+bXUcjQnybVV7QnRG5QnWeyO9ZQvD3wyjsPnweCsMWUo+nbzZmt/41xp
garBubePqaU6RbnoElW74+//ZaxauFfGxiE24NuhJMhrtPLxOXhx2ROYdaFHyl6N
09M2bgJZttnWJIDSmigfgVfC8ZyOLVUramdLJvMCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQtD943XoIoRTACBbTJmX8K7Gl6aTAfBgNVHSMEGDAWgBShXj+XS1+XRlbM
9NRVlsqtG5CW1DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L29WNF9sMHRmbDBaV3pQVFVWWmJLclJ1UWx0US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTYvZDZhNDIyLTM2MTItNDVhZi04M2FiLWQyNGI2ODk2NmUwZS8x
L0xRX2VOMTZDS0VVd0FnVzB5WmxfQ3V4cGVtay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYv
ZDZhNDIyLTM2MTItNDVhZi04M2FiLWQyNGI2ODk2NmUwZS8xL29WNF9sMHRmbDBa
V3pQVFVWWmJLclJ1UWx0US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArnclDANBAIAAjAHAwUDKgv4QDAN
BgkqhkiG9w0BAQsFAAOCAQEAvgjXsVCplbN1n+L/uus7eTKPhONpRSQ8TbGND6ST
gyydGahzowhL3DeUKOPlkEzrdYu/X6Xx4v98AQGn+QKmkpemYjGILOfyx+PIqN3s
nXFIAfbKUX77FO5NV2z5Xr3/DoMzrc987GK8Oup6Ufr8PFh4ir+WxhFne2k6R0C0
IWzyN5Ko2DOXx0TwvrphMmcCRqwLGuJ9ftWx1edL1qHs8MMGOUReqpvuOHMiZsL2
fOjtUv3aJHa8H7Qft+vTxWr+QCoK80ryi0FY2TkxcjMYhPPE8xYYTIHMycdUXVL1
rtx0vSWBb/ojfOiC8i37H8TSZ9FXmYsdKd6Xo9W5cfo6BA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:26 2024 by rpki-client on console-ams.rpki-client.org