Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/q6AgSuEfLCw9q2R-sSu7Xidt0lw.roa
File: q6AgSuEfLCw9q2R-sSu7Xidt0lw.roa (raw, json)
Hash identifier: wUDRWkv+fAPl2oPCT1L6clN7Sb72KQvgcAtCyygPFgs=
Subject key identifier: AB:A0:20:4A:E1:1F:2C:2C:3D:AB:64:7E:B1:2B:BB:5E:27:6D:D2:5C
Certificate issuer: /CN=059b86f99e2d6bde14fa8799de71ce41b98020b9
Certificate serial: 0184F6DC416E1EC40BD7CF9B846BC4010D99
Authority key identifier: 05:9B:86:F9:9E:2D:6B:DE:14:FA:87:99:DE:71:CE:41:B9:80:20:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZuG-Z4ta94U-oeZ3nHOQbmAILk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/q6AgSuEfLCw9q2R-sSu7Xidt0lw.roa
Signing time: Fri 09 Dec 2022 12:29:00 +0000
ROA not before: Fri 09 Dec 2022 12:29:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203614
IP address blocks: 185.128.60.0/22 maxlen: 22
185.128.61.0/24 maxlen: 24
185.128.60.0/24 maxlen: 24
185.128.63.0/24 maxlen: 24
185.128.62.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f6:dc:41:6e:1e:c4:0b:d7:cf:9b:84:6b:c4:01:0d:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=059b86f99e2d6bde14fa8799de71ce41b98020b9
Validity
Not Before: Dec 9 12:29:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aba0204ae11f2c2c3dab647eb12bbb5e276dd25c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:5c:25:9f:41:12:9e:0e:e6:ed:09:b2:98:98:
3b:bc:fa:77:d4:87:77:c5:af:6c:5e:cc:84:e4:38:
58:ad:85:11:3d:63:45:d5:6e:d8:fb:c7:4e:a0:50:
f9:4f:be:bb:a9:a3:77:81:37:22:c3:ac:ec:65:16:
7e:2c:39:14:d0:07:57:2f:f9:0e:54:be:3d:d4:a0:
a6:15:a7:c5:9f:d0:bb:17:57:61:8a:46:d0:3d:e3:
49:71:d5:07:0a:7c:cc:6a:5d:f3:4a:d2:d3:77:b7:
a3:8a:92:f4:13:fd:a7:4e:d5:15:c0:4b:e9:a7:3d:
41:3f:53:f5:8b:92:29:3f:88:ee:71:4b:5e:94:9c:
d7:7e:cc:b3:b4:58:db:67:23:33:67:5b:b3:b7:22:
af:41:5c:91:38:46:b7:d7:2d:4a:da:e4:bc:78:ab:
74:6f:fd:fa:ce:5e:1f:7c:b0:55:4e:7d:37:0a:b9:
15:af:88:68:cd:8e:51:f4:cd:9e:9b:d8:2c:43:41:
b6:c9:32:45:f2:ad:ce:81:bc:ca:f8:61:fc:3e:59:
52:a1:26:25:86:bf:f2:4b:bc:21:c9:7c:12:06:9b:
8f:40:30:50:ba:b0:34:a5:cd:70:09:46:af:28:74:
bb:63:6d:52:5d:84:da:c9:66:8a:e9:c6:84:47:6d:
52:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:A0:20:4A:E1:1F:2C:2C:3D:AB:64:7E:B1:2B:BB:5E:27:6D:D2:5C
X509v3 Authority Key Identifier:
keyid:05:9B:86:F9:9E:2D:6B:DE:14:FA:87:99:DE:71:CE:41:B9:80:20:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZuG-Z4ta94U-oeZ3nHOQbmAILk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/q6AgSuEfLCw9q2R-sSu7Xidt0lw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/BZuG-Z4ta94U-oeZ3nHOQbmAILk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.128.60.0/22
Signature Algorithm: sha256WithRSAEncryption
16:14:21:a5:37:b4:79:ac:ca:cf:fc:63:bd:32:e8:5b:29:a6:
8b:d8:91:bf:ca:4f:29:6c:8c:9f:45:5d:45:f6:15:02:ae:19:
79:3f:8c:01:19:6e:92:38:34:20:d8:ee:e2:49:78:08:36:65:
2c:22:06:87:06:70:f9:66:c5:d6:c1:7b:53:f8:29:98:bc:ec:
b2:e9:d0:4f:1a:81:2f:78:f2:7a:e4:0b:d2:70:9a:ef:e3:07:
74:c6:be:49:1e:6c:5a:66:20:77:2a:db:39:7b:a5:8c:0e:26:
21:b9:9d:ac:31:f3:38:2b:77:8f:44:31:5c:5d:ad:e4:55:67:
f3:c4:57:ea:19:56:25:9b:88:0c:a7:42:38:1a:63:03:ea:fd:
90:23:58:f7:89:e2:d8:98:0d:c1:70:b3:9a:59:30:eb:5f:cc:
ad:e7:8f:b0:80:fd:2d:7a:25:cb:5d:56:81:1c:24:5e:09:fb:
5a:4f:93:4f:5f:f6:2a:60:e2:75:83:5c:7c:b2:7e:45:1c:cf:
67:b0:b6:64:66:8d:33:23:b9:4a:8a:bc:79:bf:99:e6:03:72:
d8:2e:44:6b:27:7c:b5:bb:6e:62:9e:7a:27:45:0b:c2:08:a6:
a0:bd:82:ec:b0:ad:6f:c9:0f:58:45:dc:ac:67:c7:fd:54:ce:
17:1e:fa:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYT23EFuHsQL18+bhGvEAQ2ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OWI4NmY5OWUyZDZiZGUxNGZhODc5OWRlNzFjZTQxYjk4
MDIwYjkwHhcNMjIxMjA5MTIyOTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmEwMjA0YWUxMWYyYzJjM2RhYjY0N2ViMTJiYmI1ZTI3NmRkMjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslwln0ESng7m7QmymJg7vPp31Id3
xa9sXsyE5DhYrYURPWNF1W7Y+8dOoFD5T767qaN3gTciw6zsZRZ+LDkU0AdXL/kO
VL491KCmFafFn9C7F1dhikbQPeNJcdUHCnzMal3zStLTd7ejipL0E/2nTtUVwEvp
pz1BP1P1i5IpP4jucUtelJzXfsyztFjbZyMzZ1uztyKvQVyROEa31y1K2uS8eKt0
b/36zl4ffLBVTn03CrkVr4hozY5R9M2em9gsQ0G2yTJF8q3OgbzK+GH8PllSoSYl
hr/yS7whyXwSBpuPQDBQurA0pc1wCUavKHS7Y21SXYTayWaK6caER21SfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKugIErhHywsPatkfrEru14nbdJcMB8GA1UdIwQY
MBaAFAWbhvmeLWveFPqHmd5xzkG5gCC5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlp1Ry1aNHRhOTRVLW9lWjNuSE9RYm1BSUxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8zNTg0MTYtMjc1Mi00MTU5LWFkZDYt
Y2MzZmIzNTFlMzM2LzEvcTZBZ1N1RWZMQ3c5cTJSLXNTdTdYaWR0MGx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8zNTg0MTYtMjc1Mi00MTU5LWFkZDYtY2MzZmIzNTFlMzM2
LzEvQlp1Ry1aNHRhOTRVLW9lWjNuSE9RYm1BSUxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYA8MA0G
CSqGSIb3DQEBCwUAA4IBAQAWFCGlN7R5rMrP/GO9MuhbKaaL2JG/yk8pbIyfRV1F
9hUCrhl5P4wBGW6SODQg2O7iSXgINmUsIgaHBnD5ZsXWwXtT+CmYvOyy6dBPGoEv
ePJ65AvScJrv4wd0xr5JHmxaZiB3Kts5e6WMDiYhuZ2sMfM4K3ePRDFcXa3kVWfz
xFfqGVYlm4gMp0I4GmMD6v2QI1j3ieLYmA3BcLOaWTDrX8yt54+wgP0teiXLXVaB
HCReCftaT5NPX/YqYOJ1g1x8sn5FHM9nsLZkZo0zI7lKirx5v5nmA3LYLkRrJ3y1
u25innonRQvCCKagvYLssK1vyQ9YRdysZ8f9VM4XHvrw
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:25 2023 by rpki-client on console-ams.rpki-client.org