Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/5e0f5a-c6e7-43e8-bb21-47dc08d7e3ba/1/Q8wcwX2kXQLoxU5zTEmxyRRD0JI.roa
File: Q8wcwX2kXQLoxU5zTEmxyRRD0JI.roa (raw, json)
Hash identifier: sjMW7wLikPDRqVvv35d7Cjn3yLOAmXbFLPAY242rP/A=
Subject key identifier: 43:CC:1C:C1:7D:A4:5D:02:E8:C5:4E:73:4C:49:B1:C9:14:43:D0:92
Certificate issuer: /CN=85b919a3feb0ec966299ff0fae8defcb415e22fe
Certificate serial: 0C924A95
Authority key identifier: 85:B9:19:A3:FE:B0:EC:96:62:99:FF:0F:AE:8D:EF:CB:41:5E:22:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hbkZo_6w7JZimf8Pro3vy0FeIv4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/5e0f5a-c6e7-43e8-bb21-47dc08d7e3ba/1/Q8wcwX2kXQLoxU5zTEmxyRRD0JI.roa
Signing time: Sat 01 Jan 2022 07:01:46 +0000
ROA not before: Sat 01 Jan 2022 07:01:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49974
IP address blocks: 185.18.0.0/22 maxlen: 22
37.35.96.0/22 maxlen: 22
37.35.101.0/24 maxlen: 24
37.35.103.0/24 maxlen: 24
37.35.100.0/24 maxlen: 24
37.35.102.0/24 maxlen: 24
213.5.32.0/21 maxlen: 21
2a00:9540::/32 maxlen: 32
2001:67c:238::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 210913941 (0xc924a95)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85b919a3feb0ec966299ff0fae8defcb415e22fe
Validity
Not Before: Jan 1 07:01:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=43cc1cc17da45d02e8c54e734c49b1c91443d092
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:ef:8c:a5:ac:04:bd:47:f2:5a:ee:66:2d:3c:
54:9f:d6:e7:6c:9b:70:f6:89:ab:60:83:f9:4c:83:
f4:1c:20:a0:fd:6e:d9:e7:67:43:ef:f7:a5:e4:2c:
de:c6:ac:4e:4a:4d:09:5c:3f:43:34:ad:47:a1:fd:
c0:05:43:36:da:9f:b5:27:c1:f4:ef:13:18:18:ed:
d7:7a:1f:6f:ce:d2:09:8a:7a:6e:85:e6:4b:c2:6a:
21:d1:61:cb:03:38:6c:45:01:c2:7f:bd:3d:a0:7f:
90:14:37:6e:13:14:b8:b1:11:68:c1:82:5e:bb:24:
c4:ce:08:45:9d:42:97:49:94:d7:83:04:20:51:79:
47:95:7c:4a:09:b5:b0:55:db:a6:a4:a1:bb:e4:e1:
e2:64:15:67:f6:32:e6:1f:c5:42:b0:34:ad:71:71:
72:46:3b:14:b2:19:0a:16:20:c1:47:09:0a:8d:71:
1d:63:e8:5d:b1:34:f7:3d:7f:ca:b6:fe:00:97:76:
cc:ba:63:ae:fa:e8:1b:82:8d:b2:f7:d1:21:cd:1a:
4c:a4:54:66:5b:a0:78:84:f8:49:d6:ac:f2:4d:0a:
d4:03:c9:3a:90:aa:d9:96:8e:22:fc:50:e4:10:35:
ab:57:59:d4:2a:77:55:43:a6:6f:84:91:89:aa:02:
04:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:CC:1C:C1:7D:A4:5D:02:E8:C5:4E:73:4C:49:B1:C9:14:43:D0:92
X509v3 Authority Key Identifier:
keyid:85:B9:19:A3:FE:B0:EC:96:62:99:FF:0F:AE:8D:EF:CB:41:5E:22:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hbkZo_6w7JZimf8Pro3vy0FeIv4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/5e0f5a-c6e7-43e8-bb21-47dc08d7e3ba/1/Q8wcwX2kXQLoxU5zTEmxyRRD0JI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/5e0f5a-c6e7-43e8-bb21-47dc08d7e3ba/1/hbkZo_6w7JZimf8Pro3vy0FeIv4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.35.96.0/21
185.18.0.0/22
213.5.32.0/21
IPv6:
2001:67c:238::/48
2a00:9540::/32
Signature Algorithm: sha256WithRSAEncryption
16:24:9c:66:5e:13:ae:1c:f1:c4:17:58:df:a9:ae:f9:4b:10:
49:cf:e8:05:1b:c8:0a:88:76:d5:17:1d:38:5a:e1:60:06:e8:
0f:96:a1:a4:dc:a0:94:0e:c3:f3:66:c5:eb:13:9f:d4:f3:c2:
c5:89:20:2f:64:b4:fb:a5:8f:0f:ea:97:6a:48:bb:42:c9:11:
12:db:4e:f7:5d:51:73:5f:de:d2:d1:ac:1b:4d:c3:84:93:89:
3e:be:42:2b:a9:9e:a8:d0:c6:31:b2:da:06:af:2e:45:3f:36:
a4:0a:98:fa:0b:52:c3:a1:08:2e:bd:05:f1:3b:54:7e:6c:89:
84:1c:c8:3e:a9:45:14:df:98:e2:e0:c3:74:3a:19:8d:e5:14:
b0:75:4a:5b:22:d2:8a:3d:22:b8:6d:f4:69:7d:b0:c6:b7:9a:
7f:78:2a:1a:a5:fb:c8:64:26:a1:88:6c:9b:a0:67:99:c5:6e:
f6:ec:f0:4f:28:fe:71:31:f8:c3:40:3a:96:96:f7:52:9b:c9:
f0:80:ca:01:4c:19:b6:a4:70:69:84:8a:27:04:4a:97:17:c2:
d5:b2:f1:2e:da:ed:08:f0:97:87:d4:48:aa:14:ea:fa:99:dc:
2f:ae:bc:fc:1f:8f:7d:9d:1c:07:cc:e1:33:fd:ca:aa:ed:23:
2c:c1:c4:c3
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIEDJJKlTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NWI5MTlhM2ZlYjBlYzk2NjI5OWZmMGZhZThkZWZjYjQxNWUyMmZlMB4XDTIyMDEw
MTA3MDE0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDNjYzFjYzE3ZGE0
NWQwMmU4YzU0ZTczNGM0OWIxYzkxNDQzZDA5MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANHvjKWsBL1H8lruZi08VJ/W52ybcPaJq2CD+UyD9BwgoP1u
2ednQ+/3peQs3sasTkpNCVw/QzStR6H9wAVDNtqftSfB9O8TGBjt13ofb87SCYp6
boXmS8JqIdFhywM4bEUBwn+9PaB/kBQ3bhMUuLERaMGCXrskxM4IRZ1Cl0mU14ME
IFF5R5V8Sgm1sFXbpqShu+Th4mQVZ/Yy5h/FQrA0rXFxckY7FLIZChYgwUcJCo1x
HWPoXbE09z1/yrb+AJd2zLpjrvroG4KNsvfRIc0aTKRUZlugeIT4Sdas8k0K1APJ
OpCq2ZaOIvxQ5BA1q1dZ1Cp3VUOmb4SRiaoCBIECAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBRDzBzBfaRdAujFTnNMSbHJFEPQkjAfBgNVHSMEGDAWgBSFuRmj/rDslmKZ
/w+uje/LQV4i/jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hia1pvXzZ3N0paaW1mOFBybzN2eTBGZUl2NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2MvNWUwZjVhLWM2ZTctNDNlOC1iYjIxLTQ3ZGMwOGQ3ZTNiYS8x
L1E4d2N3WDJrWFFMb3hVNXpURW14eVJSRDBKSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Mv
NWUwZjVhLWM2ZTctNDNlOC1iYjIxLTQ3ZGMwOGQ3ZTNiYS8xL2hia1pvXzZ3N0pa
aW1mOFBybzN2eTBGZUl2NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwGAQCAAEwEgMEAyUjYAMEArkSAAMEA9UFIDAWBAIA
AjAQAwcAIAEGfAI4AwUAKgCVQDANBgkqhkiG9w0BAQsFAAOCAQEAFiScZl4Trhzx
xBdY36mu+UsQSc/oBRvICoh21RcdOFrhYAboD5ahpNyglA7D82bF6xOf1PPCxYkg
L2S0+6WPD+qXaki7QskREttO911Rc1/e0tGsG03DhJOJPr5CK6meqNDGMbLaBq8u
RT82pAqY+gtSw6EILr0F8TtUfmyJhBzIPqlFFN+Y4uDDdDoZjeUUsHVKWyLSij0i
uG30aX2wxreaf3gqGqX7yGQmoYhsm6BnmcVu9uzwTyj+cTH4w0A6lpb3UpvJ8IDK
AUwZtqRwaYSKJwRKlxfC1bLxLtrtCPCXh9RIqhTq+pncL668/B+PfZ0cB8zhM/3K
qu0jLMHEww==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:11 2024 by rpki-client on console-ams.rpki-client.org