Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/qK3asjX3Sl-hXcqlNeNMmvn4_Xk.roa
File: qK3asjX3Sl-hXcqlNeNMmvn4_Xk.roa (raw, json)
Hash identifier: SE2trmEdZFJge03pTK9UbSrTs7SXasZaE0rok0WRkBg=
Subject key identifier: A8:AD:DA:B2:35:F7:4A:5F:A1:5D:CA:A5:35:E3:4C:9A:F9:F8:FD:79
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 0AC94F15
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/qK3asjX3Sl-hXcqlNeNMmvn4_Xk.roa
Signing time: Sat 01 Jan 2022 03:02:35 +0000
ROA not before: Sat 01 Jan 2022 03:02:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209711
IP address blocks: 185.86.155.0/24 maxlen: 24
185.184.26.0/24 maxlen: 24
185.184.25.0/24 maxlen: 24
185.98.62.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 180965141 (0xac94f15)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Jan 1 03:02:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a8addab235f74a5fa15dcaa535e34c9af9f8fd79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f0:2d:f8:5b:55:55:75:cc:09:54:58:3d:21:
85:61:ed:2d:f4:d2:2e:92:13:da:ba:25:9f:ae:9c:
e8:fa:95:ae:61:be:bb:f3:bf:d2:34:3c:79:98:17:
e3:b0:57:98:a7:39:be:b8:84:aa:73:64:66:ff:fa:
6b:e2:db:5c:d0:a6:93:66:ce:02:47:00:f6:8b:c8:
c6:7c:c8:54:40:e4:ee:0f:fd:5a:ca:34:24:ca:c8:
b5:68:d4:55:9f:cf:a3:b6:2f:d1:37:c1:e3:a9:95:
13:cf:a2:5d:45:7a:99:3c:f6:92:97:a2:5b:c1:94:
66:ef:f7:ec:d7:71:e7:5d:16:23:47:44:f1:b7:bf:
ac:cc:94:d3:a4:f4:d7:df:06:28:29:02:a6:a1:0b:
b1:80:8c:ad:f4:d9:af:fe:63:37:07:3b:85:fe:99:
c1:52:9c:04:5d:65:14:70:f3:fb:93:b3:68:44:21:
56:78:fa:26:0d:cb:8f:7f:a9:e9:6f:fa:0c:30:dd:
80:1d:8e:4a:2b:07:67:e9:56:58:9d:d5:14:d1:91:
bf:74:4d:a2:b9:6d:25:eb:75:fa:48:16:84:b9:3d:
45:8c:90:17:87:2b:2c:b5:d1:0c:ad:37:15:9d:be:
d6:b5:38:6a:75:2d:35:d6:eb:2e:9f:65:fb:24:1b:
fb:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:AD:DA:B2:35:F7:4A:5F:A1:5D:CA:A5:35:E3:4C:9A:F9:F8:FD:79
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/qK3asjX3Sl-hXcqlNeNMmvn4_Xk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.86.155.0/24
185.98.62.0/24
185.184.25.0-185.184.26.255
Signature Algorithm: sha256WithRSAEncryption
8f:02:ca:2a:c1:dd:b9:ff:7d:dd:00:38:87:19:1f:5d:f0:fd:
13:7f:65:50:f3:25:8d:cb:1a:c3:70:28:d9:34:b8:4a:fc:52:
79:76:04:99:ce:0e:36:03:f8:94:01:41:59:32:75:b7:68:66:
a0:94:ca:55:57:0f:23:c5:0e:a3:e3:32:e4:34:db:72:f6:14:
42:83:00:4f:06:3b:85:a2:2f:c3:e1:86:70:80:99:9f:b5:1c:
ba:68:97:39:1f:df:6c:e6:01:fc:ae:42:ce:79:e0:dc:c9:75:
c5:16:ab:7d:39:0e:8b:c8:a8:ed:0e:a9:be:b4:dc:72:e4:21:
12:47:09:7f:37:68:c0:7c:bb:aa:65:d4:a1:b5:a2:21:db:7b:
d1:52:19:e4:d9:2e:c6:e3:96:ca:95:39:ee:87:b5:ff:0d:0b:
da:59:a0:8d:00:05:bb:1a:fd:24:8b:6c:d1:bf:e7:14:48:92:
86:64:f0:8a:58:76:cd:ad:3f:1f:8e:4d:12:75:f5:e7:e7:57:
30:8c:3a:a6:2d:fc:3e:a1:be:9c:a8:ca:25:d8:a0:e9:49:d1:
69:e3:39:c8:09:64:36:60:68:90:d7:65:f8:5f:c2:05:69:e4:
8e:fa:c0:7c:1b:0e:62:46:05:57:72:00:3a:da:84:11:5a:c7:
96:8a:aa:24
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIECslPFTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NjE2YzQxOTUxNTJlZmZlZGJmN2IzYWZlZTJhYTcyZTE5MDkwZTRkMB4XDTIyMDEw
MTAzMDIzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYThhZGRhYjIzNWY3
NGE1ZmExNWRjYWE1MzVlMzRjOWFmOWY4ZmQ3OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK/wLfhbVVV1zAlUWD0hhWHtLfTSLpIT2roln66c6PqVrmG+
u/O/0jQ8eZgX47BXmKc5vriEqnNkZv/6a+LbXNCmk2bOAkcA9ovIxnzIVEDk7g/9
Wso0JMrItWjUVZ/Po7Yv0TfB46mVE8+iXUV6mTz2kpeiW8GUZu/37Ndx510WI0dE
8be/rMyU06T0198GKCkCpqELsYCMrfTZr/5jNwc7hf6ZwVKcBF1lFHDz+5OzaEQh
Vnj6Jg3Lj3+p6W/6DDDdgB2OSisHZ+lWWJ3VFNGRv3RNorltJet1+kgWhLk9RYyQ
F4crLLXRDK03FZ2+1rU4anUtNdbrLp9l+yQb+20CAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBSordqyNfdKX6FdyqU140ya+fj9eTAfBgNVHSMEGDAWgBTGFsQZUVLv/tv3
s6/uKqcuGQkOTTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hoYkVHVkZTN183Yjk3T3Y3aXFuTGhrSkRrMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDcvYWQ2NTIxLWQzYTktNGIxMy1iZTY5LTM5ZmRiOTg2ZjA1OS8x
L3FLM2FzalgzU2wtaFhjcWxOZU5NbXZuNF9Yay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDcv
YWQ2NTIxLWQzYTktNGIxMy1iZTY5LTM5ZmRiOTg2ZjA1OS8xL3hoYkVHVkZTN183
Yjk3T3Y3aXFuTGhrSkRrMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGgMEALlWmwMEALliPjAMAwQAubgZAwQA
ubgaMA0GCSqGSIb3DQEBCwUAA4IBAQCPAsoqwd25/33dADiHGR9d8P0Tf2VQ8yWN
yxrDcCjZNLhK/FJ5dgSZzg42A/iUAUFZMnW3aGaglMpVVw8jxQ6j4zLkNNty9hRC
gwBPBjuFoi/D4YZwgJmftRy6aJc5H99s5gH8rkLOeeDcyXXFFqt9OQ6LyKjtDqm+
tNxy5CESRwl/N2jAfLuqZdShtaIh23vRUhnk2S7G45bKlTnuh7X/DQvaWaCNAAW7
Gv0ki2zRv+cUSJKGZPCKWHbNrT8fjk0SdfXn51cwjDqmLfw+ob6cqMol2KDpSdFp
4znICWQ2YGiQ12X4X8IFaeSO+sB8Gw5iRgVXcgA62oQRWseWiqok
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:49 2024 by rpki-client on console-fra.rpki-client.org