Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/Q1Md-8E8-LHnehg9x30tFrBZwMQ.roa
File: Q1Md-8E8-LHnehg9x30tFrBZwMQ.roa (raw, json)
Hash identifier: MB1JMzkJmPpjmF4yfxtQ2iyJg03vXsMu2ayGQoAtj8I=
Subject key identifier: 43:53:1D:FB:C1:3C:F8:B1:E7:7A:18:3D:C7:7D:2D:16:B0:59:C0:C4
Certificate issuer: /CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Certificate serial: 0182D8A507B240CD073A3C702C07F0CA3B01
Authority key identifier: A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/Q1Md-8E8-LHnehg9x30tFrBZwMQ.roa
Signing time: Fri 26 Aug 2022 05:34:30 +0000
ROA not before: Fri 26 Aug 2022 05:34:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42473
IP address blocks: 185.228.148.0/22 maxlen: 22
37.235.4.0/24 maxlen: 24
37.235.3.0/24 maxlen: 24
37.235.5.0/24 maxlen: 24
185.2.176.0/22 maxlen: 32
144.208.192.0/18 maxlen: 32
144.208.205.0/24 maxlen: 24
144.208.206.0/24 maxlen: 24
144.208.212.0/22 maxlen: 32
144.208.207.0/24 maxlen: 24
178.255.152.0/21 maxlen: 32
193.33.114.0/23 maxlen: 32
176.123.54.0/23 maxlen: 23
213.227.160.0/19 maxlen: 32
194.1.206.0/24 maxlen: 32
185.116.97.0/24 maxlen: 24
185.116.98.0/24 maxlen: 24
185.116.96.0/24 maxlen: 24
185.116.99.0/24 maxlen: 24
217.146.0.0/19 maxlen: 24
188.172.249.0/24 maxlen: 24
188.172.247.0/24 maxlen: 24
188.172.254.0/24 maxlen: 24
45.132.62.0/23 maxlen: 24
188.172.192.0/18 maxlen: 32
185.81.209.0/24 maxlen: 24
188.172.208.0/24 maxlen: 24
188.65.72.0/21 maxlen: 32
37.252.226.0/24 maxlen: 24
37.252.224.0/19 maxlen: 32
37.252.243.0/24 maxlen: 24
37.252.253.0/24 maxlen: 24
37.252.251.0/24 maxlen: 24
185.50.232.0/23 maxlen: 23
185.50.235.0/24 maxlen: 24
144.208.216.0/24 maxlen: 24
144.208.219.0/24 maxlen: 24
144.208.217.0/24 maxlen: 24
144.208.226.0/24 maxlen: 24
144.208.224.0/24 maxlen: 24
144.208.225.0/24 maxlen: 24
144.208.223.0/24 maxlen: 24
144.208.221.0/24 maxlen: 24
144.208.222.0/24 maxlen: 24
2a00:11c0:66::/48 maxlen: 48
2a00:11c0::/32 maxlen: 128
2a01:aea0:dd1::/48 maxlen: 48
2a00:11c0:19::/48 maxlen: 48
2a00:11c0:42::/48 maxlen: 48
2a00:11c0:dd::/48 maxlen: 48
2a01:aea0::/40 maxlen: 40
2a01:aea0::/32 maxlen: 32
2a00:11c0:43::/48 maxlen: 48
2a00:11c0:83::/48 maxlen: 48
2a00:11c0:86::/48 maxlen: 48
2a00:11c0:97::/48 maxlen: 48
2a00:11c0:4a::/48 maxlen: 48
2a00:11c0:de::/48 maxlen: 48
2a01:aea0:df1::/48 maxlen: 48
2a00:11c0:98::/48 maxlen: 48
2a00:11c0:29::/48 maxlen: 48
2a00:11c0:84::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:d8:a5:07:b2:40:cd:07:3a:3c:70:2c:07:f0:ca:3b:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Validity
Not Before: Aug 26 05:34:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=43531dfbc13cf8b1e77a183dc77d2d16b059c0c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d5:ad:d2:d8:d8:20:fb:4b:e4:c0:e0:d5:eb:
6e:ea:3d:c8:10:59:99:8a:38:32:ff:90:c9:6c:c6:
f6:09:71:e6:bd:49:7b:5a:c2:23:df:66:ea:a3:48:
df:8d:1a:11:9c:3b:0a:49:8d:fd:c9:36:ac:01:09:
00:5f:7c:49:dd:e2:0a:18:1c:c1:85:28:b0:da:42:
6a:9d:32:df:3e:d1:14:03:00:e1:39:42:c6:e9:d6:
cc:99:2c:0a:88:4a:af:db:c7:5d:f1:70:a3:99:f7:
57:2a:31:99:b4:a2:81:82:6e:ed:86:2d:99:3a:85:
73:29:c8:e0:3e:6f:94:ba:cf:70:24:55:26:a6:b1:
e2:cf:13:e2:31:67:0c:21:a5:4e:d5:6c:b3:8a:16:
3e:ee:99:3c:79:96:01:42:56:48:dd:75:44:d8:e3:
24:28:f9:11:eb:5c:b6:4a:98:e6:3d:db:c0:01:7f:
2a:5a:6a:9f:5a:9a:4f:1e:2b:81:61:ca:4f:89:f3:
6c:d5:ed:d5:93:39:d9:cb:6f:ba:20:ed:e0:94:0f:
ea:d1:8f:29:61:54:5e:cd:c9:2a:8c:e8:08:54:20:
17:dc:d9:c6:d3:0c:8f:8f:5c:a9:13:d3:0c:33:17:
2d:d9:93:7b:b8:8e:a2:ae:82:ae:ec:c2:9a:13:9c:
74:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:53:1D:FB:C1:3C:F8:B1:E7:7A:18:3D:C7:7D:2D:16:B0:59:C0:C4
X509v3 Authority Key Identifier:
keyid:A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/Q1Md-8E8-LHnehg9x30tFrBZwMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.3.0-37.235.5.255
37.252.224.0/19
45.132.62.0/23
144.208.192.0/18
176.123.54.0/23
178.255.152.0/21
185.2.176.0/22
185.50.232.0/23
185.50.235.0/24
185.81.209.0/24
185.116.96.0/22
185.228.148.0/22
188.65.72.0/21
188.172.192.0/18
193.33.114.0/23
194.1.206.0/24
213.227.160.0/19
217.146.0.0/19
IPv6:
2a00:11c0::/32
2a01:aea0::/32
Signature Algorithm: sha256WithRSAEncryption
c9:fe:1e:71:ea:c3:40:71:b5:03:69:71:4c:32:34:68:b7:8c:
32:e8:11:91:82:5f:63:0c:c0:6c:52:57:08:14:a3:c3:92:c2:
f7:ad:df:9c:c8:ec:5d:90:e5:46:03:9f:95:aa:7d:24:97:4d:
7a:b8:25:2f:bc:7a:22:60:b9:99:92:9a:b7:87:7f:7d:5c:f7:
f2:f9:91:6e:bd:57:31:61:04:55:79:13:4f:ff:6d:1f:3f:28:
31:12:e9:da:fa:68:f3:cf:e2:dd:7a:c4:34:de:18:15:2e:d1:
52:4e:ef:d2:ca:a7:dc:81:c7:ad:a6:91:88:34:3e:0f:42:e6:
0a:88:41:b8:05:b1:9e:50:36:f9:d4:39:41:84:62:5d:6a:2f:
92:db:22:2d:79:85:6c:6b:18:96:60:16:83:7a:5b:dc:b3:4a:
01:60:d7:86:1b:1c:f9:81:38:91:3a:d4:36:fd:0a:c7:e2:46:
f9:a0:80:23:ec:d3:62:50:e4:61:f1:c9:17:b1:61:54:1f:84:
e4:cb:62:4d:f8:28:03:09:bc:1c:10:27:45:ef:cb:0a:8f:fe:
1c:13:ff:57:5f:98:bf:a9:0e:81:90:d7:61:59:92:95:fb:26:
6f:66:1b:02:14:5b:89:ef:0e:db:79:71:cd:ed:f5:6c:de:c0:
ef:b8:ea:e8
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAYLYpQeyQM0HOjxwLAfwyjsBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MzlhZmViYWNlODk5YThlZTBiYjRmOGJiNDQ3NWZlMjQ3
YTE1MjgwHhcNMjIwODI2MDUzNDMwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzUzMWRmYmMxM2NmOGIxZTc3YTE4M2RjNzdkMmQxNmIwNTljMGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtWt0tjYIPtL5MDg1etu6j3IEFmZ
ijgy/5DJbMb2CXHmvUl7WsIj32bqo0jfjRoRnDsKSY39yTasAQkAX3xJ3eIKGBzB
hSiw2kJqnTLfPtEUAwDhOULG6dbMmSwKiEqv28dd8XCjmfdXKjGZtKKBgm7thi2Z
OoVzKcjgPm+Uus9wJFUmprHizxPiMWcMIaVO1WyzihY+7pk8eZYBQlZI3XVE2OMk
KPkR61y2SpjmPdvAAX8qWmqfWppPHiuBYcpPifNs1e3VkznZy2+6IO3glA/q0Y8p
YVRezckqjOgIVCAX3NnG0wyPj1ypE9MMMxct2ZN7uI6iroKu7MKaE5x0CQIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFENTHfvBPPix53oYPcd9LRawWcDEMB8GA1UdIwQY
MBaAFKU5r+us6Jmo7gu0+LtEdf4kehUoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYt
NzQxMzk1OTEzMTJlLzEvUTFNZC04RTgtTEhuZWhnOXgzMHRGckJad01RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYtNzQxMzk1OTEzMTJl
LzEvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjB6BAIAATB0MAwDBAAl
6wMDBAEl6wQDBAUl/OADBAEthD4DBAaQ0MADBAGwezYDBAOy/5gDBAK5ArADBAG5
MugDBAC5MusDBAC5UdEDBAK5dGADBAK55JQDBAO8QUgDBAa8rMADBAHBIXIDBADC
Ac4DBAXV46ADBAXZkgAwFAQCAAIwDgMFACoAEcADBQAqAa6gMA0GCSqGSIb3DQEB
CwUAA4IBAQDJ/h5x6sNAcbUDaXFMMjRot4wy6BGRgl9jDMBsUlcIFKPDksL3rd+c
yOxdkOVGA5+Vqn0kl016uCUvvHoiYLmZkpq3h399XPfy+ZFuvVcxYQRVeRNP/20f
PygxEuna+mjzz+LdesQ03hgVLtFSTu/SyqfcgcetppGIND4PQuYKiEG4BbGeUDb5
1DlBhGJdai+S2yIteYVsaxiWYBaDelvcs0oBYNeGGxz5gTiROtQ2/QrH4kb5oIAj
7NNiUORh8ckXsWFUH4Tky2JN+CgDCbwcECdF78sKj/4cE/9XX5i/qQ6BkNdhWZKV
+yZvZhsCFFuJ7w7beXHN7fVs3sDvuOro
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:19 2023 by rpki-client on console-ams.rpki-client.org