Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/q3iGAmi-YlMgmLaH2LDFkAe0gLQ.roa
File: q3iGAmi-YlMgmLaH2LDFkAe0gLQ.roa (raw, json)
Hash identifier: cVCJ0xUfRsmxj50zePOl9DToBWrFx1RmD4dbcyrqZok=
Subject key identifier: AB:78:86:02:68:BE:62:53:20:98:B6:87:D8:B0:C5:90:07:B4:80:B4
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 0184859A7A8DBEE2B2F053B2329314D34AE1
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/q3iGAmi-YlMgmLaH2LDFkAe0gLQ.roa
Signing time: Thu 17 Nov 2022 12:40:04 +0000
ROA not before: Thu 17 Nov 2022 12:40:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60808
IP address blocks: 5.34.208.0/20 maxlen: 24
188.253.96.0/19 maxlen: 24
185.215.246.0/24 maxlen: 24
5.226.48.0/21 maxlen: 24
193.36.84.0/23 maxlen: 23
185.36.192.0/22 maxlen: 24
2a05:ec80::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:85:9a:7a:8d:be:e2:b2:f0:53:b2:32:93:14:d3:4a:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Nov 17 12:40:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ab78860268be62532098b687d8b0c59007b480b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:b4:e1:f2:16:0f:69:b2:28:10:48:bb:ea:cd:
4b:66:10:bb:59:20:e7:ff:20:d2:52:48:f1:d2:c1:
09:e5:e8:a4:3c:19:6b:62:a3:71:8a:43:82:64:b1:
db:92:23:65:82:06:83:90:01:23:06:2a:47:64:d7:
8d:e6:6b:cb:0a:1c:dd:47:8b:4b:43:d8:83:d7:ca:
40:80:e0:1d:7b:92:c9:f6:e3:8a:77:f9:6a:57:5a:
74:7c:0c:6a:a3:f7:20:14:ae:ec:b8:2e:f5:45:38:
b5:f6:8f:62:4e:da:eb:eb:37:1e:b5:c9:36:52:74:
3e:a5:6f:9e:62:ae:78:57:bf:5a:3a:06:34:83:f4:
c4:e1:3a:2e:ac:24:c5:b3:e0:0b:d9:9e:0a:12:ec:
f5:a0:a6:3e:a5:15:e3:ba:24:f7:40:75:d5:ac:87:
02:16:ee:14:be:53:d5:ba:af:fb:13:32:4a:4c:00:
be:cd:bd:1c:c1:ab:20:60:e8:42:38:27:36:f6:d0:
b8:f8:83:d7:65:86:38:01:d0:4a:eb:d0:f2:ec:4c:
ec:05:a8:c9:39:43:7d:74:50:dd:4e:b5:47:c0:28:
b4:40:27:d9:25:5c:d0:5a:5e:30:79:f3:dc:4d:e7:
cc:27:7c:35:04:7b:81:7c:06:99:b8:83:e4:82:63:
ba:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:78:86:02:68:BE:62:53:20:98:B6:87:D8:B0:C5:90:07:B4:80:B4
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/q3iGAmi-YlMgmLaH2LDFkAe0gLQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.208.0/20
5.226.48.0/21
185.36.192.0/22
185.215.246.0/24
188.253.96.0/19
193.36.84.0/23
IPv6:
2a05:ec80::/29
Signature Algorithm: sha256WithRSAEncryption
c4:1b:3e:89:6e:c8:9f:8a:24:21:46:70:05:92:b3:d8:ca:41:
64:30:7a:5f:dc:e8:55:f8:ac:ae:5b:4a:ef:a3:1d:23:ec:60:
1d:74:a3:ee:d5:b5:a1:45:9b:91:89:54:f8:37:eb:87:74:1b:
63:c4:11:d7:c5:59:cb:de:03:96:69:7a:1a:4a:41:dd:1c:3d:
a1:3d:78:4d:02:47:37:b4:5a:68:a3:68:8f:4f:e5:21:db:c3:
3f:b1:27:3f:8e:bb:6b:9f:49:b0:6e:8b:b2:8f:f2:2d:72:c7:
b2:25:5d:f4:b9:1e:27:03:e1:46:90:2e:d3:1e:42:8e:81:54:
9c:23:25:41:ff:a4:32:5c:1d:c4:36:86:cd:ef:aa:e6:9c:ec:
f5:a2:38:f6:10:d6:8c:31:da:c5:73:6c:99:09:c8:2e:9a:43:
3c:b6:7e:c4:4c:4d:42:20:6b:e6:69:f1:f1:da:8f:e6:87:ac:
d0:ff:82:4c:2a:b9:2d:00:db:6e:11:7f:c4:01:23:a1:50:b9:
bd:75:a9:ea:a6:73:d5:d3:25:05:11:bd:74:54:d7:09:d5:47:
b5:4a:c4:f1:6e:57:0c:1f:c2:11:cd:5c:95:52:4c:6f:14:2a:
a1:b4:d7:30:ae:3a:75:d6:51:0b:24:c0:1e:43:65:77:b2:5b:
78:5e:39:a6
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYSFmnqNvuKy8FOyMpMU00rhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjIxMTE3MTI0MDA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjc4ODYwMjY4YmU2MjUzMjA5OGI2ODdkOGIwYzU5MDA3YjQ4MGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgbTh8hYPabIoEEi76s1LZhC7WSDn
/yDSUkjx0sEJ5eikPBlrYqNxikOCZLHbkiNlggaDkAEjBipHZNeN5mvLChzdR4tL
Q9iD18pAgOAde5LJ9uOKd/lqV1p0fAxqo/cgFK7suC71RTi19o9iTtrr6zcetck2
UnQ+pW+eYq54V79aOgY0g/TE4TourCTFs+AL2Z4KEuz1oKY+pRXjuiT3QHXVrIcC
Fu4UvlPVuq/7EzJKTAC+zb0cwasgYOhCOCc29tC4+IPXZYY4AdBK69Dy7EzsBajJ
OUN9dFDdTrVHwCi0QCfZJVzQWl4wefPcTefMJ3w1BHuBfAaZuIPkgmO6bwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFKt4hgJovmJTIJi2h9iwxZAHtIC0MB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvcTNpR0FtaS1ZbE1nbUxhSDJMREZrQWUwZ0xRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQEBSLQAwQD
BeIwAwQCuSTAAwQAudf2AwQFvP1gAwQBwSRUMA0EAgACMAcDBQMqBeyAMA0GCSqG
SIb3DQEBCwUAA4IBAQDEGz6JbsifiiQhRnAFkrPYykFkMHpf3OhV+KyuW0rvox0j
7GAddKPu1bWhRZuRiVT4N+uHdBtjxBHXxVnL3gOWaXoaSkHdHD2hPXhNAkc3tFpo
o2iPT+Uh28M/sSc/jrtrn0mwbouyj/ItcseyJV30uR4nA+FGkC7THkKOgVScIyVB
/6QyXB3ENobN76rmnOz1ojj2ENaMMdrFc2yZCcgumkM8tn7ETE1CIGvmafHx2o/m
h6zQ/4JMKrktANtuEX/EASOhULm9danqpnPV0yUFEb10VNcJ1Ue1SsTxblcMH8IR
zVyVUkxvFCqhtNcwrjp11lELJMAeQ2V3slt4Xjmm
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:25 2023 by rpki-client on console-ams.rpki-client.org