Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/811e73-cf30-494d-acac-8420ae9e0622/1/AEDmlxjZqtf0ul992-ILQQN43zY.roa
File: AEDmlxjZqtf0ul992-ILQQN43zY.roa (raw, json)
Hash identifier: ybq32lFf51eYV0kEe6K8UEqvjrlgGl56VMb1l0w7bso=
Subject key identifier: 00:40:E6:97:18:D9:AA:D7:F4:BA:5F:7D:DB:E2:0B:41:03:78:DF:36
Certificate issuer: /CN=a8801be2363f211bd2f57818adeaf9c0dbe14bdb
Certificate serial: 0691BEF6
Authority key identifier: A8:80:1B:E2:36:3F:21:1B:D2:F5:78:18:AD:EA:F9:C0:DB:E1:4B:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qIAb4jY_IRvS9XgYrer5wNvhS9s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/811e73-cf30-494d-acac-8420ae9e0622/1/AEDmlxjZqtf0ul992-ILQQN43zY.roa
Signing time: Thu 10 Feb 2022 18:13:38 +0000
ROA not before: Thu 10 Feb 2022 18:13:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 185.66.203.0/24 maxlen: 24
185.66.202.0/24 maxlen: 24
185.237.4.0/24 maxlen: 24
185.237.7.0/24 maxlen: 24
185.237.6.0/24 maxlen: 24
185.237.5.0/24 maxlen: 24
82.115.214.0/24 maxlen: 24
2a07:e3c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 110214902 (0x691bef6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8801be2363f211bd2f57818adeaf9c0dbe14bdb
Validity
Not Before: Feb 10 18:13:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0040e69718d9aad7f4ba5f7ddbe20b410378df36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:66:20:22:bc:43:19:bb:fa:db:7d:fe:46:d8:
c1:13:c8:31:3b:57:be:50:3f:b8:42:94:3a:19:7e:
be:98:0a:0a:ec:49:02:ee:00:a5:10:02:78:f3:ad:
23:a7:6c:e0:06:66:a1:41:a6:49:67:56:90:8d:fb:
bc:56:48:a9:81:b7:13:fe:80:3e:02:a9:43:59:11:
fc:1b:9c:e4:8f:57:95:9d:af:78:d5:25:96:fc:96:
ef:0c:34:cb:8b:5f:4a:de:7b:86:64:51:f4:36:8d:
8a:af:2f:6e:7b:3f:8e:ad:84:31:49:e9:03:a9:3c:
92:9a:f9:72:4b:52:52:0b:70:30:c0:0c:62:58:23:
83:00:8a:53:e3:df:c8:43:45:6a:82:97:94:f6:0e:
27:a9:e4:4f:4e:ba:ed:c2:db:73:dd:35:36:1c:53:
22:39:5b:a4:a2:02:ec:6d:26:16:b3:d2:7e:fc:bf:
cb:be:cb:b1:c9:92:67:f5:3b:be:0a:5b:8f:eb:74:
86:ea:86:cc:db:35:29:e9:0b:01:4b:26:b9:f2:20:
ed:79:e6:e1:ac:3d:8c:50:ff:70:22:87:99:5e:23:
8f:c1:7b:b4:87:50:9c:6a:0e:71:67:f4:42:98:18:
f0:9f:e1:11:04:e4:61:01:c2:36:dc:52:da:46:47:
3f:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:40:E6:97:18:D9:AA:D7:F4:BA:5F:7D:DB:E2:0B:41:03:78:DF:36
X509v3 Authority Key Identifier:
keyid:A8:80:1B:E2:36:3F:21:1B:D2:F5:78:18:AD:EA:F9:C0:DB:E1:4B:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qIAb4jY_IRvS9XgYrer5wNvhS9s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/811e73-cf30-494d-acac-8420ae9e0622/1/AEDmlxjZqtf0ul992-ILQQN43zY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/811e73-cf30-494d-acac-8420ae9e0622/1/qIAb4jY_IRvS9XgYrer5wNvhS9s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.115.214.0/24
185.66.202.0/23
185.237.4.0/22
IPv6:
2a07:e3c0::/48
Signature Algorithm: sha256WithRSAEncryption
9e:78:fd:19:3b:92:6e:c0:ed:35:a9:91:10:e7:f2:85:ff:8c:
4a:e4:ed:f7:06:00:5f:1c:ce:f7:ff:36:94:5e:a4:3a:ab:bd:
33:7b:d4:33:68:8d:c4:c1:67:c3:a6:e8:db:7d:e5:dc:b8:de:
83:33:a0:c6:22:e1:7c:49:65:87:02:a5:9b:42:63:20:45:6a:
ea:13:0a:84:e8:c3:15:95:21:11:c7:60:42:84:2b:67:1a:5b:
a8:2a:84:db:35:9a:de:0f:1b:de:6b:3c:d5:a6:08:af:57:79:
38:e0:0c:f6:f7:2b:84:74:67:6e:2c:76:84:27:a8:8e:c3:83:
f9:ba:c2:ae:43:6d:a3:c3:5e:ca:a2:42:a6:aa:ae:3c:8d:f5:
23:a5:19:46:17:f7:a5:a3:a1:16:29:02:c0:1d:7c:cc:3b:72:
43:cf:ee:cb:b3:46:9f:ff:72:9b:f8:ba:2a:cc:48:55:a1:ca:
86:69:3a:f7:4c:e8:9f:07:2d:d2:2d:c0:77:85:5b:39:41:be:
85:cb:ea:3f:65:9c:e1:68:a8:8a:fd:06:e6:06:98:a3:72:72:
3c:77:71:54:9a:6d:47:76:28:d9:d6:a1:fd:cd:f4:3f:48:23:
3e:6c:87:07:44:e3:21:d5:52:80:75:60:a8:c2:f2:f2:45:5d:
7a:5d:28:b7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIEBpG+9jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ODgwMWJlMjM2M2YyMTFiZDJmNTc4MThhZGVhZjljMGRiZTE0YmRiMB4XDTIyMDIx
MDE4MTMzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDA0MGU2OTcxOGQ5
YWFkN2Y0YmE1ZjdkZGJlMjBiNDEwMzc4ZGYzNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKdmICK8Qxm7+tt9/kbYwRPIMTtXvlA/uEKUOhl+vpgKCuxJ
Au4ApRACePOtI6ds4AZmoUGmSWdWkI37vFZIqYG3E/6APgKpQ1kR/Buc5I9XlZ2v
eNUllvyW7ww0y4tfSt57hmRR9DaNiq8vbns/jq2EMUnpA6k8kpr5cktSUgtwMMAM
YlgjgwCKU+PfyENFaoKXlPYOJ6nkT0667cLbc901NhxTIjlbpKIC7G0mFrPSfvy/
y77LscmSZ/U7vgpbj+t0huqGzNs1KekLAUsmufIg7Xnm4aw9jFD/cCKHmV4jj8F7
tIdQnGoOcWf0QpgY8J/hEQTkYQHCNtxS2kZHP2kCAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBQAQOaXGNmq1/S6X33b4gtBA3jfNjAfBgNVHSMEGDAWgBSogBviNj8hG9L1
eBit6vnA2+FL2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FJQWI0allfSVJ2UzlYZ1lyZXI1d052aFM5cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzEvODExZTczLWNmMzAtNDk0ZC1hY2FjLTg0MjBhZTllMDYyMi8x
L0FFRG1seGpacXRmMHVsOTkyLUlMUVFONDN6WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzEv
ODExZTczLWNmMzAtNDk0ZC1hY2FjLTg0MjBhZTllMDYyMi8xL3FJQWI0allfSVJ2
UzlYZ1lyZXI1d052aFM5cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA8
BggrBgEFBQcBBwEB/wQtMCswGAQCAAEwEgMEAFJz1gMEAblCygMEArntBDAPBAIA
AjAJAwcAKgfjwAAAMA0GCSqGSIb3DQEBCwUAA4IBAQCeeP0ZO5JuwO01qZEQ5/KF
/4xK5O33BgBfHM73/zaUXqQ6q70ze9QzaI3EwWfDpujbfeXcuN6DM6DGIuF8SWWH
AqWbQmMgRWrqEwqE6MMVlSERx2BChCtnGluoKoTbNZreDxveazzVpgivV3k44Az2
9yuEdGduLHaEJ6iOw4P5usKuQ22jw17KokKmqq48jfUjpRlGF/elo6EWKQLAHXzM
O3JDz+7Ls0af/3Kb+LoqzEhVocqGaTr3TOifBy3SLcB3hVs5Qb6Fy+o/ZZzhaKiK
/QbmBpijcnI8d3FUmm1HdijZ1qH9zfQ/SCM+bIcHROMh1VKAdWCowvLyRV16XSi3
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:50 2023 by rpki-client on console-fra.rpki-client.org