Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/9837b2-0df0-4f5a-80db-62b640b02e2b/1/dQIerPfgusZIglRG1oG4DsCmpUU.roa
File: dQIerPfgusZIglRG1oG4DsCmpUU.roa (raw, json)
Hash identifier: JTdEOeTWpdju6t3EQcFqGzGojDjHVpovFxlhoSheXZ0=
Subject key identifier: 75:02:1E:AC:F7:E0:BA:C6:48:82:54:46:D6:81:B8:0E:C0:A6:A5:45
Certificate issuer: /CN=0d41d0a6e6df2e18c256732368d6e76828931310
Certificate serial: D583FA
Authority key identifier: 0D:41:D0:A6:E6:DF:2E:18:C2:56:73:23:68:D6:E7:68:28:93:13:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DUHQpubfLhjCVnMjaNbnaCiTExA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/9837b2-0df0-4f5a-80db-62b640b02e2b/1/dQIerPfgusZIglRG1oG4DsCmpUU.roa
Signing time: Sat 01 Jan 2022 11:55:00 +0000
ROA not before: Sat 01 Jan 2022 11:55:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51546
IP address blocks: 185.127.228.0/22 maxlen: 22
185.176.96.0/22 maxlen: 22
88.218.23.0/24 maxlen: 24
88.218.20.0/22 maxlen: 22
185.181.44.0/22 maxlen: 22
2a09:9680::/29 maxlen: 29
2a03:9920::/32 maxlen: 32
2a0a:f80::/29 maxlen: 29
2a0a:c080::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13992954 (0xd583fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d41d0a6e6df2e18c256732368d6e76828931310
Validity
Not Before: Jan 1 11:55:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=75021eacf7e0bac648825446d681b80ec0a6a545
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:bd:0a:25:e1:72:a3:27:33:5e:f4:e1:09:e8:
d6:05:99:2a:39:62:83:a0:e1:4c:02:9f:99:bb:d9:
e1:5e:b7:94:e0:26:cf:37:29:5c:ca:6a:79:66:65:
bf:f1:da:4f:e4:ef:02:8c:54:78:51:20:c8:0c:15:
49:8d:30:ab:4c:39:94:37:d2:e5:f4:b9:69:30:df:
98:b5:a6:7b:94:75:d1:3f:7c:44:2f:e3:7e:a6:28:
95:30:79:ad:b0:96:2b:3f:8d:fb:19:2a:b5:87:3d:
9f:4d:3f:bc:07:bf:07:55:23:84:d9:b2:68:d0:88:
e4:4c:85:7a:13:36:3f:01:42:b0:cc:10:59:a0:27:
01:01:9f:4b:88:2c:25:6c:a6:13:52:3d:c5:9c:05:
43:f2:f5:dc:43:02:93:ea:fd:a4:39:c2:c3:2f:b2:
6f:10:9f:25:f4:1e:66:cb:c1:1e:82:9a:2e:20:ea:
51:28:bc:a2:9e:3d:01:16:04:58:2e:f5:f1:80:2e:
e6:9e:dc:3d:59:64:3e:30:d1:7d:d7:44:91:13:d0:
47:aa:62:55:de:89:13:32:78:ea:a6:ff:42:32:18:
e9:43:e4:92:28:ea:35:8c:5a:73:3b:69:61:58:31:
ca:0c:2a:8e:b3:21:f3:c2:c1:b1:60:e8:50:21:da:
ad:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:02:1E:AC:F7:E0:BA:C6:48:82:54:46:D6:81:B8:0E:C0:A6:A5:45
X509v3 Authority Key Identifier:
keyid:0D:41:D0:A6:E6:DF:2E:18:C2:56:73:23:68:D6:E7:68:28:93:13:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DUHQpubfLhjCVnMjaNbnaCiTExA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/9837b2-0df0-4f5a-80db-62b640b02e2b/1/dQIerPfgusZIglRG1oG4DsCmpUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/9837b2-0df0-4f5a-80db-62b640b02e2b/1/DUHQpubfLhjCVnMjaNbnaCiTExA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.218.20.0/22
185.127.228.0/22
185.176.96.0/22
185.181.44.0/22
IPv6:
2a03:9920::/32
2a09:9680::/29
2a0a:f80::/29
2a0a:c080::/29
Signature Algorithm: sha256WithRSAEncryption
83:9b:08:2c:40:56:a9:b4:72:8e:fb:15:19:91:f9:c9:89:df:
69:34:5b:fc:7d:d4:b1:9e:9c:cf:7b:1d:7a:ea:11:90:36:cd:
f7:5a:9b:8f:28:4c:ba:a0:d5:b0:ae:43:36:0e:4b:f4:53:27:
d0:0f:55:5d:57:dd:52:7c:a7:f6:84:ea:0d:2b:43:10:03:b8:
dc:6e:ac:7c:99:da:0d:14:d5:61:67:19:68:91:dc:0d:ae:67:
7a:b2:0d:9f:31:33:9c:e7:36:aa:40:66:ca:31:ab:9b:02:67:
0b:80:49:91:53:28:8a:b1:10:52:74:cc:b9:ed:ba:04:2f:7a:
36:dc:d1:77:21:e6:81:c2:6c:a4:89:92:f4:39:08:15:85:4d:
7a:4c:4d:c4:ff:a7:b7:d2:f8:81:31:df:ee:cb:70:1d:73:12:
b6:4b:8c:d6:88:e4:8e:d8:45:7d:84:23:06:fc:5e:bc:c8:f8:
39:3c:43:da:29:48:77:f5:6f:1f:6e:70:9d:a0:59:3c:45:ef:
c4:b9:99:fe:15:cb:51:75:33:05:f8:74:d0:51:6f:f1:11:6c:
4c:8e:1f:54:1b:9d:4b:62:b4:ac:36:28:dd:37:2e:7a:c3:5e:
a2:e5:80:ef:65:b7:de:d4:b9:b5:15:16:b8:97:ac:40:63:e5:
35:d4:9c:8c
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgIEANWD+jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZDQxZDBhNmU2ZGYyZTE4YzI1NjczMjM2OGQ2ZTc2ODI4OTMxMzEwMB4XDTIyMDEw
MTExNTUwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzUwMjFlYWNmN2Uw
YmFjNjQ4ODI1NDQ2ZDY4MWI4MGVjMGE2YTU0NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKq9CiXhcqMnM1704Qno1gWZKjlig6DhTAKfmbvZ4V63lOAm
zzcpXMpqeWZlv/HaT+TvAoxUeFEgyAwVSY0wq0w5lDfS5fS5aTDfmLWme5R10T98
RC/jfqYolTB5rbCWKz+N+xkqtYc9n00/vAe/B1UjhNmyaNCI5EyFehM2PwFCsMwQ
WaAnAQGfS4gsJWymE1I9xZwFQ/L13EMCk+r9pDnCwy+ybxCfJfQeZsvBHoKaLiDq
USi8op49ARYEWC718YAu5p7cPVlkPjDRfddEkRPQR6piVd6JEzJ46qb/QjIY6UPk
kijqNYxacztpYVgxygwqjrMh88LBsWDoUCHard0CAwEAAaOCAj8wggI7MB0GA1Ud
DgQWBBR1Ah6s9+C6xkiCVEbWgbgOwKalRTAfBgNVHSMEGDAWgBQNQdCm5t8uGMJW
cyNo1udoKJMTEDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RVSFFwdWJmTGhqQ1ZuTWphTmJuYUNpVEV4QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTgvOTgzN2IyLTBkZjAtNGY1YS04MGRiLTYyYjY0MGIwMmUyYi8x
L2RRSWVyUGZndXNaSWdsUkcxb0c0RHNDbXBVVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgv
OTgzN2IyLTBkZjAtNGY1YS04MGRiLTYyYjY0MGIwMmUyYi8xL0RVSFFwdWJmTGhq
Q1ZuTWphTmJuYUNpVEV4QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBV
BggrBgEFBQcBBwEB/wRGMEQwHgQCAAEwGAMEAljaFAMEArl/5AMEArmwYAMEArm1
LDAiBAIAAjAcAwUAKgOZIAMFAyoJloADBQMqCg+AAwUDKgrAgDANBgkqhkiG9w0B
AQsFAAOCAQEAg5sILEBWqbRyjvsVGZH5yYnfaTRb/H3UsZ6cz3sdeuoRkDbN91qb
jyhMuqDVsK5DNg5L9FMn0A9VXVfdUnyn9oTqDStDEAO43G6sfJnaDRTVYWcZaJHc
Da5nerINnzEznOc2qkBmyjGrmwJnC4BJkVMoirEQUnTMue26BC96NtzRdyHmgcJs
pImS9DkIFYVNekxNxP+nt9L4gTHf7stwHXMStkuM1ojkjthFfYQjBvxevMj4OTxD
2ilId/VvH25wnaBZPEXvxLmZ/hXLUXUzBfh00FFv8RFsTI4fVBudS2K0rDYo3Tcu
esNeouWA72W33tS5tRUWuJesQGPlNdScjA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:34 2023 by rpki-client on console-ams.rpki-client.org