Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/a04da6-9887-42a5-8ed7-94e5d49cc628/1/qSfbe1Xt4f6Eptcfoyv2cQ8aOvY.roa
File: qSfbe1Xt4f6Eptcfoyv2cQ8aOvY.roa (raw, json)
Hash identifier: CYv17o59WoQdbQxh23Y/aOYPLJXxGvevH+KCl4DKFK0=
Subject key identifier: A9:27:DB:7B:55:ED:E1:FE:84:A6:D7:1F:A3:2B:F6:71:0F:1A:3A:F6
Certificate issuer: /CN=2875f185823dbc6a82d105b3ca16077db5729377
Certificate serial: 3458424D
Authority key identifier: 28:75:F1:85:82:3D:BC:6A:82:D1:05:B3:CA:16:07:7D:B5:72:93:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KHXxhYI9vGqC0QWzyhYHfbVyk3c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/a04da6-9887-42a5-8ed7-94e5d49cc628/1/qSfbe1Xt4f6Eptcfoyv2cQ8aOvY.roa
Signing time: Tue 15 Feb 2022 12:59:33 +0000
ROA not before: Tue 15 Feb 2022 12:59:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31472
IP address blocks: 185.91.41.0/24 maxlen: 24
185.91.40.0/22 maxlen: 22
185.34.80.0/22 maxlen: 22
185.60.4.0/22 maxlen: 22
185.61.88.0/22 maxlen: 22
149.19.176.0/22 maxlen: 22
195.206.184.0/21 maxlen: 21
37.157.48.0/21 maxlen: 21
185.86.20.0/22 maxlen: 22
185.2.76.0/22 maxlen: 22
2a00:b840:1::/48 maxlen: 48
2a00:b840::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 878199373 (0x3458424d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2875f185823dbc6a82d105b3ca16077db5729377
Validity
Not Before: Feb 15 12:59:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a927db7b55ede1fe84a6d71fa32bf6710f1a3af6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:02:96:fc:5d:a1:1a:d0:33:e7:42:4a:bb:80:
c3:80:5e:a2:e3:27:07:24:25:2d:7c:f3:d2:db:aa:
c6:44:03:87:0e:a3:b8:d6:31:8c:7b:63:03:c5:66:
ec:14:82:01:a0:c5:61:36:0e:90:51:0e:19:30:17:
c4:cf:41:23:53:f5:86:1a:d3:bc:96:75:fd:0f:e5:
45:48:ba:3f:b1:d4:cf:65:de:7d:b4:df:52:26:fc:
aa:4d:e9:c8:87:45:80:c0:09:49:a7:e0:4d:dc:54:
58:27:d3:d5:f0:0a:2b:38:1f:79:cc:7a:72:2b:e4:
ef:e4:1a:77:37:26:66:48:ea:33:da:44:16:dc:5f:
9a:61:79:57:76:7a:95:f6:27:47:a4:a7:45:12:b8:
73:e1:e3:e4:4d:1b:9d:65:03:fd:50:d3:c6:f5:30:
56:e2:da:05:79:0a:23:a1:1c:c5:56:68:36:c2:ca:
5b:1a:a2:36:a7:cb:77:ff:7b:37:99:9b:8a:21:b8:
7a:c0:96:0f:da:4f:55:a4:4f:1e:c1:15:07:b8:19:
08:d0:26:13:8e:b3:51:53:2d:64:c9:31:6d:8d:cc:
01:93:3a:2a:30:68:af:22:cb:9d:84:4a:28:d8:33:
66:a8:6c:bb:4c:80:2a:ad:0f:8a:14:cc:bf:62:cb:
9f:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:27:DB:7B:55:ED:E1:FE:84:A6:D7:1F:A3:2B:F6:71:0F:1A:3A:F6
X509v3 Authority Key Identifier:
keyid:28:75:F1:85:82:3D:BC:6A:82:D1:05:B3:CA:16:07:7D:B5:72:93:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KHXxhYI9vGqC0QWzyhYHfbVyk3c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/a04da6-9887-42a5-8ed7-94e5d49cc628/1/qSfbe1Xt4f6Eptcfoyv2cQ8aOvY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/a04da6-9887-42a5-8ed7-94e5d49cc628/1/KHXxhYI9vGqC0QWzyhYHfbVyk3c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.157.48.0/21
149.19.176.0/22
185.2.76.0/22
185.34.80.0/22
185.60.4.0/22
185.61.88.0/22
185.86.20.0/22
185.91.40.0/22
195.206.184.0/21
IPv6:
2a00:b840::/29
Signature Algorithm: sha256WithRSAEncryption
3f:e3:4d:ee:d8:bd:00:88:3a:de:9e:ae:44:d0:fb:8e:a9:61:
05:f7:b9:a5:a9:c4:4e:46:f6:ac:2e:c9:a4:b6:48:fa:7d:f6:
1a:84:d8:de:2f:ec:b1:22:04:8d:67:79:8a:25:cb:0a:b9:97:
95:1f:65:49:9b:be:14:5a:26:4a:7a:49:0d:fb:bc:c5:12:7e:
b9:4b:d3:0b:43:66:83:b1:b9:3d:05:44:f2:6a:1b:99:ae:98:
b5:ce:e8:b9:51:0e:29:64:66:80:a5:85:ba:7b:d2:64:a8:23:
2d:64:ef:14:60:49:54:a8:9d:f0:84:27:c1:a4:65:3f:e0:50:
9f:7f:04:56:fe:4a:44:2a:48:fe:09:8b:de:45:21:e5:f3:4a:
2f:21:e6:0f:5d:58:98:ea:e5:6f:71:3f:55:64:00:ea:87:39:
2b:0d:d2:0c:64:40:ce:26:87:ce:25:6c:d2:e4:2b:8b:00:2a:
5e:84:f7:3e:ab:cc:62:10:1d:00:1c:06:0e:22:90:5b:8c:c3:
4d:5d:ee:0a:1e:87:8c:af:9f:87:79:55:74:24:9a:8a:77:7d:
be:84:67:13:51:fa:9e:8a:83:95:a1:49:65:76:ae:d4:72:56:
35:67:b4:7f:fc:21:98:13:15:e1:93:f5:6e:65:30:6f:61:87:
f1:67:db:6c
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgIENFhCTTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ODc1ZjE4NTgyM2RiYzZhODJkMTA1YjNjYTE2MDc3ZGI1NzI5Mzc3MB4XDTIyMDIx
NTEyNTkzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTkyN2RiN2I1NWVk
ZTFmZTg0YTZkNzFmYTMyYmY2NzEwZjFhM2FmNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMIClvxdoRrQM+dCSruAw4BeouMnByQlLXzz0tuqxkQDhw6j
uNYxjHtjA8Vm7BSCAaDFYTYOkFEOGTAXxM9BI1P1hhrTvJZ1/Q/lRUi6P7HUz2Xe
fbTfUib8qk3pyIdFgMAJSafgTdxUWCfT1fAKKzgfecx6civk7+QadzcmZkjqM9pE
FtxfmmF5V3Z6lfYnR6SnRRK4c+Hj5E0bnWUD/VDTxvUwVuLaBXkKI6EcxVZoNsLK
WxqiNqfLd/97N5mbiiG4esCWD9pPVaRPHsEVB7gZCNAmE46zUVMtZMkxbY3MAZM6
KjBoryLLnYRKKNgzZqhsu0yAKq0PihTMv2LLn28CAwEAAaOCAkgwggJEMB0GA1Ud
DgQWBBSpJ9t7Ve3h/oSm1x+jK/ZxDxo69jAfBgNVHSMEGDAWgBQodfGFgj28aoLR
BbPKFgd9tXKTdzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tIWHhoWUk5dkdxQzBRV3p5aFlIZmJWeWszYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWYvYTA0ZGE2LTk4ODctNDJhNS04ZWQ3LTk0ZTVkNDljYzYyOC8x
L3FTZmJlMVh0NGY2RXB0Y2ZveXYyY1E4YU92WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWYv
YTA0ZGE2LTk4ODctNDJhNS04ZWQ3LTk0ZTVkNDljYzYyOC8xL0tIWHhoWUk5dkdx
QzBRV3p5aFlIZmJWeWszYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBe
BggrBgEFBQcBBwEB/wRPME0wPAQCAAEwNgMEAyWdMAMEApUTsAMEArkCTAMEArki
UAMEArk8BAMEArk9WAMEArlWFAMEArlbKAMEA8POuDANBAIAAjAHAwUDKgC4QDAN
BgkqhkiG9w0BAQsFAAOCAQEAP+NN7ti9AIg63p6uRND7jqlhBfe5panETkb2rC7J
pLZI+n32GoTY3i/ssSIEjWd5iiXLCrmXlR9lSZu+FFomSnpJDfu8xRJ+uUvTC0Nm
g7G5PQVE8mobma6Ytc7ouVEOKWRmgKWFunvSZKgjLWTvFGBJVKid8IQnwaRlP+BQ
n38EVv5KRCpI/gmL3kUh5fNKLyHmD11YmOrlb3E/VWQA6oc5Kw3SDGRAziaHziVs
0uQriwAqXoT3PqvMYhAdABwGDiKQW4zDTV3uCh6HjK+fh3lVdCSaind9voRnE1H6
noqDlaFJZXau1HJWNWe0f/whmBMV4ZP1bmUwb2GH8WfbbA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:55 2023 by rpki-client on console-ams.rpki-client.org