Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/9c5359-3452-42f3-880b-82d9a9eb430c/1/qMsNCv3G9nQRBKzVin6gtLKhOfM.roa
File: qMsNCv3G9nQRBKzVin6gtLKhOfM.roa (raw, json)
Hash identifier: ggxoHXy0VHJS2L+YvA8pAl9AjmJ7cFXRvfmpyuqYWWM=
Subject key identifier: A8:CB:0D:0A:FD:C6:F6:74:11:04:AC:D5:8A:7E:A0:B4:B2:A1:39:F3
Certificate issuer: /CN=7ed500164f0738135b9aec04e38fc24cb90e0f5f
Certificate serial: 018520294A872802D4F96ADCBA04488C1361
Authority key identifier: 7E:D5:00:16:4F:07:38:13:5B:9A:EC:04:E3:8F:C2:4C:B9:0E:0F:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ftUAFk8HOBNbmuwE44_CTLkOD18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/9c5359-3452-42f3-880b-82d9a9eb430c/1/qMsNCv3G9nQRBKzVin6gtLKhOfM.roa
Signing time: Sat 17 Dec 2022 12:57:35 +0000
ROA not before: Sat 17 Dec 2022 12:57:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204279
IP address blocks: 185.108.250.0/24 maxlen: 24
185.108.249.0/24 maxlen: 24
185.108.248.0/22 maxlen: 24
178.249.192.0/23 maxlen: 24
178.249.192.0/21 maxlen: 24
178.249.194.0/23 maxlen: 24
153.94.16.0/20 maxlen: 24
2a06:4942:200::/40 maxlen: 40
2a06:4942::/41 maxlen: 41
2a01:a4a0::/32 maxlen: 32
2a06:4940::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:20:29:4a:87:28:02:d4:f9:6a:dc:ba:04:48:8c:13:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ed500164f0738135b9aec04e38fc24cb90e0f5f
Validity
Not Before: Dec 17 12:57:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a8cb0d0afdc6f6741104acd58a7ea0b4b2a139f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:de:c3:99:df:e3:50:38:ca:86:28:5a:73:69:
2a:1e:5f:31:a9:68:e7:72:60:f5:78:de:18:0d:8b:
cf:69:51:75:dd:de:cf:cd:f9:9c:59:c0:fd:06:f4:
5e:27:84:2f:6d:29:c6:bc:31:f8:bf:8b:f8:68:31:
73:2d:88:f3:7a:7b:42:80:91:16:61:be:ee:e3:27:
e4:8f:48:ea:52:6f:db:1e:74:2e:ea:66:70:d5:7f:
7f:a2:f5:11:6c:fd:e1:08:be:8d:6f:70:f6:75:71:
e0:ce:fd:09:da:dc:62:5c:b4:00:8c:7f:ed:53:6f:
dc:d7:67:19:90:33:40:60:23:1c:3c:14:6a:a3:dd:
fb:87:ad:84:3e:b2:61:e3:96:e5:99:f2:3d:6d:fb:
36:f1:88:bb:ad:19:fd:44:b6:6e:3b:c2:f3:6f:8c:
07:6b:3a:52:d2:f6:07:9f:fc:52:29:61:13:a1:43:
07:b2:91:b0:03:d0:93:81:e9:1b:d0:9a:57:34:91:
e1:4f:ad:58:ca:2b:d5:1c:06:c9:8b:3a:7d:dc:83:
72:9b:2b:72:73:3a:e0:26:2a:4f:16:9f:bc:e1:f9:
74:ce:45:14:fa:2c:ce:96:b0:85:a4:29:91:51:67:
7b:ce:66:9e:69:2b:39:82:da:7a:36:cd:5b:7b:dd:
be:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:CB:0D:0A:FD:C6:F6:74:11:04:AC:D5:8A:7E:A0:B4:B2:A1:39:F3
X509v3 Authority Key Identifier:
keyid:7E:D5:00:16:4F:07:38:13:5B:9A:EC:04:E3:8F:C2:4C:B9:0E:0F:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ftUAFk8HOBNbmuwE44_CTLkOD18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/9c5359-3452-42f3-880b-82d9a9eb430c/1/qMsNCv3G9nQRBKzVin6gtLKhOfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/9c5359-3452-42f3-880b-82d9a9eb430c/1/ftUAFk8HOBNbmuwE44_CTLkOD18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
153.94.16.0/20
178.249.192.0/21
185.108.248.0/22
IPv6:
2a01:a4a0::/32
2a06:4940::/29
Signature Algorithm: sha256WithRSAEncryption
4c:2e:d8:43:26:7f:1a:82:7f:d9:2d:7c:fb:6c:3b:cb:89:3b:
73:f6:0b:10:59:c3:06:43:e0:bc:6e:6f:cb:d7:78:77:4f:a7:
b6:d4:84:a1:55:0b:66:75:96:76:07:14:54:8b:9f:27:76:85:
b2:03:9f:b6:fd:ed:30:10:df:db:f7:5b:f9:7a:5a:19:97:d6:
39:60:28:73:6e:22:ec:f5:98:c3:b2:97:8a:83:8a:e6:d4:94:
8a:b7:f7:73:33:43:2f:9d:ae:50:19:6d:d9:23:6c:f1:46:e2:
50:21:15:16:72:a8:18:f8:41:83:8f:5e:cd:19:97:42:89:68:
7a:0a:46:70:3a:e4:02:a1:13:41:c4:2a:78:1c:7d:55:83:cd:
d5:84:8b:a8:2d:7c:39:0a:38:f6:5d:64:91:33:21:5c:dd:00:
9e:78:e4:d1:9c:c3:8b:d8:0c:24:1f:4e:04:57:a9:46:d0:47:
6b:1c:c7:b5:6b:a3:83:c4:db:98:52:4b:ad:d4:b3:78:c8:6e:
42:61:6a:7f:38:6c:c6:f7:76:63:3a:97:c3:b5:b0:ca:f4:38:
3a:79:cc:2b:99:fc:f6:7c:a1:f4:d9:45:91:aa:2d:b5:53:cb:
72:c6:b4:62:89:1f:4c:9c:46:9f:3e:68:6f:18:d7:54:31:51:
a9:ec:ad:f0
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYUgKUqHKALU+WrcugRIjBNhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlZDUwMDE2NGYwNzM4MTM1YjlhZWMwNGUzOGZjMjRjYjkw
ZTBmNWYwHhcNMjIxMjE3MTI1NzM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGNiMGQwYWZkYzZmNjc0MTEwNGFjZDU4YTdlYTBiNGIyYTEzOWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkd7Dmd/jUDjKhihac2kqHl8xqWjn
cmD1eN4YDYvPaVF13d7PzfmcWcD9BvReJ4QvbSnGvDH4v4v4aDFzLYjzentCgJEW
Yb7u4yfkj0jqUm/bHnQu6mZw1X9/ovURbP3hCL6Nb3D2dXHgzv0J2txiXLQAjH/t
U2/c12cZkDNAYCMcPBRqo937h62EPrJh45blmfI9bfs28Yi7rRn9RLZuO8Lzb4wH
azpS0vYHn/xSKWEToUMHspGwA9CTgekb0JpXNJHhT61YyivVHAbJizp93INymyty
czrgJipPFp+84fl0zkUU+izOlrCFpCmRUWd7zmaeaSs5gtp6Ns1be92+VwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFKjLDQr9xvZ0EQSs1Yp+oLSyoTnzMB8GA1UdIwQY
MBaAFH7VABZPBzgTW5rsBOOPwky5Dg9fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZnRVQUZrOEhPQk5ibXV3RTQ0X0NUTGtPRDE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC85YzUzNTktMzQ1Mi00MmYzLTg4MGIt
ODJkOWE5ZWI0MzBjLzEvcU1zTkN2M0c5blFSQkt6VmluNmd0TEtoT2ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC85YzUzNTktMzQ1Mi00MmYzLTg4MGItODJkOWE5ZWI0MzBj
LzEvZnRVQUZrOEhPQk5ibXV3RTQ0X0NUTGtPRDE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQEmV4QAwQD
svnAAwQCuWz4MBQEAgACMA4DBQAqAaSgAwUDKgZJQDANBgkqhkiG9w0BAQsFAAOC
AQEATC7YQyZ/GoJ/2S18+2w7y4k7c/YLEFnDBkPgvG5vy9d4d0+nttSEoVULZnWW
dgcUVIufJ3aFsgOftv3tMBDf2/db+XpaGZfWOWAoc24i7PWYw7KXioOK5tSUirf3
czNDL52uUBlt2SNs8UbiUCEVFnKoGPhBg49ezRmXQoloegpGcDrkAqETQcQqeBx9
VYPN1YSLqC18OQo49l1kkTMhXN0Annjk0ZzDi9gMJB9OBFepRtBHaxzHtWujg8Tb
mFJLrdSzeMhuQmFqfzhsxvd2YzqXw7WwyvQ4OnnMK5n89nyh9NlFkaottVPLcsa0
YokfTJxGnz5obxjXVDFRqeyt8A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:48 2024 by rpki-client on console-ams.rpki-client.org