Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/d8f145-1e0d-471d-8536-ae6b84c28195/1/2Qo3INtBJEZW3mbkJ5r3iODxOGA.roa
File: 2Qo3INtBJEZW3mbkJ5r3iODxOGA.roa (raw, json)
Hash identifier: bLjHaD2OaOmnZBZ1V7zuOGJQU2BO+/qKmHYrXZnjGt4=
Subject key identifier: D9:0A:37:20:DB:41:24:46:56:DE:66:E4:27:9A:F7:88:E0:F1:38:60
Certificate issuer: /CN=4982b1719b4fec708ba66b297abe0db08fad0e1e
Certificate serial: 04395CA9
Authority key identifier: 49:82:B1:71:9B:4F:EC:70:8B:A6:6B:29:7A:BE:0D:B0:8F:AD:0E:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYKxcZtP7HCLpmsper4NsI-tDh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/d8f145-1e0d-471d-8536-ae6b84c28195/1/2Qo3INtBJEZW3mbkJ5r3iODxOGA.roa
Signing time: Sat 01 Jan 2022 08:02:01 +0000
ROA not before: Sat 01 Jan 2022 08:02:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201026
IP address blocks: 185.85.223.0/24 maxlen: 24
185.85.220.0/24 maxlen: 24
185.85.220.0/23 maxlen: 23
185.85.220.0/22 maxlen: 24
185.85.221.0/24 maxlen: 24
185.85.222.0/24 maxlen: 24
2a05:aec0::/44 maxlen: 44
2a05:aec0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70868137 (0x4395ca9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4982b1719b4fec708ba66b297abe0db08fad0e1e
Validity
Not Before: Jan 1 08:02:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d90a3720db41244656de66e4279af788e0f13860
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:41:31:82:00:93:16:51:a5:0d:5e:d6:e8:98:
13:a3:6c:c4:d9:cf:45:af:5d:64:01:34:6e:91:c3:
51:33:b7:51:33:f9:55:4b:e6:b1:6d:47:40:ae:9a:
99:1b:bf:b6:8f:63:90:41:cc:00:1e:1a:d8:8c:97:
63:c4:0c:c4:c0:07:06:19:fa:6b:fe:72:7d:19:88:
d7:99:45:94:78:1f:9f:87:7e:32:89:6c:5a:ce:1e:
31:76:a8:bd:2f:69:75:70:b7:e4:d8:08:c9:6f:1b:
9c:f0:7e:f8:aa:5b:b7:8b:44:c6:86:9b:a4:a7:fe:
8b:22:2b:36:7d:a9:3e:c0:fb:fe:bc:da:c5:e4:01:
9a:72:8c:e2:43:33:db:3b:75:b8:dd:d2:f8:12:76:
a3:d6:96:69:29:1e:dc:9f:98:3e:08:65:bb:3f:91:
90:06:e1:50:02:34:7d:02:24:3a:93:a3:31:f4:d2:
7c:70:78:d0:3a:5a:ef:2d:d7:4e:6f:cf:dd:65:b1:
a6:12:25:10:9b:7f:7e:d9:b5:a8:3b:8e:52:a8:8b:
be:d7:5b:38:5c:e8:58:7b:d7:09:35:61:bd:f7:68:
7e:41:a0:62:06:bf:42:70:f5:9f:2c:86:b1:19:bd:
5c:fd:01:21:1e:d6:65:f1:2e:de:df:f7:79:7e:4e:
28:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:0A:37:20:DB:41:24:46:56:DE:66:E4:27:9A:F7:88:E0:F1:38:60
X509v3 Authority Key Identifier:
keyid:49:82:B1:71:9B:4F:EC:70:8B:A6:6B:29:7A:BE:0D:B0:8F:AD:0E:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYKxcZtP7HCLpmsper4NsI-tDh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/d8f145-1e0d-471d-8536-ae6b84c28195/1/2Qo3INtBJEZW3mbkJ5r3iODxOGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/d8f145-1e0d-471d-8536-ae6b84c28195/1/SYKxcZtP7HCLpmsper4NsI-tDh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.85.220.0/22
IPv6:
2a05:aec0::/29
Signature Algorithm: sha256WithRSAEncryption
10:9c:8f:b1:d2:49:e7:05:37:e2:4f:de:c0:af:a6:66:77:a7:
b5:c6:e3:c2:76:aa:8d:c8:16:f0:81:b1:1b:93:4a:2b:05:41:
42:6d:2b:34:4d:5f:7e:02:1f:f3:d3:d5:9e:60:78:af:83:fa:
61:47:12:ff:3b:58:f1:f2:1a:66:80:72:37:98:3b:4e:55:5e:
67:66:d9:aa:bb:f8:01:02:de:5e:bf:65:35:f8:67:12:6e:de:
af:bd:8f:02:77:ba:17:7c:ea:23:8b:35:60:46:de:0c:a6:d6:
c2:2e:57:bc:6e:c7:b7:c5:65:43:21:05:b3:9e:ca:1d:b4:99:
cc:00:c2:ea:78:ec:ac:fb:3e:11:e6:0b:71:cc:78:19:9e:97:
08:3e:05:52:4e:57:76:ca:3e:3f:d2:6b:98:f5:c5:67:80:b5:
6a:78:6e:b6:32:37:df:a4:92:8e:3c:f4:b1:b2:ec:01:66:ab:
56:18:da:cd:9b:c3:02:6e:5f:7a:36:9a:1d:7c:ba:cf:69:78:
5a:16:0f:23:21:50:8c:2a:82:3f:92:8b:75:dc:1f:aa:ce:7d:
cb:6e:b7:1b:73:37:fa:2c:ee:c1:85:2d:9c:9d:7d:36:c2:76:
2c:da:16:25:9c:9e:73:dd:d6:e7:cb:3b:33:4a:4d:bd:81:f0:
08:bd:4c:d6
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBDlcqTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
OTgyYjE3MTliNGZlYzcwOGJhNjZiMjk3YWJlMGRiMDhmYWQwZTFlMB4XDTIyMDEw
MTA4MDIwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDkwYTM3MjBkYjQx
MjQ0NjU2ZGU2NmU0Mjc5YWY3ODhlMGYxMzg2MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJBBMYIAkxZRpQ1e1uiYE6NsxNnPRa9dZAE0bpHDUTO3UTP5
VUvmsW1HQK6amRu/to9jkEHMAB4a2IyXY8QMxMAHBhn6a/5yfRmI15lFlHgfn4d+
MolsWs4eMXaovS9pdXC35NgIyW8bnPB++Kpbt4tExoabpKf+iyIrNn2pPsD7/rza
xeQBmnKM4kMz2zt1uN3S+BJ2o9aWaSke3J+YPghluz+RkAbhUAI0fQIkOpOjMfTS
fHB40Dpa7y3XTm/P3WWxphIlEJt/ftm1qDuOUqiLvtdbOFzoWHvXCTVhvfdofkGg
Yga/QnD1nyyGsRm9XP0BIR7WZfEu3t/3eX5OKIUCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTZCjcg20EkRlbeZuQnmveI4PE4YDAfBgNVHSMEGDAWgBRJgrFxm0/scIum
ayl6vg2wj60OHjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1NZS3hjWnRQN0hDTHBtc3BlcjROc0ktdERoNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjMvZDhmMTQ1LTFlMGQtNDcxZC04NTM2LWFlNmI4NGMyODE5NS8x
LzJRbzNJTnRCSkVaVzNtYmtKNXIzaU9EeE9HQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjMv
ZDhmMTQ1LTFlMGQtNDcxZC04NTM2LWFlNmI4NGMyODE5NS8xL1NZS3hjWnRQN0hD
THBtc3BlcjROc0ktdERoNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArlV3DANBAIAAjAHAwUDKgWuwDAN
BgkqhkiG9w0BAQsFAAOCAQEAEJyPsdJJ5wU34k/ewK+mZnentcbjwnaqjcgW8IGx
G5NKKwVBQm0rNE1ffgIf89PVnmB4r4P6YUcS/ztY8fIaZoByN5g7TlVeZ2bZqrv4
AQLeXr9lNfhnEm7er72PAne6F3zqI4s1YEbeDKbWwi5XvG7Ht8VlQyEFs57KHbSZ
zADC6njsrPs+EeYLccx4GZ6XCD4FUk5Xdso+P9JrmPXFZ4C1anhutjI336SSjjz0
sbLsAWarVhjazZvDAm5fejaaHXy6z2l4WhYPIyFQjCqCP5KLddwfqs59y263G3M3
+izuwYUtnJ19NsJ2LNoWJZyec93W58s7M0pNvYHwCL1M1g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:34 2024 by rpki-client on console-ams.rpki-client.org