Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Q-889rCgjnA4d_Pk6ZhbBARl14s.roa
File: Q-889rCgjnA4d_Pk6ZhbBARl14s.roa (raw, json)
Hash identifier: v7JRRPgB/LpN5UAljoqLDsX3AOygJDtxo1CPbjAr8A0=
Subject key identifier: 43:EF:3C:F6:B0:A0:8E:70:38:77:F3:E4:E9:98:5B:04:04:65:D7:8B
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0CCAFF47
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Q-889rCgjnA4d_Pk6ZhbBARl14s.roa
Signing time: Sat 01 Jan 2022 05:05:10 +0000
ROA not before: Sat 01 Jan 2022 05:05:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213035
IP address blocks: 185.121.122.0/23 maxlen: 24
185.121.121.0/24 maxlen: 24
185.239.243.0/24 maxlen: 24
220.158.196.0/22 maxlen: 24
45.144.226.0/24 maxlen: 24
45.144.227.0/24 maxlen: 24
193.239.164.0/23 maxlen: 24
62.197.136.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 214630215 (0xccaff47)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 05:05:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=43ef3cf6b0a08e703877f3e4e9985b040465d78b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:d6:8e:c7:aa:5d:34:96:10:c1:50:de:7f:37:
78:38:95:95:00:a7:b6:74:7d:04:6b:1d:93:17:64:
17:7a:9c:80:b0:00:4a:7e:b6:95:b7:6a:f9:db:e7:
c4:9b:30:0b:7d:86:ee:ca:92:4f:f9:08:28:1f:8b:
3d:2a:05:b7:19:f9:19:67:8e:00:0b:a1:13:6c:4f:
ba:73:1e:75:7f:4d:e2:ed:be:40:9c:73:56:e4:03:
b5:c1:b4:60:be:a5:3c:3e:4e:0d:6f:de:db:18:7c:
2d:9d:95:53:ba:1b:13:d3:87:e4:bb:61:b2:fc:f4:
f3:36:f8:cd:ac:26:4f:f7:ec:35:f9:52:6e:65:2f:
a4:fc:49:a2:e9:97:73:c1:9f:a2:f9:f5:d9:33:d2:
08:b4:f6:d9:5f:1b:e3:35:99:d3:fa:cb:9f:53:d4:
28:14:18:d0:06:dc:ef:10:a8:58:a5:d5:b3:97:8a:
29:07:af:fe:20:97:1a:9e:7f:d9:06:d0:07:1f:23:
da:25:03:2d:60:db:d3:01:87:4f:97:a2:12:51:dc:
29:16:c9:74:87:2e:22:a0:66:f5:95:a8:e9:e8:b7:
80:4a:60:79:d7:cb:a1:eb:f5:73:69:c3:72:3b:11:
0c:33:d6:f7:1c:3c:00:70:d1:11:72:37:c0:ff:e0:
23:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:EF:3C:F6:B0:A0:8E:70:38:77:F3:E4:E9:98:5B:04:04:65:D7:8B
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Q-889rCgjnA4d_Pk6ZhbBARl14s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.226.0/23
62.197.136.0/21
185.121.121.0-185.121.123.255
185.239.243.0/24
193.239.164.0/23
220.158.196.0/22
Signature Algorithm: sha256WithRSAEncryption
16:0f:b4:dd:af:70:e3:c0:5a:54:4b:ef:ac:04:f8:83:46:b4:
3a:70:af:9f:45:01:25:ea:cd:74:12:95:0a:40:f7:7a:e8:db:
90:c6:4c:b3:04:f0:43:96:cf:a0:e1:58:c0:2e:94:bd:cf:89:
43:76:ca:f4:fd:58:51:be:ff:29:5f:54:a5:c8:6c:b3:06:21:
36:33:36:ff:61:88:76:8e:3e:8f:d3:a0:51:71:66:7c:3b:92:
cd:18:8c:8d:62:eb:a8:7a:86:9e:e6:ac:ef:d1:a3:99:ae:e0:
6f:1e:f5:db:d2:9d:81:ab:71:81:bf:7c:50:21:1b:9c:0c:f0:
e7:e7:d9:4f:97:a0:d8:42:98:46:c9:60:66:e0:dd:0b:93:1c:
9a:81:d7:e6:87:d0:6f:eb:b7:34:0a:82:9c:52:de:0d:e2:dd:
1a:c9:40:b3:1d:e5:e5:a4:8a:11:dd:cd:07:54:4c:e9:9a:79:
a5:ed:59:6e:c7:98:90:27:82:3a:49:02:eb:19:a0:f2:70:98:
20:b4:85:ca:09:22:cb:7a:ab:90:e8:df:00:65:2c:37:09:43:
e6:c4:db:44:e3:63:63:b4:cc:c6:92:d6:c4:25:cb:32:67:c7:
ec:e0:58:0d:85:db:e3:b4:58:55:ea:e7:2b:7b:4c:53:a6:7d:
58:8f:aa:44
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgIEDMr/RzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NmMyYTRiN2Q1ZDczYzViNTcwNDYyMjNiZjMwZWI2NTMwMDViMGUyMB4XDTIyMDEw
MTA1MDUxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDNlZjNjZjZiMGEw
OGU3MDM4NzdmM2U0ZTk5ODViMDQwNDY1ZDc4YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL/WjseqXTSWEMFQ3n83eDiVlQCntnR9BGsdkxdkF3qcgLAA
Sn62lbdq+dvnxJswC32G7sqST/kIKB+LPSoFtxn5GWeOAAuhE2xPunMedX9N4u2+
QJxzVuQDtcG0YL6lPD5ODW/e2xh8LZ2VU7obE9OH5Lthsvz08zb4zawmT/fsNflS
bmUvpPxJoumXc8Gfovn12TPSCLT22V8b4zWZ0/rLn1PUKBQY0Abc7xCoWKXVs5eK
KQev/iCXGp5/2QbQBx8j2iUDLWDb0wGHT5eiElHcKRbJdIcuIqBm9ZWo6ei3gEpg
edfLoev1c2nDcjsRDDPW9xw8AHDREXI3wP/gI8UCAwEAAaOCAi8wggIrMB0GA1Ud
DgQWBBRD7zz2sKCOcDh38+TpmFsEBGXXizAfBgNVHSMEGDAWgBQ2wqS31dc8W1cE
YiO/MOtlMAWw4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05zS2t0OVhYUEZ0WEJHSWp2ekRyWlRBRnNPSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvOGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8x
L1EtODg5ckNnam5BNGRfUGs2WmhiQkFSbDE0cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
OGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8xL05zS2t0OVhYUEZ0
WEJHSWp2ekRyWlRBRnNPSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBF
BggrBgEFBQcBBwEB/wQ2MDQwMgQCAAEwLAMEAS2Q4gMEAz7FiDAMAwQAuXl5AwQC
uXl4AwQAue/zAwQBwe+kAwQC3J7EMA0GCSqGSIb3DQEBCwUAA4IBAQAWD7Tdr3Dj
wFpUS++sBPiDRrQ6cK+fRQEl6s10EpUKQPd66NuQxkyzBPBDls+g4VjALpS9z4lD
dsr0/VhRvv8pX1SlyGyzBiE2Mzb/YYh2jj6P06BRcWZ8O5LNGIyNYuuoeoae5qzv
0aOZruBvHvXb0p2Bq3GBv3xQIRucDPDn59lPl6DYQphGyWBm4N0Lkxyagdfmh9Bv
67c0CoKcUt4N4t0ayUCzHeXlpIoR3c0HVEzpmnml7Vlux5iQJ4I6SQLrGaDycJgg
tIXKCSLLequQ6N8AZSw3CUPmxNtE42NjtMzGktbEJcsyZ8fs4FgNhdvjtFhV6ucr
e0xTpn1Yj6pE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:45 2024 by rpki-client on console-fra.rpki-client.org