Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/84b489-8b6f-459d-9a31-f18ad9f4cc34/1/imQKaItyduMXoyylSFmm1NpYcOg.roa
File: imQKaItyduMXoyylSFmm1NpYcOg.roa (raw, json)
Hash identifier: nSea+m0FahJy56F7MLU1pxY6ftKRkwXU7VbvkLzY0sY=
Subject key identifier: 8A:64:0A:68:8B:72:76:E3:17:A3:2C:A5:48:59:A6:D4:DA:58:70:E8
Certificate issuer: /CN=19b800c39126db3ca4e0d56910f0ad379257e4a0
Certificate serial: 0183E639CF76356068AB4ABC4F72CA993C8D
Authority key identifier: 19:B8:00:C3:91:26:DB:3C:A4:E0:D5:69:10:F0:AD:37:92:57:E4:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GbgAw5Em2zyk4NVpEPCtN5JX5KA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/84b489-8b6f-459d-9a31-f18ad9f4cc34/1/imQKaItyduMXoyylSFmm1NpYcOg.roa
Signing time: Mon 17 Oct 2022 13:54:51 +0000
ROA not before: Mon 17 Oct 2022 13:54:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20546
IP address blocks: 185.117.68.0/22 maxlen: 24
195.80.52.0/22 maxlen: 24
94.16.64.0/19 maxlen: 24
92.119.8.0/22 maxlen: 24
185.189.140.0/22 maxlen: 24
5.182.236.0/22 maxlen: 24
185.238.252.0/22 maxlen: 24
212.232.80.0/20 maxlen: 24
45.14.188.0/22 maxlen: 24
85.132.192.0/19 maxlen: 24
213.188.96.0/19 maxlen: 24
45.131.36.0/22 maxlen: 24
149.249.128.0/19 maxlen: 24
45.136.168.0/22 maxlen: 24
213.157.0.0/19 maxlen: 24
95.131.96.0/21 maxlen: 24
134.101.16.0/20 maxlen: 24
45.10.60.0/22 maxlen: 24
45.143.76.0/22 maxlen: 24
185.9.28.0/22 maxlen: 24
45.128.180.0/22 maxlen: 24
94.46.64.0/19 maxlen: 24
46.243.80.0/21 maxlen: 24
45.93.108.0/22 maxlen: 24
185.194.64.0/22 maxlen: 24
2a02:b98::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:e6:39:cf:76:35:60:68:ab:4a:bc:4f:72:ca:99:3c:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19b800c39126db3ca4e0d56910f0ad379257e4a0
Validity
Not Before: Oct 17 13:54:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8a640a688b7276e317a32ca54859a6d4da5870e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:b5:ec:d1:a9:67:f1:b0:25:29:bd:11:3a:88:
3d:b6:8e:c8:c8:12:45:e5:04:0d:d2:cb:ed:4f:78:
ef:ef:0e:15:42:56:7b:20:5f:72:8c:f1:5a:5c:17:
be:9b:30:2a:8e:a5:1f:64:3c:00:04:94:58:aa:84:
8b:a3:fe:9e:32:db:d0:1d:b2:c6:07:18:d3:2f:6d:
4a:60:26:60:fe:f5:7b:02:cd:88:84:7e:19:1b:7b:
9d:ca:69:3d:ba:23:d1:e6:39:d7:ef:52:f1:4c:27:
32:6a:d2:48:db:78:c7:26:cd:8f:4b:92:6b:95:7a:
42:ee:4f:be:83:ad:19:4d:70:ef:4b:4e:c4:06:bb:
44:4f:8c:60:5a:c7:ee:d7:8a:9a:14:e8:7d:5c:f4:
18:16:ec:2c:68:19:74:c9:93:0d:d0:fe:f3:a5:b0:
25:82:c6:c7:28:94:97:44:7e:6c:81:fb:c6:f7:35:
41:c5:6d:90:42:cb:d3:7a:a0:0c:64:02:9d:8a:40:
4c:f3:f6:e6:72:10:17:26:75:88:59:79:fd:c5:93:
a1:05:68:3f:b8:77:83:e1:a5:c4:03:a7:6c:c0:ef:
34:32:fd:43:55:c6:7a:9b:9e:78:31:a9:0e:14:89:
cf:b1:78:84:68:54:39:75:75:d6:c4:e6:8c:90:0a:
53:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:64:0A:68:8B:72:76:E3:17:A3:2C:A5:48:59:A6:D4:DA:58:70:E8
X509v3 Authority Key Identifier:
keyid:19:B8:00:C3:91:26:DB:3C:A4:E0:D5:69:10:F0:AD:37:92:57:E4:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GbgAw5Em2zyk4NVpEPCtN5JX5KA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/84b489-8b6f-459d-9a31-f18ad9f4cc34/1/imQKaItyduMXoyylSFmm1NpYcOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/84b489-8b6f-459d-9a31-f18ad9f4cc34/1/GbgAw5Em2zyk4NVpEPCtN5JX5KA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.236.0/22
45.10.60.0/22
45.14.188.0/22
45.93.108.0/22
45.128.180.0/22
45.131.36.0/22
45.136.168.0/22
45.143.76.0/22
46.243.80.0/21
85.132.192.0/19
92.119.8.0/22
94.16.64.0/19
94.46.64.0/19
95.131.96.0/21
134.101.16.0/20
149.249.128.0/19
185.9.28.0/22
185.117.68.0/22
185.189.140.0/22
185.194.64.0/22
185.238.252.0/22
195.80.52.0/22
212.232.80.0/20
213.157.0.0/19
213.188.96.0/19
IPv6:
2a02:b98::/32
Signature Algorithm: sha256WithRSAEncryption
93:70:21:59:64:64:41:f9:51:a7:64:7a:48:84:56:8d:46:fe:
68:a8:0e:b8:e6:6b:4b:49:82:ff:65:9d:20:02:63:71:b8:2b:
65:4c:cb:17:7c:28:74:aa:41:01:d4:a8:ce:4b:ff:a8:ff:92:
e8:ea:e9:6c:c5:1e:06:e0:91:96:fa:41:df:b7:e0:8b:9f:5b:
1d:e5:0e:d8:9d:df:7a:f1:f5:59:ed:a0:71:24:08:b8:fe:e7:
94:a9:64:3c:ec:49:79:8c:14:1d:2a:94:b7:d6:cb:24:e8:d2:
74:a9:b1:ae:ef:21:29:d4:3d:93:31:6c:c9:bc:c6:43:9c:1a:
9b:d0:6e:cc:9c:2a:f1:8f:1e:83:59:37:d1:44:52:c2:46:d8:
5e:29:e3:25:ea:32:99:55:e0:92:d8:0a:c5:7c:9f:8b:dc:a2:
ff:6d:58:61:95:6b:43:4b:b4:7c:63:ed:2b:1d:09:d9:f2:58:
5b:f9:56:fa:1e:8a:47:cf:1a:a6:ca:f7:7c:a0:4a:ae:06:a8:
a7:5c:a9:95:90:d7:65:d7:c4:5f:e1:26:f8:7c:87:7b:3f:76:
ba:76:e4:b1:c2:d7:17:54:31:3c:7f:07:c9:0e:22:62:bb:a7:
a0:0c:25:0f:27:21:b4:f7:0b:f9:f1:0b:1d:a4:fe:b6:3d:19:
78:be:ed:a4
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgISAYPmOc92NWBoq0q8T3LKmTyNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5YjgwMGMzOTEyNmRiM2NhNGUwZDU2OTEwZjBhZDM3OTI1
N2U0YTAwHhcNMjIxMDE3MTM1NDUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTY0MGE2ODhiNzI3NmUzMTdhMzJjYTU0ODU5YTZkNGRhNTg3MGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkbXs0aln8bAlKb0ROog9to7IyBJF
5QQN0svtT3jv7w4VQlZ7IF9yjPFaXBe+mzAqjqUfZDwABJRYqoSLo/6eMtvQHbLG
BxjTL21KYCZg/vV7As2IhH4ZG3udymk9uiPR5jnX71LxTCcyatJI23jHJs2PS5Jr
lXpC7k++g60ZTXDvS07EBrtET4xgWsfu14qaFOh9XPQYFuwsaBl0yZMN0P7zpbAl
gsbHKJSXRH5sgfvG9zVBxW2QQsvTeqAMZAKdikBM8/bmchAXJnWIWXn9xZOhBWg/
uHeD4aXEA6dswO80Mv1DVcZ6m554MakOFInPsXiEaFQ5dXXWxOaMkApThQIDAQAB
o4ICrTCCAqkwHQYDVR0OBBYEFIpkCmiLcnbjF6MspUhZptTaWHDoMB8GA1UdIwQY
MBaAFBm4AMORJts8pODVaRDwrTeSV+SgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2JnQXc1RW0yenlrNE5WcEVQQ3RONUpYNUtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS84NGI0ODktOGI2Zi00NTlkLTlhMzEt
ZjE4YWQ5ZjRjYzM0LzEvaW1RS2FJdHlkdU1Yb3l5bFNGbW0xTnBZY09nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS84NGI0ODktOGI2Zi00NTlkLTlhMzEtZjE4YWQ5ZjRjYzM0
LzEvR2JnQXc1RW0yenlrNE5WcEVQQ3RONUpYNUtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHCBggrBgEFBQcBBwEB/wSBsjCBrzCBnQQCAAEwgZYDBAIF
tuwDBAItCjwDBAItDrwDBAItXWwDBAItgLQDBAItgyQDBAItiKgDBAItj0wDBAMu
81ADBAVVhMADBAJcdwgDBAVeEEADBAVeLkADBANfg2ADBASGZRADBAWV+YADBAK5
CRwDBAK5dUQDBAK5vYwDBAK5wkADBAK57vwDBALDUDQDBATU6FADBAXVnQADBAXV
vGAwDQQCAAIwBwMFACoCC5gwDQYJKoZIhvcNAQELBQADggEBAJNwIVlkZEH5Uadk
ekiEVo1G/mioDrjma0tJgv9lnSACY3G4K2VMyxd8KHSqQQHUqM5L/6j/kujq6WzF
HgbgkZb6Qd+34IufWx3lDtid33rx9VntoHEkCLj+55SpZDzsSXmMFB0qlLfWyyTo
0nSpsa7vISnUPZMxbMm8xkOcGpvQbsycKvGPHoNZN9FEUsJG2F4p4yXqMplV4JLY
CsV8n4vcov9tWGGVa0NLtHxj7SsdCdnyWFv5VvoeikfPGqbK93ygSq4GqKdcqZWQ
12XXxF/hJvh8h3s/drp25LHC1xdUMTx/B8kOImK7p6AMJQ8nIbT3C/nxCx2k/rY9
GXi+7aQ=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:02:34 2025 by rpki-client