Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/4e87a6-6536-454a-a59e-d5ad996a1ac8/1/ovqCBNiu07wzhCIazaj18G0bQlQ.roa
File: ovqCBNiu07wzhCIazaj18G0bQlQ.roa (raw, json)
Hash identifier: 3kyGq2wsT01oy/9HLO63DziUDVOjCrYIgwoTW5s0ne4=
Subject key identifier: A2:FA:82:04:D8:AE:D3:BC:33:84:22:1A:CD:A8:F5:F0:6D:1B:42:54
Certificate issuer: /CN=543e20bf5f252b1bdbd21dc99d94cd97ea7f0fe6
Certificate serial: 02A6062D
Authority key identifier: 54:3E:20:BF:5F:25:2B:1B:DB:D2:1D:C9:9D:94:CD:97:EA:7F:0F:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VD4gv18lKxvb0h3JnZTNl-p_D-Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/4e87a6-6536-454a-a59e-d5ad996a1ac8/1/ovqCBNiu07wzhCIazaj18G0bQlQ.roa
Signing time: Fri 25 Mar 2022 08:42:42 +0000
ROA not before: Fri 25 Mar 2022 08:42:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43872
IP address blocks: 185.253.176.0/22 maxlen: 22
185.187.61.0/24 maxlen: 24
185.183.20.0/22 maxlen: 22
193.247.165.0/24 maxlen: 24
193.247.94.0/24 maxlen: 24
193.247.103.0/24 maxlen: 24
193.247.101.0/24 maxlen: 24
193.105.189.0/24 maxlen: 24
5.253.252.0/22 maxlen: 22
92.118.111.0/24 maxlen: 24
2a10:c9c0::/29 maxlen: 29
2a10:cac0::/29 maxlen: 29
2a0b:180::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44434989 (0x2a6062d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=543e20bf5f252b1bdbd21dc99d94cd97ea7f0fe6
Validity
Not Before: Mar 25 08:42:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a2fa8204d8aed3bc3384221acda8f5f06d1b4254
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:23:9a:c4:fa:56:44:c6:c5:54:d6:e2:22:9c:
87:bb:f5:b7:94:88:a7:cc:d1:63:4d:db:f8:8f:d7:
b1:1e:38:a8:9b:9e:4e:bb:72:0a:36:52:dd:b7:08:
8b:3b:c2:1c:36:75:12:14:fc:ef:7c:1e:a2:9a:96:
a3:7a:b9:e8:9f:c0:69:30:11:85:47:78:19:6b:9c:
e4:ec:48:81:e9:9f:55:b2:64:ae:11:14:ff:17:a9:
2b:a2:e7:01:2d:f1:35:90:d2:a7:58:8f:a8:50:37:
c3:85:10:39:1d:00:f4:95:01:5c:5f:47:78:54:0f:
23:27:49:91:c0:02:57:05:35:1b:e9:08:e7:26:5e:
d8:c6:fe:15:fe:ff:fd:98:2f:ff:72:70:eb:0e:9c:
de:cd:54:fc:d7:e3:a0:31:4d:01:b9:2b:79:45:83:
0b:32:5b:43:36:c0:8c:c1:d5:b9:51:63:13:61:7b:
3b:75:06:b5:f6:0c:e2:f7:c7:31:a0:cf:58:ac:9e:
d2:a5:59:7b:74:c3:d1:2c:c5:ba:72:7e:ca:1a:23:
06:1a:66:50:6c:f0:ed:9e:08:d6:60:fd:6a:c9:ee:
14:ba:9c:c1:2b:1d:41:c8:9b:51:21:30:9c:c8:17:
ea:6b:14:c4:20:f2:b0:d9:81:ba:51:87:65:71:d5:
dc:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:FA:82:04:D8:AE:D3:BC:33:84:22:1A:CD:A8:F5:F0:6D:1B:42:54
X509v3 Authority Key Identifier:
keyid:54:3E:20:BF:5F:25:2B:1B:DB:D2:1D:C9:9D:94:CD:97:EA:7F:0F:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VD4gv18lKxvb0h3JnZTNl-p_D-Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/4e87a6-6536-454a-a59e-d5ad996a1ac8/1/ovqCBNiu07wzhCIazaj18G0bQlQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/4e87a6-6536-454a-a59e-d5ad996a1ac8/1/VD4gv18lKxvb0h3JnZTNl-p_D-Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.252.0/22
92.118.111.0/24
185.183.20.0/22
185.187.61.0/24
185.253.176.0/22
193.105.189.0/24
193.247.94.0/24
193.247.101.0/24
193.247.103.0/24
193.247.165.0/24
IPv6:
2a0b:180::/29
2a10:c9c0::/29
2a10:cac0::/29
Signature Algorithm: sha256WithRSAEncryption
9c:88:ea:4e:63:5b:99:bd:30:dc:89:fe:f4:2a:e4:ea:4d:cd:
73:50:63:79:c3:72:59:80:66:d3:f8:ba:ad:46:07:1e:1a:a8:
d5:3e:9e:14:1b:43:bf:35:03:4b:37:2f:f0:3c:46:7f:da:52:
86:e0:20:f5:4a:13:bd:fb:8a:fd:86:39:74:1c:50:30:52:1f:
d6:7d:b2:af:ce:6b:04:78:e9:e2:d3:dc:26:c2:c3:7a:4e:6d:
81:d5:01:f9:e0:fc:f1:05:ea:fb:cf:81:79:39:01:ae:a8:ba:
71:d0:c5:e3:df:79:13:38:a9:7f:59:53:1d:09:7d:fd:0f:1a:
e8:a3:67:37:d0:94:f3:c9:e3:bc:fa:fa:ca:d4:47:05:94:02:
44:b9:07:dc:55:c6:63:dc:68:9b:43:ab:4c:d2:aa:88:62:0b:
ce:32:6c:84:38:e9:2e:53:17:70:94:3c:97:ef:56:ad:6e:54:
4d:de:09:d3:12:da:c4:2a:33:4c:12:69:e1:b9:53:72:9c:31:
14:4c:0a:c3:e2:3f:af:e8:6b:3d:6f:e3:f8:8a:67:2e:39:48:
b7:f1:a0:39:e9:4b:fb:9c:5f:21:58:d7:c8:e8:a2:d9:0d:0d:
07:e5:62:cb:54:64:4e:81:ec:60:4d:ea:89:83:97:88:32:95:
61:fe:a1:8c
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgIEAqYGLTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NDNlMjBiZjVmMjUyYjFiZGJkMjFkYzk5ZDk0Y2Q5N2VhN2YwZmU2MB4XDTIyMDMy
NTA4NDI0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTJmYTgyMDRkOGFl
ZDNiYzMzODQyMjFhY2RhOGY1ZjA2ZDFiNDI1NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALEjmsT6VkTGxVTW4iKch7v1t5SIp8zRY03b+I/XsR44qJue
TrtyCjZS3bcIizvCHDZ1EhT873weopqWo3q56J/AaTARhUd4GWuc5OxIgemfVbJk
rhEU/xepK6LnAS3xNZDSp1iPqFA3w4UQOR0A9JUBXF9HeFQPIydJkcACVwU1G+kI
5yZe2Mb+Ff7//Zgv/3Jw6w6c3s1U/NfjoDFNAbkreUWDCzJbQzbAjMHVuVFjE2F7
O3UGtfYM4vfHMaDPWKye0qVZe3TD0SzFunJ+yhojBhpmUGzw7Z4I1mD9asnuFLqc
wSsdQcibUSEwnMgX6msUxCDysNmBulGHZXHV3IECAwEAAaOCAlwwggJYMB0GA1Ud
DgQWBBSi+oIE2K7TvDOEIhrNqPXwbRtCVDAfBgNVHSMEGDAWgBRUPiC/XyUrG9vS
HcmdlM2X6n8P5jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZENGd2MThsS3h2YjBoM0puWlRObC1wX0QtWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvNGU4N2E2LTY1MzYtNDU0YS1hNTllLWQ1YWQ5OTZhMWFjOC8x
L292cUNCTml1MDd3emhDSWF6YWoxOEcwYlFsUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
NGU4N2E2LTY1MzYtNDU0YS1hNTllLWQ1YWQ5OTZhMWFjOC8xL1ZENGd2MThsS3h2
YjBoM0puWlRObC1wX0QtWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBy
BggrBgEFBQcBBwEB/wRjMGEwQgQCAAEwPAMEAgX9/AMEAFx2bwMEArm3FAMEALm7
PQMEArn9sAMEAMFpvQMEAMH3XgMEAMH3ZQMEAMH3ZwMEAMH3pTAbBAIAAjAVAwUD
KgsBgAMFAyoQycADBQMqEMrAMA0GCSqGSIb3DQEBCwUAA4IBAQCciOpOY1uZvTDc
if70KuTqTc1zUGN5w3JZgGbT+LqtRgceGqjVPp4UG0O/NQNLNy/wPEZ/2lKG4CD1
ShO9+4r9hjl0HFAwUh/WfbKvzmsEeOni09wmwsN6Tm2B1QH54PzxBer7z4F5OQGu
qLpx0MXj33kTOKl/WVMdCX39Dxroo2c30JTzyeO8+vrK1EcFlAJEuQfcVcZj3Gib
Q6tM0qqIYgvOMmyEOOkuUxdwlDyX71atblRN3gnTEtrEKjNMEmnhuVNynDEUTArD
4j+v6Gs9b+P4imcuOUi38aA56Uv7nF8hWNfI6KLZDQ0H5WLLVGROgexgTeqJg5eI
MpVh/qGM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:07 2024 by rpki-client on console-ams.rpki-client.org