Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/Q211bTFD1srtBKf-2KggBCJeKJ8.roa
File: Q211bTFD1srtBKf-2KggBCJeKJ8.roa (raw, json)
Hash identifier: 9CFX3fW9Uj4JEQ0pT6XJt5xULI8x3CTKAz7OvMD5tkQ=
Subject key identifier: 43:6D:75:6D:31:43:D6:CA:ED:04:A7:FE:D8:A8:20:04:22:5E:28:9F
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 018533E96436789576DC2F9B7D1F55391161
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/Q211bTFD1srtBKf-2KggBCJeKJ8.roa
Signing time: Wed 21 Dec 2022 09:00:11 +0000
ROA not before: Wed 21 Dec 2022 09:00:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43402
IP address blocks: 83.142.240.0/21 maxlen: 24
95.131.160.0/21 maxlen: 24
185.127.144.0/22 maxlen: 24
2a03:62c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:33:e9:64:36:78:95:76:dc:2f:9b:7d:1f:55:39:11:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Dec 21 09:00:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=436d756d3143d6caed04a7fed8a82004225e289f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:d8:38:f1:3d:c5:d5:18:f1:03:91:04:2e:e7:
c8:b6:a7:df:62:3d:78:a6:30:65:b3:27:6e:8a:15:
bf:79:47:06:ad:a6:03:36:3e:fb:53:1b:8c:af:65:
e2:cd:87:8d:d2:ce:da:03:13:0a:ea:08:52:36:05:
92:f9:ae:bc:e7:b9:da:f6:8f:8c:68:0e:9e:42:46:
ff:19:38:4f:8e:fe:84:bc:96:f9:d5:68:68:a6:5c:
a6:59:f0:e7:e1:ad:21:b8:2d:11:06:fa:10:47:ce:
76:c6:7c:82:b4:ec:c0:36:bd:41:af:64:e3:86:e7:
5d:8f:a6:5f:ab:fb:ae:f9:8e:86:4d:24:f0:dd:71:
54:3f:98:d0:68:7b:64:4c:80:4b:79:68:36:4a:2c:
e6:4e:af:3a:80:d0:ec:99:5f:a2:f2:ff:62:00:ac:
b4:9d:24:f5:c6:83:61:60:77:f6:c7:e1:64:92:3a:
29:e4:a0:34:67:b8:75:6a:66:e4:6e:42:59:cc:27:
f5:3a:c5:eb:ba:90:c7:d3:d9:be:06:23:2b:41:79:
24:bf:8e:ab:9b:df:cd:27:21:39:40:22:f3:63:1e:
c7:fe:41:30:95:f3:1e:28:a6:15:d2:22:29:2e:8c:
da:dc:33:ba:c3:9e:0d:28:0d:a4:4d:d8:58:38:ba:
44:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:6D:75:6D:31:43:D6:CA:ED:04:A7:FE:D8:A8:20:04:22:5E:28:9F
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/Q211bTFD1srtBKf-2KggBCJeKJ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.142.240.0/21
95.131.160.0/21
185.127.144.0/22
IPv6:
2a03:62c0::/32
Signature Algorithm: sha256WithRSAEncryption
b2:22:04:4e:4c:ea:86:8b:26:ae:fa:ea:36:58:49:4d:09:63:
1a:aa:5c:40:20:12:7b:0b:c0:45:6d:4b:be:fe:d1:e0:e2:18:
02:1c:75:7c:51:e6:8a:43:85:3b:ae:7e:9d:a4:1b:fb:04:52:
51:a8:65:8e:0e:b9:6a:56:4e:e5:66:f2:6b:6a:86:cc:37:d3:
6f:aa:96:55:4b:ad:38:1b:b2:b2:29:67:b3:4b:f6:38:0f:0d:
20:fb:5d:ff:f0:b5:1d:50:b7:e2:e9:98:52:e6:d6:95:15:af:
a5:79:b1:f8:62:0c:f4:cc:75:f7:0f:7e:56:21:79:8b:97:29:
7e:bd:2d:b1:29:97:4e:bb:46:fc:e5:a2:32:10:43:0d:8d:43:
7c:11:69:40:dd:2e:16:c9:06:1b:75:00:ad:1e:a5:c6:9c:6b:
4c:a2:ee:9b:d9:3e:5e:da:1d:fb:30:ec:73:05:03:3f:b9:16:
45:0a:f6:33:8c:e8:63:47:01:a2:53:1e:2e:cd:e2:77:4b:aa:
b2:24:8c:7a:44:4b:db:d2:4b:93:34:84:8b:81:2d:4f:bd:66:
2e:40:ae:52:e5:2a:58:c4:d0:31:e8:50:e6:41:aa:6f:2e:de:
8f:c3:09:2d:81:6b:3d:fa:ee:e2:3a:31:d2:7e:b8:b4:5f:74:
66:19:13:e8
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYUz6WQ2eJV23C+bfR9VORFhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjIxMjIxMDkwMDExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzZkNzU2ZDMxNDNkNmNhZWQwNGE3ZmVkOGE4MjAwNDIyNWUyODlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAktg48T3F1RjxA5EELufItqffYj14
pjBlsyduihW/eUcGraYDNj77UxuMr2XizYeN0s7aAxMK6ghSNgWS+a6857na9o+M
aA6eQkb/GThPjv6EvJb51WhoplymWfDn4a0huC0RBvoQR852xnyCtOzANr1Br2Tj
huddj6Zfq/uu+Y6GTSTw3XFUP5jQaHtkTIBLeWg2SizmTq86gNDsmV+i8v9iAKy0
nST1xoNhYHf2x+Fkkjop5KA0Z7h1ambkbkJZzCf1OsXrupDH09m+BiMrQXkkv46r
m9/NJyE5QCLzYx7H/kEwlfMeKKYV0iIpLoza3DO6w54NKA2kTdhYOLpEbQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFENtdW0xQ9bK7QSn/tioIAQiXiifMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvUTIxMWJURkQxc3J0QktmLTJLZ2dCQ0plS0o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDU47wAwQD
X4OgAwQCuX+QMA0EAgACMAcDBQAqA2LAMA0GCSqGSIb3DQEBCwUAA4IBAQCyIgRO
TOqGiyau+uo2WElNCWMaqlxAIBJ7C8BFbUu+/tHg4hgCHHV8UeaKQ4U7rn6dpBv7
BFJRqGWODrlqVk7lZvJraobMN9NvqpZVS604G7KyKWezS/Y4Dw0g+13/8LUdULfi
6ZhS5taVFa+lebH4Ygz0zHX3D35WIXmLlyl+vS2xKZdOu0b85aIyEEMNjUN8EWlA
3S4WyQYbdQCtHqXGnGtMou6b2T5e2h37MOxzBQM/uRZFCvYzjOhjRwGiUx4uzeJ3
S6qyJIx6REvb0kuTNISLgS1PvWYuQK5S5SpYxNAx6FDmQapvLt6PwwktgWs9+u7i
OjHSfri0X3RmGRPo
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:50 2024 by rpki-client on console-ams.rpki-client.org