Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/qMJ2iAdpdqx0qy889H2-0VrNhKU.roa
File: qMJ2iAdpdqx0qy889H2-0VrNhKU.roa (raw, json)
Hash identifier: etAuvBdqq8rpXu00sRS9mdicy4vsFy+PGbqCioKlS0g=
Subject key identifier: A8:C2:76:88:07:69:76:AC:74:AB:2F:3C:F4:7D:BE:D1:5A:CD:84:A5
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 0185398B65F1616E642F741DD415FF52A38C
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/qMJ2iAdpdqx0qy889H2-0VrNhKU.roa
Signing time: Thu 22 Dec 2022 11:15:14 +0000
ROA not before: Thu 22 Dec 2022 11:15:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62332
IP address blocks: 185.120.84.0/22 maxlen: 24
185.42.240.0/22 maxlen: 24
185.86.212.0/22 maxlen: 24
185.39.68.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:39:8b:65:f1:61:6e:64:2f:74:1d:d4:15:ff:52:a3:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Dec 22 11:15:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a8c27688076976ac74ab2f3cf47dbed15acd84a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ba:1c:fb:65:62:e5:f7:32:e0:2a:81:9a:08:
2d:87:1f:30:f7:43:05:36:fc:f6:e7:9f:05:85:fe:
fd:00:9e:2b:62:16:93:bc:46:e5:6a:79:de:9e:1f:
c9:b5:eb:2c:8b:63:73:09:11:33:90:83:89:30:34:
fd:75:74:86:75:f9:ac:0d:74:16:20:bb:a7:43:27:
86:12:57:87:b7:79:ca:07:d6:cb:fa:b5:49:43:3d:
58:97:0c:3a:c6:c0:1b:ae:4f:d2:52:49:b4:b7:64:
17:20:c4:25:03:d7:f4:2a:67:ad:c3:a9:fc:7d:ae:
0f:5c:67:52:4e:cb:00:88:df:81:4d:33:33:31:f3:
02:a3:f1:45:c1:9a:8c:db:c7:e8:c5:28:2e:de:23:
c7:23:4e:9b:ff:54:4f:e1:71:01:a6:84:b2:b5:2a:
12:a6:7e:a9:a0:41:b3:7b:94:39:f5:c1:18:5b:1f:
b7:5f:41:ca:a0:0f:06:f4:df:90:19:75:32:a4:7f:
cd:92:2a:af:8e:49:fe:e8:23:21:35:39:76:4a:80:
cf:9c:4c:1b:05:f2:f9:5f:17:d0:c7:9a:59:c1:c2:
14:ca:04:00:66:a5:d7:78:ae:10:90:9e:24:1d:3a:
24:3d:59:94:34:8d:13:29:ee:80:92:eb:33:c4:12:
98:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:C2:76:88:07:69:76:AC:74:AB:2F:3C:F4:7D:BE:D1:5A:CD:84:A5
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/qMJ2iAdpdqx0qy889H2-0VrNhKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.39.68.0/22
185.42.240.0/22
185.86.212.0/22
185.120.84.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:e4:ba:bf:22:1c:df:20:ee:00:ca:48:5a:13:89:03:c4:98:
ad:ca:14:c2:2c:94:3b:94:f0:33:8e:9d:7e:81:fc:c7:6b:fe:
40:99:43:87:21:b7:92:5a:14:78:0e:dc:12:3b:3d:39:64:86:
fd:e3:a6:27:da:78:47:a2:99:94:94:37:21:64:8a:82:10:5f:
51:f6:3c:f6:5e:48:f2:78:bd:82:d0:b0:22:9d:6c:d8:6c:2b:
e1:5d:ec:ca:fb:43:e6:f1:74:07:7e:f8:34:74:e2:f6:a2:77:
3f:ec:03:12:b5:22:6f:28:25:1e:30:00:2b:2b:06:fc:10:c7:
a7:24:ae:ee:fb:c9:e6:97:38:bf:7a:b1:0d:91:81:5e:a5:52:
90:d4:0f:3d:fd:cc:c8:a2:1a:76:ae:eb:87:88:c1:83:b1:36:
c4:10:9b:a4:79:d1:5c:ba:05:e7:6a:75:f5:35:58:5f:6b:d0:
fc:cd:8d:09:10:01:90:22:02:23:c2:4d:b8:ab:df:97:ee:b0:
eb:4e:19:9f:d7:31:07:40:e5:7e:7b:31:58:3e:7b:32:a8:ef:
c3:1b:cf:11:f5:fe:b3:1f:29:b8:93:3a:4c:3c:d7:68:02:c6:
6c:54:89:29:04:d8:2c:8a:01:91:e5:5e:93:0b:92:25:d3:5d:
30:dc:30:7c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYU5i2XxYW5kL3Qd1BX/UqOMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjIxMjIyMTExNTE0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGMyNzY4ODA3Njk3NmFjNzRhYjJmM2NmNDdkYmVkMTVhY2Q4NGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAproc+2Vi5fcy4CqBmggthx8w90MF
Nvz2558Fhf79AJ4rYhaTvEblannenh/Jtessi2NzCREzkIOJMDT9dXSGdfmsDXQW
ILunQyeGEleHt3nKB9bL+rVJQz1Ylww6xsAbrk/SUkm0t2QXIMQlA9f0Kmetw6n8
fa4PXGdSTssAiN+BTTMzMfMCo/FFwZqM28foxSgu3iPHI06b/1RP4XEBpoSytSoS
pn6poEGze5Q59cEYWx+3X0HKoA8G9N+QGXUypH/Nkiqvjkn+6CMhNTl2SoDPnEwb
BfL5XxfQx5pZwcIUygQAZqXXeK4QkJ4kHTokPVmUNI0TKe6AkuszxBKYpwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKjCdogHaXasdKsvPPR9vtFazYSlMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvcU1KMmlBZHBkcXgwcXk4ODlIMi0wVnJOaEtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCuSdEAwQC
uSrwAwQCuVbUAwQCuXhUMA0GCSqGSIb3DQEBCwUAA4IBAQCL5Lq/IhzfIO4Aykha
E4kDxJityhTCLJQ7lPAzjp1+gfzHa/5AmUOHIbeSWhR4DtwSOz05ZIb946Yn2nhH
opmUlDchZIqCEF9R9jz2XkjyeL2C0LAinWzYbCvhXezK+0Pm8XQHfvg0dOL2onc/
7AMStSJvKCUeMAArKwb8EMenJK7u+8nmlzi/erENkYFepVKQ1A89/czIohp2ruuH
iMGDsTbEEJukedFcugXnanX1NVhfa9D8zY0JEAGQIgIjwk24q9+X7rDrThmf1zEH
QOV+ezFYPnsyqO/DG88R9f6zHym4kzpMPNdoAsZsVIkpBNgsigGR5V6TC5Il010w
3DB8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:37 2024 by rpki-client on console-fra.rpki-client.org