Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/Q1lisaJTNU0B70RBx9fnjAi6MDU.roa
File: Q1lisaJTNU0B70RBx9fnjAi6MDU.roa (raw, json)
Hash identifier: kfAJB39ee/J2XpqBnqR/4LqkCU4T3/WA0SpadZQdYHo=
Subject key identifier: 43:59:62:B1:A2:53:35:4D:01:EF:44:41:C7:D7:E7:8C:08:BA:30:35
Certificate issuer: /CN=dc4e453affe895b6452b84027437c5c00fd37067
Certificate serial: 0184CCE4426D8495F751ECF85900C7D03AD9
Authority key identifier: DC:4E:45:3A:FF:E8:95:B6:45:2B:84:02:74:37:C5:C0:0F:D3:70:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3E5FOv_olbZFK4QCdDfFwA_TcGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/Q1lisaJTNU0B70RBx9fnjAi6MDU.roa
Signing time: Thu 01 Dec 2022 08:53:42 +0000
ROA not before: Thu 01 Dec 2022 08:53:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35226
IP address blocks: 185.179.40.0/24 maxlen: 24
89.184.56.0/23 maxlen: 23
89.16.64.0/19 maxlen: 19
109.106.96.0/20 maxlen: 20
78.143.128.0/18 maxlen: 18
109.106.112.0/21 maxlen: 21
109.106.124.0/22 maxlen: 22
89.184.32.0/22 maxlen: 22
89.184.40.0/21 maxlen: 21
89.184.48.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:cc:e4:42:6d:84:95:f7:51:ec:f8:59:00:c7:d0:3a:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc4e453affe895b6452b84027437c5c00fd37067
Validity
Not Before: Dec 1 08:53:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=435962b1a253354d01ef4441c7d7e78c08ba3035
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:79:85:84:19:dd:0a:9c:15:80:af:55:45:78:
d7:7d:75:42:5c:64:c0:b5:59:02:11:a4:36:83:db:
66:f0:39:72:18:39:21:b8:a2:03:1c:15:f9:5e:6e:
5a:03:e8:9d:20:92:3b:64:94:2f:3b:57:1f:b3:ca:
d5:ad:95:f8:aa:0c:a2:81:be:ed:c5:b0:3d:3d:d5:
09:b2:23:7d:4a:5b:41:b9:be:fa:00:82:fb:7e:28:
47:2d:ad:04:60:24:23:fc:6b:0e:c9:a5:c7:64:e0:
5f:0a:17:4d:ec:18:b1:0f:e3:28:65:af:0d:cd:c4:
3a:69:4f:9a:e6:23:58:75:84:71:3a:15:39:24:ab:
fb:0c:09:ee:7b:4a:c4:50:12:0a:82:87:e3:31:cc:
fe:c0:95:f1:b9:c8:8f:59:d5:89:93:52:81:56:93:
7b:a9:f6:11:55:55:1d:34:5f:41:2e:72:a6:e2:84:
df:66:c4:49:91:50:5f:c7:5f:10:52:cc:be:21:74:
c6:ea:55:4a:5e:cb:cf:61:da:d5:b4:f6:57:6c:07:
dc:f7:28:c6:11:34:0f:46:e8:99:ca:98:3f:11:7d:
c0:94:48:72:09:8c:79:87:b8:8c:26:2a:ae:10:91:
76:9b:18:67:2d:16:4d:e0:58:ac:82:b8:e1:f9:8b:
34:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:59:62:B1:A2:53:35:4D:01:EF:44:41:C7:D7:E7:8C:08:BA:30:35
X509v3 Authority Key Identifier:
keyid:DC:4E:45:3A:FF:E8:95:B6:45:2B:84:02:74:37:C5:C0:0F:D3:70:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3E5FOv_olbZFK4QCdDfFwA_TcGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/Q1lisaJTNU0B70RBx9fnjAi6MDU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/3E5FOv_olbZFK4QCdDfFwA_TcGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.143.128.0/18
89.16.64.0/19
89.184.32.0/22
89.184.40.0-89.184.57.255
109.106.96.0-109.106.119.255
109.106.124.0/22
185.179.40.0/24
Signature Algorithm: sha256WithRSAEncryption
81:09:7e:1b:27:19:05:9b:55:ef:f6:18:03:25:2f:18:c5:10:
fa:ec:6c:73:b3:d6:d0:9b:f3:3e:ae:4e:5b:4e:a7:ee:82:40:
72:6f:fc:52:b3:a2:30:c0:1d:e3:17:a7:ad:92:41:da:ee:69:
e7:5f:9e:7c:d0:4d:2f:47:c4:f0:b4:40:08:2e:6d:0e:14:3a:
29:e1:cb:28:d9:eb:9f:09:be:e0:05:ee:10:e1:62:95:97:06:
8a:29:35:65:56:fe:79:6c:bb:75:74:4b:63:55:0e:f4:2d:29:
f4:6f:f9:07:88:db:a9:20:f3:df:90:0e:55:4f:af:c2:30:d4:
5b:96:48:64:fc:aa:60:2c:59:f5:a6:27:1b:7a:d3:ea:8e:99:
68:94:d2:1e:3e:25:74:82:97:95:00:8a:07:47:7f:e2:4f:9d:
44:14:ae:49:b1:ad:44:e1:64:e3:07:12:7e:c0:4a:50:2a:18:
01:d2:12:01:8d:a6:3e:d0:e8:3f:be:25:57:b7:48:55:73:25:
c6:85:ad:9f:26:35:f9:3f:71:2c:57:d6:ea:0c:43:80:a5:0f:
75:7a:14:df:70:04:25:09:b8:12:65:c9:17:d9:b5:05:ae:ec:
a5:3c:11:a6:77:10:a9:0d:a5:08:3d:90:f8:29:e9:5d:87:94:
f4:08:cc:12
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYTM5EJthJX3Uez4WQDH0DrZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNGU0NTNhZmZlODk1YjY0NTJiODQwMjc0MzdjNWMwMGZk
MzcwNjcwHhcNMjIxMjAxMDg1MzQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzU5NjJiMWEyNTMzNTRkMDFlZjQ0NDFjN2Q3ZTc4YzA4YmEzMDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3XmFhBndCpwVgK9VRXjXfXVCXGTA
tVkCEaQ2g9tm8DlyGDkhuKIDHBX5Xm5aA+idIJI7ZJQvO1cfs8rVrZX4qgyigb7t
xbA9PdUJsiN9SltBub76AIL7fihHLa0EYCQj/GsOyaXHZOBfChdN7BixD+MoZa8N
zcQ6aU+a5iNYdYRxOhU5JKv7DAnue0rEUBIKgofjMcz+wJXxuciPWdWJk1KBVpN7
qfYRVVUdNF9BLnKm4oTfZsRJkVBfx18QUsy+IXTG6lVKXsvPYdrVtPZXbAfc9yjG
ETQPRuiZypg/EX3AlEhyCYx5h7iMJiquEJF2mxhnLRZN4Fisgrjh+Ys0vwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFENZYrGiUzVNAe9EQcfX54wIujA1MB8GA1UdIwQY
MBaAFNxORTr/6JW2RSuEAnQ3xcAP03BnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0U1Rk92X29sYlpGSzRRQ2REZkZ3QV9UY0djLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS81OGU2NTUtZTcxMy00NWQyLTk1OGEt
MTgyMjg2N2UxNTk2LzEvUTFsaXNhSlROVTBCNzBSQng5Zm5qQWk2TURVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS81OGU2NTUtZTcxMy00NWQyLTk1OGEtMTgyMjg2N2UxNTk2
LzEvM0U1Rk92X29sYlpGSzRRQ2REZkZ3QV9UY0djLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQGTo+AAwQF
WRBAAwQCWbggMAwDBANZuCgDBAFZuDgwDAMEBW1qYAMEA21qcAMEAm1qfAMEALmz
KDANBgkqhkiG9w0BAQsFAAOCAQEAgQl+GycZBZtV7/YYAyUvGMUQ+uxsc7PW0Jvz
Pq5OW06n7oJAcm/8UrOiMMAd4xenrZJB2u5p51+efNBNL0fE8LRACC5tDhQ6KeHL
KNnrnwm+4AXuEOFilZcGiik1ZVb+eWy7dXRLY1UO9C0p9G/5B4jbqSDz35AOVU+v
wjDUW5ZIZPyqYCxZ9aYnG3rT6o6ZaJTSHj4ldIKXlQCKB0d/4k+dRBSuSbGtROFk
4wcSfsBKUCoYAdISAY2mPtDoP74lV7dIVXMlxoWtnyY1+T9xLFfW6gxDgKUPdXoU
33AEJQm4EmXJF9m1Ba7spTwRpncQqQ2lCD2Q+CnpXYeU9AjMEg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:56 2023 by rpki-client on console-fra.rpki-client.org