Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/Qm5DNYamai_u0ByVTkfZiaoiZnI.roa
File: Qm5DNYamai_u0ByVTkfZiaoiZnI.roa (raw, json)
Hash identifier: LHMkdilKCg7y+cimGvx1jyeT/k3KVUG/z/4QVOkgSpU=
Subject key identifier: 42:6E:43:35:86:A6:6A:2F:EE:D0:1C:95:4E:47:D9:89:AA:22:66:72
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 18D921ED
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/Qm5DNYamai_u0ByVTkfZiaoiZnI.roa
Signing time: Tue 22 Feb 2022 15:27:37 +0000
ROA not before: Tue 22 Feb 2022 15:27:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7489
IP address blocks: 185.133.192.0/24 maxlen: 24
185.120.7.0/24 maxlen: 32
185.117.22.0/24 maxlen: 24
185.122.56.0/24 maxlen: 24
185.122.57.0/24 maxlen: 24
185.122.58.0/24 maxlen: 32
185.122.56.0/22 maxlen: 32
185.122.59.0/24 maxlen: 24
2a06:8e00::/48 maxlen: 48
2a06:8ec0:3::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 416883181 (0x18d921ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Feb 22 15:27:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=426e433586a66a2feed01c954e47d989aa226672
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:11:5a:f2:92:3b:85:69:a2:e4:b5:54:6a:69:
26:8f:e0:2e:0c:e6:c6:8f:67:da:95:46:b1:ca:38:
c0:84:2f:9e:12:8a:83:16:b9:da:29:82:07:3b:95:
72:24:48:6d:42:d1:9e:68:2e:58:66:8c:f7:88:34:
3d:f0:4f:c9:81:73:64:19:a6:87:0b:4d:8c:9d:68:
af:0b:55:e6:95:0d:d4:84:ee:04:e0:57:b1:6b:ed:
51:30:e6:a6:45:f1:5b:c3:8b:de:3a:29:8c:e8:7f:
2d:95:ec:d9:fa:18:68:de:ca:da:9a:0e:58:88:4b:
ad:fa:91:22:5b:b3:fa:c2:7b:09:7e:8d:34:7a:bd:
a1:66:a9:a2:44:77:13:9e:d9:27:2d:4e:0b:31:78:
05:b2:af:2e:66:83:24:f5:88:22:f3:4f:96:4c:f1:
23:7d:6f:e5:47:3d:b8:18:28:5f:14:ca:cf:03:38:
3d:d9:02:88:66:84:71:29:b9:f5:71:74:09:f9:cd:
f4:50:0f:cd:75:69:3b:4d:08:b6:65:d9:27:31:c7:
54:d9:f8:fc:6b:de:47:00:36:48:70:87:fe:e9:e5:
25:69:00:be:b8:ed:71:49:00:d9:aa:28:69:e9:98:
b9:97:6f:9c:58:f5:8e:a6:ec:bb:72:ac:f8:47:f7:
8e:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:6E:43:35:86:A6:6A:2F:EE:D0:1C:95:4E:47:D9:89:AA:22:66:72
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/Qm5DNYamai_u0ByVTkfZiaoiZnI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.22.0/24
185.120.7.0/24
185.122.56.0/22
185.133.192.0/24
IPv6:
2a06:8e00::/48
2a06:8ec0:3::/48
Signature Algorithm: sha256WithRSAEncryption
a2:d5:87:29:ae:d3:23:48:2d:7e:ab:6d:49:32:e9:38:d4:8e:
e9:1b:3a:4d:74:3e:f0:10:e1:c4:f6:eb:fa:7c:9e:b3:e2:20:
8a:8f:83:d8:3b:b5:18:62:48:ad:72:6c:7c:ea:c2:97:10:7a:
52:b1:c6:1a:27:27:ef:e5:33:84:18:ca:ea:a6:46:f9:cc:e5:
7d:1a:40:0f:49:0e:9d:ac:c1:f3:0d:1e:c0:d3:4e:ea:2f:50:
00:64:9c:cd:d2:31:87:e7:4f:49:83:71:0b:4a:e9:99:da:20:
07:75:89:5b:6e:3d:1a:bb:14:d9:e4:eb:b0:b0:a0:62:cb:98:
ef:67:46:58:44:3f:60:d8:a7:8d:b5:c7:b8:c3:d7:73:eb:dc:
19:e1:97:37:f2:11:fa:01:57:3c:33:76:eb:10:d5:7a:26:f9:
87:dd:ef:8a:a7:cf:69:1a:53:a5:3a:fc:22:a9:d7:47:11:80:
40:76:8f:9c:f9:fc:8e:cd:7f:85:c5:57:ab:52:4d:35:f4:4b:
57:d3:ce:cb:d2:e6:52:ed:12:e8:25:71:a6:ca:2b:be:f3:09:
bf:0e:59:f5:af:95:8e:8f:b6:06:f0:91:b9:91:cf:ec:88:cc:
c8:6d:99:01:d3:83:cd:9c:8f:8b:51:a3:d8:44:a7:d5:bc:b9:
14:a8:d5:64
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgIEGNkh7TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDIy
MjE1MjczN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDI2ZTQzMzU4NmE2
NmEyZmVlZDAxYzk1NGU0N2Q5ODlhYTIyNjY3MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM8RWvKSO4VpouS1VGppJo/gLgzmxo9n2pVGsco4wIQvnhKK
gxa52imCBzuVciRIbULRnmguWGaM94g0PfBPyYFzZBmmhwtNjJ1orwtV5pUN1ITu
BOBXsWvtUTDmpkXxW8OL3jopjOh/LZXs2foYaN7K2poOWIhLrfqRIluz+sJ7CX6N
NHq9oWapokR3E57ZJy1OCzF4BbKvLmaDJPWIIvNPlkzxI31v5Uc9uBgoXxTKzwM4
PdkCiGaEcSm59XF0CfnN9FAPzXVpO00ItmXZJzHHVNn4/GveRwA2SHCH/unlJWkA
vrjtcUkA2aooaemYuZdvnFj1jqbsu3Ks+Ef3jrsCAwEAAaOCAjUwggIxMB0GA1Ud
DgQWBBRCbkM1hqZqL+7QHJVOR9mJqiJmcjAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L1FtNUROWWFtYWlfdTBCeVZUa2ZaaWFvaVpuSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBL
BggrBgEFBQcBBwEB/wQ8MDowHgQCAAEwGAMEALl1FgMEALl4BwMEArl6OAMEALmF
wDAYBAIAAjASAwcAKgaOAAAAAwcAKgaOwAADMA0GCSqGSIb3DQEBCwUAA4IBAQCi
1YcprtMjSC1+q21JMuk41I7pGzpNdD7wEOHE9uv6fJ6z4iCKj4PYO7UYYkitcmx8
6sKXEHpSscYaJyfv5TOEGMrqpkb5zOV9GkAPSQ6drMHzDR7A007qL1AAZJzN0jGH
509Jg3ELSumZ2iAHdYlbbj0auxTZ5OuwsKBiy5jvZ0ZYRD9g2KeNtce4w9dz69wZ
4Zc38hH6AVc8M3brENV6JvmH3e+Kp89pGlOlOvwiqddHEYBAdo+c+fyOzX+FxVer
Uk019EtX087L0uZS7RLoJXGmyiu+8wm/Dln1r5WOj7YG8JG5kc/siMzIbZkB04PN
nI+LUaPYRKfVvLkUqNVk
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:18 2023 by rpki-client on console-fra.rpki-client.org