Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/5ba-CF47_Y3WFVEZgcGDzZiQAgY.roa
File: 5ba-CF47_Y3WFVEZgcGDzZiQAgY.roa (raw, json)
Hash identifier: gGTu28I4jAG3NuS+46z5tUDrS+jbYz4IcCEFJ93zlac=
Subject key identifier: E5:B6:BE:08:5E:3B:FD:8D:D6:15:51:19:81:C1:83:CD:98:90:02:06
Certificate issuer: /CN=f5c371f3a34abf1957d1895df8063f4d6207ec02
Certificate serial: 0182C5C2D282F1F6D2DF5B4ADB8D88002199
Authority key identifier: F5:C3:71:F3:A3:4A:BF:19:57:D1:89:5D:F8:06:3F:4D:62:07:EC:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9cNx86NKvxlX0Yld-AY_TWIH7AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/5ba-CF47_Y3WFVEZgcGDzZiQAgY.roa
Signing time: Mon 22 Aug 2022 13:34:15 +0000
ROA not before: Mon 22 Aug 2022 13:34:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205585
IP address blocks: 185.220.226.0/24 maxlen: 24
185.143.232.0/24 maxlen: 24
185.143.232.0/22 maxlen: 24
185.143.233.0/24 maxlen: 24
185.143.234.0/24 maxlen: 24
185.143.235.0/24 maxlen: 24
2a0c:a7c0::/48 maxlen: 48
2a0c:a7c0:3::/48 maxlen: 48
2a0c:a7c0::/46 maxlen: 48
2a0c:a7c0:1::/48 maxlen: 48
2a0c:a7c0:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:c5:c2:d2:82:f1:f6:d2:df:5b:4a:db:8d:88:00:21:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5c371f3a34abf1957d1895df8063f4d6207ec02
Validity
Not Before: Aug 22 13:34:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e5b6be085e3bfd8dd615511981c183cd98900206
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:45:28:35:71:4c:02:f5:71:22:0f:07:83:e3:
d6:1f:f6:04:dd:a9:aa:14:94:d1:a6:c7:f5:85:f6:
e6:9d:62:94:6e:fd:95:ee:97:87:1c:7f:af:e4:c3:
d2:6a:00:fb:ea:3c:e9:ac:8c:35:32:4d:ba:fa:40:
b2:75:38:e7:c4:31:38:18:04:2c:d8:84:55:76:9a:
3f:dc:8b:10:77:43:93:9b:ad:a0:4c:63:e4:5a:21:
8d:ee:3d:3a:67:68:b4:5a:94:0f:84:9c:3a:3b:40:
a8:12:53:91:7a:6f:b7:93:77:3f:9a:e2:d5:62:57:
86:fe:34:fa:11:3f:9f:b5:50:9c:5b:ad:fd:8f:89:
88:30:9d:15:20:ea:fe:78:b6:ea:4d:fb:ab:20:ca:
5e:ad:d6:f6:ac:6f:64:95:12:ce:90:aa:91:82:c1:
26:44:26:62:ad:a1:6d:b5:36:1d:29:98:30:2b:e7:
bb:42:fa:12:a5:1f:c4:84:8e:28:5d:5d:1a:25:e8:
0f:be:fc:59:f8:86:59:a3:d1:55:ba:de:df:5d:42:
23:4f:38:7b:7d:c3:3b:ad:bb:dc:6d:48:0b:ef:a5:
e1:73:e2:9a:64:2b:5b:8b:df:96:f2:5b:25:64:2e:
81:9b:9c:27:e3:32:10:55:36:09:6e:c7:8a:4e:9d:
fb:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:B6:BE:08:5E:3B:FD:8D:D6:15:51:19:81:C1:83:CD:98:90:02:06
X509v3 Authority Key Identifier:
keyid:F5:C3:71:F3:A3:4A:BF:19:57:D1:89:5D:F8:06:3F:4D:62:07:EC:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9cNx86NKvxlX0Yld-AY_TWIH7AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/5ba-CF47_Y3WFVEZgcGDzZiQAgY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/9cNx86NKvxlX0Yld-AY_TWIH7AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.232.0/22
185.220.226.0/24
IPv6:
2a0c:a7c0::/46
Signature Algorithm: sha256WithRSAEncryption
59:3c:30:22:ad:24:a0:ac:a2:46:2a:04:c6:44:9e:ca:94:2e:
dd:15:0e:a5:91:23:ec:f6:ad:42:99:b3:ff:12:bc:29:ba:a6:
85:60:b2:e0:7f:2a:87:6d:0c:d3:f8:7b:cd:87:fc:1d:30:9d:
1b:f2:39:f3:5d:b6:22:85:b6:d6:e4:8a:5e:6f:71:f7:6b:56:
b0:0c:a7:e4:ef:c1:d0:8c:d6:18:5e:47:f2:7b:cf:02:41:25:
79:96:18:fd:4b:c1:12:ed:5f:96:bd:c7:2e:71:98:e1:8d:ad:
9c:7b:6f:6f:ee:a7:b4:b9:33:59:79:7a:55:46:1e:19:a3:06:
1a:40:fd:68:2d:07:00:2c:3f:91:6f:04:e0:95:39:58:08:65:
67:65:f2:92:02:db:2c:f8:74:83:f1:cc:98:76:15:b7:19:58:
9b:5f:f1:7a:40:a3:28:0f:25:8e:ec:8b:2f:ae:df:5e:04:04:
9d:4d:28:80:47:90:3e:2e:73:e5:4c:96:a5:c2:ae:d8:52:37:
e7:3c:75:d3:41:91:08:8e:6b:b0:46:9d:55:fe:2f:96:8b:a1:
26:ba:22:e4:9e:8e:b9:2d:fe:6d:71:f1:32:77:91:c1:e9:28:
5e:02:dd:a0:ca:0c:d8:9a:a5:f9:db:52:aa:11:b6:aa:09:6b:
9e:a3:5d:73
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYLFwtKC8fbS31tK242IACGZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1YzM3MWYzYTM0YWJmMTk1N2QxODk1ZGY4MDYzZjRkNjIw
N2VjMDIwHhcNMjIwODIyMTMzNDE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWI2YmUwODVlM2JmZDhkZDYxNTUxMTk4MWMxODNjZDk4OTAwMjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkUoNXFMAvVxIg8Hg+PWH/YE3amq
FJTRpsf1hfbmnWKUbv2V7peHHH+v5MPSagD76jzprIw1Mk26+kCydTjnxDE4GAQs
2IRVdpo/3IsQd0OTm62gTGPkWiGN7j06Z2i0WpQPhJw6O0CoElORem+3k3c/muLV
YleG/jT6ET+ftVCcW639j4mIMJ0VIOr+eLbqTfurIMperdb2rG9klRLOkKqRgsEm
RCZiraFttTYdKZgwK+e7QvoSpR/EhI4oXV0aJegPvvxZ+IZZo9FVut7fXUIjTzh7
fcM7rbvcbUgL76Xhc+KaZCtbi9+W8lslZC6Bm5wn4zIQVTYJbseKTp37XwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFOW2vgheO/2N1hVRGYHBg82YkAIGMB8GA1UdIwQY
MBaAFPXDcfOjSr8ZV9GJXfgGP01iB+wCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWNOeDg2Tkt2eGxYMFlsZC1BWV9UV0lIN0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS81YjBjZDktZTI3OS00NmFhLTgxZGEt
MWJiMTdhOGIyNmZlLzEvNWJhLUNGNDdfWTNXRlZFWmdjR0R6WmlRQWdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS81YjBjZDktZTI3OS00NmFhLTgxZGEtMWJiMTdhOGIyNmZl
LzEvOWNOeDg2Tkt2eGxYMFlsZC1BWV9UV0lIN0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCuY/oAwQA
udziMA8EAgACMAkDBwIqDKfAAAAwDQYJKoZIhvcNAQELBQADggEBAFk8MCKtJKCs
okYqBMZEnsqULt0VDqWRI+z2rUKZs/8SvCm6poVgsuB/KodtDNP4e82H/B0wnRvy
OfNdtiKFttbkil5vcfdrVrAMp+TvwdCM1hheR/J7zwJBJXmWGP1LwRLtX5a9xy5x
mOGNrZx7b2/up7S5M1l5elVGHhmjBhpA/WgtBwAsP5FvBOCVOVgIZWdl8pIC2yz4
dIPxzJh2FbcZWJtf8XpAoygPJY7siy+u314EBJ1NKIBHkD4uc+VMlqXCrthSN+c8
ddNBkQiOa7BGnVX+L5aLoSa6IuSejrkt/m1x8TJ3kcHpKF4C3aDKDNiapfnbUqoR
tqoJa56jXXM=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:25 2023 by rpki-client on console-ams.rpki-client.org