Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/G27585Bexe2a0dXxZ1y-qV0Rqv4.roa
File: G27585Bexe2a0dXxZ1y-qV0Rqv4.roa (raw, json)
Hash identifier: G4MfzlNLopaOn2SZRqTio6suq9WvF5pn8AfSFTgCxeQ=
Subject key identifier: 1B:6E:F9:F3:90:5E:C5:ED:9A:D1:D5:F1:67:5C:BE:A9:5D:11:AA:FE
Certificate issuer: /CN=f5c371f3a34abf1957d1895df8063f4d6207ec02
Certificate serial: 018489CF2399CAF1098306589F82326A2453
Authority key identifier: F5:C3:71:F3:A3:4A:BF:19:57:D1:89:5D:F8:06:3F:4D:62:07:EC:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9cNx86NKvxlX0Yld-AY_TWIH7AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/G27585Bexe2a0dXxZ1y-qV0Rqv4.roa
Signing time: Fri 18 Nov 2022 08:16:04 +0000
ROA not before: Fri 18 Nov 2022 08:16:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205585
IP address blocks: 185.220.226.0/24 maxlen: 24
185.220.227.0/24 maxlen: 24
185.143.232.0/24 maxlen: 24
185.143.232.0/22 maxlen: 24
185.143.233.0/24 maxlen: 24
185.143.234.0/24 maxlen: 24
185.143.235.0/24 maxlen: 24
2a0c:a7c0::/48 maxlen: 48
2a0c:a7c0:3::/48 maxlen: 48
2a0c:a7c0::/46 maxlen: 48
2a0c:a7c0:1::/48 maxlen: 48
2a0c:a7c0:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:89:cf:23:99:ca:f1:09:83:06:58:9f:82:32:6a:24:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5c371f3a34abf1957d1895df8063f4d6207ec02
Validity
Not Before: Nov 18 08:16:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1b6ef9f3905ec5ed9ad1d5f1675cbea95d11aafe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:ec:fd:b1:39:5c:57:bd:f8:67:47:5b:3f:5c:
55:f3:12:cc:e6:9b:68:3e:95:12:1b:10:6b:be:a4:
5e:78:43:f0:b5:4a:c1:08:d7:60:88:0e:77:f8:f5:
55:43:17:79:fe:66:3c:5d:4f:6b:3f:84:dc:e6:43:
09:11:83:67:bb:1a:96:60:dc:59:97:02:bf:ae:ff:
89:b3:a5:2b:65:99:8a:06:f0:5b:93:20:a8:5f:07:
46:37:cc:dc:5a:56:71:44:b1:96:3f:0a:d7:14:34:
77:a2:76:9e:9e:ef:4e:aa:18:e3:6b:a4:45:13:4d:
e7:82:b4:41:0b:d1:c5:54:a0:9d:54:91:e3:1d:62:
29:01:59:2a:16:c4:84:94:ee:ba:7a:3e:34:4f:88:
df:a3:2f:e5:82:32:7b:6f:3c:67:a8:c9:0e:58:31:
7a:80:80:0b:94:cf:88:b0:3e:c2:cc:ae:ea:43:4b:
db:72:a6:e6:4b:21:a9:20:7a:53:a5:5d:52:23:eb:
81:96:55:16:bf:6a:80:b9:58:dd:b5:ed:75:ff:da:
82:41:1b:b1:23:03:2f:c0:b8:d9:eb:f7:5d:17:6b:
87:d9:60:15:d4:87:c3:b0:84:39:07:45:3f:7b:2b:
b5:8c:2a:31:30:fb:ee:2b:f7:ed:36:a3:6f:b6:a6:
58:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:6E:F9:F3:90:5E:C5:ED:9A:D1:D5:F1:67:5C:BE:A9:5D:11:AA:FE
X509v3 Authority Key Identifier:
keyid:F5:C3:71:F3:A3:4A:BF:19:57:D1:89:5D:F8:06:3F:4D:62:07:EC:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9cNx86NKvxlX0Yld-AY_TWIH7AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/G27585Bexe2a0dXxZ1y-qV0Rqv4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/9cNx86NKvxlX0Yld-AY_TWIH7AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.232.0/22
185.220.226.0/23
IPv6:
2a0c:a7c0::/46
Signature Algorithm: sha256WithRSAEncryption
39:7a:2e:50:c9:f1:6d:eb:17:54:46:ea:a5:2d:fa:95:0a:45:
30:ea:12:19:fd:5f:7a:0f:1e:4c:24:90:9a:f7:7f:99:fa:a5:
a3:93:f4:1c:6f:c9:f4:0d:8d:45:11:53:d0:89:a7:38:1f:6c:
5e:57:70:3b:e9:ea:d1:4e:44:2a:1f:97:5b:15:e2:7e:03:f3:
82:1b:79:e5:5e:bd:7b:d5:ef:40:a4:e9:b1:e7:9e:ef:38:f0:
e6:4f:61:dd:89:ac:f0:f2:90:de:6b:f3:83:57:65:79:93:cb:
56:f6:5e:e3:e3:1f:53:e4:7f:be:a8:3e:7c:2d:8a:3a:f0:1d:
c4:96:d5:59:40:64:64:21:82:32:21:2b:ee:db:15:46:71:eb:
df:93:2a:57:39:52:74:88:03:f2:2a:3b:d9:09:69:ec:1b:10:
49:7b:c4:31:25:67:08:d3:c0:a6:f3:f6:d9:dc:21:61:b6:32:
f8:4c:2d:d4:3e:03:3a:7f:c8:f0:f4:b1:b0:0e:ab:25:5f:8d:
c3:4f:a6:37:87:74:79:57:aa:6f:be:25:a5:7a:93:36:7e:c7:
e4:69:4d:5f:a1:5a:2b:6e:6d:ec:62:24:1b:d7:11:b9:cd:ce:
0b:17:1e:78:1b:99:36:ae:45:68:b4:f7:dd:b1:62:4c:36:de:
06:b6:30:1e
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYSJzyOZyvEJgwZYn4IyaiRTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1YzM3MWYzYTM0YWJmMTk1N2QxODk1ZGY4MDYzZjRkNjIw
N2VjMDIwHhcNMjIxMTE4MDgxNjA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjZlZjlmMzkwNWVjNWVkOWFkMWQ1ZjE2NzVjYmVhOTVkMTFhYWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+z9sTlcV734Z0dbP1xV8xLM5pto
PpUSGxBrvqReeEPwtUrBCNdgiA53+PVVQxd5/mY8XU9rP4Tc5kMJEYNnuxqWYNxZ
lwK/rv+Js6UrZZmKBvBbkyCoXwdGN8zcWlZxRLGWPwrXFDR3onaenu9Oqhjja6RF
E03ngrRBC9HFVKCdVJHjHWIpAVkqFsSElO66ej40T4jfoy/lgjJ7bzxnqMkOWDF6
gIALlM+IsD7CzK7qQ0vbcqbmSyGpIHpTpV1SI+uBllUWv2qAuVjdte11/9qCQRux
IwMvwLjZ6/ddF2uH2WAV1IfDsIQ5B0U/eyu1jCoxMPvuK/ftNqNvtqZYnQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFBtu+fOQXsXtmtHV8WdcvqldEar+MB8GA1UdIwQY
MBaAFPXDcfOjSr8ZV9GJXfgGP01iB+wCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWNOeDg2Tkt2eGxYMFlsZC1BWV9UV0lIN0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS81YjBjZDktZTI3OS00NmFhLTgxZGEt
MWJiMTdhOGIyNmZlLzEvRzI3NTg1QmV4ZTJhMGRYeFoxeS1xVjBScXY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS81YjBjZDktZTI3OS00NmFhLTgxZGEtMWJiMTdhOGIyNmZl
LzEvOWNOeDg2Tkt2eGxYMFlsZC1BWV9UV0lIN0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCuY/oAwQB
udziMA8EAgACMAkDBwIqDKfAAAAwDQYJKoZIhvcNAQELBQADggEBADl6LlDJ8W3r
F1RG6qUt+pUKRTDqEhn9X3oPHkwkkJr3f5n6paOT9BxvyfQNjUURU9CJpzgfbF5X
cDvp6tFORCofl1sV4n4D84IbeeVevXvV70Ck6bHnnu848OZPYd2JrPDykN5r84NX
ZXmTy1b2XuPjH1Pkf76oPnwtijrwHcSW1VlAZGQhgjIhK+7bFUZx69+TKlc5UnSI
A/IqO9kJaewbEEl7xDElZwjTwKbz9tncIWG2MvhMLdQ+Azp/yPD0sbAOqyVfjcNP
pjeHdHlXqm++JaV6kzZ+x+RpTV+hWitubexiJBvXEbnNzgsXHngbmTauRWi0992x
Ykw23ga2MB4=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:32 2023 by rpki-client on console-fra.rpki-client.org