Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/QaADV5fsl7phVuxEwbr0Mtl24_w.roa
File: QaADV5fsl7phVuxEwbr0Mtl24_w.roa (raw, json)
Hash identifier: 5bRWJrBRqTT3Cjx5i12Y0SCgRbSrkNEklXLNAqsHwaM=
Subject key identifier: 41:A0:03:57:97:EC:97:BA:61:56:EC:44:C1:BA:F4:32:D9:76:E3:FC
Certificate issuer: /CN=f5c371f3a34abf1957d1895df8063f4d6207ec02
Certificate serial: 0D13ED3F
Authority key identifier: F5:C3:71:F3:A3:4A:BF:19:57:D1:89:5D:F8:06:3F:4D:62:07:EC:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9cNx86NKvxlX0Yld-AY_TWIH7AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/QaADV5fsl7phVuxEwbr0Mtl24_w.roa
Signing time: Wed 11 May 2022 15:55:03 +0000
ROA not before: Wed 11 May 2022 15:55:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205585
IP address blocks: 185.143.232.0/24 maxlen: 24
185.143.232.0/22 maxlen: 24
185.143.233.0/24 maxlen: 24
185.143.235.0/24 maxlen: 24
2a0c:a7c0::/48 maxlen: 48
2a0c:a7c0:3::/48 maxlen: 48
2a0c:a7c0::/46 maxlen: 48
2a0c:a7c0:1::/48 maxlen: 48
2a0c:a7c0:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 219409727 (0xd13ed3f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5c371f3a34abf1957d1895df8063f4d6207ec02
Validity
Not Before: May 11 15:55:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=41a0035797ec97ba6156ec44c1baf432d976e3fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:4c:fb:91:2a:9b:23:d7:43:7d:cb:94:39:5e:
03:5b:f6:d6:e9:e5:d4:52:da:2f:f7:86:3d:9e:f8:
8b:37:ea:37:3a:6c:32:8e:8d:9b:30:02:16:14:d6:
09:6b:25:3f:25:47:ae:38:89:6a:bf:50:65:c9:85:
0b:a8:8e:af:b9:01:3d:82:f3:c9:68:87:6c:da:02:
64:19:e0:10:92:5d:a6:59:ea:37:e7:d2:6a:94:a9:
cb:7a:77:a4:f0:63:18:fd:68:16:74:9c:2b:98:66:
76:2c:2a:cc:8e:11:1a:08:28:f5:62:9d:00:99:4f:
d8:3d:25:51:4c:2c:d2:b6:32:5f:12:e8:98:45:07:
2a:76:a2:e8:d5:b5:d0:2d:d5:46:6f:5d:5c:f6:94:
8f:01:c1:25:00:d9:37:b9:43:f4:41:b7:d7:ba:e3:
99:69:f2:dd:9d:54:08:78:14:24:98:d7:c4:c4:43:
ec:c5:ce:d5:df:76:d3:d2:7c:40:4c:fa:66:04:71:
ed:1b:d9:ab:5f:da:3e:43:41:cb:03:2e:f9:d8:d3:
aa:ff:bd:74:15:7c:55:06:3d:02:7e:77:f7:7d:8a:
36:cf:07:f0:15:42:55:83:2e:e4:17:bf:07:16:df:
f9:ae:32:e8:1b:3c:4f:57:d2:da:e7:1b:b4:78:54:
3a:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:A0:03:57:97:EC:97:BA:61:56:EC:44:C1:BA:F4:32:D9:76:E3:FC
X509v3 Authority Key Identifier:
keyid:F5:C3:71:F3:A3:4A:BF:19:57:D1:89:5D:F8:06:3F:4D:62:07:EC:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9cNx86NKvxlX0Yld-AY_TWIH7AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/QaADV5fsl7phVuxEwbr0Mtl24_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/9cNx86NKvxlX0Yld-AY_TWIH7AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.232.0/22
IPv6:
2a0c:a7c0::/46
Signature Algorithm: sha256WithRSAEncryption
63:d3:1a:31:f1:7e:e3:7d:46:3d:dc:d7:25:3f:1f:8a:e0:b4:
ae:e2:42:f5:0c:ca:30:15:58:79:fd:a2:3d:05:d5:70:e2:f1:
ab:89:30:3a:47:5d:94:de:26:65:a2:3c:cd:3d:07:42:39:d6:
86:08:6d:c5:e0:46:df:ef:c0:ab:07:a0:35:93:40:ff:c5:b1:
fc:f7:dd:1d:5e:51:e6:55:d4:5b:d3:e5:a8:ea:73:ed:fc:5c:
ec:83:cc:fd:81:7b:c4:29:64:5f:77:3a:5a:d9:77:4f:27:e2:
dc:97:6b:2f:38:52:4f:27:7c:5b:44:15:82:f5:6e:31:99:bb:
97:e1:c5:46:21:2f:1f:f6:4a:48:69:d4:7b:b8:0c:f7:a1:74:
ed:dc:94:07:41:a5:23:3d:71:a5:e2:6c:fe:1c:ea:ea:19:bd:
73:26:97:ee:96:e8:0b:ba:a1:ba:5e:91:2f:7c:9a:a4:f9:ed:
dd:4e:47:50:59:29:92:b3:44:0c:9f:4f:27:4b:17:74:01:cb:
56:c4:92:ff:56:5a:22:3a:03:a8:d8:31:01:c2:e3:a9:49:d6:
b5:1e:c4:45:28:48:1c:bb:e1:c9:7f:c8:a6:a8:be:5f:02:1e:
16:12:49:e8:a5:b4:ac:ac:99:0b:10:3f:de:bc:b0:09:14:1c:
e8:e1:09:a0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEDRPtPzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NWMzNzFmM2EzNGFiZjE5NTdkMTg5NWRmODA2M2Y0ZDYyMDdlYzAyMB4XDTIyMDUx
MTE1NTUwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDFhMDAzNTc5N2Vj
OTdiYTYxNTZlYzQ0YzFiYWY0MzJkOTc2ZTNmYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANBM+5EqmyPXQ33LlDleA1v21unl1FLaL/eGPZ74izfqNzps
Mo6NmzACFhTWCWslPyVHrjiJar9QZcmFC6iOr7kBPYLzyWiHbNoCZBngEJJdplnq
N+fSapSpy3p3pPBjGP1oFnScK5hmdiwqzI4RGggo9WKdAJlP2D0lUUws0rYyXxLo
mEUHKnai6NW10C3VRm9dXPaUjwHBJQDZN7lD9EG317rjmWny3Z1UCHgUJJjXxMRD
7MXO1d9209J8QEz6ZgRx7RvZq1/aPkNBywMu+djTqv+9dBV8VQY9An53932KNs8H
8BVCVYMu5Be/Bxbf+a4y6Bs8T1fS2ucbtHhUOosCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBRBoANXl+yXumFW7ETBuvQy2Xbj/DAfBgNVHSMEGDAWgBT1w3Hzo0q/GVfR
iV34Bj9NYgfsAjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzljTng4Nk5LdnhsWDBZbGQtQVlfVFdJSDdBSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTUvNWIwY2Q5LWUyNzktNDZhYS04MWRhLTFiYjE3YThiMjZmZS8x
L1FhQURWNWZzbDdwaFZ1eEV3YnIwTXRsMjRfdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTUv
NWIwY2Q5LWUyNzktNDZhYS04MWRhLTFiYjE3YThiMjZmZS8xLzljTng4Nk5Ldnhs
WDBZbGQtQVlfVFdJSDdBSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEArmP6DAPBAIAAjAJAwcCKgynwAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQBj0xox8X7jfUY93NclPx+K4LSu4kL1DMowFVh5
/aI9BdVw4vGriTA6R12U3iZlojzNPQdCOdaGCG3F4Ebf78CrB6A1k0D/xbH8990d
XlHmVdRb0+Wo6nPt/Fzsg8z9gXvEKWRfdzpa2XdPJ+Lcl2svOFJPJ3xbRBWC9W4x
mbuX4cVGIS8f9kpIadR7uAz3oXTt3JQHQaUjPXGl4mz+HOrqGb1zJpfulugLuqG6
XpEvfJqk+e3dTkdQWSmSs0QMn08nSxd0ActWxJL/VloiOgOo2DEBwuOpSda1HsRF
KEgcu+HJf8imqL5fAh4WEknopbSsrJkLED/evLAJFBzo4Qmg
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:25 2023 by rpki-client on console-ams.rpki-client.org