Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/a38a87-0159-490e-b69c-376f4b4d9da6/1/_ITOBTSd6rsEeE0IiePCcp8s_mc.roa
File: _ITOBTSd6rsEeE0IiePCcp8s_mc.roa (raw, json)
Hash identifier: QYDQ9iAKPMlQalzHh8MfNqOfcIzem1g2+nR1OCuxXmg=
Subject key identifier: FC:84:CE:05:34:9D:EA:BB:04:78:4D:08:89:E3:C2:72:9F:2C:FE:67
Certificate issuer: /CN=420387c94134d9a08ffd32630967703adc582b6c
Certificate serial: 0281F6
Authority key identifier: 42:03:87:C9:41:34:D9:A0:8F:FD:32:63:09:67:70:3A:DC:58:2B:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QgOHyUE02aCP_TJjCWdwOtxYK2w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/a38a87-0159-490e-b69c-376f4b4d9da6/1/_ITOBTSd6rsEeE0IiePCcp8s_mc.roa
Signing time: Thu 07 Apr 2022 11:34:43 +0000
ROA not before: Thu 07 Apr 2022 11:34:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200918
IP address blocks: 185.186.36.0/24 maxlen: 24
185.126.196.0/22 maxlen: 22
185.186.38.0/24 maxlen: 24
185.186.37.0/24 maxlen: 24
185.186.39.0/24 maxlen: 24
2a06:bfc0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 164342 (0x281f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=420387c94134d9a08ffd32630967703adc582b6c
Validity
Not Before: Apr 7 11:34:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fc84ce05349deabb04784d0889e3c2729f2cfe67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d9:9a:04:8a:79:c3:47:35:56:00:af:3e:52:
00:72:ee:a7:a9:a2:28:6e:55:c5:e1:a5:3f:28:3b:
64:37:7f:44:5b:8b:c6:41:8b:a5:40:b0:4a:26:b6:
bb:0e:b1:62:0b:4a:6f:ed:62:9f:35:7f:ff:99:e4:
e5:ac:19:e1:f6:87:6e:e6:e3:9d:17:d3:8f:60:47:
42:ee:3f:f2:b7:9a:0b:04:22:af:b8:bf:76:03:76:
be:32:fa:9e:fe:22:08:6c:e1:c2:65:43:e9:fc:60:
82:98:45:3e:0e:57:6a:ab:68:9b:11:48:9b:f7:37:
bd:55:5e:78:e4:a9:32:3a:88:99:dd:7b:6a:f3:96:
e9:81:a8:35:45:63:d3:e9:89:56:05:bf:1f:96:ba:
30:47:c8:62:21:15:80:e0:88:77:ca:ff:71:d8:e8:
fb:ae:31:84:ea:dc:41:9f:16:1c:0e:4d:78:67:7c:
f1:6c:21:39:fa:5c:58:9b:c9:6f:61:36:00:7a:be:
b2:19:36:25:fc:4a:d3:86:5e:96:89:40:0e:84:3f:
8d:0c:ba:99:8f:ef:bb:89:34:2c:c2:a8:8c:51:71:
ab:e2:e5:a6:5e:17:db:d1:6e:f7:36:47:ac:8c:3f:
ff:ed:eb:b2:13:32:34:db:61:d8:97:cb:b7:bc:f4:
c3:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:84:CE:05:34:9D:EA:BB:04:78:4D:08:89:E3:C2:72:9F:2C:FE:67
X509v3 Authority Key Identifier:
keyid:42:03:87:C9:41:34:D9:A0:8F:FD:32:63:09:67:70:3A:DC:58:2B:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QgOHyUE02aCP_TJjCWdwOtxYK2w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/a38a87-0159-490e-b69c-376f4b4d9da6/1/_ITOBTSd6rsEeE0IiePCcp8s_mc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/a38a87-0159-490e-b69c-376f4b4d9da6/1/QgOHyUE02aCP_TJjCWdwOtxYK2w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.126.196.0/22
185.186.36.0/22
IPv6:
2a06:bfc0::/29
Signature Algorithm: sha256WithRSAEncryption
45:01:ca:e5:ba:3f:fa:38:78:49:ab:0f:16:84:ce:34:3b:12:
ba:3b:90:2f:2a:b4:38:74:2d:df:20:b0:18:f1:ab:ca:da:24:
8b:29:24:dd:e4:79:ff:50:d1:3c:74:c0:26:81:03:06:25:c8:
46:79:2f:53:a2:9c:da:de:75:70:d1:29:a1:31:53:85:37:9d:
e5:d0:ba:0e:84:86:94:fe:70:bc:22:f3:bf:d7:20:33:f0:c7:
ff:1c:40:43:51:e1:eb:6b:11:bf:b2:be:ec:9d:14:ec:f1:44:
b0:fe:ad:78:70:60:d8:d9:b1:dc:cc:90:9e:f9:2f:50:da:67:
bd:27:3e:8b:bb:58:fd:1f:eb:45:b9:6d:44:79:fb:dd:9b:4d:
52:b3:47:3d:90:df:94:26:1b:be:22:01:1b:1b:d2:a3:1d:ac:
26:6f:45:63:ba:f8:bb:61:40:c0:87:c1:ae:d6:ac:ef:6f:c9:
b1:5e:b3:d4:84:90:f7:93:9f:40:4e:00:fe:3c:d8:d2:d1:f0:
a2:64:45:26:61:11:c5:f2:72:90:67:f7:d1:a1:64:19:01:c1:
0f:57:32:0c:98:97:39:9a:22:c3:0a:d4:ff:ef:90:ba:fd:50:
71:76:1d:73:9a:a5:21:8a:82:5d:2c:35:5c:80:06:a3:70:f0:
74:65:19:71
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIDAoH2MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDQy
MDM4N2M5NDEzNGQ5YTA4ZmZkMzI2MzA5Njc3MDNhZGM1ODJiNmMwHhcNMjIwNDA3
MTEzNDQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhmYzg0Y2UwNTM0OWRl
YWJiMDQ3ODRkMDg4OWUzYzI3MjlmMmNmZTY3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAq9maBIp5w0c1VgCvPlIAcu6nqaIoblXF4aU/KDtkN39EW4vG
QYulQLBKJra7DrFiC0pv7WKfNX//meTlrBnh9odu5uOdF9OPYEdC7j/yt5oLBCKv
uL92A3a+Mvqe/iIIbOHCZUPp/GCCmEU+Dldqq2ibEUib9ze9VV545KkyOoiZ3Xtq
85bpgag1RWPT6YlWBb8flrowR8hiIRWA4Ih3yv9x2Oj7rjGE6txBnxYcDk14Z3zx
bCE5+lxYm8lvYTYAer6yGTYl/ErThl6WiUAOhD+NDLqZj++7iTQswqiMUXGr4uWm
Xhfb0W73NkesjD//7euyEzI022HYl8u3vPTDdwIDAQABo4ICHjCCAhowHQYDVR0O
BBYEFPyEzgU0neq7BHhNCInjwnKfLP5nMB8GA1UdIwQYMBaAFEIDh8lBNNmgj/0y
YwlncDrcWCtsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
UWdPSHlVRTAyYUNQX1RKakNXZHdPdHhZSzJ3LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9lNy9hMzhhODctMDE1OS00OTBlLWI2OWMtMzc2ZjRiNGQ5ZGE2LzEv
X0lUT0JUU2Q2cnNFZUUwSWllUENjcDhzX21jLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9h
MzhhODctMDE1OS00OTBlLWI2OWMtMzc2ZjRiNGQ5ZGE2LzEvUWdPSHlVRTAyYUNQ
X1RKakNXZHdPdHhZSzJ3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQG
CCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuX7EAwQCubokMA0EAgACMAcDBQMq
Br/AMA0GCSqGSIb3DQEBCwUAA4IBAQBFAcrluj/6OHhJqw8WhM40OxK6O5AvKrQ4
dC3fILAY8avK2iSLKSTd5Hn/UNE8dMAmgQMGJchGeS9Topza3nVw0SmhMVOFN53l
0LoOhIaU/nC8IvO/1yAz8Mf/HEBDUeHraxG/sr7snRTs8USw/q14cGDY2bHczJCe
+S9Q2me9Jz6Lu1j9H+tFuW1Eefvdm01Ss0c9kN+UJhu+IgEbG9KjHawmb0Vjuvi7
YUDAh8Gu1qzvb8mxXrPUhJD3k59ATgD+PNjS0fCiZEUmYRHF8nKQZ/fRoWQZAcEP
VzIMmJc5miLDCtT/75C6/VBxdh1zmqUhioJdLDVcgAajcPB0ZRlx
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:33 2023 by rpki-client on console-ams.rpki-client.org