Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/037adf-b9c2-4ad1-960a-4d403369d2a2/1/Q8yoCQ3iAZ0JZKswWIc9Qq4ozfs.roa
File: Q8yoCQ3iAZ0JZKswWIc9Qq4ozfs.roa (raw, json)
Hash identifier: LFZBrWq51gYgXZGu1IuRnbqqF0SwG9tfrvEyNU+R6Ls=
Subject key identifier: 43:CC:A8:09:0D:E2:01:9D:09:64:AB:30:58:87:3D:42:AE:28:CD:FB
Certificate issuer: /CN=125ae2cfd315c131193484665acada7c013163ec
Certificate serial: 0183E80DA5A39F2940B7A07E71E1F25F5D93
Authority key identifier: 12:5A:E2:CF:D3:15:C1:31:19:34:84:66:5A:CA:DA:7C:01:31:63:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Elriz9MVwTEZNIRmWsrafAExY-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/037adf-b9c2-4ad1-960a-4d403369d2a2/1/Q8yoCQ3iAZ0JZKswWIc9Qq4ozfs.roa
Signing time: Mon 17 Oct 2022 22:25:51 +0000
ROA not before: Mon 17 Oct 2022 22:25:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204736
IP address blocks: 185.241.100.0/24 maxlen: 24
185.241.103.0/24 maxlen: 24
185.241.102.0/24 maxlen: 24
185.241.101.0/24 maxlen: 24
2a0d:4580:60::/48 maxlen: 48
2a0d:4580:120::/48 maxlen: 48
2a0d:4580:100::/48 maxlen: 48
2a0d:4580:80::/48 maxlen: 48
2a0d:4580:40::/48 maxlen: 48
2a0d:4580:20::/48 maxlen: 48
2a0d:4580:131::/48 maxlen: 48
2a0d:4580:130::/48 maxlen: 48
2a0d:4580:110::/48 maxlen: 48
2a0d:4580:90::/48 maxlen: 48
2a0d:4580:70::/48 maxlen: 48
2a0d:4580:50::/48 maxlen: 48
2a0d:4580:30::/48 maxlen: 48
2a0d:4580:10::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:e8:0d:a5:a3:9f:29:40:b7:a0:7e:71:e1:f2:5f:5d:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=125ae2cfd315c131193484665acada7c013163ec
Validity
Not Before: Oct 17 22:25:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=43cca8090de2019d0964ab3058873d42ae28cdfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:01:e5:b0:8a:de:3b:b7:a1:93:ef:46:d4:da:
df:8b:73:ab:a8:f7:d6:85:cf:2f:85:3b:3c:4f:ed:
f5:ab:f7:e6:98:ea:82:dd:77:f1:76:b7:f8:cb:41:
ab:bc:35:82:67:b7:98:d8:7b:d9:c2:4f:24:14:87:
f3:2a:a6:3b:b2:e9:8e:e0:9d:ef:39:e9:2c:32:ef:
45:fa:36:a7:11:e5:f7:fe:af:0c:4e:14:7f:16:9f:
df:32:ce:53:1e:34:71:79:b0:bc:bb:4e:fa:4b:a4:
6e:86:50:1e:ca:5d:2f:0a:29:5a:38:7d:6e:a7:34:
87:93:04:e6:ca:35:65:bd:fb:ed:fb:c7:d9:7d:ae:
bb:35:47:88:c8:4e:15:04:34:db:92:0e:ea:4b:d3:
63:bb:0a:e0:b7:6e:14:82:a0:fe:a2:ae:a0:fc:58:
3a:4f:76:58:60:b7:bd:05:20:f9:24:83:34:ca:70:
a7:44:01:04:fb:cf:06:76:a0:d8:84:70:4a:bd:39:
b1:9a:ed:0a:60:d6:e1:1b:0f:ea:1d:4e:0f:d8:d8:
ab:fe:02:fc:93:bc:7e:65:ba:7e:26:45:0e:82:e4:
35:1a:c3:0a:31:7f:04:a0:5d:68:9d:e9:54:08:fd:
35:8a:37:bd:6f:95:6b:1e:1e:b8:8e:a3:62:00:dd:
18:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:CC:A8:09:0D:E2:01:9D:09:64:AB:30:58:87:3D:42:AE:28:CD:FB
X509v3 Authority Key Identifier:
keyid:12:5A:E2:CF:D3:15:C1:31:19:34:84:66:5A:CA:DA:7C:01:31:63:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Elriz9MVwTEZNIRmWsrafAExY-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/037adf-b9c2-4ad1-960a-4d403369d2a2/1/Q8yoCQ3iAZ0JZKswWIc9Qq4ozfs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/037adf-b9c2-4ad1-960a-4d403369d2a2/1/Elriz9MVwTEZNIRmWsrafAExY-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.241.100.0/22
IPv6:
2a0d:4580:10::/48
2a0d:4580:20::/48
2a0d:4580:30::/48
2a0d:4580:40::/48
2a0d:4580:50::/48
2a0d:4580:60::/48
2a0d:4580:70::/48
2a0d:4580:80::/48
2a0d:4580:90::/48
2a0d:4580:100::/48
2a0d:4580:110::/48
2a0d:4580:120::/48
2a0d:4580:130::/47
Signature Algorithm: sha256WithRSAEncryption
9d:b6:7d:8c:5e:d4:bc:16:d0:f7:b6:07:76:d0:02:c2:9a:64:
d9:1e:84:8c:98:56:a9:d0:5d:00:79:51:7d:e0:e7:ba:fc:ca:
de:97:39:6a:27:9b:be:0d:73:3f:52:81:4d:62:a4:0c:c2:59:
95:6a:fb:4c:62:75:fa:84:00:48:e4:68:2f:a7:99:9e:8a:a5:
24:6e:42:2e:7a:48:2b:0a:2f:81:1b:0d:7e:85:b8:5e:52:ff:
fe:aa:7b:30:ef:52:6a:11:84:91:ad:53:38:d5:ba:8a:50:cb:
be:86:09:79:3f:f0:63:b1:d5:70:77:93:72:4f:e1:f9:9d:37:
e3:6a:cb:41:d8:dd:3c:71:6a:43:62:d2:24:88:89:b4:54:11:
b4:d2:c4:59:4d:e2:f2:69:b2:46:4d:88:b0:d7:81:d4:5d:fb:
0f:70:ff:b2:06:c0:e5:41:7e:1f:fd:d1:47:89:24:d4:b6:b0:
b6:2c:af:97:6b:47:ba:8d:61:ec:6a:a7:e6:45:3d:db:c1:98:
1b:1a:5a:c2:49:38:9a:45:3a:ff:e6:03:20:76:95:56:c9:ad:
e5:33:53:8c:ea:0f:60:83:91:7a:e4:52:3d:f6:6d:4c:7a:79:
4c:4f:7e:f8:d2:d1:21:43:7b:4c:27:e8:5a:f9:27:c0:5f:b1:
d6:ab:65:f7
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgISAYPoDaWjnylAt6B+ceHyX12TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyNWFlMmNmZDMxNWMxMzExOTM0ODQ2NjVhY2FkYTdjMDEz
MTYzZWMwHhcNMjIxMDE3MjIyNTUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2NjYTgwOTBkZTIwMTlkMDk2NGFiMzA1ODg3M2Q0MmFlMjhjZGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAHlsIreO7ehk+9G1Nrfi3OrqPfW
hc8vhTs8T+31q/fmmOqC3Xfxdrf4y0GrvDWCZ7eY2HvZwk8kFIfzKqY7sumO4J3v
OeksMu9F+janEeX3/q8MThR/Fp/fMs5THjRxebC8u076S6RuhlAeyl0vCilaOH1u
pzSHkwTmyjVlvfvt+8fZfa67NUeIyE4VBDTbkg7qS9Njuwrgt24UgqD+oq6g/Fg6
T3ZYYLe9BSD5JIM0ynCnRAEE+88GdqDYhHBKvTmxmu0KYNbhGw/qHU4P2Nir/gL8
k7x+Zbp+JkUOguQ1GsMKMX8EoF1onelUCP01ije9b5VrHh64jqNiAN0YXwIDAQAB
o4ICiTCCAoUwHQYDVR0OBBYEFEPMqAkN4gGdCWSrMFiHPUKuKM37MB8GA1UdIwQY
MBaAFBJa4s/TFcExGTSEZlrK2nwBMWPsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWxyaXo5TVZ3VEVaTklSbVdzcmFmQUV4WS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy8wMzdhZGYtYjljMi00YWQxLTk2MGEt
NGQ0MDMzNjlkMmEyLzEvUTh5b0NRM2lBWjBKWktzd1dJYzlRcTRvemZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy8wMzdhZGYtYjljMi00YWQxLTk2MGEtNGQ0MDMzNjlkMmEy
LzEvRWxyaXo5TVZ3VEVaTklSbVdzcmFmQUV4WS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGeBggrBgEFBQcBBwEB/wSBjjCBizAMBAIAATAGAwQCufFk
MHsEAgACMHUDBwAqDUWAABADBwAqDUWAACADBwAqDUWAADADBwAqDUWAAEADBwAq
DUWAAFADBwAqDUWAAGADBwAqDUWAAHADBwAqDUWAAIADBwAqDUWAAJADBwAqDUWA
AQADBwAqDUWAARADBwAqDUWAASADBwEqDUWAATAwDQYJKoZIhvcNAQELBQADggEB
AJ22fYxe1LwW0Pe2B3bQAsKaZNkehIyYVqnQXQB5UX3g57r8yt6XOWonm74Ncz9S
gU1ipAzCWZVq+0xidfqEAEjkaC+nmZ6KpSRuQi56SCsKL4EbDX6FuF5S//6qezDv
UmoRhJGtUzjVuopQy76GCXk/8GOx1XB3k3JP4fmdN+Nqy0HY3TxxakNi0iSIibRU
EbTSxFlN4vJpskZNiLDXgdRd+w9w/7IGwOVBfh/90UeJJNS2sLYsr5drR7qNYexq
p+ZFPdvBmBsaWsJJOJpFOv/mAyB2lVbJreUzU4zqD2CDkXrkUj32bUx6eUxPfvjS
0SFDe0wn6Fr5J8BfsdarZfc=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:27 2023 by rpki-client on console-ams.rpki-client.org