Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/618ee0-bcc7-4851-bc2c-fab9bf7a26d8/1/qI5kssk1h-LePWPxQNEvfurZTfo.roa
File: qI5kssk1h-LePWPxQNEvfurZTfo.roa (raw, json)
Hash identifier: vy8TeJWwCnjuCKeTYcyhuyzveMj6U2dGGqOOu1mDWPU=
Subject key identifier: A8:8E:64:B2:C9:35:87:E2:DE:3D:63:F1:40:D1:2F:7E:EA:D9:4D:FA
Certificate issuer: /CN=aac53499ff20f035cb8b1c0aa9b77c3d7d28976c
Certificate serial: 0BD3E9CC
Authority key identifier: AA:C5:34:99:FF:20:F0:35:CB:8B:1C:0A:A9:B7:7C:3D:7D:28:97:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qsU0mf8g8DXLixwKqbd8PX0ol2w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/618ee0-bcc7-4851-bc2c-fab9bf7a26d8/1/qI5kssk1h-LePWPxQNEvfurZTfo.roa
Signing time: Thu 10 Feb 2022 07:56:03 +0000
ROA not before: Thu 10 Feb 2022 07:56:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204965
IP address blocks: 185.231.214.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 198437324 (0xbd3e9cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aac53499ff20f035cb8b1c0aa9b77c3d7d28976c
Validity
Not Before: Feb 10 07:56:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a88e64b2c93587e2de3d63f140d12f7eead94dfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:e5:b1:95:d4:51:d8:59:97:7c:1a:0c:44:aa:
84:af:41:d1:76:6f:e9:d0:de:8b:39:0b:89:44:11:
2d:e2:33:40:9e:8a:3f:9d:e1:db:d0:e7:c6:cb:91:
d7:1d:83:00:c4:22:c4:45:fa:dd:f0:b1:7d:5f:dc:
d4:54:c0:3a:84:c5:5a:13:4e:f7:aa:c6:d0:f3:45:
27:f8:31:5b:c6:62:3d:f1:45:a4:87:3b:b5:a7:d8:
21:82:43:74:22:cc:ec:0f:82:69:f7:9a:e9:41:a9:
28:a6:f0:41:7b:9f:1c:ec:c0:c1:81:fb:4d:8b:5a:
25:2f:4b:31:83:7d:1a:e6:c2:05:67:20:60:cb:ac:
ad:e0:a0:ef:f2:4d:f4:95:71:be:14:5e:fe:45:67:
a4:07:2b:19:80:94:de:24:06:92:df:ec:bd:76:c3:
f6:93:22:15:a5:4e:0d:69:cb:fb:42:ec:13:38:b9:
c9:eb:d4:ce:f6:2e:84:d8:12:39:1d:55:13:00:fc:
fe:76:3d:b3:5f:54:3d:1c:e8:b5:fd:b1:3e:cd:f6:
05:be:a9:64:ee:13:9b:e6:42:b7:95:cf:53:15:6d:
50:ae:72:1f:65:67:82:44:47:cf:57:d4:71:b3:9f:
f0:47:5f:8c:55:3b:33:40:74:88:6b:db:f0:54:d1:
37:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:8E:64:B2:C9:35:87:E2:DE:3D:63:F1:40:D1:2F:7E:EA:D9:4D:FA
X509v3 Authority Key Identifier:
keyid:AA:C5:34:99:FF:20:F0:35:CB:8B:1C:0A:A9:B7:7C:3D:7D:28:97:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qsU0mf8g8DXLixwKqbd8PX0ol2w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/618ee0-bcc7-4851-bc2c-fab9bf7a26d8/1/qI5kssk1h-LePWPxQNEvfurZTfo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/618ee0-bcc7-4851-bc2c-fab9bf7a26d8/1/qsU0mf8g8DXLixwKqbd8PX0ol2w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.231.214.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:a8:ee:ce:f8:f0:fe:20:6b:39:67:3a:7f:b0:e5:d8:f5:9c:
37:77:93:c1:a4:a4:2a:45:cd:86:cf:76:76:bd:57:0e:52:5e:
2b:55:60:10:b9:c5:78:2e:f0:fb:20:7a:dd:2a:28:f6:c9:69:
2f:2d:7a:e8:d1:69:8e:e8:6e:fb:c0:1c:b7:3e:b3:42:27:3b:
e1:68:70:29:19:46:c1:4e:30:40:2e:53:23:0f:b2:0a:35:58:
0f:86:3e:b4:dc:e9:ff:92:7d:ee:44:0b:df:05:b0:bc:42:04:
9d:51:db:ed:78:c1:6f:7d:c5:24:65:99:4b:93:2b:4d:eb:60:
16:46:0b:f9:8c:e5:dd:99:58:6a:45:21:d2:a0:ef:a0:17:22:
3f:08:20:2b:2c:bd:82:2e:51:df:95:7f:a9:7d:8e:e7:ca:9a:
4e:f3:d7:0f:58:64:6d:df:cf:99:9a:5e:b6:ae:d8:b1:fe:da:
31:c1:ca:3b:5f:d1:61:66:f0:f8:cb:04:d9:8c:09:d7:5e:58:
a3:b7:07:55:63:4f:98:e0:fc:b1:b8:de:e0:1d:a0:70:d0:6c:
12:24:9b:27:a9:d6:3e:2d:70:47:d5:bb:72:13:15:02:c3:06:
5b:a7:ff:63:65:77:36:b1:94:7d:57:94:a4:0f:f4:9d:47:22:
2f:36:33:42
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEC9PpzDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YWM1MzQ5OWZmMjBmMDM1Y2I4YjFjMGFhOWI3N2MzZDdkMjg5NzZjMB4XDTIyMDIx
MDA3NTYwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTg4ZTY0YjJjOTM1
ODdlMmRlM2Q2M2YxNDBkMTJmN2VlYWQ5NGRmYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKflsZXUUdhZl3waDESqhK9B0XZv6dDeizkLiUQRLeIzQJ6K
P53h29DnxsuR1x2DAMQixEX63fCxfV/c1FTAOoTFWhNO96rG0PNFJ/gxW8ZiPfFF
pIc7tafYIYJDdCLM7A+Cafea6UGpKKbwQXufHOzAwYH7TYtaJS9LMYN9GubCBWcg
YMusreCg7/JN9JVxvhRe/kVnpAcrGYCU3iQGkt/svXbD9pMiFaVODWnL+0LsEzi5
yevUzvYuhNgSOR1VEwD8/nY9s19UPRzotf2xPs32Bb6pZO4Tm+ZCt5XPUxVtUK5y
H2VngkRHz1fUcbOf8EdfjFU7M0B0iGvb8FTRNy0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSojmSyyTWH4t49Y/FA0S9+6tlN+jAfBgNVHSMEGDAWgBSqxTSZ/yDwNcuL
HAqpt3w9fSiXbDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FzVTBtZjhnOERYTGl4d0txYmQ4UFgwb2wydy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmYvNjE4ZWUwLWJjYzctNDg1MS1iYzJjLWZhYjliZjdhMjZkOC8x
L3FJNWtzc2sxaC1MZVBXUHhRTkV2ZnVyWlRmby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmYv
NjE4ZWUwLWJjYzctNDg1MS1iYzJjLWZhYjliZjdhMjZkOC8xL3FzVTBtZjhnOERY
TGl4d0txYmQ4UFgwb2wydy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnn1jANBgkqhkiG9w0BAQsFAAOC
AQEAO6juzvjw/iBrOWc6f7Dl2PWcN3eTwaSkKkXNhs92dr1XDlJeK1VgELnFeC7w
+yB63Soo9slpLy166NFpjuhu+8Actz6zQic74WhwKRlGwU4wQC5TIw+yCjVYD4Y+
tNzp/5J97kQL3wWwvEIEnVHb7XjBb33FJGWZS5MrTetgFkYL+Yzl3ZlYakUh0qDv
oBciPwggKyy9gi5R35V/qX2O58qaTvPXD1hkbd/PmZpetq7Ysf7aMcHKO1/RYWbw
+MsE2YwJ115Yo7cHVWNPmOD8sbje4B2gcNBsEiSbJ6nWPi1wR9W7chMVAsMGW6f/
Y2V3NrGUfVeUpA/0nUciLzYzQg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:54 2023 by rpki-client on console-ams.rpki-client.org