Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/ea71d4-4dbb-4451-b26b-3b75a567f73a/1/qEV3YHHWbH_P6CEWlUGc5TnX4fY.roa
File: qEV3YHHWbH_P6CEWlUGc5TnX4fY.roa (raw, json)
Hash identifier: 2K46qGxI9HENNR+9sDn0hcKt+Kv0Asps2R/RH/lp900=
Subject key identifier: A8:45:77:60:71:D6:6C:7F:CF:E8:21:16:95:41:9C:E5:39:D7:E1:F6
Certificate issuer: /CN=d8ff71f2b1a8d62af446a92ba2bdea33f9b69ddc
Certificate serial: 192C7A
Authority key identifier: D8:FF:71:F2:B1:A8:D6:2A:F4:46:A9:2B:A2:BD:EA:33:F9:B6:9D:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2P9x8rGo1ir0Rqkror3qM_m2ndw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/ea71d4-4dbb-4451-b26b-3b75a567f73a/1/qEV3YHHWbH_P6CEWlUGc5TnX4fY.roa
Signing time: Mon 04 Apr 2022 08:08:53 +0000
ROA not before: Mon 04 Apr 2022 08:08:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16371
IP address blocks: 45.6.48.0/22 maxlen: 23
87.238.88.0/21 maxlen: 22
194.116.184.0/24 maxlen: 24
194.116.184.0/23 maxlen: 23
194.116.185.0/24 maxlen: 24
185.2.70.0/23 maxlen: 23
185.2.68.0/22 maxlen: 22
185.2.68.0/24 maxlen: 24
185.2.69.0/24 maxlen: 24
185.78.24.0/22 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1649786 (0x192c7a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8ff71f2b1a8d62af446a92ba2bdea33f9b69ddc
Validity
Not Before: Apr 4 08:08:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a845776071d66c7fcfe8211695419ce539d7e1f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:e2:37:99:1a:7b:01:4c:04:7c:a3:69:0c:7b:
d1:5e:ef:e4:84:fd:fc:12:f7:74:bc:9f:0b:3c:c7:
a3:87:7a:6b:66:34:62:5a:d6:be:b2:41:b3:55:ac:
1b:06:0f:3c:bc:43:9b:cf:56:c7:d8:80:a6:10:88:
0d:0d:43:b5:08:e7:c1:2e:14:da:46:60:96:fe:df:
e9:8e:37:9d:97:67:f6:bb:64:3f:7a:cf:d7:80:75:
a6:f2:64:5f:bb:8a:03:1c:cf:67:47:b2:61:cf:eb:
e2:88:bc:e8:f5:4b:74:a4:38:61:f9:b4:89:e6:16:
de:99:f5:58:d3:ef:e1:26:d6:2e:2f:59:82:ea:8e:
b9:55:9c:2f:31:6f:35:33:bd:f7:3b:71:7d:f8:e8:
07:8d:35:34:d5:fe:61:71:31:21:e7:6c:cb:e2:1c:
89:26:60:3c:85:43:db:81:0f:dd:f4:1d:a7:e6:bf:
24:53:3d:da:81:26:ad:9a:4f:e9:4f:f0:a4:3b:91:
b7:85:41:66:fa:84:75:1b:1e:87:9e:1d:15:15:ec:
7c:4b:7d:f9:36:93:50:90:75:c3:f3:70:82:ed:7b:
1c:8e:d9:96:e3:f1:1e:db:0a:c5:37:1d:95:a4:6c:
76:70:76:50:83:76:f9:f1:3e:08:f6:4a:44:e9:e1:
3f:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:45:77:60:71:D6:6C:7F:CF:E8:21:16:95:41:9C:E5:39:D7:E1:F6
X509v3 Authority Key Identifier:
keyid:D8:FF:71:F2:B1:A8:D6:2A:F4:46:A9:2B:A2:BD:EA:33:F9:B6:9D:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2P9x8rGo1ir0Rqkror3qM_m2ndw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/ea71d4-4dbb-4451-b26b-3b75a567f73a/1/qEV3YHHWbH_P6CEWlUGc5TnX4fY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/ea71d4-4dbb-4451-b26b-3b75a567f73a/1/2P9x8rGo1ir0Rqkror3qM_m2ndw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.6.48.0/22
87.238.88.0/21
185.2.68.0/22
185.78.24.0/22
194.116.184.0/23
Signature Algorithm: sha256WithRSAEncryption
58:3c:c6:3e:be:e9:6c:a2:af:3e:58:e2:59:2c:0b:f2:34:c3:
c1:14:e8:6c:dd:15:21:31:5b:59:b3:9f:78:8f:e8:fe:93:89:
3e:95:52:6c:17:27:f7:8c:51:82:74:bc:b6:5f:55:3c:3f:28:
27:6f:87:58:f2:f8:61:4f:be:d1:8e:83:a7:da:00:9c:f5:6b:
83:3b:d2:b1:79:ff:a1:77:19:ec:22:b2:45:69:53:14:0f:25:
8a:b7:f1:d6:92:33:e0:22:8b:1c:fe:8e:3f:1c:57:e9:d3:d4:
a9:d1:94:e6:18:f1:5a:58:e8:b2:fe:79:3e:ad:ce:a1:5e:0f:
c9:d9:19:63:cf:7d:5e:4a:05:d2:3f:61:65:91:8b:c2:19:0c:
2e:ca:d3:b6:c3:f3:d3:be:a7:26:de:89:be:da:3f:6e:03:52:
69:52:ad:c3:86:63:46:46:94:c5:dd:f5:c1:39:82:7a:1f:fa:
f8:a2:25:0e:93:c1:34:a9:7c:33:8c:1c:ec:45:56:bf:95:ba:
81:7c:2d:56:52:cf:4d:a6:29:6b:43:e0:84:38:70:9e:45:ab:
48:87:b7:79:23:ad:1b:76:08:1c:ba:45:22:eb:e7:74:0a:d2:
c0:7d:9b:20:eb:f8:67:c5:31:e9:c8:0b:38:a2:11:46:aa:c1:
87:af:9f:16
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIDGSx6MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ4
ZmY3MWYyYjFhOGQ2MmFmNDQ2YTkyYmEyYmRlYTMzZjliNjlkZGMwHhcNMjIwNDA0
MDgwODUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhhODQ1Nzc2MDcxZDY2
YzdmY2ZlODIxMTY5NTQxOWNlNTM5ZDdlMWY2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAkeI3mRp7AUwEfKNpDHvRXu/khP38Evd0vJ8LPMejh3prZjRi
Wta+skGzVawbBg88vEObz1bH2ICmEIgNDUO1COfBLhTaRmCW/t/pjjedl2f2u2Q/
es/XgHWm8mRfu4oDHM9nR7Jhz+viiLzo9Ut0pDhh+bSJ5hbemfVY0+/hJtYuL1mC
6o65VZwvMW81M733O3F9+OgHjTU01f5hcTEh52zL4hyJJmA8hUPbgQ/d9B2n5r8k
Uz3agSatmk/pT/CkO5G3hUFm+oR1Gx6Hnh0VFex8S335NpNQkHXD83CC7XscjtmW
4/Ee2wrFNx2VpGx2cHZQg3b58T4I9kpE6eE/PwIDAQABo4ICITCCAh0wHQYDVR0O
BBYEFKhFd2Bx1mx/z+ghFpVBnOU51+H2MB8GA1UdIwQYMBaAFNj/cfKxqNYq9Eap
K6K96jP5tp3cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
MlA5eDhyR28xaXIwUnFrcm9yM3FNX20ybmR3LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9mZi9lYTcxZDQtNGRiYi00NDUxLWIyNmItM2I3NWE1NjdmNzNhLzEv
cUVWM1lISFdiSF9QNkNFV2xVR2M1VG5YNGZZLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9l
YTcxZDQtNGRiYi00NDUxLWIyNmItM2I3NWE1NjdmNzNhLzEvMlA5eDhyR28xaXIw
UnFrcm9yM3FNX20ybmR3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDcG
CCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCLQYwAwQDV+5YAwQCuQJEAwQCuU4Y
AwQBwnS4MA0GCSqGSIb3DQEBCwUAA4IBAQBYPMY+vulsoq8+WOJZLAvyNMPBFOhs
3RUhMVtZs594j+j+k4k+lVJsFyf3jFGCdLy2X1U8Pygnb4dY8vhhT77RjoOn2gCc
9WuDO9Kxef+hdxnsIrJFaVMUDyWKt/HWkjPgIosc/o4/HFfp09Sp0ZTmGPFaWOiy
/nk+rc6hXg/J2Rljz31eSgXSP2FlkYvCGQwuytO2w/PTvqcm3om+2j9uA1JpUq3D
hmNGRpTF3fXBOYJ6H/r4oiUOk8E0qXwzjBzsRVa/lbqBfC1WUs9NpilrQ+CEOHCe
RatIh7d5I60bdggcukUi6+d0CtLAfZsg6/hnxTHpyAs4ohFGqsGHr58W
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:54 2024 by rpki-client on console-ams.rpki-client.org