Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/2c8f08-e599-44f3-bbc1-8cbef913e342/1/qHVlTNIhM3nb1y3sTvc26qOHTxo.roa
File: qHVlTNIhM3nb1y3sTvc26qOHTxo.roa (raw, json)
Hash identifier: vvHvFdsHbQKcSTwGIEUHIws6HCzeb7UENqhaXgO1alg=
Subject key identifier: A8:75:65:4C:D2:21:33:79:DB:D7:2D:EC:4E:F7:36:EA:A3:87:4F:1A
Certificate issuer: /CN=85db83a8365a604476f282d24d327ad1ef0fde52
Certificate serial: 0DF48F5A
Authority key identifier: 85:DB:83:A8:36:5A:60:44:76:F2:82:D2:4D:32:7A:D1:EF:0F:DE:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hduDqDZaYER28oLSTTJ60e8P3lI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/2c8f08-e599-44f3-bbc1-8cbef913e342/1/qHVlTNIhM3nb1y3sTvc26qOHTxo.roa
Signing time: Thu 17 Mar 2022 14:31:43 +0000
ROA not before: Thu 17 Mar 2022 14:31:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41960
IP address blocks: 185.199.232.0/22 maxlen: 24
46.226.236.0/22 maxlen: 24
213.5.232.0/22 maxlen: 24
185.25.80.0/22 maxlen: 24
185.199.188.0/22 maxlen: 24
2a00:c600::/29 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 234131290 (0xdf48f5a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85db83a8365a604476f282d24d327ad1ef0fde52
Validity
Not Before: Mar 17 14:31:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a875654cd2213379dbd72dec4ef736eaa3874f1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:99:13:78:4c:41:aa:f6:62:d1:df:dc:5a:72:
e5:b0:ce:56:25:55:20:11:69:9e:ba:b0:ae:e9:06:
05:59:39:09:2b:28:4f:59:29:cd:ff:c0:74:21:5e:
55:87:22:14:aa:32:9a:f5:3a:9e:0a:71:9e:eb:e2:
92:97:6c:98:60:77:a6:fa:f3:a2:92:f7:28:53:3d:
f5:7f:41:a1:b4:fd:01:6f:2b:09:8d:3c:cc:7d:78:
dc:fc:72:ab:83:8c:e8:1e:eb:c2:2a:be:d0:ee:22:
a4:ef:bb:bf:85:e6:a8:81:57:d4:25:29:ac:12:3f:
12:12:31:1c:7e:f7:bb:dc:a0:7c:3d:be:38:26:9d:
bd:ec:a3:65:53:3a:f1:e9:3e:b7:13:c2:b8:eb:a7:
c6:03:4f:02:cc:a8:d9:47:27:27:cd:d4:27:e0:ef:
72:f8:20:c3:c6:54:6b:e3:db:59:4f:e3:66:8c:21:
db:fd:8b:4b:ae:dc:ba:b8:e3:48:ba:6d:a1:53:33:
b7:f1:fe:92:93:9a:0a:18:3b:80:b6:c7:da:0d:95:
dd:98:9d:28:10:10:5d:12:d3:29:a5:d7:03:a9:e5:
42:70:78:23:9b:4c:9d:a6:2b:a9:63:63:cd:92:62:
8d:39:e8:22:82:62:28:2d:1f:48:81:7e:07:98:6e:
a9:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:75:65:4C:D2:21:33:79:DB:D7:2D:EC:4E:F7:36:EA:A3:87:4F:1A
X509v3 Authority Key Identifier:
keyid:85:DB:83:A8:36:5A:60:44:76:F2:82:D2:4D:32:7A:D1:EF:0F:DE:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hduDqDZaYER28oLSTTJ60e8P3lI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/2c8f08-e599-44f3-bbc1-8cbef913e342/1/qHVlTNIhM3nb1y3sTvc26qOHTxo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/2c8f08-e599-44f3-bbc1-8cbef913e342/1/hduDqDZaYER28oLSTTJ60e8P3lI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.236.0/22
185.25.80.0/22
185.199.188.0/22
185.199.232.0/22
213.5.232.0/22
IPv6:
2a00:c600::/29
Signature Algorithm: sha256WithRSAEncryption
0d:8b:9d:d3:50:6e:fa:b5:c0:88:1a:a0:ab:2a:7f:81:36:2f:
5b:ab:c9:f8:b3:5f:63:ee:a1:49:e9:3a:8b:3c:c3:d4:61:0e:
87:50:23:4e:d5:54:fa:fb:4b:01:6c:37:f2:55:dc:90:ef:8d:
cd:f7:13:e6:c9:c7:05:48:27:71:a6:fc:dc:f9:38:c6:b1:8f:
4c:b7:3e:5e:82:fd:d0:cc:68:69:3e:d2:07:4d:da:6d:ce:25:
81:b0:9e:6e:f0:83:66:3a:5b:03:c0:7c:07:21:9f:25:d6:b5:
0c:39:e7:dd:4a:4f:a4:66:8b:f4:5d:ff:c8:2a:6e:b5:8c:00:
b7:a2:86:24:cd:0e:ac:82:5e:f8:9e:2b:f5:e4:c7:b3:d0:46:
c8:b7:81:f1:ad:09:ac:f6:35:ac:65:b5:a4:7e:9e:3d:ba:f7:
e8:11:dc:e9:19:37:47:c4:cb:44:e7:70:30:81:a0:d8:2b:3f:
ce:a9:f7:3d:97:ba:0b:27:13:c2:1e:45:78:e3:d3:31:86:8d:
1b:7d:00:5b:f5:7f:9d:6d:94:99:fe:56:4f:66:08:b4:63:aa:
de:5a:bc:a2:e5:91:18:ca:43:2e:01:e2:fb:a7:a7:f0:d6:14:
ce:bb:46:6d:6b:af:c9:35:c3:51:da:10:6b:8b:a6:18:c3:4c:
8e:78:f3:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEDfSPWjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NWRiODNhODM2NWE2MDQ0NzZmMjgyZDI0ZDMyN2FkMWVmMGZkZTUyMB4XDTIyMDMx
NzE0MzE0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTg3NTY1NGNkMjIx
MzM3OWRiZDcyZGVjNGVmNzM2ZWFhMzg3NGYxYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJGZE3hMQar2YtHf3Fpy5bDOViVVIBFpnrqwrukGBVk5CSso
T1kpzf/AdCFeVYciFKoymvU6ngpxnuvikpdsmGB3pvrzopL3KFM99X9BobT9AW8r
CY08zH143Pxyq4OM6B7rwiq+0O4ipO+7v4XmqIFX1CUprBI/EhIxHH73u9ygfD2+
OCadveyjZVM68ek+txPCuOunxgNPAsyo2UcnJ83UJ+Dvcvggw8ZUa+PbWU/jZowh
2/2LS67curjjSLptoVMzt/H+kpOaChg7gLbH2g2V3ZidKBAQXRLTKaXXA6nlQnB4
I5tMnaYrqWNjzZJijTnoIoJiKC0fSIF+B5huqRUCAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBSodWVM0iEzedvXLexO9zbqo4dPGjAfBgNVHSMEGDAWgBSF24OoNlpgRHby
gtJNMnrR7w/eUjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hkdURxRFphWUVSMjhvTFNUVEo2MGU4UDNsSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGUvMmM4ZjA4LWU1OTktNDRmMy1iYmMxLThjYmVmOTEzZTM0Mi8x
L3FIVmxUTkloTTNuYjF5M3NUdmMyNnFPSFR4by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGUv
MmM4ZjA4LWU1OTktNDRmMy1iYmMxLThjYmVmOTEzZTM0Mi8xL2hkdURxRFphWUVS
MjhvTFNUVEo2MGU4UDNsSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEAi7i7AMEArkZUAMEArnHvAMEArnH
6AMEAtUF6DANBAIAAjAHAwUDKgDGADANBgkqhkiG9w0BAQsFAAOCAQEADYud01Bu
+rXAiBqgqyp/gTYvW6vJ+LNfY+6hSek6izzD1GEOh1AjTtVU+vtLAWw38lXckO+N
zfcT5snHBUgncab83Pk4xrGPTLc+XoL90MxoaT7SB03abc4lgbCebvCDZjpbA8B8
ByGfJda1DDnn3UpPpGaL9F3/yCputYwAt6KGJM0OrIJe+J4r9eTHs9BGyLeB8a0J
rPY1rGW1pH6ePbr36BHc6Rk3R8TLROdwMIGg2Cs/zqn3PZe6CycTwh5FeOPTMYaN
G30AW/V/nW2Umf5WT2YItGOq3lq8ouWRGMpDLgHi+6en8NYUzrtGbWuvyTXDUdoQ
a4umGMNMjnjzog==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:37 2023 by rpki-client on console.sobornost.net