Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/QrWqtr9nT6BFqxdHUryj_4Pexns.roa
File: QrWqtr9nT6BFqxdHUryj_4Pexns.roa (raw, json)
Hash identifier: zP36IHrIsygzaWxtQRoTYnr9MRpSAcRKa6H2pWf+h6M=
Subject key identifier: 42:B5:AA:B6:BF:67:4F:A0:45:AB:17:47:52:BC:A3:FF:83:DE:C6:7B
Certificate issuer: /CN=4c81273dcb03c3457b79250be109e19a5e74f0fd
Certificate serial: 018B80853868084FC5B56F1BCE12CF81D60F
Authority key identifier: 4C:81:27:3D:CB:03:C3:45:7B:79:25:0B:E1:09:E1:9A:5E:74:F0:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TIEnPcsDw0V7eSUL4Qnhml508P0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/QrWqtr9nT6BFqxdHUryj_4Pexns.roa
Signing time: Mon 30 Oct 2023 12:18:16 +0000
ROA not before: Mon 30 Oct 2023 12:18:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 185.87.218.0/24 maxlen: 28
185.87.219.0/24 maxlen: 24
2a13:85c0::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:80:85:38:68:08:4f:c5:b5:6f:1b:ce:12:cf:81:d6:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c81273dcb03c3457b79250be109e19a5e74f0fd
Validity
Not Before: Oct 30 12:18:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=42b5aab6bf674fa045ab174752bca3ff83dec67b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:b5:78:b9:a6:88:c4:14:0b:47:34:f8:4b:aa:
13:a7:a3:6a:b3:19:6e:35:83:79:85:a4:90:d3:e6:
b7:a5:77:35:0b:17:14:ea:56:00:06:77:d1:55:ae:
59:c0:38:51:7a:19:2f:8e:de:0e:1e:84:a4:42:0e:
07:94:35:26:67:66:a2:56:3f:c9:93:3d:3f:8c:5a:
bc:2b:87:79:92:06:48:7b:65:55:04:fd:fe:e2:12:
a2:d8:8d:ba:9b:7e:5a:dc:58:ab:f8:57:76:9e:e0:
f7:2e:b8:38:5d:2a:a3:58:05:ae:7b:7c:6c:b7:44:
9e:d0:d1:36:8a:98:56:e7:53:60:4f:e7:ae:04:85:
fd:38:05:f3:46:01:a1:ee:e6:2a:e6:72:c5:2e:71:
d9:ec:50:0c:6f:e0:64:de:cb:c3:d2:b5:b7:4d:03:
a1:a8:24:9b:c0:a7:2e:11:72:08:ff:23:05:ad:82:
fb:89:fe:52:78:00:c0:93:b7:1c:6a:2a:dc:f3:dc:
04:94:31:bb:4c:d8:39:45:78:a3:f6:9e:6e:2c:cc:
41:db:7d:b4:43:04:f8:28:05:0d:ac:e5:dc:24:26:
66:3c:7e:ec:9e:9a:ce:0d:37:7d:4a:e2:e1:45:c0:
7e:79:e8:76:74:58:51:00:fd:b0:32:8d:18:d3:b5:
4e:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:B5:AA:B6:BF:67:4F:A0:45:AB:17:47:52:BC:A3:FF:83:DE:C6:7B
X509v3 Authority Key Identifier:
keyid:4C:81:27:3D:CB:03:C3:45:7B:79:25:0B:E1:09:E1:9A:5E:74:F0:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TIEnPcsDw0V7eSUL4Qnhml508P0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/QrWqtr9nT6BFqxdHUryj_4Pexns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/TIEnPcsDw0V7eSUL4Qnhml508P0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.87.218.0/23
IPv6:
2a13:85c0::/40
Signature Algorithm: sha256WithRSAEncryption
69:a6:9e:a2:19:02:46:e9:9b:d9:b6:c4:86:78:d3:85:f6:41:
70:34:45:bc:ba:81:b0:2a:d4:af:fc:b5:ef:0f:dd:27:a4:df:
90:c7:50:1a:3e:2a:11:76:aa:eb:e0:a8:0b:20:5c:3d:3d:a4:
57:28:0f:d5:f5:50:30:0e:13:2f:93:6c:ac:cf:74:ad:de:d9:
5b:15:00:df:f3:44:19:e9:14:2e:d8:6f:ff:4d:36:c0:79:af:
99:d3:2d:32:32:08:e3:34:f0:f7:06:1d:19:6c:a6:15:77:cf:
97:bc:f6:ec:5a:33:9b:b5:d9:1c:23:b5:f1:ad:1c:9c:03:b0:
8c:3d:de:87:94:3d:bd:ad:10:f8:26:bc:9c:7c:89:49:e1:a6:
f0:c9:4c:89:9d:14:c7:5f:85:7f:67:57:af:54:dd:5b:8d:00:
50:c3:d3:85:f5:ef:65:b2:f0:45:4b:1d:d3:af:4d:5e:b3:84:
8d:3b:44:15:5b:a0:51:5b:dd:81:24:3a:14:c8:2f:b6:e5:b0:
a4:47:a4:6d:37:eb:4a:a7:ef:9e:a6:91:94:88:a0:fa:bb:46:
ea:42:59:74:3f:d9:06:1f:3d:f8:d6:b2:cb:54:40:0b:1f:f2:
ad:84:a0:67:0b:be:fd:61:35:f9:c8:ed:7d:3a:87:f0:c1:7b:
4e:9d:36:ba
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYuAhThoCE/FtW8bzhLPgdYPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjODEyNzNkY2IwM2MzNDU3Yjc5MjUwYmUxMDllMTlhNWU3
NGYwZmQwHhcNMjMxMDMwMTIxODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmI1YWFiNmJmNjc0ZmEwNDVhYjE3NDc1MmJjYTNmZjgzZGVjNjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAirV4uaaIxBQLRzT4S6oTp6Nqsxlu
NYN5haSQ0+a3pXc1CxcU6lYABnfRVa5ZwDhRehkvjt4OHoSkQg4HlDUmZ2aiVj/J
kz0/jFq8K4d5kgZIe2VVBP3+4hKi2I26m35a3Fir+Fd2nuD3Lrg4XSqjWAWue3xs
t0Se0NE2iphW51NgT+euBIX9OAXzRgGh7uYq5nLFLnHZ7FAMb+Bk3svD0rW3TQOh
qCSbwKcuEXII/yMFrYL7if5SeADAk7ccairc89wElDG7TNg5RXij9p5uLMxB2320
QwT4KAUNrOXcJCZmPH7snprODTd9SuLhRcB+eeh2dFhRAP2wMo0Y07VOQQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFEK1qra/Z0+gRasXR1K8o/+D3sZ7MB8GA1UdIwQY
MBaAFEyBJz3LA8NFe3klC+EJ4ZpedPD9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVElFblBjc0R3MFY3ZVNVTDRRbmhtbDUwOFAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8xOGM3ZGQtMjQxYi00YjkyLThlYmYt
Nzc3OTRmYmZkMmU0LzEvUXJXcXRyOW5UNkJGcXhkSFVyeWpfNFBleG5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8xOGM3ZGQtMjQxYi00YjkyLThlYmYtNzc3OTRmYmZkMmU0
LzEvVElFblBjc0R3MFY3ZVNVTDRRbmhtbDUwOFAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQBuVfaMA4E
AgACMAgDBgAqE4XAADANBgkqhkiG9w0BAQsFAAOCAQEAaaaeohkCRumb2bbEhnjT
hfZBcDRFvLqBsCrUr/y17w/dJ6TfkMdQGj4qEXaq6+CoCyBcPT2kVygP1fVQMA4T
L5NsrM90rd7ZWxUA3/NEGekULthv/002wHmvmdMtMjII4zTw9wYdGWymFXfPl7z2
7Fozm7XZHCO18a0cnAOwjD3eh5Q9va0Q+Ca8nHyJSeGm8MlMiZ0Ux1+Ff2dXr1Td
W40AUMPThfXvZbLwRUsd069NXrOEjTtEFVugUVvdgSQ6FMgvtuWwpEekbTfrSqfv
nqaRlIig+rtG6kJZdD/ZBh89+Nayy1RACx/yrYSgZwu+/WE1+cjtfTqH8MF7Tp02
ug==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:13:04 2025 by rpki-client