Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/D-QtvFOv_SuXbARzKviWv9OFwx4.roa
File: D-QtvFOv_SuXbARzKviWv9OFwx4.roa (raw, json)
Hash identifier: NyQ2miIu0VivTd6bVT+OQmWdtkKITH6O4jT2v6HPAjU=
Subject key identifier: 0F:E4:2D:BC:53:AF:FD:2B:97:6C:04:73:2A:F8:96:BF:D3:85:C3:1E
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 01880E375D7A64428D24269EA8B09E364647
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/D-QtvFOv_SuXbARzKviWv9OFwx4.roa
Signing time: Fri 12 May 2023 04:28:09 +0000
ROA not before: Fri 12 May 2023 04:28:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25408
IP address blocks: 185.42.80.0/22 maxlen: 24
37.112.248.0/21 maxlen: 24
88.204.96.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:0e:37:5d:7a:64:42:8d:24:26:9e:a8:b0:9e:36:46:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: May 12 04:28:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0fe42dbc53affd2b976c04732af896bfd385c31e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:cb:8f:f6:3a:62:cf:9a:c1:c1:62:5c:c4:60:
83:93:7f:6c:40:fe:3c:79:96:b4:6c:89:33:48:42:
ec:75:a2:ea:e3:7a:cd:23:2d:a9:79:d1:8b:a3:11:
5b:68:6a:f3:0a:43:a0:55:2a:ff:85:6f:73:17:48:
84:e0:5b:58:ec:d3:37:85:d6:83:4a:d8:5a:7d:2a:
1d:5c:71:6b:0e:7f:cb:74:36:08:39:2f:64:20:c2:
da:68:23:42:11:0e:61:e2:de:e9:da:f4:08:52:93:
a2:5a:d8:bf:5d:b0:00:b0:0b:5b:d8:29:2f:13:ff:
86:54:c4:74:0d:bf:73:45:1a:de:0d:92:93:28:fc:
da:90:19:3a:28:b8:4a:f2:5d:4d:a6:75:f1:81:0b:
79:b8:6d:ec:b9:5d:75:6b:75:a6:d6:5e:16:c4:53:
60:0b:3f:37:c0:50:00:fe:3c:79:00:39:5d:48:0f:
8f:83:b2:0b:fa:11:1a:0e:8f:23:69:64:c8:eb:54:
81:e6:0c:a5:93:b0:95:c0:a6:2a:b6:14:e7:83:1a:
c5:f6:5c:ac:69:ce:55:5b:a6:4c:71:79:f5:4f:c8:
cd:be:ce:8b:29:cf:0a:48:ab:e4:83:1a:2a:50:2b:
00:1f:a8:2c:a6:c2:ba:71:77:39:b8:fa:46:2e:6c:
4a:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:E4:2D:BC:53:AF:FD:2B:97:6C:04:73:2A:F8:96:BF:D3:85:C3:1E
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/D-QtvFOv_SuXbARzKviWv9OFwx4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.112.248.0/21
88.204.96.0/23
185.42.80.0/22
Signature Algorithm: sha256WithRSAEncryption
18:3a:1a:72:8d:66:48:46:f2:6b:b6:3c:34:c8:b8:84:11:70:
95:cc:9d:51:26:d4:da:4c:df:78:3b:7c:ac:bf:5f:96:8c:7c:
ab:44:5f:fd:6e:64:b5:24:6a:90:ec:47:0e:26:0c:37:75:aa:
13:36:bb:5b:f9:28:b2:57:d6:bf:69:ac:7c:95:64:00:19:3b:
41:9a:db:f5:a6:9b:34:f4:f5:0e:cc:e2:71:97:93:da:2e:54:
21:04:67:28:bf:e3:28:07:24:bc:dd:7e:b9:31:7d:05:f4:a2:
97:1a:03:cf:98:cc:b1:cc:95:cf:8d:b1:de:a1:3c:81:c9:b1:
34:e7:50:1e:a9:6d:37:eb:f2:32:0d:91:d0:fa:da:97:81:be:
86:88:11:a6:09:c9:7b:cf:3c:45:93:48:d4:83:91:65:e0:88:
e6:2b:25:a7:de:94:a0:bd:67:bd:ce:9e:aa:b8:bb:df:f7:16:
2d:e4:61:63:2b:0d:05:75:28:63:f7:bc:66:ac:46:73:7f:ca:
54:ae:a3:4c:17:9e:fa:3a:d6:ec:67:53:67:33:5b:bb:c8:0f:
9e:6a:a6:69:3a:91:78:74:99:48:73:4d:e8:53:dd:2e:d6:7d:
20:34:bc:ee:70:ba:9b:8d:11:43:80:21:51:d9:c3:77:4d:67:
c2:3c:97:90
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYgON116ZEKNJCaeqLCeNkZHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjMwNTEyMDQyODA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmU0MmRiYzUzYWZmZDJiOTc2YzA0NzMyYWY4OTZiZmQzODVjMzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsuP9jpiz5rBwWJcxGCDk39sQP48
eZa0bIkzSELsdaLq43rNIy2pedGLoxFbaGrzCkOgVSr/hW9zF0iE4FtY7NM3hdaD
SthafSodXHFrDn/LdDYIOS9kIMLaaCNCEQ5h4t7p2vQIUpOiWti/XbAAsAtb2Ckv
E/+GVMR0Db9zRRreDZKTKPzakBk6KLhK8l1NpnXxgQt5uG3suV11a3Wm1l4WxFNg
Cz83wFAA/jx5ADldSA+Pg7IL+hEaDo8jaWTI61SB5gylk7CVwKYqthTngxrF9lys
ac5VW6ZMcXn1T8jNvs6LKc8KSKvkgxoqUCsAH6gspsK6cXc5uPpGLmxKHwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFA/kLbxTr/0rl2wEcyr4lr/ThcMeMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvRC1RdHZGT3ZfU3VYYkFSekt2aVd2OU9Gd3g0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDJXD4AwQB
WMxgAwQCuSpQMA0GCSqGSIb3DQEBCwUAA4IBAQAYOhpyjWZIRvJrtjw0yLiEEXCV
zJ1RJtTaTN94O3ysv1+WjHyrRF/9bmS1JGqQ7EcOJgw3daoTNrtb+SiyV9a/aax8
lWQAGTtBmtv1pps09PUOzOJxl5PaLlQhBGcov+MoByS83X65MX0F9KKXGgPPmMyx
zJXPjbHeoTyBybE051AeqW036/IyDZHQ+tqXgb6GiBGmCcl7zzxFk0jUg5Fl4Ijm
KyWn3pSgvWe9zp6quLvf9xYt5GFjKw0FdShj97xmrEZzf8pUrqNMF576OtbsZ1Nn
M1u7yA+eaqZpOpF4dJlIc03oU90u1n0gNLzucLqbjRFDgCFR2cN3TWfCPJeQ
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:44:41 2025 by rpki-client