Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/e66a57-65ef-4644-8f50-c14faf43be14/1/QlGln3OTeIytJon4OaHywhaSNuw.roa
File: QlGln3OTeIytJon4OaHywhaSNuw.roa (raw, json)
Hash identifier: 2oqtGgkyJDgxZhCG+rO6ZR0gLSMCrbiLZQgSqdvImYc=
Subject key identifier: 42:51:A5:9F:73:93:78:8C:AD:26:89:F8:39:A1:F2:C2:16:92:36:EC
Certificate issuer: /CN=64e7553292af595426ee1d7dc919a2104894752b
Certificate serial: 018649902D0898FC4B59B7CD25C58D8F3B1E
Authority key identifier: 64:E7:55:32:92:AF:59:54:26:EE:1D:7D:C9:19:A2:10:48:94:75:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZOdVMpKvWVQm7h19yRmiEEiUdSs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/e66a57-65ef-4644-8f50-c14faf43be14/1/QlGln3OTeIytJon4OaHywhaSNuw.roa
Signing time: Mon 13 Feb 2023 06:57:10 +0000
ROA not before: Mon 13 Feb 2023 06:57:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25003
IP address blocks: 185.223.0.0/22 maxlen: 24
141.226.250.0/23 maxlen: 24
2a0d:2800::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:49:90:2d:08:98:fc:4b:59:b7:cd:25:c5:8d:8f:3b:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64e7553292af595426ee1d7dc919a2104894752b
Validity
Not Before: Feb 13 06:57:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4251a59f7393788cad2689f839a1f2c2169236ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:db:54:36:da:2c:a3:f6:fb:bb:96:40:cf:8c:
73:44:15:71:6f:7b:8c:8e:21:fb:47:fc:de:94:6e:
b6:bc:65:6e:86:fe:4c:a3:47:38:a5:de:ce:85:7d:
fd:0f:62:68:84:15:ef:69:be:2a:5e:6f:4b:7d:5c:
e6:18:52:dc:67:8e:b8:e1:91:3c:38:90:86:06:a0:
f5:77:44:1b:bd:31:b3:3b:5f:db:5e:f3:fa:d1:97:
30:d0:41:ad:b8:17:ae:84:da:4b:1a:25:74:ec:a1:
f0:79:1b:45:46:52:15:e0:3a:f2:b4:8d:bc:b2:9c:
03:39:36:0b:31:3c:ad:ba:d2:fc:59:28:49:92:37:
8e:c6:c8:5a:55:ec:75:02:70:1e:80:17:81:34:61:
49:1d:28:d4:fa:cc:f5:22:54:3e:20:d2:99:1a:8a:
41:71:27:ab:62:33:28:41:c4:3d:82:e9:a7:2c:a3:
f1:94:c0:76:11:c2:9d:c4:eb:8b:d4:6f:37:03:30:
9e:3a:ae:2b:87:ca:c0:0d:81:a9:13:5c:65:b4:41:
e4:b2:a7:50:f4:3d:a0:7b:6d:7a:66:fe:d0:ec:58:
87:0e:48:0a:e6:d9:cd:37:b9:5e:26:36:2f:da:c0:
76:1c:ad:75:f4:45:bc:36:bc:5d:6c:bb:04:ac:ac:
a7:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:51:A5:9F:73:93:78:8C:AD:26:89:F8:39:A1:F2:C2:16:92:36:EC
X509v3 Authority Key Identifier:
keyid:64:E7:55:32:92:AF:59:54:26:EE:1D:7D:C9:19:A2:10:48:94:75:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZOdVMpKvWVQm7h19yRmiEEiUdSs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e66a57-65ef-4644-8f50-c14faf43be14/1/QlGln3OTeIytJon4OaHywhaSNuw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e66a57-65ef-4644-8f50-c14faf43be14/1/ZOdVMpKvWVQm7h19yRmiEEiUdSs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.226.250.0/23
185.223.0.0/22
IPv6:
2a0d:2800::/29
Signature Algorithm: sha256WithRSAEncryption
45:01:54:67:9f:38:92:b2:21:99:2c:31:4a:32:30:a6:d0:cd:
8f:46:88:0a:77:5c:ab:cc:45:ed:0a:11:41:f2:e8:be:68:e2:
8b:80:c4:0a:82:34:6b:fe:1a:35:9d:21:ea:10:f5:7e:f7:3f:
11:ea:e8:c9:76:0f:9c:96:a6:c3:c3:b1:7d:b9:a4:59:eb:5e:
84:3b:79:58:8b:a1:19:2d:33:ed:3b:86:76:a1:15:8d:dd:37:
70:72:e0:b4:4d:7b:d4:e4:99:c0:8d:a0:e5:11:c7:d0:0e:a0:
22:03:97:f0:4c:d3:79:42:ef:df:48:fa:47:2d:a3:2f:98:40:
94:83:76:8e:19:be:5a:78:ea:61:59:d1:93:ac:78:13:72:ff:
30:f8:37:a6:9c:bb:00:d3:a4:80:a1:7c:73:75:d9:6c:8d:d5:
ad:75:e9:f0:1a:3a:ea:9c:86:ae:02:54:ec:ef:7a:4b:c0:c8:
9d:2d:4f:56:c9:0b:97:aa:18:05:75:d9:17:9c:46:66:2c:2d:
46:af:22:2d:a0:23:92:54:14:70:84:84:f3:f1:aa:e3:d7:6d:
6e:4a:a6:36:54:f5:57:39:91:17:fc:0d:3a:ca:e4:94:3b:32:
c0:8d:86:1a:02:9d:e3:d6:28:56:93:30:b5:34:63:57:5e:d6:
41:f9:61:b4
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYZJkC0ImPxLWbfNJcWNjzseMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZTc1NTMyOTJhZjU5NTQyNmVlMWQ3ZGM5MTlhMjEwNDg5
NDc1MmIwHhcNMjMwMjEzMDY1NzEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjUxYTU5ZjczOTM3ODhjYWQyNjg5ZjgzOWExZjJjMjE2OTIzNmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9tUNtoso/b7u5ZAz4xzRBVxb3uM
jiH7R/zelG62vGVuhv5Mo0c4pd7OhX39D2JohBXvab4qXm9LfVzmGFLcZ4644ZE8
OJCGBqD1d0QbvTGzO1/bXvP60Zcw0EGtuBeuhNpLGiV07KHweRtFRlIV4DrytI28
spwDOTYLMTytutL8WShJkjeOxshaVex1AnAegBeBNGFJHSjU+sz1IlQ+INKZGopB
cSerYjMoQcQ9gumnLKPxlMB2EcKdxOuL1G83AzCeOq4rh8rADYGpE1xltEHksqdQ
9D2ge216Zv7Q7FiHDkgK5tnNN7leJjYv2sB2HK119EW8NrxdbLsErKynywIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEJRpZ9zk3iMrSaJ+Dmh8sIWkjbsMB8GA1UdIwQY
MBaAFGTnVTKSr1lUJu4dfckZohBIlHUrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk9kVk1wS3ZXVlFtN2gxOXlSbWlFRWlVZFNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9lNjZhNTctNjVlZi00NjQ0LThmNTAt
YzE0ZmFmNDNiZTE0LzEvUWxHbG4zT1RlSXl0Sm9uNE9hSHl3aGFTTnV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9lNjZhNTctNjVlZi00NjQ0LThmNTAtYzE0ZmFmNDNiZTE0
LzEvWk9kVk1wS3ZXVlFtN2gxOXlSbWlFRWlVZFNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBjeL6AwQC
ud8AMA0EAgACMAcDBQMqDSgAMA0GCSqGSIb3DQEBCwUAA4IBAQBFAVRnnziSsiGZ
LDFKMjCm0M2PRogKd1yrzEXtChFB8ui+aOKLgMQKgjRr/ho1nSHqEPV+9z8R6ujJ
dg+clqbDw7F9uaRZ616EO3lYi6EZLTPtO4Z2oRWN3TdwcuC0TXvU5JnAjaDlEcfQ
DqAiA5fwTNN5Qu/fSPpHLaMvmECUg3aOGb5aeOphWdGTrHgTcv8w+DemnLsA06SA
oXxzddlsjdWtdenwGjrqnIauAlTs73pLwMidLU9WyQuXqhgFddkXnEZmLC1GryIt
oCOSVBRwhITz8arj121uSqY2VPVXOZEX/A06yuSUOzLAjYYaAp3j1ihWkzC1NGNX
XtZB+WG0
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:53 2025 by rpki-client