Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/998786-8719-4d8e-9500-ef97006c450b/1/F3R7QyGYCHwj2Wdz9t32lNE9ot4.roa
File: F3R7QyGYCHwj2Wdz9t32lNE9ot4.roa (raw, json)
Hash identifier: MePjfZiOWCL5X5L5H1wzkDUCC+G8wrM5xFgEdOH1G1Y=
Subject key identifier: 17:74:7B:43:21:98:08:7C:23:D9:67:73:F6:DD:F6:94:D1:3D:A2:DE
Certificate issuer: /CN=41d10b88eb24f6262d9315368a5d01e1e0860c4e
Certificate serial: 0186EE9A2DB2051FA9514DCBA872E0281E7D
Authority key identifier: 41:D1:0B:88:EB:24:F6:26:2D:93:15:36:8A:5D:01:E1:E0:86:0C:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QdELiOsk9iYtkxU2il0B4eCGDE4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/998786-8719-4d8e-9500-ef97006c450b/1/F3R7QyGYCHwj2Wdz9t32lNE9ot4.roa
Signing time: Fri 17 Mar 2023 08:05:27 +0000
ROA not before: Fri 17 Mar 2023 08:05:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12874
IP address blocks: 185.190.214.0/24 maxlen: 24
185.190.215.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ee:9a:2d:b2:05:1f:a9:51:4d:cb:a8:72:e0:28:1e:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41d10b88eb24f6262d9315368a5d01e1e0860c4e
Validity
Not Before: Mar 17 08:05:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=17747b432198087c23d96773f6ddf694d13da2de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:58:b9:a5:0a:19:5c:3a:23:75:dc:94:3b:19:
80:8e:f6:f2:fc:b3:61:73:11:0d:31:c5:a0:fc:a6:
39:c8:ec:73:8a:f8:48:8f:d8:9a:64:6c:19:39:a0:
6b:43:d5:1b:ba:28:e1:d2:cb:6c:49:29:08:fd:9c:
a2:03:1a:07:f2:dd:c5:e1:de:18:b0:06:56:01:9a:
51:d0:d6:d6:17:84:b0:72:00:d8:50:e7:b7:7c:8f:
78:16:96:dc:3f:79:3e:36:a2:12:27:11:a5:54:e1:
b3:05:ad:8c:90:d0:e5:7c:db:e4:13:95:3b:3f:83:
95:73:fc:30:83:88:7d:b4:43:c2:0d:f7:fa:df:3a:
3d:f8:81:38:44:af:50:61:ef:4c:4d:c1:62:8f:ad:
94:30:d7:c6:7e:b5:fb:fa:c3:1d:68:e9:3e:fc:84:
3b:fc:18:5e:67:ca:6a:17:e8:4f:15:a8:28:10:a0:
59:d6:f6:ce:0b:8b:a5:7e:6e:cc:4c:6e:27:31:68:
fd:14:ad:f9:c8:e1:53:cc:56:04:7e:2e:06:f4:32:
f3:0d:72:3c:81:37:08:df:d2:a2:25:6d:9e:f9:70:
db:85:64:62:fb:c8:1c:19:d9:38:6f:56:f5:5a:4e:
2b:f7:ce:b5:7c:30:47:62:c6:7e:c8:8f:b0:ab:88:
c1:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:74:7B:43:21:98:08:7C:23:D9:67:73:F6:DD:F6:94:D1:3D:A2:DE
X509v3 Authority Key Identifier:
keyid:41:D1:0B:88:EB:24:F6:26:2D:93:15:36:8A:5D:01:E1:E0:86:0C:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QdELiOsk9iYtkxU2il0B4eCGDE4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/998786-8719-4d8e-9500-ef97006c450b/1/F3R7QyGYCHwj2Wdz9t32lNE9ot4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/998786-8719-4d8e-9500-ef97006c450b/1/QdELiOsk9iYtkxU2il0B4eCGDE4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.190.214.0/23
Signature Algorithm: sha256WithRSAEncryption
6f:c0:a3:8a:d5:e9:e9:36:6f:9f:e4:cb:3f:be:04:54:51:2b:
87:72:8a:21:50:6f:a2:72:51:6a:aa:10:4b:ee:27:df:ff:fa:
42:a1:af:a6:96:62:41:f4:ee:bf:93:00:5f:28:70:ef:af:a6:
28:82:38:ff:81:18:cc:82:9d:ab:c5:c4:5e:0b:85:14:b8:64:
a1:24:3a:b0:5e:fd:65:dc:00:16:a5:f2:75:27:73:5b:2b:e9:
e0:87:d8:c4:22:14:ec:13:ca:65:e9:da:e6:0d:b6:f2:01:7b:
e5:d2:a1:4f:54:f1:b6:3b:4e:47:0a:3f:78:a4:b2:9c:6e:75:
5f:0f:f1:56:fb:65:35:59:9c:50:d6:8c:d7:67:bf:42:23:2a:
41:63:fc:e8:2b:7d:96:47:54:e8:71:1c:23:ec:8c:52:f2:38:
5e:40:9d:49:5a:66:58:fc:a1:ac:f9:78:c7:28:4b:9b:60:52:
5c:d2:a5:a4:da:c0:54:ee:51:34:22:b5:6f:d8:6c:6c:09:1c:
e6:0d:f9:9a:92:07:e6:70:21:d4:33:b9:35:1d:5d:f0:00:e5:
1e:0c:89:aa:94:f8:96:37:21:5c:44:8c:2b:67:b9:47:b0:23:
06:e1:ff:0d:e3:97:8c:99:02:28:ce:09:95:cd:cb:ab:62:ee:
cd:19:fe:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbumi2yBR+pUU3LqHLgKB59MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZDEwYjg4ZWIyNGY2MjYyZDkzMTUzNjhhNWQwMWUxZTA4
NjBjNGUwHhcNMjMwMzE3MDgwNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzc0N2I0MzIxOTgwODdjMjNkOTY3NzNmNmRkZjY5NGQxM2RhMmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFi5pQoZXDojddyUOxmAjvby/LNh
cxENMcWg/KY5yOxzivhIj9iaZGwZOaBrQ9Ubuijh0stsSSkI/ZyiAxoH8t3F4d4Y
sAZWAZpR0NbWF4SwcgDYUOe3fI94FpbcP3k+NqISJxGlVOGzBa2MkNDlfNvkE5U7
P4OVc/wwg4h9tEPCDff63zo9+IE4RK9QYe9MTcFij62UMNfGfrX7+sMdaOk+/IQ7
/BheZ8pqF+hPFagoEKBZ1vbOC4ulfm7MTG4nMWj9FK35yOFTzFYEfi4G9DLzDXI8
gTcI39KiJW2e+XDbhWRi+8gcGdk4b1b1Wk4r9861fDBHYsZ+yI+wq4jBuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBd0e0MhmAh8I9lnc/bd9pTRPaLeMB8GA1UdIwQY
MBaAFEHRC4jrJPYmLZMVNopdAeHghgxOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWRFTGlPc2s5aVl0a3hVMmlsMEI0ZUNHREU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS85OTg3ODYtODcxOS00ZDhlLTk1MDAt
ZWY5NzAwNmM0NTBiLzEvRjNSN1F5R1lDSHdqMldkejl0MzJsTkU5b3Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS85OTg3ODYtODcxOS00ZDhlLTk1MDAtZWY5NzAwNmM0NTBi
LzEvUWRFTGlPc2s5aVl0a3hVMmlsMEI0ZUNHREU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBub7WMA0G
CSqGSIb3DQEBCwUAA4IBAQBvwKOK1enpNm+f5Ms/vgRUUSuHcoohUG+iclFqqhBL
7iff//pCoa+mlmJB9O6/kwBfKHDvr6Yogjj/gRjMgp2rxcReC4UUuGShJDqwXv1l
3AAWpfJ1J3NbK+ngh9jEIhTsE8pl6drmDbbyAXvl0qFPVPG2O05HCj94pLKcbnVf
D/FW+2U1WZxQ1ozXZ79CIypBY/zoK32WR1TocRwj7IxS8jheQJ1JWmZY/KGs+XjH
KEubYFJc0qWk2sBU7lE0IrVv2GxsCRzmDfmakgfmcCHUM7k1HV3wAOUeDImqlPiW
NyFcRIwrZ7lHsCMG4f8N45eMmQIozgmVzcurYu7NGf7n
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:13:06 2025 by rpki-client