Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/6c54a9-9fe5-4893-9da7-7b986633ac5e/1/Qk4fR0RaO_dA2EnM6tZgbJcMVfM.roa
File: Qk4fR0RaO_dA2EnM6tZgbJcMVfM.roa (raw, json)
Hash identifier: U+CS8QRnsrzNciRMKGf3YsqHBHCcMzzVzHQzPmmGhcg=
Subject key identifier: 42:4E:1F:47:44:5A:3B:F7:40:D8:49:CC:EA:D6:60:6C:97:0C:55:F3
Certificate issuer: /CN=229fb0fb3d278e1b280a777de200efbd08baac30
Certificate serial: 01882E8D53B2531B3EE4BB149BFE2A1BC866
Authority key identifier: 22:9F:B0:FB:3D:27:8E:1B:28:0A:77:7D:E2:00:EF:BD:08:BA:AC:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ip-w-z0njhsoCnd94gDvvQi6rDA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/6c54a9-9fe5-4893-9da7-7b986633ac5e/1/Qk4fR0RaO_dA2EnM6tZgbJcMVfM.roa
Signing time: Thu 18 May 2023 11:09:53 +0000
ROA not before: Thu 18 May 2023 11:09:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 719
IP address blocks: 185.171.176.0/24 maxlen: 24
185.171.179.0/24 maxlen: 24
185.171.178.0/24 maxlen: 24
185.171.177.0/24 maxlen: 24
2a0a:e100::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:2e:8d:53:b2:53:1b:3e:e4:bb:14:9b:fe:2a:1b:c8:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=229fb0fb3d278e1b280a777de200efbd08baac30
Validity
Not Before: May 18 11:09:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=424e1f47445a3bf740d849ccead6606c970c55f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:b8:f4:29:5c:67:ef:80:f7:e3:33:5e:1b:8a:
b7:cd:b1:65:40:41:a8:44:1d:8d:6f:4d:f8:12:02:
97:cc:2f:2e:90:ca:1c:62:47:74:e0:27:d7:fd:56:
f2:26:bd:7c:61:b9:aa:25:22:11:08:a4:31:ca:ba:
20:de:b3:fa:42:d2:03:74:1b:31:ea:bb:c1:21:9a:
84:92:31:c0:4c:8e:8e:c2:9f:d6:65:8e:14:9e:70:
36:df:62:d0:62:6d:62:52:e9:78:c0:d4:69:92:ca:
1d:ce:74:07:b9:75:f3:90:fb:43:f7:6d:3c:17:7b:
0a:3a:50:1d:10:3e:2a:d0:e3:c5:c7:9c:7b:2f:0c:
0e:81:06:56:c2:79:0d:36:65:e6:93:b5:9e:5e:01:
96:46:7a:8e:ac:8d:5b:ff:0a:46:45:2b:26:cc:04:
69:7a:43:68:2a:b8:ea:a3:3d:b1:cb:f8:4a:d4:a0:
2d:52:a7:d8:0e:e7:35:a8:3a:db:7d:ba:5b:26:80:
3e:1f:1e:74:ec:04:44:57:9d:6c:c3:82:22:fc:b9:
5e:54:6e:48:47:98:05:63:1e:ab:84:1d:cf:67:5d:
76:6a:16:21:7f:6c:bb:22:72:a1:62:52:da:3d:33:
4f:9b:d2:16:e6:07:6d:b7:19:61:9d:2d:72:ae:b2:
ed:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:4E:1F:47:44:5A:3B:F7:40:D8:49:CC:EA:D6:60:6C:97:0C:55:F3
X509v3 Authority Key Identifier:
keyid:22:9F:B0:FB:3D:27:8E:1B:28:0A:77:7D:E2:00:EF:BD:08:BA:AC:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ip-w-z0njhsoCnd94gDvvQi6rDA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/6c54a9-9fe5-4893-9da7-7b986633ac5e/1/Qk4fR0RaO_dA2EnM6tZgbJcMVfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/6c54a9-9fe5-4893-9da7-7b986633ac5e/1/Ip-w-z0njhsoCnd94gDvvQi6rDA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.171.176.0/22
IPv6:
2a0a:e100::/29
Signature Algorithm: sha256WithRSAEncryption
3d:57:c6:5c:8e:10:32:da:f9:fe:3c:b3:17:d8:92:4f:84:04:
de:ee:29:c3:74:36:14:9e:96:e1:24:93:73:10:a5:cf:73:4f:
17:2c:df:38:d0:a5:a5:bf:92:cb:26:f9:2d:54:62:67:e2:f4:
b9:61:e9:17:01:0e:3a:e9:8b:1b:7a:1f:f3:25:a6:80:cb:99:
81:a0:a9:d5:4b:cd:5b:65:6f:c9:46:35:5b:06:a8:d4:cf:f2:
0f:ba:86:95:ba:c2:71:30:e3:16:57:11:62:d8:d5:f6:60:91:
55:15:f4:74:fa:52:d4:bd:53:20:cf:11:a1:1c:e3:df:3b:b4:
db:59:f5:78:55:24:c0:65:ab:ef:3e:8b:d5:24:ea:10:88:5e:
0e:58:41:54:98:5c:8f:96:e6:61:8f:e1:b7:50:75:74:a4:11:
d5:0f:70:43:83:9f:14:97:45:af:26:21:35:4b:62:d6:41:ac:
4f:bd:c8:45:ec:8b:a2:6b:15:16:49:39:c7:b8:96:bc:c2:05:
4b:4e:39:1f:c9:eb:d1:ab:d8:d3:24:c0:63:97:e9:2c:c0:25:
c4:77:4b:78:df:10:45:20:56:17:0c:55:a1:d1:12:c7:f3:0d:
f6:ed:da:b0:b4:16:f3:2c:01:85:84:cd:51:b7:97:c2:8b:21:
fe:68:9c:54
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYgujVOyUxs+5LsUm/4qG8hmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyOWZiMGZiM2QyNzhlMWIyODBhNzc3ZGUyMDBlZmJkMDhi
YWFjMzAwHhcNMjMwNTE4MTEwOTUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjRlMWY0NzQ0NWEzYmY3NDBkODQ5Y2NlYWQ2NjA2Yzk3MGM1NWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAybj0KVxn74D34zNeG4q3zbFlQEGo
RB2Nb034EgKXzC8ukMocYkd04CfX/VbyJr18YbmqJSIRCKQxyrog3rP6QtIDdBsx
6rvBIZqEkjHATI6Owp/WZY4UnnA232LQYm1iUul4wNRpksodznQHuXXzkPtD9208
F3sKOlAdED4q0OPFx5x7LwwOgQZWwnkNNmXmk7WeXgGWRnqOrI1b/wpGRSsmzARp
ekNoKrjqoz2xy/hK1KAtUqfYDuc1qDrbfbpbJoA+Hx507AREV51sw4Ii/LleVG5I
R5gFYx6rhB3PZ112ahYhf2y7InKhYlLaPTNPm9IW5gdttxlhnS1yrrLtLQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEJOH0dEWjv3QNhJzOrWYGyXDFXzMB8GA1UdIwQY
MBaAFCKfsPs9J44bKAp3feIA770IuqwwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXAtdy16MG5qaHNvQ25kOTRnRHZ2UWk2ckRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS82YzU0YTktOWZlNS00ODkzLTlkYTct
N2I5ODY2MzNhYzVlLzEvUWs0ZlIwUmFPX2RBMkVuTTZ0WmdiSmNNVmZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS82YzU0YTktOWZlNS00ODkzLTlkYTctN2I5ODY2MzNhYzVl
LzEvSXAtdy16MG5qaHNvQ25kOTRnRHZ2UWk2ckRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuauwMA0E
AgACMAcDBQMqCuEAMA0GCSqGSIb3DQEBCwUAA4IBAQA9V8ZcjhAy2vn+PLMX2JJP
hATe7inDdDYUnpbhJJNzEKXPc08XLN840KWlv5LLJvktVGJn4vS5YekXAQ466Ysb
eh/zJaaAy5mBoKnVS81bZW/JRjVbBqjUz/IPuoaVusJxMOMWVxFi2NX2YJFVFfR0
+lLUvVMgzxGhHOPfO7TbWfV4VSTAZavvPovVJOoQiF4OWEFUmFyPluZhj+G3UHV0
pBHVD3BDg58Ul0WvJiE1S2LWQaxPvchF7IuiaxUWSTnHuJa8wgVLTjkfyevRq9jT
JMBjl+kswCXEd0t43xBFIFYXDFWh0RLH8w327dqwtBbzLAGFhM1Rt5fCiyH+aJxU
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:07:00 2025 by rpki-client