Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/qI1KOZrK3hFbkmYVAWgKzpN1VuU.roa
File: qI1KOZrK3hFbkmYVAWgKzpN1VuU.roa (raw, json)
Hash identifier: XeRII92z4DtY6GaQykEhgg9uT52BRlEK7sPmbXp2WFs=
Subject key identifier: A8:8D:4A:39:9A:CA:DE:11:5B:92:66:15:01:68:0A:CE:93:75:56:E5
Certificate issuer: /CN=c089423af1be03027196d1f81df22992978cda6e
Certificate serial: 0187950A1F98E5D5CA9565834BB224030A44
Authority key identifier: C0:89:42:3A:F1:BE:03:02:71:96:D1:F8:1D:F2:29:92:97:8C:DA:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wIlCOvG-AwJxltH4HfIpkpeM2m4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/qI1KOZrK3hFbkmYVAWgKzpN1VuU.roa
Signing time: Tue 18 Apr 2023 15:44:41 +0000
ROA not before: Tue 18 Apr 2023 15:44:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16262
IP address blocks: 185.245.42.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:95:0a:1f:98:e5:d5:ca:95:65:83:4b:b2:24:03:0a:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c089423af1be03027196d1f81df22992978cda6e
Validity
Not Before: Apr 18 15:44:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a88d4a399acade115b92661501680ace937556e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:92:66:48:1e:10:a5:86:b5:2f:1c:34:49:6f:
7f:9a:1e:39:f7:fc:8a:2c:fc:ac:ec:7a:cd:35:64:
51:30:60:74:fb:2a:05:8c:fe:35:95:92:80:21:18:
5e:65:a4:c7:76:43:92:8d:a1:29:43:a1:d6:70:a4:
99:3c:75:6f:b3:a9:70:25:ef:f7:7f:4b:43:54:ba:
e1:dc:c1:1a:1a:86:72:9d:cd:5d:6e:10:b3:70:aa:
23:53:33:ee:89:b8:53:60:e8:04:da:d4:b4:f8:0a:
26:8c:59:14:bb:65:6c:05:18:c8:69:88:6d:5d:b8:
3c:aa:0e:af:58:44:03:98:20:d7:9e:a0:ff:6b:db:
e1:de:0d:63:4e:91:fc:89:70:f5:3c:22:30:36:92:
2e:7e:f3:e3:a4:bc:7b:8f:32:2a:2e:74:2f:a0:50:
ad:55:64:76:a8:81:86:8b:1c:8e:ee:06:f4:62:e6:
de:f5:14:e9:dc:5c:f1:ef:f8:05:1f:d6:08:6b:b9:
d3:4a:10:da:29:a2:f7:e5:fa:db:45:b0:e1:ad:cb:
7e:09:e7:d3:bc:fe:f2:1f:99:1d:07:cd:79:73:70:
3c:46:0f:ec:7e:35:56:9a:22:02:ae:d6:21:8f:b2:
c4:dc:96:f0:6f:58:ef:c2:b3:09:e5:bd:4e:c2:61:
b0:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:8D:4A:39:9A:CA:DE:11:5B:92:66:15:01:68:0A:CE:93:75:56:E5
X509v3 Authority Key Identifier:
keyid:C0:89:42:3A:F1:BE:03:02:71:96:D1:F8:1D:F2:29:92:97:8C:DA:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wIlCOvG-AwJxltH4HfIpkpeM2m4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/qI1KOZrK3hFbkmYVAWgKzpN1VuU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/wIlCOvG-AwJxltH4HfIpkpeM2m4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.245.42.0/23
Signature Algorithm: sha256WithRSAEncryption
65:52:7e:44:0c:db:c0:6e:a9:af:ea:a1:ed:90:7a:57:36:27:
29:e5:fe:2c:a8:70:9d:07:01:6a:4c:c6:75:5d:72:ae:b6:04:
54:21:41:5f:44:53:4b:c6:fd:cf:a7:46:cb:c8:8f:e1:46:75:
04:cc:dd:ab:3f:cd:62:c2:e4:e3:cd:42:de:38:ce:a1:d8:d2:
ed:04:f9:4f:17:88:16:e6:8b:e9:46:93:f8:3e:a1:9e:a5:c7:
81:9c:28:e7:fb:92:ac:08:13:ea:a6:66:71:3e:d1:2c:db:07:
3b:7b:68:a0:38:fd:fb:53:b8:52:bb:04:c0:f0:ed:6c:ca:5f:
40:54:59:4e:dc:e9:1d:3c:65:92:71:a0:40:b3:31:9c:3d:f2:
82:31:2e:bf:07:af:42:54:cc:f0:27:b5:2b:ba:3f:36:c1:5f:
2e:e5:73:ae:f5:b8:ba:ff:94:05:33:51:da:a8:0c:57:db:29:
ab:14:09:43:6e:49:53:32:2a:5f:10:34:d2:9e:c7:38:5f:55:
30:bf:20:10:e7:b6:e8:84:af:cb:c4:d5:af:af:a1:fa:fc:70:
59:63:50:6d:42:67:a7:43:28:95:c3:d5:cc:0e:55:ec:68:bb:
4b:75:75:3e:d1:4d:b9:8f:3e:45:5f:73:b8:35:61:42:aa:ad:
48:5b:db:3e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeVCh+Y5dXKlWWDS7IkAwpEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwODk0MjNhZjFiZTAzMDI3MTk2ZDFmODFkZjIyOTkyOTc4
Y2RhNmUwHhcNMjMwNDE4MTU0NDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODhkNGEzOTlhY2FkZTExNWI5MjY2MTUwMTY4MGFjZTkzNzU1NmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy5JmSB4QpYa1Lxw0SW9/mh459/yK
LPys7HrNNWRRMGB0+yoFjP41lZKAIRheZaTHdkOSjaEpQ6HWcKSZPHVvs6lwJe/3
f0tDVLrh3MEaGoZync1dbhCzcKojUzPuibhTYOgE2tS0+AomjFkUu2VsBRjIaYht
Xbg8qg6vWEQDmCDXnqD/a9vh3g1jTpH8iXD1PCIwNpIufvPjpLx7jzIqLnQvoFCt
VWR2qIGGixyO7gb0Yube9RTp3Fzx7/gFH9YIa7nTShDaKaL35frbRbDhrct+CefT
vP7yH5kdB815c3A8Rg/sfjVWmiICrtYhj7LE3Jbwb1jvwrMJ5b1OwmGw+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKiNSjmayt4RW5JmFQFoCs6TdVblMB8GA1UdIwQY
MBaAFMCJQjrxvgMCcZbR+B3yKZKXjNpuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0lsQ092Ry1Bd0p4bHRINEhmSXBrcGVNMm00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9kYzI5MTItYzdiMC00ZGY0LTlhYTgt
NjUzMzJiNDdmNWViLzEvcUkxS09ackszaEZia21ZVkFXZ0t6cE4xVnVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9kYzI5MTItYzdiMC00ZGY0LTlhYTgtNjUzMzJiNDdmNWVi
LzEvd0lsQ092Ry1Bd0p4bHRINEhmSXBrcGVNMm00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBufUqMA0G
CSqGSIb3DQEBCwUAA4IBAQBlUn5EDNvAbqmv6qHtkHpXNicp5f4sqHCdBwFqTMZ1
XXKutgRUIUFfRFNLxv3Pp0bLyI/hRnUEzN2rP81iwuTjzULeOM6h2NLtBPlPF4gW
5ovpRpP4PqGepceBnCjn+5KsCBPqpmZxPtEs2wc7e2igOP37U7hSuwTA8O1syl9A
VFlO3OkdPGWScaBAszGcPfKCMS6/B69CVMzwJ7Uruj82wV8u5XOu9bi6/5QFM1Ha
qAxX2ymrFAlDbklTMipfEDTSnsc4X1UwvyAQ57bohK/LxNWvr6H6/HBZY1BtQmen
QyiVw9XMDlXsaLtLdXU+0U25jz5FX3O4NWFCqq1IW9s+
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:38:56 2025 by rpki-client