Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/ba2f3d-6bd2-4f32-81af-c287670cce51/1/fZhQIbfmqxTuoNC9V-qeQUqxB5Q.roa
File: fZhQIbfmqxTuoNC9V-qeQUqxB5Q.roa (raw, json)
Hash identifier: 5aVJAZO869LW7fxkC1JnoDCGeONidtnLBCDoIYWXjVc=
Subject key identifier: 7D:98:50:21:B7:E6:AB:14:EE:A0:D0:BD:57:EA:9E:41:4A:B1:07:94
Certificate issuer: /CN=42a6e640198013de12a251f086030cd78c732516
Certificate serial: 01856F2FE985AA9AC71E5A421E8562F07D9D
Authority key identifier: 42:A6:E6:40:19:80:13:DE:12:A2:51:F0:86:03:0C:D7:8C:73:25:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QqbmQBmAE94SolHwhgMM14xzJRY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/ba2f3d-6bd2-4f32-81af-c287670cce51/1/fZhQIbfmqxTuoNC9V-qeQUqxB5Q.roa
Signing time: Sun 01 Jan 2023 21:14:48 +0000
ROA not before: Sun 01 Jan 2023 21:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20672
IP address blocks: 185.14.180.0/22 maxlen: 24
2a03:b6c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:2f:e9:85:aa:9a:c7:1e:5a:42:1e:85:62:f0:7d:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42a6e640198013de12a251f086030cd78c732516
Validity
Not Before: Jan 1 21:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7d985021b7e6ab14eea0d0bd57ea9e414ab10794
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:a7:73:de:b9:c7:e0:31:dd:16:31:59:85:76:
d2:65:e1:61:e7:8f:6a:11:b3:2f:c5:02:0a:fd:c9:
bc:56:86:b2:d0:36:aa:14:60:1e:e0:9e:31:cf:97:
2a:52:44:d9:5d:75:b6:56:fb:72:91:4f:de:c2:60:
9f:2b:c5:71:0a:e1:97:91:e1:d0:06:37:2f:27:b7:
91:9c:c5:ab:5c:0a:cc:da:b6:15:92:c1:33:7a:28:
21:95:c3:b9:b8:6f:66:09:5b:36:41:77:d6:32:06:
9a:91:fa:36:cb:fc:5a:3f:5d:a9:ed:3d:c0:60:10:
6d:6b:63:a7:61:c2:12:96:dc:cd:2b:5f:2f:dd:22:
6b:52:f7:62:f5:f6:e8:0d:57:54:a5:20:4e:56:e9:
8d:b1:3b:2d:54:fd:18:37:16:d1:bb:11:82:26:79:
25:d6:dc:f9:ca:10:ec:8c:24:d4:6d:80:9d:b3:75:
a0:fa:0c:97:0a:6c:1a:ad:76:44:4d:bf:c7:a7:cf:
62:91:5e:88:52:dd:3a:d2:51:2f:51:b4:e1:4a:4a:
4d:cc:4d:d7:53:0d:8f:cf:83:db:6c:1f:8e:43:f4:
f4:5b:c1:8f:17:7c:50:e4:73:f4:1d:f8:60:6c:08:
d1:a5:9e:79:7a:f0:f8:d7:de:78:33:25:ae:bf:6c:
54:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:98:50:21:B7:E6:AB:14:EE:A0:D0:BD:57:EA:9E:41:4A:B1:07:94
X509v3 Authority Key Identifier:
keyid:42:A6:E6:40:19:80:13:DE:12:A2:51:F0:86:03:0C:D7:8C:73:25:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QqbmQBmAE94SolHwhgMM14xzJRY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ba2f3d-6bd2-4f32-81af-c287670cce51/1/fZhQIbfmqxTuoNC9V-qeQUqxB5Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ba2f3d-6bd2-4f32-81af-c287670cce51/1/QqbmQBmAE94SolHwhgMM14xzJRY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.14.180.0/22
IPv6:
2a03:b6c0::/32
Signature Algorithm: sha256WithRSAEncryption
77:7c:ca:a5:7d:67:82:f7:0a:d9:8b:e1:3f:07:20:fe:d9:4b:
1d:f0:60:9f:65:08:08:b8:b0:8b:5c:02:14:66:f0:1d:97:0d:
2e:db:ab:a5:f0:c6:9a:82:30:71:7e:79:74:32:54:fc:13:2f:
e3:cb:f8:54:7c:be:fe:da:d1:d8:9d:24:05:cd:45:c6:2a:78:
c4:42:32:4d:0d:fb:e7:fd:d0:1c:ab:5c:f9:e6:7e:01:e7:c6:
1c:21:40:d8:2e:d5:a5:75:01:a2:ae:f1:73:41:98:d1:95:6a:
44:88:05:b5:40:01:89:56:ad:96:82:23:88:7a:ad:6e:e9:ae:
59:e5:a9:39:6c:e7:f8:37:b5:11:40:35:0f:c3:67:9e:39:70:
d3:18:20:44:a4:ae:28:de:e7:bd:a6:83:5a:e0:b5:d5:77:7b:
d4:3d:ad:b1:72:3c:f6:f6:ba:c8:b7:d7:37:42:6c:58:f6:4b:
f2:32:e6:ce:0c:b8:47:0f:f3:1e:cf:02:7a:7e:66:74:68:4e:
de:f0:34:cc:24:03:19:71:10:9a:8e:e8:fa:9c:61:2f:08:29:
64:ab:0a:fb:0c:c7:9f:a1:b8:3b:55:56:a4:ae:50:24:74:2b:
7e:ef:ba:e7:98:2c:e2:2c:be:fc:ab:b0:ac:eb:be:2e:4a:ee:
9c:db:48:b6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvL+mFqprHHlpCHoVi8H2dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyYTZlNjQwMTk4MDEzZGUxMmEyNTFmMDg2MDMwY2Q3OGM3
MzI1MTYwHhcNMjMwMTAxMjExNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDk4NTAyMWI3ZTZhYjE0ZWVhMGQwYmQ1N2VhOWU0MTRhYjEwNzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKdz3rnH4DHdFjFZhXbSZeFh549q
EbMvxQIK/cm8Voay0DaqFGAe4J4xz5cqUkTZXXW2VvtykU/ewmCfK8VxCuGXkeHQ
BjcvJ7eRnMWrXArM2rYVksEzeighlcO5uG9mCVs2QXfWMgaakfo2y/xaP12p7T3A
YBBta2OnYcISltzNK18v3SJrUvdi9fboDVdUpSBOVumNsTstVP0YNxbRuxGCJnkl
1tz5yhDsjCTUbYCds3Wg+gyXCmwarXZETb/Hp89ikV6IUt060lEvUbThSkpNzE3X
Uw2Pz4PbbB+OQ/T0W8GPF3xQ5HP0HfhgbAjRpZ55evD41954MyWuv2xUJwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFH2YUCG35qsU7qDQvVfqnkFKsQeUMB8GA1UdIwQY
MBaAFEKm5kAZgBPeEqJR8IYDDNeMcyUWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXFibVFCbUFFOTRTb2xId2hnTU0xNHh6SlJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9iYTJmM2QtNmJkMi00ZjMyLTgxYWYt
YzI4NzY3MGNjZTUxLzEvZlpoUUliZm1xeFR1b05DOVYtcWVRVXF4QjVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9iYTJmM2QtNmJkMi00ZjMyLTgxYWYtYzI4NzY3MGNjZTUx
LzEvUXFibVFCbUFFOTRTb2xId2hnTU0xNHh6SlJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQ60MA0E
AgACMAcDBQAqA7bAMA0GCSqGSIb3DQEBCwUAA4IBAQB3fMqlfWeC9wrZi+E/ByD+
2Usd8GCfZQgIuLCLXAIUZvAdlw0u26ul8MaagjBxfnl0MlT8Ey/jy/hUfL7+2tHY
nSQFzUXGKnjEQjJNDfvn/dAcq1z55n4B58YcIUDYLtWldQGirvFzQZjRlWpEiAW1
QAGJVq2WgiOIeq1u6a5Z5ak5bOf4N7URQDUPw2eeOXDTGCBEpK4o3ue9poNa4LXV
d3vUPa2xcjz29rrIt9c3QmxY9kvyMubODLhHD/MezwJ6fmZ0aE7e8DTMJAMZcRCa
juj6nGEvCClkqwr7DMefobg7VVakrlAkdCt+77rnmCziLL78q7Cs674uSu6c20i2
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:05:02 2025 by rpki-client