Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/qh9SbJldkEAo4igtW8OkMQIUO9M.roa
File: qh9SbJldkEAo4igtW8OkMQIUO9M.roa (raw, json)
Hash identifier: O1JqQ01+Kmin3m4M4QyllDzrCwHc3DzmGAIX1A3agfQ=
Subject key identifier: AA:1F:52:6C:99:5D:90:40:28:E2:28:2D:5B:C3:A4:31:02:14:3B:D3
Certificate issuer: /CN=b6c167dfa9882b2aa8f84595f58a97c305ca43c5
Certificate serial: 0188D80EBBE28E6A76CD920C8C0A4D8216F3
Authority key identifier: B6:C1:67:DF:A9:88:2B:2A:A8:F8:45:95:F5:8A:97:C3:05:CA:43:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tsFn36mIKyqo-EWV9YqXwwXKQ8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/qh9SbJldkEAo4igtW8OkMQIUO9M.roa
Signing time: Tue 20 Jun 2023 09:07:04 +0000
ROA not before: Tue 20 Jun 2023 09:07:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48147
IP address blocks: 185.229.204.0/24 maxlen: 24
45.135.241.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d8:0e:bb:e2:8e:6a:76:cd:92:0c:8c:0a:4d:82:16:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6c167dfa9882b2aa8f84595f58a97c305ca43c5
Validity
Not Before: Jun 20 09:07:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa1f526c995d904028e2282d5bc3a43102143bd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:90:13:fb:22:ea:67:cd:5d:99:3a:15:e8:46:
f5:2a:db:90:fb:cf:13:96:1c:2e:7c:9a:1e:d4:73:
3f:0f:41:fe:d0:0d:b6:47:65:fc:65:f4:1b:d9:2d:
33:a4:91:e9:79:b6:97:4f:15:f6:3e:e9:a0:9d:77:
70:a3:3c:13:db:89:00:e4:82:5a:23:d8:0e:2d:82:
72:4a:62:ee:a6:be:2a:d7:02:e4:fe:db:c6:d6:b8:
31:a5:90:d3:1d:bc:74:bb:f9:05:51:ed:00:14:7b:
50:19:0e:09:e7:ff:a4:2d:c1:e3:7f:5b:7d:43:b9:
ac:2a:17:72:26:8e:72:ff:b7:e7:b4:9e:f5:20:48:
74:60:fe:de:6d:a9:e7:bc:f9:a2:77:94:5c:f5:ba:
1f:c8:f6:51:79:d9:fa:38:54:d2:9f:8d:91:59:31:
00:5a:b5:01:c5:eb:ce:70:36:31:15:f0:de:54:c9:
aa:fa:62:d9:91:89:7b:cd:06:ef:58:3b:2b:b1:eb:
6f:83:e4:51:c2:58:00:4d:36:27:8e:2c:72:b4:b4:
68:3b:a7:c7:4d:a6:08:11:d0:46:27:b5:43:b5:35:
2e:d7:6f:01:01:f0:dd:31:65:d8:59:d4:56:a8:cf:
d7:0f:0e:43:9c:40:b6:c1:62:c4:5b:e0:9f:20:f0:
2f:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:1F:52:6C:99:5D:90:40:28:E2:28:2D:5B:C3:A4:31:02:14:3B:D3
X509v3 Authority Key Identifier:
keyid:B6:C1:67:DF:A9:88:2B:2A:A8:F8:45:95:F5:8A:97:C3:05:CA:43:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tsFn36mIKyqo-EWV9YqXwwXKQ8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/qh9SbJldkEAo4igtW8OkMQIUO9M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/tsFn36mIKyqo-EWV9YqXwwXKQ8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.241.0/24
185.229.204.0/24
Signature Algorithm: sha256WithRSAEncryption
77:bb:fb:27:97:fb:fe:80:64:4a:0b:83:1f:d3:f5:e9:d0:c1:
52:5e:4a:41:c8:2e:08:6e:ad:ec:e8:cf:4c:25:28:73:1d:3b:
b1:42:1b:65:30:07:45:4a:94:ab:d0:af:4a:6d:f7:87:7d:80:
9b:39:21:0e:77:73:81:d7:40:35:2f:69:dd:fe:19:bf:fd:56:
c2:f4:83:3f:09:c2:2b:31:27:d2:79:79:13:e1:fd:78:14:10:
27:10:7c:60:9e:e4:5f:e0:28:d2:b9:28:3d:5b:08:d1:4d:df:
1c:e2:0f:d5:b0:bf:bd:40:fa:eb:b5:70:aa:fb:41:5f:45:4a:
91:14:70:e5:75:93:84:06:3c:e6:48:38:d0:5a:57:c5:0a:77:
c6:53:29:58:e9:7f:77:d3:bb:6c:c1:2b:8e:df:5b:a4:51:ac:
bd:5e:5b:0a:d7:4e:bb:f6:c3:02:e8:5b:3c:38:5c:08:fa:4d:
b2:7e:0c:12:d0:55:45:fa:e4:0e:1d:cc:fa:b6:67:31:b1:b1:
19:c5:31:86:34:68:72:d6:c4:62:5f:a6:6b:3e:6a:c5:7f:45:
1e:a8:09:3f:ec:a3:3d:1e:c7:fe:a5:8e:ce:37:84:c0:9e:c8:
f1:c2:9a:8f:b9:84:08:6e:da:73:e5:7a:48:36:9d:b3:ad:63:
c1:e6:c2:db
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYjYDrvijmp2zZIMjApNghbzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2YzE2N2RmYTk4ODJiMmFhOGY4NDU5NWY1OGE5N2MzMDVj
YTQzYzUwHhcNMjMwNjIwMDkwNzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTFmNTI2Yzk5NWQ5MDQwMjhlMjI4MmQ1YmMzYTQzMTAyMTQzYmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhpAT+yLqZ81dmToV6Eb1KtuQ+88T
lhwufJoe1HM/D0H+0A22R2X8ZfQb2S0zpJHpebaXTxX2PumgnXdwozwT24kA5IJa
I9gOLYJySmLupr4q1wLk/tvG1rgxpZDTHbx0u/kFUe0AFHtQGQ4J5/+kLcHjf1t9
Q7msKhdyJo5y/7fntJ71IEh0YP7ebannvPmid5Rc9bofyPZRedn6OFTSn42RWTEA
WrUBxevOcDYxFfDeVMmq+mLZkYl7zQbvWDsrsetvg+RRwlgATTYnjixytLRoO6fH
TaYIEdBGJ7VDtTUu128BAfDdMWXYWdRWqM/XDw5DnEC2wWLEW+CfIPAvcwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKofUmyZXZBAKOIoLVvDpDECFDvTMB8GA1UdIwQY
MBaAFLbBZ9+piCsqqPhFlfWKl8MFykPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHNGbjM2bUlLeXFvLUVXVjlZcVh3d1hLUThVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy83M2JlZWItNmEwNS00Y2NhLTg2YmUt
YWNmYzNkMmMyNTIyLzEvcWg5U2JKbGRrRUFvNGlndFc4T2tNUUlVTzlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy83M2JlZWItNmEwNS00Y2NhLTg2YmUtYWNmYzNkMmMyNTIy
LzEvdHNGbjM2bUlLeXFvLUVXVjlZcVh3d1hLUThVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALYfxAwQA
ueXMMA0GCSqGSIb3DQEBCwUAA4IBAQB3u/snl/v+gGRKC4Mf0/Xp0MFSXkpByC4I
bq3s6M9MJShzHTuxQhtlMAdFSpSr0K9KbfeHfYCbOSEOd3OB10A1L2nd/hm//VbC
9IM/CcIrMSfSeXkT4f14FBAnEHxgnuRf4CjSuSg9WwjRTd8c4g/VsL+9QPrrtXCq
+0FfRUqRFHDldZOEBjzmSDjQWlfFCnfGUylY6X9307tswSuO31ukUay9XlsK1067
9sMC6Fs8OFwI+k2yfgwS0FVF+uQOHcz6tmcxsbEZxTGGNGhy1sRiX6ZrPmrFf0Ue
qAk/7KM9Hsf+pY7ON4TAnsjxwpqPuYQIbtpz5XpINp2zrWPB5sLb
-----END CERTIFICATE-----
Generated at Sat Apr 19 18:40:53 2025 by rpki-client