Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/03cb31-62f2-48c7-9b7f-0cd1d28965d1/1/QvFlb8con73IVdYpFDkuSEkSLss.roa
File: QvFlb8con73IVdYpFDkuSEkSLss.roa (raw, json)
Hash identifier: 3wQSsbRlqQCWzoI0f8rsIC/Se0oHDVUl/eoKfFj21N8=
Subject key identifier: 42:F1:65:6F:C7:28:9F:BD:C8:55:D6:29:14:39:2E:48:49:12:2E:CB
Certificate issuer: /CN=3e46fa1d779c196ceb28029106b4ef7d17553d2b
Certificate serial: 01856F1D9B5CD631258F255AF0A6A097433D
Authority key identifier: 3E:46:FA:1D:77:9C:19:6C:EB:28:02:91:06:B4:EF:7D:17:55:3D:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pkb6HXecGWzrKAKRBrTvfRdVPSs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/03cb31-62f2-48c7-9b7f-0cd1d28965d1/1/QvFlb8con73IVdYpFDkuSEkSLss.roa
Signing time: Sun 01 Jan 2023 20:54:49 +0000
ROA not before: Sun 01 Jan 2023 20:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197451
IP address blocks: 185.135.23.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:9b:5c:d6:31:25:8f:25:5a:f0:a6:a0:97:43:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e46fa1d779c196ceb28029106b4ef7d17553d2b
Validity
Not Before: Jan 1 20:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=42f1656fc7289fbdc855d62914392e4849122ecb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:e1:7c:f7:37:9e:2d:57:74:2b:56:23:00:cf:
a4:d9:86:1e:b2:f9:ab:4e:74:6d:01:88:0d:54:c3:
fa:9d:6c:e9:9e:3f:af:38:bc:0f:7c:c0:f1:50:9f:
2b:a3:00:05:ce:e1:49:f8:0e:76:0b:57:de:c1:db:
e9:98:64:9e:2f:b7:81:7d:99:62:72:4c:16:af:1c:
73:74:85:a3:c8:b1:4d:d6:72:27:fc:1a:c9:ee:9e:
5e:86:6c:a3:80:88:7b:83:f1:53:76:89:26:38:f7:
b5:45:af:d8:c6:fd:48:c4:3b:64:6c:76:ad:1b:51:
09:5a:0a:13:76:22:7c:a0:ec:e3:a7:5d:ea:e6:d8:
7f:31:7b:cd:fc:32:1d:08:8e:cb:97:9f:3a:55:0c:
7c:7b:99:e0:6e:78:a0:fc:2b:c9:0f:16:ad:71:37:
8a:a3:36:59:30:4c:17:ce:a9:f6:ae:a6:76:54:85:
ea:87:f0:56:95:1c:6f:4e:8e:4f:b7:70:68:ef:43:
dc:f9:a4:80:bb:2f:64:a6:3c:bc:a5:6a:a3:f5:b7:
2a:37:9b:31:47:96:55:09:cc:91:16:2e:a3:69:35:
b8:e2:a5:27:1d:4e:57:09:4a:e4:51:14:e7:42:8f:
09:b5:6b:2b:65:93:e8:1d:8e:87:31:bf:69:76:ea:
79:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:F1:65:6F:C7:28:9F:BD:C8:55:D6:29:14:39:2E:48:49:12:2E:CB
X509v3 Authority Key Identifier:
keyid:3E:46:FA:1D:77:9C:19:6C:EB:28:02:91:06:B4:EF:7D:17:55:3D:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pkb6HXecGWzrKAKRBrTvfRdVPSs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/03cb31-62f2-48c7-9b7f-0cd1d28965d1/1/QvFlb8con73IVdYpFDkuSEkSLss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/03cb31-62f2-48c7-9b7f-0cd1d28965d1/1/Pkb6HXecGWzrKAKRBrTvfRdVPSs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.135.23.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:48:53:ea:f8:28:6c:1b:36:b4:f2:2b:ba:3b:96:8b:42:88:
da:d9:e6:64:fe:0e:8b:f8:f6:fc:85:9e:9d:79:e6:08:60:83:
0d:f4:6f:30:26:04:c3:a4:c1:d9:db:bf:4a:82:a0:bb:34:81:
88:18:d2:85:fd:c3:d1:e0:a7:93:16:56:33:bd:4c:1d:55:a6:
ef:50:ff:1f:a2:27:9a:00:03:85:fb:31:dc:f3:86:c4:19:ea:
2b:64:1e:19:67:67:40:ae:54:e6:ff:64:41:e6:bc:42:5c:63:
51:ae:7b:04:c9:1a:4b:08:5a:35:e0:75:aa:86:1e:d1:a4:fa:
af:99:9f:9b:7c:1e:32:1a:14:6e:6f:26:71:2a:63:74:53:5d:
99:01:61:3b:5f:29:c2:b0:a8:d5:94:98:7f:9c:73:9e:04:81:
0b:23:53:aa:9a:b6:97:9a:21:e1:ac:76:d7:93:25:9b:0b:2e:
b3:a5:54:37:46:9e:83:44:05:d1:1a:82:50:6d:2e:73:bf:c4:
d5:bd:88:0a:80:4e:3e:c0:0b:54:0d:ad:4b:76:95:a1:74:f8:
a9:16:85:b0:90:27:42:d3:d7:0d:9d:9d:e9:61:93:04:1f:ba:
18:fb:ad:03:42:e0:1d:00:48:91:f8:2a:4d:de:a0:40:ef:3f:
13:32:68:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvHZtc1jEljyVa8Kagl0M9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNDZmYTFkNzc5YzE5NmNlYjI4MDI5MTA2YjRlZjdkMTc1
NTNkMmIwHhcNMjMwMTAxMjA1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmYxNjU2ZmM3Mjg5ZmJkYzg1NWQ2MjkxNDM5MmU0ODQ5MTIyZWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoeF89zeeLVd0K1YjAM+k2YYesvmr
TnRtAYgNVMP6nWzpnj+vOLwPfMDxUJ8rowAFzuFJ+A52C1fewdvpmGSeL7eBfZli
ckwWrxxzdIWjyLFN1nIn/BrJ7p5ehmyjgIh7g/FTdokmOPe1Ra/Yxv1IxDtkbHat
G1EJWgoTdiJ8oOzjp13q5th/MXvN/DIdCI7Ll586VQx8e5ngbnig/CvJDxatcTeK
ozZZMEwXzqn2rqZ2VIXqh/BWlRxvTo5Pt3Bo70Pc+aSAuy9kpjy8pWqj9bcqN5sx
R5ZVCcyRFi6jaTW44qUnHU5XCUrkURTnQo8JtWsrZZPoHY6HMb9pdup5HQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFELxZW/HKJ+9yFXWKRQ5LkhJEi7LMB8GA1UdIwQY
MBaAFD5G+h13nBls6ygCkQa0730XVT0rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGtiNkhYZWNHV3pyS0FLUkJyVHZmUmRWUFNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8wM2NiMzEtNjJmMi00OGM3LTliN2Yt
MGNkMWQyODk2NWQxLzEvUXZGbGI4Y29uNzNJVmRZcEZEa3VTRWtTTHNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC8wM2NiMzEtNjJmMi00OGM3LTliN2YtMGNkMWQyODk2NWQx
LzEvUGtiNkhYZWNHV3pyS0FLUkJyVHZmUmRWUFNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYcXMA0G
CSqGSIb3DQEBCwUAA4IBAQAvSFPq+ChsGza08iu6O5aLQoja2eZk/g6L+Pb8hZ6d
eeYIYIMN9G8wJgTDpMHZ279KgqC7NIGIGNKF/cPR4KeTFlYzvUwdVabvUP8foiea
AAOF+zHc84bEGeorZB4ZZ2dArlTm/2RB5rxCXGNRrnsEyRpLCFo14HWqhh7RpPqv
mZ+bfB4yGhRubyZxKmN0U12ZAWE7XynCsKjVlJh/nHOeBIELI1OqmraXmiHhrHbX
kyWbCy6zpVQ3Rp6DRAXRGoJQbS5zv8TVvYgKgE4+wAtUDa1LdpWhdPipFoWwkCdC
09cNnZ3pYZMEH7oY+60DQuAdAEiR+CpN3qBA7z8TMmiF
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:52:55 2025 by rpki-client