Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/716911-30de-4b74-959b-017dee452ec4/1/StqEWCPtJROiJWvNq2uBE71o7bo.roa
File: StqEWCPtJROiJWvNq2uBE71o7bo.roa (raw, json)
Hash identifier: Bu42np4zcD4vrD63r+nWP2REy5T2zvWsfzK1lWJGlZI=
Subject key identifier: 4A:DA:84:58:23:ED:25:13:A2:25:6B:CD:AB:6B:81:13:BD:68:ED:BA
Certificate issuer: /CN=695dce5e37a862538a0f66883de206ffb7c93b69
Certificate serial: 018C416F2FB23AEC0CC147FA18D42F12B997
Authority key identifier: 69:5D:CE:5E:37:A8:62:53:8A:0F:66:88:3D:E2:06:FF:B7:C9:3B:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aV3OXjeoYlOKD2aIPeIG_7fJO2k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/716911-30de-4b74-959b-017dee452ec4/1/StqEWCPtJROiJWvNq2uBE71o7bo.roa
Signing time: Wed 06 Dec 2023 23:20:54 +0000
ROA not before: Wed 06 Dec 2023 23:20:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205073
IP address blocks: 185.231.1.0/24 maxlen: 24
185.231.2.0/24 maxlen: 24
185.231.3.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:41:6f:2f:b2:3a:ec:0c:c1:47:fa:18:d4:2f:12:b9:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=695dce5e37a862538a0f66883de206ffb7c93b69
Validity
Not Before: Dec 6 23:20:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ada845823ed2513a2256bcdab6b8113bd68edba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:99:ca:04:31:61:99:11:61:83:23:51:c3:da:
61:ab:36:a0:5b:56:1a:15:6f:af:41:1a:12:09:f1:
f3:e7:ba:17:31:75:b4:0d:b3:a8:6e:9d:04:c9:86:
0c:aa:fa:66:8d:bb:ea:96:72:45:ac:c9:05:8b:c4:
e2:4f:31:90:a3:3e:c5:b0:db:b9:1d:2b:2e:cc:0b:
e8:02:90:1e:4c:0a:a9:90:97:29:35:bb:40:93:42:
0a:f9:94:f7:dd:57:d5:3f:66:f9:0d:d1:2e:4a:4b:
64:45:2c:9a:df:52:e8:ff:e8:ac:84:fa:65:09:fd:
9e:35:90:9b:a4:40:ca:85:33:fe:5c:dd:85:6d:ac:
4a:a8:2a:30:2e:d0:4e:c5:85:3a:ac:a0:8a:5e:b9:
11:76:67:ad:18:ed:68:cf:53:51:54:0f:d8:1b:59:
f1:c8:d6:5b:2d:39:a7:42:2d:aa:c9:91:a7:46:aa:
57:a9:fb:33:91:39:91:6e:2d:51:ed:ef:69:b9:1e:
50:95:5b:c8:27:12:bf:20:98:0c:77:d4:73:dd:d9:
42:87:97:6e:23:4a:6a:ef:1d:71:46:fe:d6:e3:14:
5f:c6:ee:44:54:d2:6f:82:79:9c:6e:10:5c:d7:e4:
6d:a1:4d:d0:ea:f3:5c:dc:00:3f:56:da:e4:40:43:
e2:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:DA:84:58:23:ED:25:13:A2:25:6B:CD:AB:6B:81:13:BD:68:ED:BA
X509v3 Authority Key Identifier:
keyid:69:5D:CE:5E:37:A8:62:53:8A:0F:66:88:3D:E2:06:FF:B7:C9:3B:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aV3OXjeoYlOKD2aIPeIG_7fJO2k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/716911-30de-4b74-959b-017dee452ec4/1/StqEWCPtJROiJWvNq2uBE71o7bo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/716911-30de-4b74-959b-017dee452ec4/1/aV3OXjeoYlOKD2aIPeIG_7fJO2k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.231.1.0-185.231.3.255
Signature Algorithm: sha256WithRSAEncryption
16:cd:55:b7:71:8d:27:32:66:df:ee:b0:5a:41:3e:81:b5:47:
5e:e8:12:ab:da:e0:d8:5c:aa:69:3c:98:6f:3e:f5:20:57:8b:
bf:31:79:13:4e:60:53:19:ce:3f:c5:93:68:36:9c:4e:29:00:
c4:99:a3:15:85:96:76:3f:cd:d8:51:72:f1:96:36:91:e0:d3:
b3:50:e2:91:4a:89:af:02:ef:7d:53:6c:b6:03:e9:16:f6:cd:
48:b3:3b:5f:8a:26:de:28:4e:f4:96:45:2a:a5:e9:aa:3b:dc:
e0:1f:58:5a:4a:ce:13:75:29:af:9f:5e:fe:3f:d9:af:34:ac:
d6:33:ea:34:13:fb:89:79:9e:27:47:80:19:da:2d:a1:07:2d:
6f:7f:bc:f1:4b:86:e1:5f:d4:c9:3f:93:c7:f4:7a:14:7b:c2:
10:de:98:7a:e7:b0:f0:85:76:1a:6e:0e:a0:7a:4f:54:da:36:
0a:b1:1e:e9:8e:b9:d1:47:4c:cf:d6:06:fd:2f:62:48:2e:e1:
4b:41:02:0b:1e:ce:47:93:cc:64:32:80:ac:bb:b5:8b:2c:24:
d8:58:7a:4d:c2:fb:98:64:0c:0c:94:f1:da:18:1f:85:7f:dd:
59:72:56:8c:6d:c8:9f:ee:93:2d:1e:9a:3e:4c:6c:c6:a4:30:
39:dd:8e:22
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYxBby+yOuwMwUf6GNQvErmXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NWRjZTVlMzdhODYyNTM4YTBmNjY4ODNkZTIwNmZmYjdj
OTNiNjkwHhcNMjMxMjA2MjMyMDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWRhODQ1ODIzZWQyNTEzYTIyNTZiY2RhYjZiODExM2JkNjhlZGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh5nKBDFhmRFhgyNRw9phqzagW1Ya
FW+vQRoSCfHz57oXMXW0DbOobp0EyYYMqvpmjbvqlnJFrMkFi8TiTzGQoz7FsNu5
HSsuzAvoApAeTAqpkJcpNbtAk0IK+ZT33VfVP2b5DdEuSktkRSya31Lo/+ishPpl
Cf2eNZCbpEDKhTP+XN2FbaxKqCowLtBOxYU6rKCKXrkRdmetGO1oz1NRVA/YG1nx
yNZbLTmnQi2qyZGnRqpXqfszkTmRbi1R7e9puR5QlVvIJxK/IJgMd9Rz3dlCh5du
I0pq7x1xRv7W4xRfxu5EVNJvgnmcbhBc1+RtoU3Q6vNc3AA/VtrkQEPinQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFErahFgj7SUToiVrzatrgRO9aO26MB8GA1UdIwQY
MBaAFGldzl43qGJTig9miD3iBv+3yTtpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVYzT1hqZW9ZbE9LRDJhSVBlSUdfN2ZKTzJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi83MTY5MTEtMzBkZS00Yjc0LTk1OWIt
MDE3ZGVlNDUyZWM0LzEvU3RxRVdDUHRKUk9pSld2TnEydUJFNzFvN2JvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi83MTY5MTEtMzBkZS00Yjc0LTk1OWItMDE3ZGVlNDUyZWM0
LzEvYVYzT1hqZW9ZbE9LRDJhSVBlSUdfN2ZKTzJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC55wED
BAK55wAwDQYJKoZIhvcNAQELBQADggEBABbNVbdxjScyZt/usFpBPoG1R17oEqva
4Nhcqmk8mG8+9SBXi78xeRNOYFMZzj/Fk2g2nE4pAMSZoxWFlnY/zdhRcvGWNpHg
07NQ4pFKia8C731TbLYD6Rb2zUizO1+KJt4oTvSWRSql6ao73OAfWFpKzhN1Ka+f
Xv4/2a80rNYz6jQT+4l5nidHgBnaLaEHLW9/vPFLhuFf1Mk/k8f0ehR7whDemHrn
sPCFdhpuDqB6T1TaNgqxHumOudFHTM/WBv0vYkgu4UtBAgsezkeTzGQygKy7tYss
JNhYek3C+5hkDAyU8doYH4V/3VlyVoxtyJ/uky0emj5MbMakMDndjiI=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:48 2025 by rpki-client