Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/45852f-8fae-441d-b10c-0a1bf5bf0ca2/1/qAYb9_5SKpwyC0CpT-uLhsBqp2Q.roa
File: qAYb9_5SKpwyC0CpT-uLhsBqp2Q.roa (raw, json)
Hash identifier: brWPxlHD1RfWLzUNGcjGwQ/NCndA/vWfiMquERDHEss=
Subject key identifier: A8:06:1B:F7:FE:52:2A:9C:32:0B:40:A9:4F:EB:8B:86:C0:6A:A7:64
Certificate issuer: /CN=464528d9080c665db0551d8ad8b0f71f7bb76996
Certificate serial: 0182B49A1F7EF49FF67D9687C94245A26780
Authority key identifier: 46:45:28:D9:08:0C:66:5D:B0:55:1D:8A:D8:B0:F7:1F:7B:B7:69:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RkUo2QgMZl2wVR2K2LD3H3u3aZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/45852f-8fae-441d-b10c-0a1bf5bf0ca2/1/qAYb9_5SKpwyC0CpT-uLhsBqp2Q.roa
Signing time: Fri 19 Aug 2022 05:36:15 +0000
ROA not before: Fri 19 Aug 2022 05:36:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59985
IP address blocks: 185.63.68.0/23 maxlen: 23
185.63.71.0/24 maxlen: 24
2a04:f380:1002::/48 maxlen: 48
2a04:f380::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:b4:9a:1f:7e:f4:9f:f6:7d:96:87:c9:42:45:a2:67:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=464528d9080c665db0551d8ad8b0f71f7bb76996
Validity
Not Before: Aug 19 05:36:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a8061bf7fe522a9c320b40a94feb8b86c06aa764
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:2b:9f:cd:de:f0:60:2a:03:62:4b:5d:e5:72:
23:d1:10:49:1d:fa:a0:52:ab:54:a2:89:f8:5d:05:
54:2a:de:4d:fd:34:21:e6:8e:a5:41:8b:d6:d9:87:
fe:5a:74:a6:9b:09:dc:f4:85:e2:6c:07:76:4b:34:
60:96:9f:96:90:43:c5:f9:2b:3c:50:dd:f8:e9:78:
5b:e7:d6:48:12:06:8f:b2:1e:3c:e5:4f:a5:6c:97:
fb:d4:76:31:4c:b5:7a:72:0a:74:48:b0:c9:8c:2a:
e8:47:20:fc:69:bb:9c:5e:82:6e:3a:99:d0:5a:25:
25:a2:c4:d5:16:22:0f:ee:b3:bd:b7:c8:99:14:9a:
7c:e3:06:39:7a:82:ad:fc:52:6b:22:05:1a:65:d5:
3e:f1:f6:21:b9:8e:db:de:9f:8b:bc:dd:f9:6b:6d:
24:ee:61:b2:24:8b:2e:6c:ee:92:1c:e7:14:8a:cc:
56:9f:04:cc:09:e5:93:68:c5:f5:e4:26:91:1a:93:
30:10:d7:0e:5e:44:08:38:29:7d:af:d2:2c:b6:11:
eb:14:07:af:91:0c:7d:d3:29:23:3d:fc:19:02:2c:
2e:55:43:41:22:79:40:52:e1:e2:d1:35:8d:0e:6a:
28:07:d9:d0:74:ee:38:06:d6:a2:f0:db:f8:1a:2d:
71:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:06:1B:F7:FE:52:2A:9C:32:0B:40:A9:4F:EB:8B:86:C0:6A:A7:64
X509v3 Authority Key Identifier:
keyid:46:45:28:D9:08:0C:66:5D:B0:55:1D:8A:D8:B0:F7:1F:7B:B7:69:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RkUo2QgMZl2wVR2K2LD3H3u3aZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/45852f-8fae-441d-b10c-0a1bf5bf0ca2/1/qAYb9_5SKpwyC0CpT-uLhsBqp2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/45852f-8fae-441d-b10c-0a1bf5bf0ca2/1/RkUo2QgMZl2wVR2K2LD3H3u3aZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.63.68.0/23
185.63.71.0/24
IPv6:
2a04:f380::/32
Signature Algorithm: sha256WithRSAEncryption
0c:90:11:77:0d:dd:78:db:51:bc:94:6d:33:d3:59:39:b6:0b:
dc:ad:44:49:3e:a7:f3:08:ce:2b:38:86:2b:2a:42:9a:2b:8a:
62:8c:7f:c2:82:cb:2a:93:d8:14:02:d4:bf:2e:d9:c4:34:45:
d1:58:45:f7:2c:d1:c6:f3:36:f2:fe:5b:af:53:80:e5:36:ed:
22:70:f2:86:a5:6b:c8:d9:e5:82:d7:ea:d9:4c:70:8c:b5:0d:
ad:9b:f2:13:d5:a6:57:be:fb:b2:98:6d:c7:f4:ca:f9:05:94:
3b:db:2a:05:09:aa:ae:80:b7:55:2c:bd:b0:73:83:e3:55:ec:
ba:04:cf:0a:e7:72:97:81:2e:3e:6e:f5:ac:72:4a:95:15:68:
0d:50:d8:91:ce:5d:4e:8f:1e:bb:d7:0c:a9:93:6d:c9:ef:71:
32:70:7b:f4:c6:a9:24:8b:11:5f:90:30:7f:6c:44:d5:08:a4:
37:66:63:25:d0:54:ca:ae:cd:81:0e:9f:b4:a2:45:61:89:ce:
b9:1b:a9:59:ea:d7:99:9d:d2:22:8e:33:13:ac:c2:2b:e3:09:
c2:13:32:32:04:a6:73:fb:76:4c:d6:90:e9:1a:1c:45:e8:df:
d7:82:3c:65:a3:2d:f5:ac:8b:95:fd:ef:ad:18:67:51:bc:ab:
5b:09:a2:b3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYK0mh9+9J/2fZaHyUJFomeAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NDUyOGQ5MDgwYzY2NWRiMDU1MWQ4YWQ4YjBmNzFmN2Ji
NzY5OTYwHhcNMjIwODE5MDUzNjE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODA2MWJmN2ZlNTIyYTljMzIwYjQwYTk0ZmViOGI4NmMwNmFhNzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhCufzd7wYCoDYktd5XIj0RBJHfqg
UqtUoon4XQVUKt5N/TQh5o6lQYvW2Yf+WnSmmwnc9IXibAd2SzRglp+WkEPF+Ss8
UN346Xhb59ZIEgaPsh485U+lbJf71HYxTLV6cgp0SLDJjCroRyD8abucXoJuOpnQ
WiUlosTVFiIP7rO9t8iZFJp84wY5eoKt/FJrIgUaZdU+8fYhuY7b3p+LvN35a20k
7mGyJIsubO6SHOcUisxWnwTMCeWTaMX15CaRGpMwENcOXkQIOCl9r9IsthHrFAev
kQx90ykjPfwZAiwuVUNBInlAUuHi0TWNDmooB9nQdO44Btai8Nv4Gi1x6wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKgGG/f+UiqcMgtAqU/ri4bAaqdkMB8GA1UdIwQY
MBaAFEZFKNkIDGZdsFUditiw9x97t2mWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmtVbzJRZ01abDJ3VlIySzJMRDNIM3UzYVpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC80NTg1MmYtOGZhZS00NDFkLWIxMGMt
MGExYmY1YmYwY2EyLzEvcUFZYjlfNVNLcHd5QzBDcFQtdUxoc0JxcDJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC80NTg1MmYtOGZhZS00NDFkLWIxMGMtMGExYmY1YmYwY2Ey
LzEvUmtVbzJRZ01abDJ3VlIySzJMRDNIM3UzYVpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBuT9EAwQA
uT9HMA0EAgACMAcDBQAqBPOAMA0GCSqGSIb3DQEBCwUAA4IBAQAMkBF3Dd1421G8
lG0z01k5tgvcrURJPqfzCM4rOIYrKkKaK4pijH/Cgssqk9gUAtS/LtnENEXRWEX3
LNHG8zby/luvU4DlNu0icPKGpWvI2eWC1+rZTHCMtQ2tm/IT1aZXvvuymG3H9Mr5
BZQ72yoFCaqugLdVLL2wc4PjVey6BM8K53KXgS4+bvWsckqVFWgNUNiRzl1Ojx67
1wypk23J73EycHv0xqkkixFfkDB/bETVCKQ3ZmMl0FTKrs2BDp+0okVhic65G6lZ
6teZndIijjMTrMIr4wnCEzIyBKZz+3ZM1pDpGhxF6N/Xgjxloy31rIuV/e+tGGdR
vKtbCaKz
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:50:50 2025 by rpki-client