Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/Q-ycRkImRAFAFNK3bYfPRBZOq1A.roa
File: Q-ycRkImRAFAFNK3bYfPRBZOq1A.roa (raw, json)
Hash identifier: X7dOd4tJH4bcF4anV9kk7VdwE20WDYufwD6swClrgsk=
Subject key identifier: 43:EC:9C:46:42:26:44:01:40:14:D2:B7:6D:87:CF:44:16:4E:AB:50
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 018AF078528ECAA6F7EBC912B0EAAB8B1EEC
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/Q-ycRkImRAFAFNK3bYfPRBZOq1A.roa
Signing time: Mon 02 Oct 2023 12:58:51 +0000
ROA not before: Mon 02 Oct 2023 12:58:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 400402
IP address blocks: 185.245.1.0/24 maxlen: 24
185.245.2.0/24 maxlen: 24
185.245.3.0/24 maxlen: 24
185.245.0.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f0:78:52:8e:ca:a6:f7:eb:c9:12:b0:ea:ab:8b:1e:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: Oct 2 12:58:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=43ec9c46422644014014d2b76d87cf44164eab50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:5a:ae:5a:13:61:6b:f6:ef:0d:36:00:40:f8:
01:65:3e:b6:d5:e8:5f:96:2c:f4:31:94:6a:90:54:
aa:f3:4a:e9:17:65:eb:65:fa:44:26:34:aa:3a:0f:
25:21:fb:69:d9:8f:82:58:20:9e:b3:59:ef:04:50:
8e:09:81:bc:27:79:93:8a:45:af:2b:4f:37:c9:b6:
dc:82:8a:70:2c:bc:fe:2d:2f:b0:f5:a8:51:85:af:
cd:f7:0d:29:93:d9:b6:87:17:0c:8e:62:62:9b:88:
2a:b8:a6:50:06:e7:b4:5c:fa:c3:42:96:31:64:47:
d8:d9:1c:8f:c7:4d:58:ba:0e:15:23:16:a0:94:aa:
01:38:10:be:15:cb:e4:ae:98:8e:db:5e:4d:07:4b:
04:11:4e:43:9a:d1:ea:ac:e0:e3:a5:04:d2:07:ea:
4b:8d:b0:ae:ea:b1:40:08:1f:7c:b8:76:cd:36:2a:
4e:d8:7d:f8:7c:df:f1:5b:da:4b:e3:73:e4:41:06:
e5:ea:fd:7f:68:43:49:18:79:8a:3c:69:8e:61:f9:
c3:bc:5d:94:27:8f:3f:08:0d:c3:8b:ce:49:b7:ef:
de:ef:df:d1:99:ee:c6:1e:00:13:de:1a:7e:0b:00:
82:95:2e:47:52:48:c5:7a:5d:11:4a:64:d6:5d:1f:
0e:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:EC:9C:46:42:26:44:01:40:14:D2:B7:6D:87:CF:44:16:4E:AB:50
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/Q-ycRkImRAFAFNK3bYfPRBZOq1A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.245.0.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:1b:9d:14:6f:73:b5:0d:35:dd:62:fc:9d:5f:9d:72:4f:07:
98:ff:e2:3b:8f:2b:33:60:57:06:29:91:3f:5d:6a:88:cf:70:
30:e6:1e:76:8b:81:da:6c:69:e7:c3:d6:f6:9c:b3:58:d9:e9:
7e:bb:ce:a5:09:56:4c:72:a0:29:10:41:76:ea:3d:96:8a:e4:
b9:d3:6a:d1:63:da:a0:2a:9f:82:95:45:bf:d6:13:e7:97:fc:
02:af:aa:d1:76:65:45:10:7e:15:63:8c:9c:ef:53:bf:95:c9:
3d:aa:f5:dc:7c:b1:e4:af:38:67:90:40:2d:32:05:87:cf:46:
37:7b:80:e6:60:6c:46:3a:94:7b:1b:22:9d:6f:ca:b0:0f:66:
07:dc:09:bd:3c:c4:81:0e:37:ad:e3:ec:50:82:78:b8:68:8b:
ca:50:2f:9d:df:3e:07:f5:d2:33:65:25:f9:4c:ea:af:de:3b:
e0:14:fe:6c:72:71:d2:1c:28:d9:ba:90:16:60:6c:03:3c:79:
88:8a:d2:d0:ab:2d:5a:0c:b6:53:91:dc:88:5d:60:91:41:52:
51:6a:97:e7:ce:c7:2d:bc:76:97:c2:de:2d:d6:1e:13:2f:3c:
a5:62:49:18:fe:28:fc:cd:ed:a1:21:b3:77:05:e3:fe:5c:a2:
f9:c6:1a:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrweFKOyqb368kSsOqrix7sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjMxMDAyMTI1ODUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2VjOWM0NjQyMjY0NDAxNDAxNGQyYjc2ZDg3Y2Y0NDE2NGVhYjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5FquWhNha/bvDTYAQPgBZT621ehf
liz0MZRqkFSq80rpF2XrZfpEJjSqOg8lIftp2Y+CWCCes1nvBFCOCYG8J3mTikWv
K083ybbcgopwLLz+LS+w9ahRha/N9w0pk9m2hxcMjmJim4gquKZQBue0XPrDQpYx
ZEfY2RyPx01Yug4VIxaglKoBOBC+FcvkrpiO215NB0sEEU5DmtHqrODjpQTSB+pL
jbCu6rFACB98uHbNNipO2H34fN/xW9pL43PkQQbl6v1/aENJGHmKPGmOYfnDvF2U
J48/CA3Di85Jt+/e79/Rme7GHgAT3hp+CwCClS5HUkjFel0RSmTWXR8OqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEPsnEZCJkQBQBTSt22Hz0QWTqtQMB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvUS15Y1JrSW1SQUZBRk5LM2JZZlBSQlpPcTFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufUAMA0G
CSqGSIb3DQEBCwUAA4IBAQAbG50Ub3O1DTXdYvydX51yTweY/+I7jyszYFcGKZE/
XWqIz3Aw5h52i4HabGnnw9b2nLNY2el+u86lCVZMcqApEEF26j2WiuS502rRY9qg
Kp+ClUW/1hPnl/wCr6rRdmVFEH4VY4yc71O/lck9qvXcfLHkrzhnkEAtMgWHz0Y3
e4DmYGxGOpR7GyKdb8qwD2YH3Am9PMSBDjet4+xQgni4aIvKUC+d3z4H9dIzZSX5
TOqv3jvgFP5scnHSHCjZupAWYGwDPHmIitLQqy1aDLZTkdyIXWCRQVJRapfnzsct
vHaXwt4t1h4TLzylYkkY/ij8ze2hIbN3BeP+XKL5xhoE
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:25:04 2025 by rpki-client