Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/b910bf-e49b-4cdc-be79-4dd4dc3391ac/1/KQA1UlVqLmyuBEIVx_6GOfc8o3c.roa
File: KQA1UlVqLmyuBEIVx_6GOfc8o3c.roa (raw, json)
Hash identifier: I/Q9n7P3HCKjIn0t4PtMw3FFpQ5N20a2B/n7RA5epbg=
Subject key identifier: 29:00:35:52:55:6A:2E:6C:AE:04:42:15:C7:FE:86:39:F7:3C:A3:77
Certificate issuer: /CN=2fcb30fd7d6e449493ec7cb0d9f78600458be21b
Certificate serial: 0184526D11214DAB0F3152CE854BDD33421B
Authority key identifier: 2F:CB:30:FD:7D:6E:44:94:93:EC:7C:B0:D9:F7:86:00:45:8B:E2:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L8sw_X1uRJST7Hyw2feGAEWL4hs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/b910bf-e49b-4cdc-be79-4dd4dc3391ac/1/KQA1UlVqLmyuBEIVx_6GOfc8o3c.roa
Signing time: Mon 07 Nov 2022 14:09:50 +0000
ROA not before: Mon 07 Nov 2022 14:09:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41720
IP address blocks: 185.242.183.0/24 maxlen: 24
185.242.180.0/22 maxlen: 22
185.242.182.0/24 maxlen: 24
2a0d:b280::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:52:6d:11:21:4d:ab:0f:31:52:ce:85:4b:dd:33:42:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fcb30fd7d6e449493ec7cb0d9f78600458be21b
Validity
Not Before: Nov 7 14:09:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=29003552556a2e6cae044215c7fe8639f73ca377
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:08:4c:2d:ee:d0:87:71:8b:28:89:fe:fb:ef:
b4:8b:c0:1d:aa:e1:e0:07:d8:bb:36:69:e5:12:4d:
a6:af:89:e4:da:65:f2:7b:6e:97:ef:8c:3b:5d:8e:
1c:e6:64:2f:01:14:91:af:0a:5e:8f:c6:86:30:8b:
3e:9a:98:61:97:e0:1e:8e:c5:f0:e1:94:22:48:02:
3b:dd:d8:04:a5:a8:ce:d3:72:1e:01:fe:f3:52:41:
a2:b4:34:73:00:95:22:13:99:41:12:1f:d8:5d:aa:
b8:f6:77:f5:5b:b4:67:c2:d4:dd:54:60:e6:2c:60:
9b:12:10:de:be:12:ab:4a:4b:11:86:f0:c0:e7:07:
33:24:99:35:9f:71:09:ef:b6:51:56:8d:5f:6c:49:
7f:0a:b2:69:15:08:71:8c:6d:29:0c:14:3d:d5:1f:
6c:1c:5b:5f:21:52:e4:2f:b5:09:45:78:2c:fe:0c:
8f:9a:1f:e2:e4:4f:68:11:ef:89:05:fc:03:7b:f0:
26:32:21:3a:30:23:4a:90:c6:93:3f:d9:1e:98:ec:
ba:19:2a:ad:ed:8f:e2:13:7b:1d:e5:df:a6:9f:c5:
47:f9:bb:5b:cb:1f:ac:87:27:a8:81:1b:5f:68:40:
ac:22:34:59:c8:35:de:12:58:7e:07:73:56:07:04:
31:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:00:35:52:55:6A:2E:6C:AE:04:42:15:C7:FE:86:39:F7:3C:A3:77
X509v3 Authority Key Identifier:
keyid:2F:CB:30:FD:7D:6E:44:94:93:EC:7C:B0:D9:F7:86:00:45:8B:E2:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L8sw_X1uRJST7Hyw2feGAEWL4hs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b910bf-e49b-4cdc-be79-4dd4dc3391ac/1/KQA1UlVqLmyuBEIVx_6GOfc8o3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b910bf-e49b-4cdc-be79-4dd4dc3391ac/1/L8sw_X1uRJST7Hyw2feGAEWL4hs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.242.180.0/22
IPv6:
2a0d:b280::/29
Signature Algorithm: sha256WithRSAEncryption
71:fb:b6:a4:8b:4e:d7:cf:f3:b9:b0:98:40:ca:f8:2c:7c:1d:
c4:a3:9a:89:c4:bb:3a:fd:32:a7:d9:ce:2a:6c:9f:2e:73:5f:
22:45:7b:08:e4:f6:74:50:ea:ab:b5:e3:52:6e:2b:30:4e:37:
ab:2b:1f:da:84:bb:43:68:98:cd:8c:9f:de:9c:29:86:b1:28:
36:dc:46:30:ce:81:bc:7e:19:7a:80:ee:bc:4d:a3:0f:21:76:
7f:c7:a8:b4:10:c2:cf:ba:7f:21:26:44:c3:d5:50:83:26:f2:
b6:23:16:43:c1:ce:2a:36:ab:4d:11:fa:30:1b:73:9f:9b:f7:
0e:e4:e7:8d:4a:5b:bd:41:b7:13:fb:fb:4a:27:d1:c6:1d:93:
ed:7d:53:0f:b7:c1:7b:95:16:00:5f:08:0c:d9:bb:d0:72:cd:
c8:37:b9:15:da:5d:37:c9:a2:16:04:a3:14:24:d4:c8:a8:6a:
73:86:64:41:e3:c2:6f:91:23:72:4a:74:08:77:39:ac:dc:8b:
8d:fe:c7:d4:55:df:f6:95:eb:c1:b0:08:d8:2a:64:3b:ab:0a:
da:ce:58:25:04:4e:56:eb:df:d4:d4:3b:53:d3:63:b3:62:3f:
d4:77:88:fd:6c:83:b8:c4:95:9d:41:51:05:08:4e:49:bc:b3:
fe:70:39:d1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYRSbREhTasPMVLOhUvdM0IbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmY2IzMGZkN2Q2ZTQ0OTQ5M2VjN2NiMGQ5Zjc4NjAwNDU4
YmUyMWIwHhcNMjIxMTA3MTQwOTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTAwMzU1MjU1NmEyZTZjYWUwNDQyMTVjN2ZlODYzOWY3M2NhMzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQhMLe7Qh3GLKIn++++0i8AdquHg
B9i7NmnlEk2mr4nk2mXye26X74w7XY4c5mQvARSRrwpej8aGMIs+mphhl+AejsXw
4ZQiSAI73dgEpajO03IeAf7zUkGitDRzAJUiE5lBEh/YXaq49nf1W7RnwtTdVGDm
LGCbEhDevhKrSksRhvDA5wczJJk1n3EJ77ZRVo1fbEl/CrJpFQhxjG0pDBQ91R9s
HFtfIVLkL7UJRXgs/gyPmh/i5E9oEe+JBfwDe/AmMiE6MCNKkMaTP9kemOy6GSqt
7Y/iE3sd5d+mn8VH+btbyx+shyeogRtfaECsIjRZyDXeElh+B3NWBwQx0wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCkANVJVai5srgRCFcf+hjn3PKN3MB8GA1UdIwQY
MBaAFC/LMP19bkSUk+x8sNn3hgBFi+IbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDhzd19YMXVSSlNUN0h5dzJmZUdBRVdMNGhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9iOTEwYmYtZTQ5Yi00Y2RjLWJlNzkt
NGRkNGRjMzM5MWFjLzEvS1FBMVVsVnFMbXl1QkVJVnhfNkdPZmM4bzNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9iOTEwYmYtZTQ5Yi00Y2RjLWJlNzktNGRkNGRjMzM5MWFj
LzEvTDhzd19YMXVSSlNUN0h5dzJmZUdBRVdMNGhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCufK0MA0E
AgACMAcDBQMqDbKAMA0GCSqGSIb3DQEBCwUAA4IBAQBx+7aki07Xz/O5sJhAyvgs
fB3Eo5qJxLs6/TKn2c4qbJ8uc18iRXsI5PZ0UOqrteNSbiswTjerKx/ahLtDaJjN
jJ/enCmGsSg23EYwzoG8fhl6gO68TaMPIXZ/x6i0EMLPun8hJkTD1VCDJvK2IxZD
wc4qNqtNEfowG3Ofm/cO5OeNSlu9QbcT+/tKJ9HGHZPtfVMPt8F7lRYAXwgM2bvQ
cs3IN7kV2l03yaIWBKMUJNTIqGpzhmRB48JvkSNySnQIdzms3IuN/sfUVd/2levB
sAjYKmQ7qwrazlglBE5W69/U1DtT02OzYj/Ud4j9bIO4xJWdQVEFCE5JvLP+cDnR
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:04 2023 by rpki-client on console-fra.rpki-client.org