Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/q65Bno0EDnwC4-CLPz-Lgvu3Dp8.roa
File: q65Bno0EDnwC4-CLPz-Lgvu3Dp8.roa (raw, json)
Hash identifier: c1qlGOgTpFsvjEIMmAVDS7+/f6rdgtkPVCdE2fBkPN4=
Subject key identifier: AB:AE:41:9E:8D:04:0E:7C:02:E3:E0:8B:3F:3F:8B:82:FB:B7:0E:9F
Certificate issuer: /CN=79d565f99ff5e0ffb5bdf9995ed7a808d41406e5
Certificate serial: 0186451B64A3915285586E908008A1130319
Authority key identifier: 79:D5:65:F9:9F:F5:E0:FF:B5:BD:F9:99:5E:D7:A8:08:D4:14:06:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/edVl-Z_14P-1vfmZXteoCNQUBuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/q65Bno0EDnwC4-CLPz-Lgvu3Dp8.roa
Signing time: Sun 12 Feb 2023 10:11:08 +0000
ROA not before: Sun 12 Feb 2023 10:11:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202468
IP address blocks: 130.185.120.0/22 maxlen: 24
185.204.168.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:45:1b:64:a3:91:52:85:58:6e:90:80:08:a1:13:03:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79d565f99ff5e0ffb5bdf9995ed7a808d41406e5
Validity
Not Before: Feb 12 10:11:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=abae419e8d040e7c02e3e08b3f3f8b82fbb70e9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:c7:59:a9:c9:ff:3f:e6:4e:65:2a:b9:7d:b7:
02:cb:89:2b:22:b0:67:3c:0d:3d:f2:6a:bf:02:2d:
f5:c7:bb:e1:48:74:de:ba:12:f2:6a:a4:da:a3:a4:
70:33:75:38:3b:1f:d8:7a:6e:a4:bd:f9:20:ee:33:
88:2f:41:2a:3a:64:ee:ae:0d:d7:ae:24:b1:fc:92:
7f:88:7f:c7:c6:54:d9:b5:7b:83:7e:b7:fc:f0:b1:
d7:ae:1e:84:1f:51:e3:1a:64:88:b0:5a:61:fb:95:
7d:a5:92:cf:be:a2:ed:9e:69:af:14:cf:9c:c5:4d:
57:a1:1c:01:51:b0:9b:10:a0:6c:cc:58:45:ec:53:
ff:fa:9f:ff:70:3e:00:f1:34:6e:54:6c:7f:71:c2:
0d:64:c4:bb:c2:0b:c9:c3:24:be:0f:31:d9:08:b1:
48:d8:8b:79:d6:6c:4f:48:ee:ec:14:39:8b:34:87:
e4:15:43:56:0c:c7:f7:04:0d:1b:d1:af:6d:98:12:
12:13:51:d7:c1:e6:36:21:28:e6:04:a9:30:84:a9:
13:66:85:44:3d:28:f3:a5:39:40:2d:e7:eb:64:22:
52:06:14:e0:85:55:76:c5:ec:44:ea:7b:ec:e9:7f:
c4:f1:64:92:58:e1:a4:be:b1:c5:c9:2e:24:97:38:
8a:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:AE:41:9E:8D:04:0E:7C:02:E3:E0:8B:3F:3F:8B:82:FB:B7:0E:9F
X509v3 Authority Key Identifier:
keyid:79:D5:65:F9:9F:F5:E0:FF:B5:BD:F9:99:5E:D7:A8:08:D4:14:06:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/edVl-Z_14P-1vfmZXteoCNQUBuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/q65Bno0EDnwC4-CLPz-Lgvu3Dp8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/edVl-Z_14P-1vfmZXteoCNQUBuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.185.120.0/22
185.204.168.0/22
Signature Algorithm: sha256WithRSAEncryption
88:57:22:ed:b3:b7:49:58:44:50:6f:34:4f:aa:58:bf:08:db:
e5:32:22:19:81:0f:cb:d2:50:36:43:d9:bc:13:bc:74:ba:22:
91:82:54:08:48:f6:78:de:75:42:16:27:68:23:1c:e8:93:9e:
53:0d:12:4d:85:82:58:03:cc:d7:63:5a:2e:f8:5e:3d:fa:3c:
f7:26:9e:f9:b8:c0:0d:ae:51:f6:25:0b:2c:b1:ec:25:6c:e5:
90:8c:c2:1e:8a:aa:93:5b:16:3d:0b:b1:44:0a:19:42:c0:30:
41:52:7c:57:c7:e6:d8:d0:1d:d2:fd:84:2f:cd:04:16:51:39:
3e:ab:99:a0:00:eb:da:26:54:8c:cb:9b:ae:5b:5c:39:21:f0:
bc:f0:a7:98:fb:60:90:55:96:c8:09:91:a4:da:35:5a:77:89:
73:da:1d:7d:b6:77:43:5d:41:1e:0e:f1:be:1e:fb:f8:5b:f0:
cf:86:b1:16:9f:77:c2:e3:60:b4:cc:e2:de:83:e5:09:98:dd:
a4:41:c6:67:72:11:aa:46:ed:d4:63:5d:43:d4:8b:1e:3f:99:
78:f1:a9:24:fe:a1:c8:82:70:c3:48:56:f5:43:20:72:98:cf:
1b:52:34:e8:cb:6d:a6:e2:44:f2:20:12:f7:73:0f:34:77:ea:
26:96:1e:af
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYZFG2SjkVKFWG6QgAihEwMZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5ZDU2NWY5OWZmNWUwZmZiNWJkZjk5OTVlZDdhODA4ZDQx
NDA2ZTUwHhcNMjMwMjEyMTAxMTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmFlNDE5ZThkMDQwZTdjMDJlM2UwOGIzZjNmOGI4MmZiYjcwZTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8MdZqcn/P+ZOZSq5fbcCy4krIrBn
PA098mq/Ai31x7vhSHTeuhLyaqTao6RwM3U4Ox/Yem6kvfkg7jOIL0EqOmTurg3X
riSx/JJ/iH/HxlTZtXuDfrf88LHXrh6EH1HjGmSIsFph+5V9pZLPvqLtnmmvFM+c
xU1XoRwBUbCbEKBszFhF7FP/+p//cD4A8TRuVGx/ccINZMS7wgvJwyS+DzHZCLFI
2It51mxPSO7sFDmLNIfkFUNWDMf3BA0b0a9tmBISE1HXweY2ISjmBKkwhKkTZoVE
PSjzpTlALefrZCJSBhTghVV2xexE6nvs6X/E8WSSWOGkvrHFyS4klziKSwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKuuQZ6NBA58AuPgiz8/i4L7tw6fMB8GA1UdIwQY
MBaAFHnVZfmf9eD/tb35mV7XqAjUFAblMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWRWbC1aXzE0UC0xdmZtWlh0ZW9DTlFVQnVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9lZTVjZDctYjMwZS00NjZiLWFhYWQt
NmMzYjg3NDQzZTA2LzEvcTY1Qm5vMEVEbndDNC1DTFB6LUxndnUzRHA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9lZTVjZDctYjMwZS00NjZiLWFhYWQtNmMzYjg3NDQzZTA2
LzEvZWRWbC1aXzE0UC0xdmZtWlh0ZW9DTlFVQnVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCgrl4AwQC
ucyoMA0GCSqGSIb3DQEBCwUAA4IBAQCIVyLts7dJWERQbzRPqli/CNvlMiIZgQ/L
0lA2Q9m8E7x0uiKRglQISPZ43nVCFidoIxzok55TDRJNhYJYA8zXY1ou+F49+jz3
Jp75uMANrlH2JQsssewlbOWQjMIeiqqTWxY9C7FEChlCwDBBUnxXx+bY0B3S/YQv
zQQWUTk+q5mgAOvaJlSMy5uuW1w5IfC88KeY+2CQVZbICZGk2jVad4lz2h19tndD
XUEeDvG+Hvv4W/DPhrEWn3fC42C0zOLeg+UJmN2kQcZnchGqRu3UY11D1IseP5l4
8akk/qHIgnDDSFb1QyBymM8bUjToy22m4kTyIBL3cw80d+omlh6v
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:02:48 2025 by rpki-client