Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/e65152-39fb-4976-8cda-70e7d057ff2d/1/qg2MUE-ZB5joI4PbZG2gbqP9ETQ.roa
File: qg2MUE-ZB5joI4PbZG2gbqP9ETQ.roa (raw, json)
Hash identifier: l6zHNXeWEleiLZBAbPqmOP98hsPMMgYSGgYtdMFGbHI=
Subject key identifier: AA:0D:8C:50:4F:99:07:98:E8:23:83:DB:64:6D:A0:6E:A3:FD:11:34
Certificate issuer: /CN=115c040ec9754320236cdca64e39390bdde3626a
Certificate serial: 0183F0A029CB7678FEB5191E584E61B6F3E0
Authority key identifier: 11:5C:04:0E:C9:75:43:20:23:6C:DC:A6:4E:39:39:0B:DD:E3:62:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EVwEDsl1QyAjbNymTjk5C93jYmo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/e65152-39fb-4976-8cda-70e7d057ff2d/1/qg2MUE-ZB5joI4PbZG2gbqP9ETQ.roa
Signing time: Wed 19 Oct 2022 14:22:51 +0000
ROA not before: Wed 19 Oct 2022 14:22:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30742
IP address blocks: 185.48.220.0/22 maxlen: 22
2a01:9ba0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f0:a0:29:cb:76:78:fe:b5:19:1e:58:4e:61:b6:f3:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=115c040ec9754320236cdca64e39390bdde3626a
Validity
Not Before: Oct 19 14:22:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aa0d8c504f990798e82383db646da06ea3fd1134
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:24:1e:42:5c:61:92:d6:b3:3e:11:ea:53:04:
f3:e4:22:22:30:0f:73:fd:be:12:c1:74:f9:5a:f5:
74:79:17:9b:5a:61:f7:69:82:42:34:22:30:66:0b:
22:e1:22:6a:aa:26:c4:3f:12:09:9c:c1:ac:54:57:
03:87:c7:a2:e9:f9:52:43:c5:e1:c3:f7:e2:4e:bd:
e2:3e:0d:91:6c:0b:78:7e:e8:f0:a9:93:3f:f8:91:
34:d9:b9:02:37:8e:87:15:7f:ac:fe:c1:d7:a7:9a:
de:7c:3a:bc:72:d1:31:cd:7a:e7:d3:0e:81:0b:1c:
fa:f8:55:90:1b:1c:b7:62:e3:f2:6b:29:f1:8b:77:
f8:0e:e5:86:29:06:21:d6:88:d0:c7:94:eb:44:37:
b9:c6:37:41:1d:ef:b4:43:31:3f:1c:09:70:08:c6:
06:cb:3f:57:bb:7e:42:f0:56:47:9d:04:87:1c:82:
12:1d:7f:c9:8b:9d:4f:75:34:60:37:0d:83:ba:1f:
96:f2:43:9b:e9:ed:ba:b5:78:6c:90:70:68:27:94:
15:33:d3:0f:4e:74:82:f9:17:41:11:0b:b6:44:df:
18:8b:73:9c:6f:3e:c9:41:8e:b4:4a:d4:6b:24:b5:
58:5f:80:2f:42:76:05:7d:39:6e:39:3d:48:17:96:
52:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:0D:8C:50:4F:99:07:98:E8:23:83:DB:64:6D:A0:6E:A3:FD:11:34
X509v3 Authority Key Identifier:
keyid:11:5C:04:0E:C9:75:43:20:23:6C:DC:A6:4E:39:39:0B:DD:E3:62:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EVwEDsl1QyAjbNymTjk5C93jYmo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/e65152-39fb-4976-8cda-70e7d057ff2d/1/qg2MUE-ZB5joI4PbZG2gbqP9ETQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/e65152-39fb-4976-8cda-70e7d057ff2d/1/EVwEDsl1QyAjbNymTjk5C93jYmo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.48.220.0/22
IPv6:
2a01:9ba0::/32
Signature Algorithm: sha256WithRSAEncryption
01:38:68:7d:da:92:21:3d:17:b9:fd:fb:48:77:08:87:3c:d2:
8a:2a:9c:a4:9c:05:47:b3:f0:7a:8c:e6:c6:8a:56:70:55:7f:
1f:3d:0f:d6:fb:7a:ec:90:d8:17:9b:1f:03:c6:ba:b3:62:c6:
7b:92:db:15:0f:e7:a0:51:cc:fc:6e:98:e1:8d:4c:ac:d3:25:
bf:c8:a2:80:06:ff:de:cb:68:84:c2:11:8c:be:ac:93:14:64:
42:09:70:27:d1:ca:6c:77:d7:f3:c6:50:f3:c8:05:68:c3:df:
ea:b0:f5:80:be:db:1b:0f:a5:0f:2d:7e:7d:7a:7c:39:20:29:
25:d2:65:80:e1:f6:3b:c1:f0:ee:87:16:85:28:90:50:7c:21:
69:26:a9:a4:15:07:60:5a:28:29:87:d0:3f:15:08:bf:8a:40:
a4:d0:63:31:63:f1:60:a3:08:0e:13:75:81:26:e1:5d:0b:d2:
c9:5f:40:40:a3:e2:aa:ef:62:19:ba:d5:97:d6:89:0d:48:f9:
07:33:28:9d:87:ef:6e:02:cd:73:66:65:4d:99:2e:78:88:7f:
b1:e9:c8:9e:2e:e6:6b:d6:ea:02:26:b6:b6:4d:1a:48:7c:6d:
30:da:6c:dd:dd:35:dd:e6:59:ff:8b:98:29:5c:14:d2:d9:c4:
ea:50:0f:1e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYPwoCnLdnj+tRkeWE5htvPgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExNWMwNDBlYzk3NTQzMjAyMzZjZGNhNjRlMzkzOTBiZGRl
MzYyNmEwHhcNMjIxMDE5MTQyMjUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTBkOGM1MDRmOTkwNzk4ZTgyMzgzZGI2NDZkYTA2ZWEzZmQxMTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAriQeQlxhktazPhHqUwTz5CIiMA9z
/b4SwXT5WvV0eRebWmH3aYJCNCIwZgsi4SJqqibEPxIJnMGsVFcDh8ei6flSQ8Xh
w/fiTr3iPg2RbAt4fujwqZM/+JE02bkCN46HFX+s/sHXp5refDq8ctExzXrn0w6B
Cxz6+FWQGxy3YuPyaynxi3f4DuWGKQYh1ojQx5TrRDe5xjdBHe+0QzE/HAlwCMYG
yz9Xu35C8FZHnQSHHIISHX/Ji51PdTRgNw2Duh+W8kOb6e26tXhskHBoJ5QVM9MP
TnSC+RdBEQu2RN8Yi3Ocbz7JQY60StRrJLVYX4AvQnYFfTluOT1IF5ZSpwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKoNjFBPmQeY6COD22RtoG6j/RE0MB8GA1UdIwQY
MBaAFBFcBA7JdUMgI2zcpk45OQvd42JqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVZ3RURzbDFReUFqYk55bVRqazVDOTNqWW1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9lNjUxNTItMzlmYi00OTc2LThjZGEt
NzBlN2QwNTdmZjJkLzEvcWcyTVVFLVpCNWpvSTRQYlpHMmdicVA5RVRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC9lNjUxNTItMzlmYi00OTc2LThjZGEtNzBlN2QwNTdmZjJk
LzEvRVZ3RURzbDFReUFqYk55bVRqazVDOTNqWW1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTDcMA0E
AgACMAcDBQAqAZugMA0GCSqGSIb3DQEBCwUAA4IBAQABOGh92pIhPRe5/ftIdwiH
PNKKKpyknAVHs/B6jObGilZwVX8fPQ/W+3rskNgXmx8DxrqzYsZ7ktsVD+egUcz8
bpjhjUys0yW/yKKABv/ey2iEwhGMvqyTFGRCCXAn0cpsd9fzxlDzyAVow9/qsPWA
vtsbD6UPLX59enw5ICkl0mWA4fY7wfDuhxaFKJBQfCFpJqmkFQdgWigph9A/FQi/
ikCk0GMxY/FgowgOE3WBJuFdC9LJX0BAo+Kq72IZutWX1okNSPkHMyidh+9uAs1z
ZmVNmS54iH+x6cieLuZr1uoCJra2TRpIfG0w2mzd3TXd5ln/i5gpXBTS2cTqUA8e
-----END CERTIFICATE-----
Generated at Sat Apr 12 18:59:48 2025 by rpki-client