Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/2c5af2-0937-4f40-88e0-1104841d374e/1/rq-tao1CpQJwd3gOIiyzYJODxl8.roa
File: rq-tao1CpQJwd3gOIiyzYJODxl8.roa (raw, json)
Hash identifier: q6drM1Cn1Xr0O5UNcfdt5wD5LkYp+vYScW6yjgwmovU=
Subject key identifier: AE:AF:AD:6A:8D:42:A5:02:70:77:78:0E:22:2C:B3:60:93:83:C6:5F
Certificate issuer: /CN=479762e88d8f67fad4aa059a1b8b46fa4cc7a893
Certificate serial: 0185723109B09438BB1F5946367A22A08ACC
Authority key identifier: 47:97:62:E8:8D:8F:67:FA:D4:AA:05:9A:1B:8B:46:FA:4C:C7:A8:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R5di6I2PZ_rUqgWaG4tG-kzHqJM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/2c5af2-0937-4f40-88e0-1104841d374e/1/rq-tao1CpQJwd3gOIiyzYJODxl8.roa
Signing time: Mon 02 Jan 2023 11:14:54 +0000
ROA not before: Mon 02 Jan 2023 11:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212907
IP address blocks: 185.187.84.0/24 maxlen: 24
185.187.85.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:31:09:b0:94:38:bb:1f:59:46:36:7a:22:a0:8a:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=479762e88d8f67fad4aa059a1b8b46fa4cc7a893
Validity
Not Before: Jan 2 11:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aeafad6a8d42a5027077780e222cb3609383c65f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:49:a8:96:15:9e:e2:55:95:95:ff:15:d9:ee:
f1:90:e3:51:ee:47:1e:94:4f:2e:36:55:c1:55:ee:
c0:fe:9a:36:17:ea:56:db:84:ac:4b:23:48:0e:a7:
a6:02:9e:53:ed:6c:07:f4:b7:4d:a8:2d:11:63:cd:
90:1b:bc:5e:88:8c:a2:73:99:56:1e:81:77:c5:3b:
1e:a3:4a:d6:48:f0:70:2e:44:f9:7f:0c:be:12:24:
8a:bf:a0:b3:dc:86:49:0e:f5:af:7e:1d:5e:4a:6b:
df:26:57:aa:dd:fc:94:20:98:d0:7a:e8:91:75:8a:
7f:8a:fb:f8:8a:69:fe:ba:90:d1:82:90:f6:9b:e8:
22:2f:b6:d8:ed:c5:e1:81:4b:7a:a4:57:0d:14:21:
e8:f2:da:26:17:5f:6b:57:00:be:1a:ac:dc:37:cb:
d3:a1:cf:a9:b6:22:26:c2:df:92:6e:32:e4:86:97:
6f:9d:d0:e9:ff:32:89:14:44:ce:a2:68:00:bf:9c:
38:6e:1f:6f:ef:ad:86:5c:f2:13:70:f8:33:c4:0a:
78:4f:f2:44:6f:5c:07:c4:6e:d5:7e:1e:c8:85:a6:
30:0a:0d:a9:85:53:98:e8:bf:b4:b6:2d:57:44:c7:
b4:8e:39:25:f4:3a:94:9c:b4:9d:96:5f:f1:9f:27:
01:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:AF:AD:6A:8D:42:A5:02:70:77:78:0E:22:2C:B3:60:93:83:C6:5F
X509v3 Authority Key Identifier:
keyid:47:97:62:E8:8D:8F:67:FA:D4:AA:05:9A:1B:8B:46:FA:4C:C7:A8:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R5di6I2PZ_rUqgWaG4tG-kzHqJM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/2c5af2-0937-4f40-88e0-1104841d374e/1/rq-tao1CpQJwd3gOIiyzYJODxl8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/2c5af2-0937-4f40-88e0-1104841d374e/1/R5di6I2PZ_rUqgWaG4tG-kzHqJM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.187.84.0/23
Signature Algorithm: sha256WithRSAEncryption
4b:4f:c3:8c:b0:1c:60:10:14:1f:0c:47:fa:4d:05:9a:fb:32:
80:da:2d:a2:84:1c:3b:c3:d1:c1:55:89:98:ea:20:a0:ba:5e:
67:e0:4c:1f:65:16:d5:65:71:9c:b9:9f:b3:ea:3e:dc:c6:19:
83:ec:ae:0d:06:e2:92:3b:bc:44:9b:20:fa:3a:6e:ad:bc:cd:
bf:af:76:8f:89:03:5a:db:f2:18:11:d0:b0:c2:f7:0e:82:da:
c5:ae:b4:28:ea:1d:4e:25:31:20:81:3e:53:a7:a2:58:41:5b:
98:9d:db:bb:7d:62:be:59:69:1d:35:54:23:d3:45:15:73:b6:
95:63:e8:a7:c3:f6:33:aa:1d:32:d0:92:9f:51:55:c7:00:95:
32:89:10:bb:5e:2c:df:97:15:5c:17:d5:35:9d:d6:22:6e:8f:
ec:59:39:8a:c3:85:05:a7:4a:97:ef:63:49:0b:b5:aa:5d:c3:
d7:b8:07:22:06:1f:80:8b:1f:33:d0:ad:8d:6a:a7:30:45:95:
d8:31:71:f5:83:ed:3c:30:99:21:26:3b:81:52:d4:47:3b:4a:
3f:9b:35:5e:7e:5f:64:c7:a5:c9:88:f9:03:a5:d4:91:43:f1:
80:f0:98:c9:cd:a7:c5:ba:d8:52:cf:48:b4:f8:a1:03:8b:87:
5f:6d:d2:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyMQmwlDi7H1lGNnoioIrMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3OTc2MmU4OGQ4ZjY3ZmFkNGFhMDU5YTFiOGI0NmZhNGNj
N2E4OTMwHhcNMjMwMTAyMTExNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWFmYWQ2YThkNDJhNTAyNzA3Nzc4MGUyMjJjYjM2MDkzODNjNjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvUmolhWe4lWVlf8V2e7xkONR7kce
lE8uNlXBVe7A/po2F+pW24SsSyNIDqemAp5T7WwH9LdNqC0RY82QG7xeiIyic5lW
HoF3xTseo0rWSPBwLkT5fwy+EiSKv6Cz3IZJDvWvfh1eSmvfJleq3fyUIJjQeuiR
dYp/ivv4imn+upDRgpD2m+giL7bY7cXhgUt6pFcNFCHo8tomF19rVwC+GqzcN8vT
oc+ptiImwt+SbjLkhpdvndDp/zKJFETOomgAv5w4bh9v762GXPITcPgzxAp4T/JE
b1wHxG7Vfh7IhaYwCg2phVOY6L+0ti1XRMe0jjkl9DqUnLSdll/xnycBjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK6vrWqNQqUCcHd4DiIss2CTg8ZfMB8GA1UdIwQY
MBaAFEeXYuiNj2f61KoFmhuLRvpMx6iTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjVkaTZJMlBaX3JVcWdXYUc0dEcta3pIcUpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8yYzVhZjItMDkzNy00ZjQwLTg4ZTAt
MTEwNDg0MWQzNzRlLzEvcnEtdGFvMUNwUUp3ZDNnT0lpeXpZSk9EeGw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8yYzVhZjItMDkzNy00ZjQwLTg4ZTAtMTEwNDg0MWQzNzRl
LzEvUjVkaTZJMlBaX3JVcWdXYUc0dEcta3pIcUpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBubtUMA0G
CSqGSIb3DQEBCwUAA4IBAQBLT8OMsBxgEBQfDEf6TQWa+zKA2i2ihBw7w9HBVYmY
6iCgul5n4EwfZRbVZXGcuZ+z6j7cxhmD7K4NBuKSO7xEmyD6Om6tvM2/r3aPiQNa
2/IYEdCwwvcOgtrFrrQo6h1OJTEggT5Tp6JYQVuYndu7fWK+WWkdNVQj00UVc7aV
Y+inw/Yzqh0y0JKfUVXHAJUyiRC7XizflxVcF9U1ndYibo/sWTmKw4UFp0qX72NJ
C7WqXcPXuAciBh+Aix8z0K2NaqcwRZXYMXH1g+08MJkhJjuBUtRHO0o/mzVefl9k
x6XJiPkDpdSRQ/GA8JjJzafFuthSz0i0+KEDi4dfbdJw
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:02:14 2025 by rpki-client