Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/da2276-6dbf-422e-9ebb-561175f04d8e/1/QNZcGDfQIxpyis_4646YoBgNk5A.roa
File: QNZcGDfQIxpyis_4646YoBgNk5A.roa (raw, json)
Hash identifier: mciidTZEzUt0lfY1mpbKF/ASxfpmMZNZJkbsIOsUvYY=
Subject key identifier: 40:D6:5C:18:37:D0:23:1A:72:8A:CF:F8:EB:8E:98:A0:18:0D:93:90
Certificate issuer: /CN=e0238e22877f7303964007ce3e3406f5fad94962
Certificate serial: 0185718C29408E8827C802FE9BEFF381228F
Authority key identifier: E0:23:8E:22:87:7F:73:03:96:40:07:CE:3E:34:06:F5:FA:D9:49:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4COOIod_cwOWQAfOPjQG9frZSWI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/da2276-6dbf-422e-9ebb-561175f04d8e/1/QNZcGDfQIxpyis_4646YoBgNk5A.roa
Signing time: Mon 02 Jan 2023 08:14:49 +0000
ROA not before: Mon 02 Jan 2023 08:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202670
IP address blocks: 185.151.4.0/23 maxlen: 23
185.151.6.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:8c:29:40:8e:88:27:c8:02:fe:9b:ef:f3:81:22:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0238e22877f7303964007ce3e3406f5fad94962
Validity
Not Before: Jan 2 08:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40d65c1837d0231a728acff8eb8e98a0180d9390
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:26:9b:38:f3:70:90:43:70:94:74:23:a9:ee:
4a:65:13:de:35:58:66:2b:72:d0:ea:e3:07:93:2a:
9f:e6:13:1f:03:e3:c0:4d:65:21:95:32:8c:81:c3:
70:3f:f1:9e:e9:d7:20:e5:53:bb:0d:56:0f:4e:a1:
29:33:6b:08:be:a2:8d:84:b7:53:2f:99:6c:87:67:
40:76:8f:6b:69:e0:fe:2f:14:53:9d:7a:a8:b6:6b:
96:fb:a3:4c:aa:cf:4b:8d:a3:34:ad:01:ab:14:bc:
61:23:60:e0:a6:71:c0:61:d4:3d:ba:7b:b7:1b:21:
60:1f:54:6c:7f:b0:0b:de:cc:a5:f3:52:09:6b:80:
b2:38:f5:6f:55:2c:82:d6:ac:9d:94:6c:e7:8d:6d:
05:14:d7:d0:5a:61:e4:56:e0:f5:a9:48:70:e1:a0:
78:45:e8:01:53:4b:e1:d4:49:41:53:75:be:f9:99:
65:ba:b7:2b:9d:75:16:05:ce:34:32:72:c1:a6:de:
55:20:dc:c4:6e:38:a0:62:85:6d:7c:97:e2:4f:1d:
ba:b2:10:91:e7:24:a1:4f:30:f5:9f:63:b7:65:ff:
b6:a5:ea:93:4d:44:ff:8a:58:df:07:6b:32:53:55:
db:64:54:59:73:2f:f9:c2:f8:03:55:49:d0:8e:df:
cc:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:D6:5C:18:37:D0:23:1A:72:8A:CF:F8:EB:8E:98:A0:18:0D:93:90
X509v3 Authority Key Identifier:
keyid:E0:23:8E:22:87:7F:73:03:96:40:07:CE:3E:34:06:F5:FA:D9:49:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4COOIod_cwOWQAfOPjQG9frZSWI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/da2276-6dbf-422e-9ebb-561175f04d8e/1/QNZcGDfQIxpyis_4646YoBgNk5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/da2276-6dbf-422e-9ebb-561175f04d8e/1/4COOIod_cwOWQAfOPjQG9frZSWI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.151.4.0/22
Signature Algorithm: sha256WithRSAEncryption
4e:e1:08:ab:ec:f9:17:66:84:20:b2:d3:94:0c:8b:69:75:aa:
7d:0c:38:14:2c:24:8f:89:77:8b:8c:a7:0c:c9:04:0b:89:35:
44:b1:4e:fb:49:e2:28:f2:9a:0a:fb:c7:b9:69:5c:3d:f9:f8:
bb:1d:a4:a5:d4:0f:90:18:aa:42:a4:df:8a:50:7a:01:46:70:
f7:95:87:a4:a1:b3:b6:44:df:30:78:33:a6:1d:2b:74:25:82:
9f:b1:bf:61:b2:b3:8d:5c:0b:80:3f:9e:ce:19:1b:02:87:c4:
78:e1:cf:b4:f2:b3:04:eb:f7:da:68:0c:69:34:f9:18:96:05:
02:ec:b8:ce:ce:68:e4:53:67:27:db:5b:b9:b2:b4:98:e5:d5:
17:36:4a:0d:e0:c0:d2:19:73:c3:05:4b:e4:8c:45:8e:ac:fe:
d3:c9:26:f9:c5:f7:a0:9c:1c:19:90:3f:fe:5b:f0:6e:70:47:
db:8f:b1:e9:21:f1:0c:65:26:14:ce:a9:5f:a4:1f:56:cd:16:
34:f3:a1:24:bb:68:c8:2a:c3:a6:59:d7:4e:0a:39:d4:3d:5f:
bf:dc:69:6d:f7:a7:c2:a6:84:b4:20:28:66:ed:ea:a8:d0:16:
90:2c:6e:ff:3d:67:a2:11:eb:04:61:1c:43:a4:79:e5:1d:e0:
61:a8:80:c2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxjClAjognyAL+m+/zgSKPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwMjM4ZTIyODc3ZjczMDM5NjQwMDdjZTNlMzQwNmY1ZmFk
OTQ5NjIwHhcNMjMwMTAyMDgxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGQ2NWMxODM3ZDAyMzFhNzI4YWNmZjhlYjhlOThhMDE4MGQ5MzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiiabOPNwkENwlHQjqe5KZRPeNVhm
K3LQ6uMHkyqf5hMfA+PATWUhlTKMgcNwP/Ge6dcg5VO7DVYPTqEpM2sIvqKNhLdT
L5lsh2dAdo9raeD+LxRTnXqotmuW+6NMqs9LjaM0rQGrFLxhI2DgpnHAYdQ9unu3
GyFgH1Rsf7AL3syl81IJa4CyOPVvVSyC1qydlGznjW0FFNfQWmHkVuD1qUhw4aB4
RegBU0vh1ElBU3W++ZllurcrnXUWBc40MnLBpt5VINzEbjigYoVtfJfiTx26shCR
5yShTzD1n2O3Zf+2peqTTUT/iljfB2syU1XbZFRZcy/5wvgDVUnQjt/MWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEDWXBg30CMacorP+OuOmKAYDZOQMB8GA1UdIwQY
MBaAFOAjjiKHf3MDlkAHzj40BvX62UliMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNENPT0lvZF9jd09XUUFmT1BqUUc5ZnJaU1dJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9kYTIyNzYtNmRiZi00MjJlLTllYmIt
NTYxMTc1ZjA0ZDhlLzEvUU5aY0dEZlFJeHB5aXNfNDY0NllvQmdOazVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9kYTIyNzYtNmRiZi00MjJlLTllYmItNTYxMTc1ZjA0ZDhl
LzEvNENPT0lvZF9jd09XUUFmT1BqUUc5ZnJaU1dJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZcEMA0G
CSqGSIb3DQEBCwUAA4IBAQBO4Qir7PkXZoQgstOUDItpdap9DDgULCSPiXeLjKcM
yQQLiTVEsU77SeIo8poK+8e5aVw9+fi7HaSl1A+QGKpCpN+KUHoBRnD3lYekobO2
RN8weDOmHSt0JYKfsb9hsrONXAuAP57OGRsCh8R44c+08rME6/faaAxpNPkYlgUC
7LjOzmjkU2cn21u5srSY5dUXNkoN4MDSGXPDBUvkjEWOrP7TySb5xfegnBwZkD/+
W/BucEfbj7HpIfEMZSYUzqlfpB9WzRY086Eku2jIKsOmWddOCjnUPV+/3Glt96fC
poS0IChm7eqo0BaQLG7/PWeiEesEYRxDpHnlHeBhqIDC
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:03 2025 by rpki-client