Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/3bb1a5-941e-4a61-943e-faae4baebeff/1/q40vxO4JZ7KyzKuhavz9x8lytUg.roa
File: q40vxO4JZ7KyzKuhavz9x8lytUg.roa (raw, json)
Hash identifier: hiXb+G4e1+ALGHGFZ530mdql3vWFOUgSwMSgrA5evSA=
Subject key identifier: AB:8D:2F:C4:EE:09:67:B2:B2:CC:AB:A1:6A:FC:FD:C7:C9:72:B5:48
Certificate issuer: /CN=454f9d2dbed974538405a79f6ec7e86c4aedd3d1
Certificate serial: 0185720C7B04BDD4BEB91D2737F4C334DF24
Authority key identifier: 45:4F:9D:2D:BE:D9:74:53:84:05:A7:9F:6E:C7:E8:6C:4A:ED:D3:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RU-dLb7ZdFOEBaefbsfobErt09E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/3bb1a5-941e-4a61-943e-faae4baebeff/1/q40vxO4JZ7KyzKuhavz9x8lytUg.roa
Signing time: Mon 02 Jan 2023 10:34:58 +0000
ROA not before: Mon 02 Jan 2023 10:34:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62240
IP address blocks: 185.68.80.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:0c:7b:04:bd:d4:be:b9:1d:27:37:f4:c3:34:df:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=454f9d2dbed974538405a79f6ec7e86c4aedd3d1
Validity
Not Before: Jan 2 10:34:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ab8d2fc4ee0967b2b2ccaba16afcfdc7c972b548
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:c2:51:7f:56:71:45:13:19:ee:fe:a3:ae:ab:
fd:5a:27:83:29:84:72:b9:28:e3:19:7d:67:94:6b:
45:04:8b:08:38:06:b9:d1:b2:87:31:28:88:25:d7:
39:7e:ff:75:2c:5d:25:68:0c:68:34:b0:33:50:35:
69:1b:16:52:df:6e:63:11:66:52:71:94:8c:9c:a9:
06:15:bc:45:98:24:c5:c7:e2:c8:71:48:b0:a7:ea:
01:65:40:fb:90:d9:8a:a2:39:7d:0e:b9:f7:b3:e3:
21:61:61:ec:a8:2f:dc:4a:3e:70:82:d7:38:b5:66:
c6:eb:d9:2a:d4:c5:b9:1a:ac:46:f0:4f:42:23:f0:
fd:09:08:c7:45:6d:cd:81:30:08:50:48:5d:4a:ac:
45:dd:17:0e:53:4e:49:8a:cc:a1:d5:32:23:c2:7d:
fe:08:43:02:87:08:60:9a:81:fd:a5:0d:59:ca:bd:
84:0d:66:47:cc:da:26:44:db:7c:37:43:ff:f7:ef:
c9:d1:ef:5e:87:f0:ca:ee:03:bd:dc:e5:06:fb:11:
b4:d4:78:50:2f:e2:aa:c6:aa:ff:52:2a:24:a6:dd:
7f:cf:8f:1d:a7:51:ab:cf:fb:06:8e:f1:a8:69:57:
11:18:37:a2:14:ac:93:f4:94:ef:af:b7:fa:ed:e6:
1b:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:8D:2F:C4:EE:09:67:B2:B2:CC:AB:A1:6A:FC:FD:C7:C9:72:B5:48
X509v3 Authority Key Identifier:
keyid:45:4F:9D:2D:BE:D9:74:53:84:05:A7:9F:6E:C7:E8:6C:4A:ED:D3:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RU-dLb7ZdFOEBaefbsfobErt09E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/3bb1a5-941e-4a61-943e-faae4baebeff/1/q40vxO4JZ7KyzKuhavz9x8lytUg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/3bb1a5-941e-4a61-943e-faae4baebeff/1/RU-dLb7ZdFOEBaefbsfobErt09E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.68.80.0/22
Signature Algorithm: sha256WithRSAEncryption
31:bf:1f:11:46:7e:5f:9c:0d:4e:ad:90:b2:90:91:5c:8d:5b:
3d:81:8c:5f:4b:be:87:80:1c:b0:25:bc:8f:bd:b2:11:8c:6d:
b6:3f:a3:e8:04:aa:8f:eb:7f:a1:9c:ca:f7:7d:1a:11:dd:52:
1f:22:93:28:80:c4:84:21:a2:92:55:16:38:6d:a5:50:21:1c:
82:43:c7:46:95:c2:85:45:a9:fd:ad:df:ae:b4:92:0d:10:f0:
14:fc:90:b1:b3:4a:51:3b:0b:d7:1b:09:93:08:62:82:99:25:
7e:48:e1:a6:ac:95:ab:8e:17:4b:6d:89:5a:25:a8:d4:37:c4:
ef:70:21:34:8c:dd:94:8e:1f:88:b8:db:90:50:30:e8:1d:79:
97:55:fc:63:99:bd:a3:ad:7b:78:89:e4:b7:fc:02:5d:ad:0d:
9f:9e:2b:86:30:d6:68:93:c7:6b:ac:b5:de:22:cc:cc:3e:20:
26:2c:fc:ac:ad:93:86:7b:45:c3:a4:ab:a5:40:d8:2c:a1:0b:
b4:8f:48:2a:31:f5:d2:2b:95:59:c5:be:56:36:c6:ba:f0:48:
e7:e6:fb:19:06:a3:28:4b:bf:b3:26:17:16:88:6d:b4:35:46:
23:ac:68:c8:19:3b:6e:56:11:d2:b6:cc:9f:d4:ab:78:ae:ad:
7e:58:62:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyDHsEvdS+uR0nN/TDNN8kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1NGY5ZDJkYmVkOTc0NTM4NDA1YTc5ZjZlYzdlODZjNGFl
ZGQzZDEwHhcNMjMwMTAyMTAzNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjhkMmZjNGVlMDk2N2IyYjJjY2FiYTE2YWZjZmRjN2M5NzJiNTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhMJRf1ZxRRMZ7v6jrqv9WieDKYRy
uSjjGX1nlGtFBIsIOAa50bKHMSiIJdc5fv91LF0laAxoNLAzUDVpGxZS325jEWZS
cZSMnKkGFbxFmCTFx+LIcUiwp+oBZUD7kNmKojl9Drn3s+MhYWHsqC/cSj5wgtc4
tWbG69kq1MW5GqxG8E9CI/D9CQjHRW3NgTAIUEhdSqxF3RcOU05Jisyh1TIjwn3+
CEMChwhgmoH9pQ1Zyr2EDWZHzNomRNt8N0P/9+/J0e9eh/DK7gO93OUG+xG01HhQ
L+Kqxqr/Uiokpt1/z48dp1Grz/sGjvGoaVcRGDeiFKyT9JTvr7f67eYbRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKuNL8TuCWeyssyroWr8/cfJcrVIMB8GA1UdIwQY
MBaAFEVPnS2+2XRThAWnn27H6GxK7dPRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlUtZExiN1pkRk9FQmFlZmJzZm9iRXJ0MDlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8zYmIxYTUtOTQxZS00YTYxLTk0M2Ut
ZmFhZTRiYWViZWZmLzEvcTQwdnhPNEpaN0t5ekt1aGF2ejl4OGx5dFVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8zYmIxYTUtOTQxZS00YTYxLTk0M2UtZmFhZTRiYWViZWZm
LzEvUlUtZExiN1pkRk9FQmFlZmJzZm9iRXJ0MDlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuURQMA0G
CSqGSIb3DQEBCwUAA4IBAQAxvx8RRn5fnA1OrZCykJFcjVs9gYxfS76HgBywJbyP
vbIRjG22P6PoBKqP63+hnMr3fRoR3VIfIpMogMSEIaKSVRY4baVQIRyCQ8dGlcKF
Ran9rd+utJINEPAU/JCxs0pROwvXGwmTCGKCmSV+SOGmrJWrjhdLbYlaJajUN8Tv
cCE0jN2Ujh+IuNuQUDDoHXmXVfxjmb2jrXt4ieS3/AJdrQ2fniuGMNZok8drrLXe
IszMPiAmLPysrZOGe0XDpKulQNgsoQu0j0gqMfXSK5VZxb5WNsa68Ejn5vsZBqMo
S7+zJhcWiG20NUYjrGjIGTtuVhHStsyf1Kt4rq1+WGJg
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:20:05 2025 by rpki-client