Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/d516a3-8974-45db-8226-8174ddae31d3/1/0qXQUFYLMoP_I1SJ04n0HOAFX4w.roa
File: 0qXQUFYLMoP_I1SJ04n0HOAFX4w.roa (raw, json)
Hash identifier: ENylxOgRhV9CWz4hnKWITA14KqBhmqsbtU9hGWIM++8=
Subject key identifier: D2:A5:D0:50:56:0B:32:83:FF:23:54:89:D3:89:F4:1C:E0:05:5F:8C
Certificate issuer: /CN=69720a9103e1ae00cc788c5decfe0948c84bcd1b
Certificate serial: 02AF82
Authority key identifier: 69:72:0A:91:03:E1:AE:00:CC:78:8C:5D:EC:FE:09:48:C8:4B:CD:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aXIKkQPhrgDMeIxd7P4JSMhLzRs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/d516a3-8974-45db-8226-8174ddae31d3/1/0qXQUFYLMoP_I1SJ04n0HOAFX4w.roa
Signing time: Mon 11 Apr 2022 12:52:18 +0000
ROA not before: Mon 11 Apr 2022 12:52:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203908
IP address blocks: 185.150.240.0/22 maxlen: 22
2a03:ad60::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 176002 (0x2af82)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69720a9103e1ae00cc788c5decfe0948c84bcd1b
Validity
Not Before: Apr 11 12:52:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d2a5d050560b3283ff235489d389f41ce0055f8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:88:10:b9:44:96:c7:e2:c9:6e:44:17:cc:01:
75:4a:db:19:b9:f3:27:66:4d:35:31:c5:93:35:1d:
32:5f:e0:3e:0b:55:34:e5:11:9e:b9:dd:92:c4:3d:
71:db:41:2b:f4:dc:cf:97:15:5e:a8:a6:ae:4d:1d:
28:88:64:9d:a6:b0:de:53:cc:8e:16:c3:4a:fd:e4:
84:2c:9e:df:9e:a0:d9:4f:9a:ce:1d:e8:b0:3a:61:
79:84:a6:b8:b4:e0:f7:13:1b:d2:b0:de:92:42:83:
f6:2f:3c:3d:1c:e8:23:b9:9d:22:7a:8a:23:1e:9f:
bf:8f:d0:c8:91:56:c4:0e:28:42:af:ee:3c:c1:9e:
68:85:28:4c:84:6c:2d:66:84:61:ed:8f:8e:c0:4c:
e5:0b:29:d9:39:a3:6d:94:44:32:c0:2d:f9:be:41:
69:58:83:ae:d5:88:9b:1e:de:ee:cf:ed:14:5e:eb:
93:23:f5:b4:43:af:49:fe:45:9c:93:d7:e9:04:76:
55:5c:c7:18:03:50:6a:af:8b:ed:a6:8b:fe:67:0f:
25:d5:3d:62:96:b5:bf:46:6b:f4:de:e6:04:7c:ad:
a1:56:b9:c7:a3:06:ad:76:ad:72:a0:32:0c:5c:2f:
ee:6c:bc:b9:f5:51:51:9f:1b:8f:1d:33:3a:12:61:
ee:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:A5:D0:50:56:0B:32:83:FF:23:54:89:D3:89:F4:1C:E0:05:5F:8C
X509v3 Authority Key Identifier:
keyid:69:72:0A:91:03:E1:AE:00:CC:78:8C:5D:EC:FE:09:48:C8:4B:CD:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aXIKkQPhrgDMeIxd7P4JSMhLzRs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/d516a3-8974-45db-8226-8174ddae31d3/1/0qXQUFYLMoP_I1SJ04n0HOAFX4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/d516a3-8974-45db-8226-8174ddae31d3/1/aXIKkQPhrgDMeIxd7P4JSMhLzRs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.150.240.0/22
IPv6:
2a03:ad60::/32
Signature Algorithm: sha256WithRSAEncryption
26:6a:4a:4a:30:27:38:92:64:7a:7c:de:8b:8f:c1:97:8d:de:
75:d9:f5:b8:e0:c2:b4:ff:4e:62:44:cf:50:10:7f:66:f7:22:
14:64:0a:00:1b:21:39:99:85:f6:25:ab:2b:7d:f3:74:46:0f:
cf:b9:1e:21:bf:d0:3e:23:80:5a:b7:20:47:a5:bb:05:9f:dd:
22:17:20:ca:64:4e:d5:99:b2:5d:71:df:b9:74:74:05:42:4f:
19:d0:ae:a1:88:07:72:57:22:44:e6:0a:e1:4d:dd:98:9c:fd:
ba:d4:81:b2:dc:a0:be:17:59:70:39:f0:f1:fc:d2:eb:8b:e4:
95:f1:56:ca:46:45:a9:1f:2c:18:73:2f:86:2a:69:7b:d0:ba:
e1:ec:cc:a9:fa:cc:91:c1:77:b7:68:ff:66:a6:f8:77:ab:81:
bf:48:fd:93:d4:f3:68:cf:53:bb:23:31:ff:86:69:04:fd:31:
f0:64:19:92:b7:9f:d3:e4:16:be:be:d9:fc:b2:7f:42:af:c6:
1c:f9:ca:f9:7a:fa:a0:63:1d:e6:5e:12:ce:b6:57:9e:f9:43:
a3:f2:26:97:e5:b8:f1:1d:27:0f:61:fe:a4:4f:9a:b3:fb:a3:
58:ea:0b:a3:5c:b6:2b:b2:ce:5a:39:67:7c:4e:ea:de:35:44:
e7:4a:fd:d6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIDAq+CMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDY5
NzIwYTkxMDNlMWFlMDBjYzc4OGM1ZGVjZmUwOTQ4Yzg0YmNkMWIwHhcNMjIwNDEx
MTI1MjE4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhkMmE1ZDA1MDU2MGIz
MjgzZmYyMzU0ODlkMzg5ZjQxY2UwMDU1ZjhjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAzogQuUSWx+LJbkQXzAF1StsZufMnZk01McWTNR0yX+A+C1U0
5RGeud2SxD1x20Er9NzPlxVeqKauTR0oiGSdprDeU8yOFsNK/eSELJ7fnqDZT5rO
HeiwOmF5hKa4tOD3ExvSsN6SQoP2Lzw9HOgjuZ0ieoojHp+/j9DIkVbEDihCr+48
wZ5ohShMhGwtZoRh7Y+OwEzlCynZOaNtlEQywC35vkFpWIOu1YibHt7uz+0UXuuT
I/W0Q69J/kWck9fpBHZVXMcYA1Bqr4vtpov+Zw8l1T1ilrW/Rmv03uYEfK2hVrnH
owatdq1yoDIMXC/ubLy59VFRnxuPHTM6EmHuiQIDAQABo4ICGDCCAhQwHQYDVR0O
BBYEFNKl0FBWCzKD/yNUidOJ9BzgBV+MMB8GA1UdIwQYMBaAFGlyCpED4a4AzHiM
Xez+CUjIS80bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
YVhJS2tRUGhyZ0RNZUl4ZDdQNEpTTWhMelJzLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC82ZC9kNTE2YTMtODk3NC00NWRiLTgyMjYtODE3NGRkYWUzMWQzLzEv
MHFYUVVGWUxNb1BfSTFTSjA0bjBIT0FGWDR3LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9k
NTE2YTMtODk3NC00NWRiLTgyMjYtODE3NGRkYWUzMWQzLzEvYVhJS2tRUGhyZ0RN
ZUl4ZDdQNEpTTWhMelJzLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4G
CCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZbwMA0EAgACMAcDBQAqA61gMA0G
CSqGSIb3DQEBCwUAA4IBAQAmakpKMCc4kmR6fN6Lj8GXjd512fW44MK0/05iRM9Q
EH9m9yIUZAoAGyE5mYX2JasrffN0Rg/PuR4hv9A+I4BatyBHpbsFn90iFyDKZE7V
mbJdcd+5dHQFQk8Z0K6hiAdyVyJE5grhTd2YnP261IGy3KC+F1lwOfDx/NLri+SV
8VbKRkWpHywYcy+GKml70Lrh7Myp+syRwXe3aP9mpvh3q4G/SP2T1PNoz1O7IzH/
hmkE/THwZBmSt5/T5Ba+vtn8sn9Cr8Yc+cr5evqgYx3mXhLOtlee+UOj8iaX5bjx
HScPYf6kT5qz+6NY6gujXLYrss5aOWd8TureNUTnSv3W
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:42:07 2025 by rpki-client