Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/9844cd-24f8-4e52-b42b-c7bf021ee664/1/LQXTbdMSOatlX_SQ2ouLiiCGaZ4.roa
File: LQXTbdMSOatlX_SQ2ouLiiCGaZ4.roa (raw, json)
Hash identifier: 7ByJsbTtohMMRkFzl1PiKra+TAMb86M6/3kQ8uxbUhA=
Subject key identifier: 2D:05:D3:6D:D3:12:39:AB:65:5F:F4:90:DA:8B:8B:8A:20:86:69:9E
Certificate issuer: /CN=7632c90ef19d2bd6f668a4826e2d0d15635e947d
Certificate serial: 01856C813DE1710EA48506EEC998ED6BE03E
Authority key identifier: 76:32:C9:0E:F1:9D:2B:D6:F6:68:A4:82:6E:2D:0D:15:63:5E:94:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/djLJDvGdK9b2aKSCbi0NFWNelH0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/9844cd-24f8-4e52-b42b-c7bf021ee664/1/LQXTbdMSOatlX_SQ2ouLiiCGaZ4.roa
Signing time: Sun 01 Jan 2023 08:44:47 +0000
ROA not before: Sun 01 Jan 2023 08:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206281
IP address blocks: 185.220.172.0/24 maxlen: 24
185.220.175.0/24 maxlen: 24
185.220.173.0/24 maxlen: 24
185.220.174.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:81:3d:e1:71:0e:a4:85:06:ee:c9:98:ed:6b:e0:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7632c90ef19d2bd6f668a4826e2d0d15635e947d
Validity
Not Before: Jan 1 08:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2d05d36dd31239ab655ff490da8b8b8a2086699e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:05:3c:f5:6e:27:7a:2b:f7:fe:38:45:b2:88:
2f:af:cd:cd:89:b4:88:1b:c4:16:98:a6:f0:ca:28:
6a:ef:9b:64:c5:78:cb:fd:0e:0a:49:38:d3:a0:f3:
3d:03:19:f5:c5:61:42:61:24:62:24:bc:b8:a6:de:
75:75:f9:4c:eb:a7:8a:42:93:af:9b:7a:59:59:84:
f2:35:a2:90:16:ff:ab:29:7c:12:a9:c1:30:2b:21:
d1:59:1f:e9:23:f9:94:b7:2f:6c:ce:4f:48:ab:44:
3d:38:9f:ec:e9:1d:bc:be:a7:18:82:dc:88:bc:de:
2d:6d:7c:34:0a:cc:e0:2e:a1:e5:3c:dc:57:82:c7:
05:d5:89:08:71:2e:87:4d:e9:1b:1f:c8:6a:93:5a:
df:74:4a:38:25:4d:b9:4e:65:83:04:6a:49:63:da:
56:79:3b:1e:85:43:d6:0b:34:11:30:7a:0a:97:0f:
10:54:d3:41:1a:48:d1:b9:a2:42:7a:c3:c0:37:41:
ba:30:40:6f:25:63:8c:c7:1a:53:77:4b:44:57:e7:
ff:6f:5f:c2:c6:f1:a7:6b:93:06:35:ac:bc:2c:2f:
30:33:28:ef:b6:f4:2b:59:63:b4:d6:5d:fc:cc:87:
a2:1a:05:1e:71:10:f5:2e:35:ed:c1:51:5a:25:d9:
84:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:05:D3:6D:D3:12:39:AB:65:5F:F4:90:DA:8B:8B:8A:20:86:69:9E
X509v3 Authority Key Identifier:
keyid:76:32:C9:0E:F1:9D:2B:D6:F6:68:A4:82:6E:2D:0D:15:63:5E:94:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/djLJDvGdK9b2aKSCbi0NFWNelH0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/9844cd-24f8-4e52-b42b-c7bf021ee664/1/LQXTbdMSOatlX_SQ2ouLiiCGaZ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/9844cd-24f8-4e52-b42b-c7bf021ee664/1/djLJDvGdK9b2aKSCbi0NFWNelH0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.172.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:1a:20:af:49:8e:e2:7a:61:2a:62:07:ec:dd:f8:29:6e:5d:
70:5a:00:f3:1f:2e:c8:ce:fc:f8:16:5f:12:ac:51:70:73:7a:
57:bf:76:91:2e:ea:d3:41:fd:f9:c7:96:5d:55:7c:02:e8:0f:
13:e4:38:21:8d:44:ed:a4:59:45:a7:71:8c:80:12:06:00:6c:
b6:e9:e2:ba:e6:f7:ef:b3:eb:a8:20:e1:09:fe:1e:ea:9c:bc:
9f:03:58:db:34:29:a0:4b:bc:16:56:78:9e:d8:99:18:4b:26:
25:db:93:30:c1:53:43:de:b7:c4:e0:8c:44:94:22:1d:dc:d4:
fb:31:7b:0f:04:30:08:2e:7a:d4:53:ac:d1:70:77:10:ff:5e:
df:4d:cc:38:90:d4:76:f9:f3:b9:46:57:29:a4:0b:d0:e6:c5:
85:8e:a9:fc:a9:a5:3d:c7:83:08:9c:52:d2:fb:40:0b:77:5d:
77:1c:5f:b5:2b:34:83:0a:0e:fd:3d:28:de:f7:6f:13:ae:6a:
4d:80:05:2a:0c:ef:75:c7:30:e1:14:69:e4:1a:4a:4d:26:d6:
fd:fa:50:4a:56:11:2b:31:09:da:e6:f3:6a:f5:64:32:3d:18:
e9:b5:ee:1c:74:f6:d3:e5:a4:6f:dc:89:e8:32:32:73:d4:8e:
36:20:25:a0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsgT3hcQ6khQbuyZjta+A+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2MzJjOTBlZjE5ZDJiZDZmNjY4YTQ4MjZlMmQwZDE1NjM1
ZTk0N2QwHhcNMjMwMTAxMDg0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDA1ZDM2ZGQzMTIzOWFiNjU1ZmY0OTBkYThiOGI4YTIwODY2OTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwU89W4neiv3/jhFsogvr83NibSI
G8QWmKbwyihq75tkxXjL/Q4KSTjToPM9Axn1xWFCYSRiJLy4pt51dflM66eKQpOv
m3pZWYTyNaKQFv+rKXwSqcEwKyHRWR/pI/mUty9szk9Iq0Q9OJ/s6R28vqcYgtyI
vN4tbXw0CszgLqHlPNxXgscF1YkIcS6HTekbH8hqk1rfdEo4JU25TmWDBGpJY9pW
eTsehUPWCzQRMHoKlw8QVNNBGkjRuaJCesPAN0G6MEBvJWOMxxpTd0tEV+f/b1/C
xvGna5MGNay8LC8wMyjvtvQrWWO01l38zIeiGgUecRD1LjXtwVFaJdmEyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC0F023TEjmrZV/0kNqLi4oghmmeMB8GA1UdIwQY
MBaAFHYyyQ7xnSvW9mikgm4tDRVjXpR9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGpMSkR2R2RLOWIyYUtTQ2JpME5GV05lbEgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC85ODQ0Y2QtMjRmOC00ZTUyLWI0MmIt
YzdiZjAyMWVlNjY0LzEvTFFYVGJkTVNPYXRsWF9TUTJvdUxpaUNHYVo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC85ODQ0Y2QtMjRmOC00ZTUyLWI0MmItYzdiZjAyMWVlNjY0
LzEvZGpMSkR2R2RLOWIyYUtTQ2JpME5GV05lbEgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudysMA0G
CSqGSIb3DQEBCwUAA4IBAQBLGiCvSY7iemEqYgfs3fgpbl1wWgDzHy7Izvz4Fl8S
rFFwc3pXv3aRLurTQf35x5ZdVXwC6A8T5DghjUTtpFlFp3GMgBIGAGy26eK65vfv
s+uoIOEJ/h7qnLyfA1jbNCmgS7wWVnie2JkYSyYl25MwwVND3rfE4IxElCId3NT7
MXsPBDAILnrUU6zRcHcQ/17fTcw4kNR2+fO5RlcppAvQ5sWFjqn8qaU9x4MInFLS
+0ALd113HF+1KzSDCg79PSje928TrmpNgAUqDO91xzDhFGnkGkpNJtb9+lBKVhEr
MQna5vNq9WQyPRjpte4cdPbT5aRv3InoMjJz1I42ICWg
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:56 2025 by rpki-client