Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/068cb9-6cba-453d-858a-c5bbf95f8584/1/qqdDD1k3DyBFxtzwU22CKTds4J4.roa
File: qqdDD1k3DyBFxtzwU22CKTds4J4.roa (raw, json)
Hash identifier: r8UnNjPt105T+R/kmC0yc0FA8HiJgqJJ0FO2XsDLMlY=
Subject key identifier: AA:A7:43:0F:59:37:0F:20:45:C6:DC:F0:53:6D:82:29:37:6C:E0:9E
Certificate issuer: /CN=700c030930a9d2e4da88d81852a44c3f78bfb440
Certificate serial: 0188537C71CEDE82FFAADF5AF0C69DCA8525
Authority key identifier: 70:0C:03:09:30:A9:D2:E4:DA:88:D8:18:52:A4:4C:3F:78:BF:B4:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cAwDCTCp0uTaiNgYUqRMP3i_tEA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/068cb9-6cba-453d-858a-c5bbf95f8584/1/qqdDD1k3DyBFxtzwU22CKTds4J4.roa
Signing time: Thu 25 May 2023 15:17:24 +0000
ROA not before: Thu 25 May 2023 15:17:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20596
IP address blocks: 185.113.24.0/22 maxlen: 22
2a06:6740::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:53:7c:71:ce:de:82:ff:aa:df:5a:f0:c6:9d:ca:85:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=700c030930a9d2e4da88d81852a44c3f78bfb440
Validity
Not Before: May 25 15:17:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aaa7430f59370f2045c6dcf0536d8229376ce09e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:20:e7:61:04:bb:a7:a7:f1:a6:40:18:43:29:
9f:e2:7d:e3:1b:c9:08:4e:e0:54:7b:40:da:64:5c:
56:e4:d7:ee:6e:76:82:85:61:95:27:f6:b9:8e:fb:
d7:91:dc:6f:3f:64:fd:2e:c8:75:a4:ab:22:4e:8f:
fa:25:42:64:56:75:64:bf:b6:ac:e3:e1:60:08:d9:
6d:01:c7:ac:bd:a3:0d:da:e6:1d:d9:7e:4a:97:46:
42:27:c5:56:9c:47:72:e8:f5:32:b4:4d:e0:69:f5:
e9:67:de:35:9c:bf:3e:ad:92:56:1f:d5:a7:63:fb:
fe:99:e3:72:b5:43:b7:9f:8c:35:c0:50:2f:ca:17:
fb:0c:bb:8c:ca:75:7d:bc:00:df:0c:c5:09:c4:43:
d9:ab:b6:75:fc:d8:a7:80:67:f9:87:8e:2c:29:29:
9f:0a:12:19:88:36:54:04:55:d6:15:d0:0d:98:19:
97:66:93:58:d2:be:d6:27:f9:6e:5c:97:80:ad:ff:
5d:52:97:75:d5:ce:c3:ce:de:d9:d9:bf:ae:76:0d:
9e:49:ef:19:0b:02:eb:4a:31:71:3a:c7:68:c6:7d:
0c:a2:39:f7:12:98:e3:bd:3d:3d:7b:0b:ff:36:e7:
a9:0f:50:fb:ad:71:b4:2d:0a:f6:87:7c:d5:a1:ab:
54:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:A7:43:0F:59:37:0F:20:45:C6:DC:F0:53:6D:82:29:37:6C:E0:9E
X509v3 Authority Key Identifier:
keyid:70:0C:03:09:30:A9:D2:E4:DA:88:D8:18:52:A4:4C:3F:78:BF:B4:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cAwDCTCp0uTaiNgYUqRMP3i_tEA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/068cb9-6cba-453d-858a-c5bbf95f8584/1/qqdDD1k3DyBFxtzwU22CKTds4J4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/068cb9-6cba-453d-858a-c5bbf95f8584/1/cAwDCTCp0uTaiNgYUqRMP3i_tEA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.113.24.0/22
IPv6:
2a06:6740::/29
Signature Algorithm: sha256WithRSAEncryption
44:af:03:c8:43:f6:09:cb:c9:86:d4:11:08:b5:ce:da:eb:9f:
8f:71:62:c4:e1:86:b0:09:f1:4c:36:9d:98:92:d6:3a:6f:2b:
82:2f:2d:9d:94:a2:75:df:bc:12:16:d4:22:2b:76:b5:ea:93:
ea:af:b4:a7:1c:fb:85:1b:74:72:ef:c0:74:f4:b7:00:42:c7:
1d:e8:26:c7:53:96:ee:c2:da:21:f1:69:d9:a2:26:c4:a2:dd:
45:d0:df:b6:af:e3:48:42:da:b6:b0:b0:73:ce:74:cb:92:95:
d6:82:36:de:cf:27:a2:aa:6f:be:96:28:64:12:47:ac:92:e7:
6a:c3:e6:ff:e6:99:7c:5e:00:0c:76:5a:97:1e:9b:be:a2:54:
55:41:7a:22:f5:ac:0f:96:fc:ea:2d:91:ca:e6:ea:93:8f:eb:
68:14:e9:87:d6:7f:2f:a2:71:2c:12:15:78:e3:88:74:76:e3:
2d:e7:ac:95:98:76:ef:53:80:ad:0c:77:bd:1f:6e:a7:d0:67:
3f:93:c4:29:cc:f6:69:9d:63:ce:9e:46:57:e5:ea:96:a5:77:
1b:b8:dc:4c:10:26:7e:e8:ed:1e:da:31:12:60:46:6a:be:2f:
e6:87:60:87:0f:86:13:df:d0:ec:52:69:dd:ee:91:9f:da:26:
f0:b2:f2:bf
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYhTfHHO3oL/qt9a8MadyoUlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwMGMwMzA5MzBhOWQyZTRkYTg4ZDgxODUyYTQ0YzNmNzhi
ZmI0NDAwHhcNMjMwNTI1MTUxNzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWE3NDMwZjU5MzcwZjIwNDVjNmRjZjA1MzZkODIyOTM3NmNlMDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtCDnYQS7p6fxpkAYQymf4n3jG8kI
TuBUe0DaZFxW5NfubnaChWGVJ/a5jvvXkdxvP2T9Lsh1pKsiTo/6JUJkVnVkv7as
4+FgCNltAcesvaMN2uYd2X5Kl0ZCJ8VWnEdy6PUytE3gafXpZ941nL8+rZJWH9Wn
Y/v+meNytUO3n4w1wFAvyhf7DLuMynV9vADfDMUJxEPZq7Z1/NingGf5h44sKSmf
ChIZiDZUBFXWFdANmBmXZpNY0r7WJ/luXJeArf9dUpd11c7Dzt7Z2b+udg2eSe8Z
CwLrSjFxOsdoxn0Mojn3EpjjvT09ewv/NuepD1D7rXG0LQr2h3zVoatU9wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKqnQw9ZNw8gRcbc8FNtgik3bOCeMB8GA1UdIwQY
MBaAFHAMAwkwqdLk2ojYGFKkTD94v7RAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0F3RENUQ3AwdVRhaU5nWVVxUk1QM2lfdEVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS8wNjhjYjktNmNiYS00NTNkLTg1OGEt
YzViYmY5NWY4NTg0LzEvcXFkREQxazNEeUJGeHR6d1UyMkNLVGRzNEo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS8wNjhjYjktNmNiYS00NTNkLTg1OGEtYzViYmY5NWY4NTg0
LzEvY0F3RENUQ3AwdVRhaU5nWVVxUk1QM2lfdEVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXEYMA0E
AgACMAcDBQMqBmdAMA0GCSqGSIb3DQEBCwUAA4IBAQBErwPIQ/YJy8mG1BEItc7a
65+PcWLE4YawCfFMNp2YktY6byuCLy2dlKJ137wSFtQiK3a16pPqr7SnHPuFG3Ry
78B09LcAQscd6CbHU5buwtoh8WnZoibEot1F0N+2r+NIQtq2sLBzznTLkpXWgjbe
zyeiqm++lihkEkeskudqw+b/5pl8XgAMdlqXHpu+olRVQXoi9awPlvzqLZHK5uqT
j+toFOmH1n8vonEsEhV444h0duMt56yVmHbvU4CtDHe9H26n0Gc/k8QpzPZpnWPO
nkZX5eqWpXcbuNxMECZ+6O0e2jESYEZqvi/mh2CHD4YT39DsUmnd7pGf2ibwsvK/
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:55 2025 by rpki-client