Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/cf8f99-e581-4f5f-875f-df4e8c7364fe/1/QOnj7L_Nnl1muM3kO0caaSrm5bM.roa
File: QOnj7L_Nnl1muM3kO0caaSrm5bM.roa (raw, json)
Hash identifier: Uwxl/MqsGGNoK4+SY+DUj0dek2rn79L0i8K2Q+kAH14=
Subject key identifier: 40:E9:E3:EC:BF:CD:9E:5D:66:B8:CD:E4:3B:47:1A:69:2A:E6:E5:B3
Certificate issuer: /CN=3096d7afbb8a5e315a5c489acea7dcb75aa65d04
Certificate serial: 01856DE6716273DB4DE896759EBB31FE8275
Authority key identifier: 30:96:D7:AF:BB:8A:5E:31:5A:5C:48:9A:CE:A7:DC:B7:5A:A6:5D:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MJbXr7uKXjFaXEiazqfct1qmXQQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/cf8f99-e581-4f5f-875f-df4e8c7364fe/1/QOnj7L_Nnl1muM3kO0caaSrm5bM.roa
Signing time: Sun 01 Jan 2023 15:14:56 +0000
ROA not before: Sun 01 Jan 2023 15:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43817
IP address blocks: 185.167.20.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:e6:71:62:73:db:4d:e8:96:75:9e:bb:31:fe:82:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3096d7afbb8a5e315a5c489acea7dcb75aa65d04
Validity
Not Before: Jan 1 15:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40e9e3ecbfcd9e5d66b8cde43b471a692ae6e5b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:f2:ef:4b:97:b1:4b:8b:73:fd:b7:ae:9a:0b:
b8:c0:61:88:05:d6:6f:ae:03:4e:37:e9:11:68:df:
32:06:dc:74:a3:df:0e:ed:d4:69:f1:96:83:7b:40:
4d:e3:7f:25:1b:b0:0a:60:cb:1b:74:9e:e5:57:ef:
48:36:e6:80:83:37:22:34:37:c8:cb:73:49:26:6f:
22:1f:39:57:2e:fa:8a:35:97:96:75:27:ac:13:07:
df:0c:df:e3:2b:94:1c:6b:e4:f5:b5:08:05:7b:cc:
6e:4d:ea:cc:65:16:f2:17:b7:2d:d4:33:37:78:df:
52:92:3c:9a:60:c2:74:04:23:05:09:a5:43:38:1d:
48:19:22:d8:e7:06:dc:16:ad:08:0a:d3:c7:62:67:
d3:0d:e5:91:4d:0a:02:9f:d7:d1:d4:32:69:0f:73:
20:72:3c:da:83:85:c6:97:6c:a4:bc:8d:1c:06:46:
cc:22:14:ea:e4:ba:33:1f:e6:17:47:fe:a4:8d:ed:
a6:f1:f4:3c:54:a9:8a:95:ce:23:a2:41:96:86:d7:
13:1a:67:0b:ea:e3:ee:91:d2:b1:73:ba:c9:86:b5:
1a:09:f7:08:1f:e5:4e:2d:69:80:c7:87:1b:b2:e6:
43:4c:02:b3:d9:e4:03:04:5c:27:0e:8f:33:80:32:
c5:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:E9:E3:EC:BF:CD:9E:5D:66:B8:CD:E4:3B:47:1A:69:2A:E6:E5:B3
X509v3 Authority Key Identifier:
keyid:30:96:D7:AF:BB:8A:5E:31:5A:5C:48:9A:CE:A7:DC:B7:5A:A6:5D:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MJbXr7uKXjFaXEiazqfct1qmXQQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/cf8f99-e581-4f5f-875f-df4e8c7364fe/1/QOnj7L_Nnl1muM3kO0caaSrm5bM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/cf8f99-e581-4f5f-875f-df4e8c7364fe/1/MJbXr7uKXjFaXEiazqfct1qmXQQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.167.20.0/22
Signature Algorithm: sha256WithRSAEncryption
ae:b1:ef:25:0a:ed:4e:04:e4:6d:71:e3:aa:c2:c0:6e:8b:f3:
29:f7:91:f7:bc:a0:08:74:68:80:0a:e1:07:17:3e:a5:13:84:
a6:55:ec:69:90:d7:8a:9b:db:21:2f:62:2b:ee:2d:0f:84:27:
b3:aa:79:10:99:e1:62:16:af:0c:b9:1d:eb:07:11:27:07:c4:
c9:95:09:29:ac:3c:20:16:71:51:cc:65:2d:42:ce:2d:51:1b:
c9:c4:cb:b5:a7:2d:03:ef:cc:ae:f5:7a:82:98:2a:eb:dd:ba:
49:9b:0d:05:f1:72:b9:02:a6:dd:ac:1b:ec:0b:25:53:3c:56:
ce:45:1c:29:04:32:2b:0f:8e:13:ba:34:ab:20:0f:c4:4e:1d:
70:33:7b:b2:73:65:fe:5d:b3:b4:3a:6e:cb:cd:52:e3:0c:28:
6d:fb:88:e4:02:5b:0e:09:f7:41:bf:34:37:cb:86:88:60:83:
3d:e1:92:1a:02:62:4e:ac:ad:0c:66:7d:d5:6a:c1:49:bf:f7:
3f:ab:5d:07:2a:3e:79:0c:9d:6e:97:f8:ed:03:0b:3f:78:45:
41:3b:98:d0:7b:96:f7:7c:3c:30:e1:af:86:b9:66:1d:9a:3b:
a8:12:26:fe:3d:3b:a6:c8:15:21:66:da:ff:01:84:0b:3c:35:
35:ab:16:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt5nFic9tN6JZ1nrsx/oJ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwOTZkN2FmYmI4YTVlMzE1YTVjNDg5YWNlYTdkY2I3NWFh
NjVkMDQwHhcNMjMwMTAxMTUxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGU5ZTNlY2JmY2Q5ZTVkNjZiOGNkZTQzYjQ3MWE2OTJhZTZlNWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnfLvS5exS4tz/beumgu4wGGIBdZv
rgNON+kRaN8yBtx0o98O7dRp8ZaDe0BN438lG7AKYMsbdJ7lV+9INuaAgzciNDfI
y3NJJm8iHzlXLvqKNZeWdSesEwffDN/jK5Qca+T1tQgFe8xuTerMZRbyF7ct1DM3
eN9SkjyaYMJ0BCMFCaVDOB1IGSLY5wbcFq0ICtPHYmfTDeWRTQoCn9fR1DJpD3Mg
cjzag4XGl2ykvI0cBkbMIhTq5LozH+YXR/6kje2m8fQ8VKmKlc4jokGWhtcTGmcL
6uPukdKxc7rJhrUaCfcIH+VOLWmAx4cbsuZDTAKz2eQDBFwnDo8zgDLFuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEDp4+y/zZ5dZrjN5DtHGmkq5uWzMB8GA1UdIwQY
MBaAFDCW16+7il4xWlxIms6n3Ldapl0EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUpiWHI3dUtYakZhWEVpYXpxZmN0MXFtWFFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9jZjhmOTktZTU4MS00ZjVmLTg3NWYt
ZGY0ZThjNzM2NGZlLzEvUU9uajdMX05ubDFtdU0za08wY2FhU3JtNWJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9jZjhmOTktZTU4MS00ZjVmLTg3NWYtZGY0ZThjNzM2NGZl
LzEvTUpiWHI3dUtYakZhWEVpYXpxZmN0MXFtWFFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuacUMA0G
CSqGSIb3DQEBCwUAA4IBAQCuse8lCu1OBORtceOqwsBui/Mp95H3vKAIdGiACuEH
Fz6lE4SmVexpkNeKm9shL2Ir7i0PhCezqnkQmeFiFq8MuR3rBxEnB8TJlQkprDwg
FnFRzGUtQs4tURvJxMu1py0D78yu9XqCmCrr3bpJmw0F8XK5AqbdrBvsCyVTPFbO
RRwpBDIrD44TujSrIA/ETh1wM3uyc2X+XbO0Om7LzVLjDCht+4jkAlsOCfdBvzQ3
y4aIYIM94ZIaAmJOrK0MZn3VasFJv/c/q10HKj55DJ1ul/jtAws/eEVBO5jQe5b3
fDww4a+GuWYdmjuoEib+PTumyBUhZtr/AYQLPDU1qxb3
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:59 2025 by rpki-client