Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/c53c3e-aa2d-41ab-a312-2637d13338f1/1/qOuIwM2xchQcB-JGvkyazKrIk3E.roa
File: qOuIwM2xchQcB-JGvkyazKrIk3E.roa (raw, json)
Hash identifier: OWTniqUeNvbVLbupMAvIFIFqZktDnjgwWS3Y1COYnkA=
Subject key identifier: A8:EB:88:C0:CD:B1:72:14:1C:07:E2:46:BE:4C:9A:CC:AA:C8:93:71
Certificate issuer: /CN=3bd9436d2135c084897b74c6ad36da1700a7a98d
Certificate serial: 01856F1DA4939A4498871C8F0835C3292677
Authority key identifier: 3B:D9:43:6D:21:35:C0:84:89:7B:74:C6:AD:36:DA:17:00:A7:A9:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O9lDbSE1wISJe3TGrTbaFwCnqY0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/c53c3e-aa2d-41ab-a312-2637d13338f1/1/qOuIwM2xchQcB-JGvkyazKrIk3E.roa
Signing time: Sun 01 Jan 2023 20:54:51 +0000
ROA not before: Sun 01 Jan 2023 20:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42202
IP address blocks: 185.206.188.0/22 maxlen: 22
2a0b:1740::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:a4:93:9a:44:98:87:1c:8f:08:35:c3:29:26:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bd9436d2135c084897b74c6ad36da1700a7a98d
Validity
Not Before: Jan 1 20:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a8eb88c0cdb172141c07e246be4c9accaac89371
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:00:7e:e8:e6:d8:91:07:26:5e:46:65:66:37:
c3:c0:22:76:40:f4:30:fa:23:36:4f:c8:78:62:b7:
7b:e0:ad:6f:4e:ce:f3:b5:a7:ea:0d:86:1d:1c:10:
27:f8:64:eb:9c:a9:bf:77:8d:cd:99:5e:e0:aa:67:
13:78:f0:2c:8a:f9:eb:a7:b2:0f:77:50:55:43:59:
47:32:4a:50:77:08:dc:2e:ee:6d:fa:c3:67:e4:dc:
62:49:30:21:b6:80:fc:b8:83:8f:0c:d5:ef:c0:90:
d7:ee:42:f8:de:ed:7a:82:98:79:70:b2:d2:43:05:
8e:7e:db:3e:80:5e:b5:c6:1d:76:1d:7c:3a:58:d0:
5b:23:35:91:a8:c0:57:2e:54:54:5f:eb:14:07:9b:
c0:6a:f3:86:68:0d:4d:ff:ed:00:87:e1:3b:b8:ca:
14:ce:b8:d7:8c:9d:e6:7e:97:28:f8:f8:1c:4a:6d:
e9:52:37:54:04:4a:37:85:9d:06:74:6c:26:f6:d7:
2c:43:e8:f5:c4:a5:f4:53:3a:bb:57:b2:91:2c:28:
c5:b6:14:d0:21:0e:ab:21:cb:45:14:4a:b1:b4:c7:
72:73:93:2b:df:1c:d9:7a:ea:6d:58:ed:8b:9e:21:
8d:fd:ab:6b:83:30:8e:df:14:d5:be:b6:1b:96:84:
29:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:EB:88:C0:CD:B1:72:14:1C:07:E2:46:BE:4C:9A:CC:AA:C8:93:71
X509v3 Authority Key Identifier:
keyid:3B:D9:43:6D:21:35:C0:84:89:7B:74:C6:AD:36:DA:17:00:A7:A9:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O9lDbSE1wISJe3TGrTbaFwCnqY0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/c53c3e-aa2d-41ab-a312-2637d13338f1/1/qOuIwM2xchQcB-JGvkyazKrIk3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/c53c3e-aa2d-41ab-a312-2637d13338f1/1/O9lDbSE1wISJe3TGrTbaFwCnqY0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.206.188.0/22
IPv6:
2a0b:1740::/29
Signature Algorithm: sha256WithRSAEncryption
50:88:e3:65:4e:3c:68:74:e2:01:8e:d6:5b:98:83:24:48:b6:
55:4b:aa:81:2c:6c:d6:45:8f:02:3e:3d:8c:72:c9:b6:ef:9a:
52:b6:12:51:b2:9d:56:15:a2:f7:87:ee:79:88:7b:3c:3a:6d:
05:94:9c:89:66:49:c9:56:17:05:3f:41:17:a5:7d:0a:de:04:
e3:42:11:c2:65:b9:6c:b9:d3:a3:9b:68:06:24:c5:bd:d1:ee:
52:a7:dd:78:46:53:ea:4c:6a:f3:11:6d:f9:fc:92:22:b5:85:
bb:60:8a:a0:44:3c:1c:f7:5a:34:ac:d2:05:cf:f5:25:77:c1:
4e:34:35:41:5a:04:24:9b:26:ff:56:ba:0a:c2:ad:e8:06:71:
9c:bd:25:c8:59:68:3f:df:81:6e:eb:b3:69:2e:43:01:46:16:
7e:5f:06:33:4d:7d:5e:08:d2:49:13:b1:a7:49:62:fd:65:37:
78:2a:2e:1b:55:fd:dd:30:c8:eb:7d:a6:c3:d1:c8:d4:c7:c4:
14:53:46:b1:3f:0f:b0:f3:6d:a4:ef:65:72:dd:13:37:a7:f5:
bc:50:6a:22:4c:ed:3f:07:22:79:32:64:6c:2f:35:28:5b:37:
a0:c8:f2:9d:7a:69:13:3c:ae:b1:ee:ab:42:e9:65:be:56:27:
8b:45:43:f7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvHaSTmkSYhxyPCDXDKSZ3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZDk0MzZkMjEzNWMwODQ4OTdiNzRjNmFkMzZkYTE3MDBh
N2E5OGQwHhcNMjMwMTAxMjA1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGViODhjMGNkYjE3MjE0MWMwN2UyNDZiZTRjOWFjY2FhYzg5MzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwB+6ObYkQcmXkZlZjfDwCJ2QPQw
+iM2T8h4Yrd74K1vTs7ztafqDYYdHBAn+GTrnKm/d43NmV7gqmcTePAsivnrp7IP
d1BVQ1lHMkpQdwjcLu5t+sNn5NxiSTAhtoD8uIOPDNXvwJDX7kL43u16gph5cLLS
QwWOfts+gF61xh12HXw6WNBbIzWRqMBXLlRUX+sUB5vAavOGaA1N/+0Ah+E7uMoU
zrjXjJ3mfpco+PgcSm3pUjdUBEo3hZ0GdGwm9tcsQ+j1xKX0Uzq7V7KRLCjFthTQ
IQ6rIctFFEqxtMdyc5Mr3xzZeuptWO2LniGN/atrgzCO3xTVvrYbloQp2QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKjriMDNsXIUHAfiRr5MmsyqyJNxMB8GA1UdIwQY
MBaAFDvZQ20hNcCEiXt0xq022hcAp6mNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzlsRGJTRTF3SVNKZTNUR3JUYmFGd0NucVkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9jNTNjM2UtYWEyZC00MWFiLWEzMTIt
MjYzN2QxMzMzOGYxLzEvcU91SXdNMnhjaFFjQi1KR3ZreWF6S3JJazNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9jNTNjM2UtYWEyZC00MWFiLWEzMTItMjYzN2QxMzMzOGYx
LzEvTzlsRGJTRTF3SVNKZTNUR3JUYmFGd0NucVkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuc68MA0E
AgACMAcDBQMqCxdAMA0GCSqGSIb3DQEBCwUAA4IBAQBQiONlTjxodOIBjtZbmIMk
SLZVS6qBLGzWRY8CPj2Mcsm275pSthJRsp1WFaL3h+55iHs8Om0FlJyJZknJVhcF
P0EXpX0K3gTjQhHCZblsudOjm2gGJMW90e5Sp914RlPqTGrzEW35/JIitYW7YIqg
RDwc91o0rNIFz/Uld8FONDVBWgQkmyb/VroKwq3oBnGcvSXIWWg/34Fu67NpLkMB
RhZ+XwYzTX1eCNJJE7GnSWL9ZTd4Ki4bVf3dMMjrfabD0cjUx8QUU0axPw+w822k
72Vy3RM3p/W8UGoiTO0/ByJ5MmRsLzUoWzegyPKdemkTPK6x7qtC6WW+VieLRUP3
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:05:49 2025 by rpki-client