Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/74177c-5e3b-4836-8867-e8d47bba25bf/1/DQVXZc0oP9Y9nhF3OtZNesKST2k.roa
File: DQVXZc0oP9Y9nhF3OtZNesKST2k.roa (raw, json)
Hash identifier: mbHIEdHKrG1PFphrWPoemhMuNpsWfjcnOL+Ej8fHA2k=
Subject key identifier: 0D:05:57:65:CD:28:3F:D6:3D:9E:11:77:3A:D6:4D:7A:C2:92:4F:69
Certificate issuer: /CN=d8a56e2d63ac5da9bed35da01cbfad225f04beb0
Certificate serial: 1198F71B
Authority key identifier: D8:A5:6E:2D:63:AC:5D:A9:BE:D3:5D:A0:1C:BF:AD:22:5F:04:BE:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2KVuLWOsXam-012gHL-tIl8EvrA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/74177c-5e3b-4836-8867-e8d47bba25bf/1/DQVXZc0oP9Y9nhF3OtZNesKST2k.roa
Signing time: Sat 01 Jan 2022 07:57:57 +0000
ROA not before: Sat 01 Jan 2022 07:57:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3213
IP address blocks: 185.159.25.0/24 maxlen: 24
2a00:9b40:200::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 295237403 (0x1198f71b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8a56e2d63ac5da9bed35da01cbfad225f04beb0
Validity
Not Before: Jan 1 07:57:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0d055765cd283fd63d9e11773ad64d7ac2924f69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:07:b2:12:90:26:dd:2d:e2:45:b8:ac:c3:6f:
a4:7c:62:c8:e2:6b:55:16:4d:ba:8f:cb:9f:c8:86:
38:e2:f5:fb:6c:88:05:cf:09:e5:cb:75:2b:6c:35:
34:94:ef:ce:99:b2:51:09:85:73:de:96:fa:ec:23:
b1:96:80:9e:03:74:16:83:dc:7e:a5:1e:bb:34:71:
b0:ab:8d:7a:19:0f:1e:dc:ba:9d:d2:71:4c:18:e2:
ed:12:d4:0b:49:08:9a:d8:d8:1d:f2:9b:dd:19:4f:
86:13:c4:2e:b3:c7:89:22:fb:8e:8b:ba:58:5f:d8:
1e:95:96:2b:3b:19:d8:c6:55:48:2f:14:31:b6:c5:
44:59:e2:54:4a:32:0e:62:ac:a8:38:5d:3c:53:e9:
af:c9:5a:68:46:f8:33:07:aa:03:79:65:30:6c:a1:
ba:b3:d4:35:84:09:da:17:25:65:40:7a:e5:e4:ea:
a1:72:12:52:22:65:27:40:28:07:f4:f6:75:42:8e:
2a:ae:80:68:6c:b2:13:62:8a:af:51:d8:e1:b3:fe:
63:7c:0b:f0:e4:67:d2:e3:29:c1:38:92:53:52:7b:
5e:57:96:de:29:bc:05:5e:b9:58:2f:4d:aa:ab:9e:
7a:7e:c5:8b:6f:e1:ce:36:90:b5:72:b0:fc:76:06:
81:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:05:57:65:CD:28:3F:D6:3D:9E:11:77:3A:D6:4D:7A:C2:92:4F:69
X509v3 Authority Key Identifier:
keyid:D8:A5:6E:2D:63:AC:5D:A9:BE:D3:5D:A0:1C:BF:AD:22:5F:04:BE:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2KVuLWOsXam-012gHL-tIl8EvrA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/74177c-5e3b-4836-8867-e8d47bba25bf/1/DQVXZc0oP9Y9nhF3OtZNesKST2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/74177c-5e3b-4836-8867-e8d47bba25bf/1/2KVuLWOsXam-012gHL-tIl8EvrA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.159.25.0/24
IPv6:
2a00:9b40:200::/40
Signature Algorithm: sha256WithRSAEncryption
01:10:30:6b:5c:a4:0d:f0:de:f9:77:97:2c:63:7b:40:6f:a3:
11:28:38:81:0c:19:98:59:42:af:68:bd:b6:7c:62:7e:cb:0d:
17:e9:6f:53:7c:74:9b:d6:1c:0d:3c:2e:37:ec:a9:31:49:f6:
54:b1:5b:c0:08:d3:42:7e:7c:5f:6f:f1:88:06:44:59:65:d9:
bb:8d:98:ac:69:03:b4:4d:4a:b9:7b:20:15:10:ad:12:50:48:
11:77:ed:fe:02:37:05:de:99:b6:60:31:1c:a2:8c:7a:be:46:
da:da:b0:e8:f9:68:c0:50:0d:26:34:73:8b:4f:58:1e:40:31:
94:64:37:6f:f2:f9:2a:28:c7:93:2a:66:5d:b7:1e:75:b3:d1:
0f:65:46:39:ef:78:8d:6a:d0:ea:0a:65:8f:ca:0d:56:c4:bc:
d5:1e:cf:2a:7b:f6:e8:87:12:15:80:b7:a1:4a:c4:f8:7e:f2:
1c:30:4b:e6:e3:e6:b8:cc:8d:64:72:e6:9e:03:64:c5:91:93:
3a:46:02:06:fd:60:91:03:68:ea:62:a3:16:b9:e6:f9:69:d7:
37:c8:0c:c5:ac:a6:40:c6:90:ab:f5:e7:e8:32:84:21:38:5a:
3c:b8:1e:57:50:d5:49:84:75:5a:6d:a7:7d:bf:23:81:04:f3:
2a:fe:b1:45
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIEEZj3GzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
OGE1NmUyZDYzYWM1ZGE5YmVkMzVkYTAxY2JmYWQyMjVmMDRiZWIwMB4XDTIyMDEw
MTA3NTc1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGQwNTU3NjVjZDI4
M2ZkNjNkOWUxMTc3M2FkNjRkN2FjMjkyNGY2OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMEHshKQJt0t4kW4rMNvpHxiyOJrVRZNuo/Ln8iGOOL1+2yI
Bc8J5ct1K2w1NJTvzpmyUQmFc96W+uwjsZaAngN0FoPcfqUeuzRxsKuNehkPHty6
ndJxTBji7RLUC0kImtjYHfKb3RlPhhPELrPHiSL7jou6WF/YHpWWKzsZ2MZVSC8U
MbbFRFniVEoyDmKsqDhdPFPpr8laaEb4MweqA3llMGyhurPUNYQJ2hclZUB65eTq
oXISUiJlJ0AoB/T2dUKOKq6AaGyyE2KKr1HY4bP+Y3wL8ORn0uMpwTiSU1J7XleW
3im8BV65WC9Nqqueen7Fi2/hzjaQtXKw/HYGgVECAwEAAaOCAhkwggIVMB0GA1Ud
DgQWBBQNBVdlzSg/1j2eEXc61k16wpJPaTAfBgNVHSMEGDAWgBTYpW4tY6xdqb7T
XaAcv60iXwS+sDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJLVnVMV09zWGFtLTAxMmdITC10SWw4RXZyQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODAvNzQxNzdjLTVlM2ItNDgzNi04ODY3LWU4ZDQ3YmJhMjViZi8x
L0RRVlhaYzBvUDlZOW5oRjNPdFpOZXNLU1Qyay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODAv
NzQxNzdjLTVlM2ItNDgzNi04ODY3LWU4ZDQ3YmJhMjViZi8xLzJLVnVMV09zWGFt
LTAxMmdITC10SWw4RXZyQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAv
BggrBgEFBQcBBwEB/wQgMB4wDAQCAAEwBgMEALmfGTAOBAIAAjAIAwYAKgCbQAIw
DQYJKoZIhvcNAQELBQADggEBAAEQMGtcpA3w3vl3lyxje0BvoxEoOIEMGZhZQq9o
vbZ8Yn7LDRfpb1N8dJvWHA08LjfsqTFJ9lSxW8AI00J+fF9v8YgGRFll2buNmKxp
A7RNSrl7IBUQrRJQSBF37f4CNwXembZgMRyijHq+RtrasOj5aMBQDSY0c4tPWB5A
MZRkN2/y+Soox5MqZl23HnWz0Q9lRjnveI1q0OoKZY/KDVbEvNUezyp79uiHEhWA
t6FKxPh+8hwwS+bj5rjMjWRy5p4DZMWRkzpGAgb9YJEDaOpioxa55vlp1zfIDMWs
pkDGkKv15+gyhCE4Wjy4HldQ1UmEdVptp32/I4EE8yr+sUU=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:14 2025 by rpki-client