Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/moQPoyqNL5LaL-8p5ntBGq69wQc.roa
File: moQPoyqNL5LaL-8p5ntBGq69wQc.roa (raw, json)
Hash identifier: 0SfiSbZGFOlIB06KU4yj5IXwzRr2caYGUII2zDKSMp0=
Subject key identifier: 9A:84:0F:A3:2A:8D:2F:92:DA:2F:EF:29:E6:7B:41:1A:AE:BD:C1:07
Certificate issuer: /CN=68038d4cacbd41919952eb3709c16533838900e3
Certificate serial: 0D104028
Authority key identifier: 68:03:8D:4C:AC:BD:41:91:99:52:EB:37:09:C1:65:33:83:89:00:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aAONTKy9QZGZUus3CcFlM4OJAOM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/moQPoyqNL5LaL-8p5ntBGq69wQc.roa
Signing time: Sat 01 Jan 2022 11:03:57 +0000
ROA not before: Sat 01 Jan 2022 11:03:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211476
IP address blocks: 185.182.71.0/24 maxlen: 24
2a0f:3680::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 219168808 (0xd104028)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68038d4cacbd41919952eb3709c16533838900e3
Validity
Not Before: Jan 1 11:03:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9a840fa32a8d2f92da2fef29e67b411aaebdc107
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:21:91:a1:8c:5a:44:27:bd:6c:1b:f0:59:a3:
63:63:4e:3c:f4:27:9b:7b:d9:2e:2d:3d:9c:01:c0:
d8:b4:6b:73:fd:f9:93:da:c9:8d:36:2d:9d:16:53:
11:86:55:90:10:52:10:7c:fe:8e:12:19:e9:50:1d:
8c:df:36:fe:c3:f2:e8:56:6e:ff:05:88:8c:74:23:
bc:d2:69:19:46:38:8b:0c:5f:ee:ee:51:1f:4f:1e:
f6:05:02:6a:1c:40:6f:37:6a:02:ed:16:e9:e1:c9:
16:2f:ce:d3:77:a6:c9:96:b3:c2:57:da:1d:10:8e:
93:93:69:1e:ab:76:f4:20:f2:18:53:17:8b:83:a5:
d7:19:7a:44:9f:fd:39:c7:b5:77:bd:ff:15:58:b2:
4f:b3:8c:23:6b:9a:22:14:cd:c4:2d:35:58:70:2d:
a5:c9:d4:b0:06:7c:c7:77:09:ee:06:0c:77:b8:a8:
61:8b:e7:84:02:c1:21:fa:4b:b5:01:9e:6b:91:0f:
67:e4:d1:ee:63:f2:4f:3f:23:3d:47:f3:a2:3e:10:
e2:c2:89:8b:15:35:37:31:f1:65:f9:01:3a:ef:fb:
b8:a7:10:3a:f0:d6:a8:14:df:1a:54:07:36:a2:37:
17:b4:3e:6c:ff:ca:31:39:b7:13:97:7e:49:e3:ac:
ff:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:84:0F:A3:2A:8D:2F:92:DA:2F:EF:29:E6:7B:41:1A:AE:BD:C1:07
X509v3 Authority Key Identifier:
keyid:68:03:8D:4C:AC:BD:41:91:99:52:EB:37:09:C1:65:33:83:89:00:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aAONTKy9QZGZUus3CcFlM4OJAOM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/moQPoyqNL5LaL-8p5ntBGq69wQc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.182.71.0/24
IPv6:
2a0f:3680::/32
Signature Algorithm: sha256WithRSAEncryption
cc:b4:12:cf:fe:03:97:f8:3d:f1:2f:49:be:fb:04:de:39:5d:
4f:bd:11:96:0b:d9:8e:eb:29:0a:34:92:94:ae:4e:79:30:7a:
d8:5f:22:33:57:26:2c:6e:c7:de:b3:be:a2:23:d0:e7:e5:08:
7e:5d:30:6a:bb:68:ee:c9:95:27:21:bf:10:08:4e:06:24:c7:
a3:ec:1c:d4:dd:1d:c2:64:27:91:55:96:d7:6a:2b:b2:4b:78:
57:7d:60:8f:55:78:ea:08:fa:6b:30:e9:e9:2f:d1:34:9d:25:
9a:38:f7:db:a9:a7:4f:1a:77:6f:dd:c7:8d:27:f5:d1:8f:e4:
4e:fd:5b:f3:03:f4:14:2e:84:72:f0:75:0d:44:91:36:e1:ba:
c9:0f:4b:34:6d:49:ec:c5:a4:3e:66:d4:40:30:d1:87:85:19:
47:19:fd:2c:b7:f8:a7:36:31:4e:87:ea:3a:64:e7:10:92:f4:
3f:c8:c4:98:f0:b7:ca:73:93:9c:d3:d2:9b:2c:c8:70:a1:1d:
30:3d:75:99:5f:7d:eb:25:0e:0a:03:00:a7:59:52:84:6c:a2:
5d:9a:07:30:26:ce:be:5f:85:cc:1d:67:08:f7:b2:1f:c5:54:
9f:b0:db:ad:d5:ff:49:31:23:7c:94:1b:f0:36:34:e0:8f:84:
f0:8b:ba:5f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEDRBAKDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ODAzOGQ0Y2FjYmQ0MTkxOTk1MmViMzcwOWMxNjUzMzgzODkwMGUzMB4XDTIyMDEw
MTExMDM1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWE4NDBmYTMyYThk
MmY5MmRhMmZlZjI5ZTY3YjQxMWFhZWJkYzEwNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMwhkaGMWkQnvWwb8FmjY2NOPPQnm3vZLi09nAHA2LRrc/35
k9rJjTYtnRZTEYZVkBBSEHz+jhIZ6VAdjN82/sPy6FZu/wWIjHQjvNJpGUY4iwxf
7u5RH08e9gUCahxAbzdqAu0W6eHJFi/O03emyZazwlfaHRCOk5NpHqt29CDyGFMX
i4Ol1xl6RJ/9Oce1d73/FViyT7OMI2uaIhTNxC01WHAtpcnUsAZ8x3cJ7gYMd7io
YYvnhALBIfpLtQGea5EPZ+TR7mPyTz8jPUfzoj4Q4sKJixU1NzHxZfkBOu/7uKcQ
OvDWqBTfGlQHNqI3F7Q+bP/KMTm3E5d+SeOs/7UCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSahA+jKo0vktov7ynme0Earr3BBzAfBgNVHSMEGDAWgBRoA41MrL1BkZlS
6zcJwWUzg4kA4zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2FBT05US3k5UVpHWlV1czNDY0ZsTTRPSkFPTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODEvMjA3MTY3LWQ1NTEtNDFiYS04NmE4LTJmNTBlYTI3MjEzYy8x
L21vUVBveXFOTDVMYUwtOHA1bnRCR3E2OXdRYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODEv
MjA3MTY3LWQ1NTEtNDFiYS04NmE4LTJmNTBlYTI3MjEzYy8xL2FBT05US3k5UVpH
WlV1czNDY0ZsTTRPSkFPTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEALm2RzANBAIAAjAHAwUAKg82gDAN
BgkqhkiG9w0BAQsFAAOCAQEAzLQSz/4Dl/g98S9JvvsE3jldT70RlgvZjuspCjSS
lK5OeTB62F8iM1cmLG7H3rO+oiPQ5+UIfl0warto7smVJyG/EAhOBiTHo+wc1N0d
wmQnkVWW12orskt4V31gj1V46gj6azDp6S/RNJ0lmjj326mnTxp3b93HjSf10Y/k
Tv1b8wP0FC6EcvB1DUSRNuG6yQ9LNG1J7MWkPmbUQDDRh4UZRxn9LLf4pzYxTofq
OmTnEJL0P8jEmPC3ynOTnNPSmyzIcKEdMD11mV996yUOCgMAp1lShGyiXZoHMCbO
vl+FzB1nCPeyH8VUn7DbrdX/STEjfJQb8DY04I+E8Iu6Xw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:46:20 2025 by rpki-client