Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/7fb4ea-5bbc-4c8c-8b5d-288cfd1c2a3d/1/Q3-XMVwGSnWduc4Gbl_UuHxdbS0.roa
File: Q3-XMVwGSnWduc4Gbl_UuHxdbS0.roa (raw, json)
Hash identifier: nzYp3dRv+xoFaVTdHAy2tBJffOcIWhdBsG7PAQH6HzQ=
Subject key identifier: 43:7F:97:31:5C:06:4A:75:9D:B9:CE:06:6E:5F:D4:B8:7C:5D:6D:2D
Certificate issuer: /CN=90b3a3a0d662d14da8404bd21dc489e63945624e
Certificate serial: 0185720C5CF909D28A180E92B83CACB8387C
Authority key identifier: 90:B3:A3:A0:D6:62:D1:4D:A8:40:4B:D2:1D:C4:89:E6:39:45:62:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kLOjoNZi0U2oQEvSHcSJ5jlFYk4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/7fb4ea-5bbc-4c8c-8b5d-288cfd1c2a3d/1/Q3-XMVwGSnWduc4Gbl_UuHxdbS0.roa
Signing time: Mon 02 Jan 2023 10:34:50 +0000
ROA not before: Mon 02 Jan 2023 10:34:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205704
IP address blocks: 185.200.150.0/23 maxlen: 23
185.200.150.0/24 maxlen: 24
185.200.149.0/24 maxlen: 24
185.200.148.0/24 maxlen: 24
185.200.148.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:0c:5c:f9:09:d2:8a:18:0e:92:b8:3c:ac:b8:38:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90b3a3a0d662d14da8404bd21dc489e63945624e
Validity
Not Before: Jan 2 10:34:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=437f97315c064a759db9ce066e5fd4b87c5d6d2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:45:1f:c8:51:74:63:27:1f:d7:4b:83:6e:5f:
2b:0f:0f:c4:a1:f3:2a:64:48:22:a3:5d:c4:69:75:
6e:d0:a6:c6:5b:fa:cc:f3:5c:98:22:e5:49:96:d2:
4a:ad:54:e9:0a:d3:fa:de:4d:d4:e3:51:02:cf:7b:
0a:ca:bf:e6:d7:60:d7:9d:37:14:5d:f7:4e:2d:23:
db:4f:87:ca:f7:51:fa:e7:e9:48:95:39:5c:5e:a7:
57:d1:fc:1b:44:12:47:46:4c:ad:29:93:2e:ad:77:
0d:95:cc:88:d7:c7:50:33:c2:6b:b8:76:ab:f9:91:
8e:54:9a:24:3e:57:4f:93:7b:2e:f0:c0:14:5a:28:
b7:f1:87:2b:4d:4e:6e:d7:84:f0:0d:2e:59:2b:8e:
04:dc:b2:8a:97:bd:1e:89:09:15:e3:a4:23:4b:e6:
5b:f8:5b:ce:1c:bd:87:d2:e5:ba:e4:22:56:90:ea:
d4:89:25:ed:f6:8f:01:d3:bc:6d:fd:b9:3f:67:76:
d5:ed:5e:94:b0:65:4e:99:06:a6:91:51:5c:a4:10:
50:84:31:52:5a:5b:2a:9f:e5:3b:49:1e:0a:82:3d:
d4:f9:89:eb:4d:27:44:15:36:79:4b:fc:0f:06:14:
38:4d:65:cd:23:c7:70:09:b8:19:25:8e:e4:12:2a:
6f:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:7F:97:31:5C:06:4A:75:9D:B9:CE:06:6E:5F:D4:B8:7C:5D:6D:2D
X509v3 Authority Key Identifier:
keyid:90:B3:A3:A0:D6:62:D1:4D:A8:40:4B:D2:1D:C4:89:E6:39:45:62:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kLOjoNZi0U2oQEvSHcSJ5jlFYk4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/7fb4ea-5bbc-4c8c-8b5d-288cfd1c2a3d/1/Q3-XMVwGSnWduc4Gbl_UuHxdbS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/7fb4ea-5bbc-4c8c-8b5d-288cfd1c2a3d/1/kLOjoNZi0U2oQEvSHcSJ5jlFYk4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.200.148.0/22
Signature Algorithm: sha256WithRSAEncryption
35:9c:dd:27:8b:7e:4f:a1:d1:85:99:db:10:52:a6:63:40:2e:
cc:24:ce:8e:3f:e3:1c:28:33:78:79:e5:83:ad:22:e1:cb:30:
31:69:19:c7:de:56:4f:dc:8b:40:27:80:83:d7:b4:4f:f6:21:
d1:e7:dd:9e:98:94:3a:bc:3d:2c:fa:aa:97:58:e1:53:66:a0:
bd:4d:c1:6c:62:67:68:46:eb:7c:0c:a9:fe:cd:f1:73:8c:4f:
08:ce:f3:1f:b1:97:ed:99:22:d9:ff:92:0a:af:42:05:bd:b0:
4b:51:b4:0e:b3:d5:ea:43:6b:c3:c7:ba:c2:06:1b:19:f9:66:
67:01:37:7e:12:50:f1:f2:7f:45:c2:ba:a4:7b:29:d8:2a:e0:
b3:9c:9f:e4:f5:5b:d8:fd:21:1b:34:b0:d8:4e:fa:2f:80:c8:
42:b9:ba:55:3e:dd:e7:0a:c1:21:e0:61:4e:db:eb:9b:8d:58:
22:5f:5e:f4:35:4e:ff:18:3a:e1:1c:3f:da:98:2a:e4:f6:9c:
dd:85:11:d9:e4:be:4a:db:bf:17:d9:0c:79:2d:0a:4e:86:65:
f5:b2:bf:41:dd:76:42:75:10:8a:bb:44:5d:3c:02:bc:22:42:
48:ce:32:83:4e:15:77:a4:07:61:12:21:a1:d9:bd:87:ca:d3:
0b:a7:47:6e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyDFz5CdKKGA6SuDysuDh8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwYjNhM2EwZDY2MmQxNGRhODQwNGJkMjFkYzQ4OWU2Mzk0
NTYyNGUwHhcNMjMwMTAyMTAzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzdmOTczMTVjMDY0YTc1OWRiOWNlMDY2ZTVmZDRiODdjNWQ2ZDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUUfyFF0Yycf10uDbl8rDw/EofMq
ZEgio13EaXVu0KbGW/rM81yYIuVJltJKrVTpCtP63k3U41ECz3sKyr/m12DXnTcU
XfdOLSPbT4fK91H65+lIlTlcXqdX0fwbRBJHRkytKZMurXcNlcyI18dQM8JruHar
+ZGOVJokPldPk3su8MAUWii38YcrTU5u14TwDS5ZK44E3LKKl70eiQkV46QjS+Zb
+FvOHL2H0uW65CJWkOrUiSXt9o8B07xt/bk/Z3bV7V6UsGVOmQamkVFcpBBQhDFS
Wlsqn+U7SR4Kgj3U+YnrTSdEFTZ5S/wPBhQ4TWXNI8dwCbgZJY7kEipvowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEN/lzFcBkp1nbnOBm5f1Lh8XW0tMB8GA1UdIwQY
MBaAFJCzo6DWYtFNqEBL0h3EieY5RWJOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0xPam9OWmkwVTJvUUV2U0hjU0o1amxGWWs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS83ZmI0ZWEtNWJiYy00YzhjLThiNWQt
Mjg4Y2ZkMWMyYTNkLzEvUTMtWE1Wd0dTbldkdWM0R2JsX1V1SHhkYlMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS83ZmI0ZWEtNWJiYy00YzhjLThiNWQtMjg4Y2ZkMWMyYTNk
LzEva0xPam9OWmkwVTJvUUV2U0hjU0o1amxGWWs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuciUMA0G
CSqGSIb3DQEBCwUAA4IBAQA1nN0ni35PodGFmdsQUqZjQC7MJM6OP+McKDN4eeWD
rSLhyzAxaRnH3lZP3ItAJ4CD17RP9iHR592emJQ6vD0s+qqXWOFTZqC9TcFsYmdo
Rut8DKn+zfFzjE8IzvMfsZftmSLZ/5IKr0IFvbBLUbQOs9XqQ2vDx7rCBhsZ+WZn
ATd+ElDx8n9FwrqkeynYKuCznJ/k9VvY/SEbNLDYTvovgMhCubpVPt3nCsEh4GFO
2+ubjVgiX170NU7/GDrhHD/amCrk9pzdhRHZ5L5K278X2Qx5LQpOhmX1sr9B3XZC
dRCKu0RdPAK8IkJIzjKDThV3pAdhEiGh2b2HytMLp0du
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:24 2025 by rpki-client