Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/525224-78ea-49e4-9749-169431296c59/1/QcwDONwFJewzUnaBFnUt_mJbhyQ.roa
File: QcwDONwFJewzUnaBFnUt_mJbhyQ.roa (raw, json)
Hash identifier: d3Ft4L/YHYFUETBnnWewtWVoZCqFkaat2om14jI6qxE=
Subject key identifier: 41:CC:03:38:DC:05:25:EC:33:52:76:81:16:75:2D:FE:62:5B:87:24
Certificate issuer: /CN=76f311ef1581a00e437cd704b6281ac8621afc56
Certificate serial: 1A369CAC
Authority key identifier: 76:F3:11:EF:15:81:A0:0E:43:7C:D7:04:B6:28:1A:C8:62:1A:FC:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dvMR7xWBoA5DfNcEtigayGIa_FY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/525224-78ea-49e4-9749-169431296c59/1/QcwDONwFJewzUnaBFnUt_mJbhyQ.roa
Signing time: Sat 01 Jan 2022 10:05:13 +0000
ROA not before: Sat 01 Jan 2022 10:05:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8361
IP address blocks: 195.22.144.0/23 maxlen: 24
194.169.249.0/24 maxlen: 24
194.2.155.0/24 maxlen: 24
185.38.20.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 439786668 (0x1a369cac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76f311ef1581a00e437cd704b6281ac8621afc56
Validity
Not Before: Jan 1 10:05:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=41cc0338dc0525ec3352768116752dfe625b8724
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:58:a2:9e:14:08:b4:79:d9:35:8e:cd:04:43:
c9:66:93:db:11:19:17:6f:06:8a:a1:77:51:26:2d:
f1:a7:12:47:ba:61:8e:04:c2:cf:16:1e:ba:75:e7:
8f:e4:b7:c8:f5:df:1c:92:55:ed:32:c8:a9:bc:a2:
98:a9:62:85:75:51:b8:c2:3c:90:c6:4c:03:bf:6d:
7c:e0:68:fe:f7:4d:00:80:07:96:db:b7:d6:11:c1:
ea:18:e3:f5:64:90:dc:a3:b2:92:3a:20:e1:35:44:
b0:ce:3c:6d:fb:b4:c9:e7:23:59:37:ef:10:3f:67:
96:ac:47:84:14:eb:a8:de:47:3c:e4:b8:f2:5f:6b:
6f:30:64:ff:78:bc:ae:dd:ec:f2:62:82:de:f0:e6:
26:9e:eb:11:19:55:87:70:0b:5d:f3:13:7d:5f:fb:
40:aa:8d:4c:e7:2a:ff:bb:1a:9a:f3:bb:43:7f:40:
8b:a8:ab:50:a0:d1:80:41:9f:18:f4:f2:d8:81:e5:
01:e7:ff:32:fa:52:6c:ba:97:8b:a9:10:c5:48:58:
7d:b9:cd:ef:a0:a0:dc:16:cb:b5:86:10:b3:08:a1:
f3:50:3f:76:41:b7:3a:69:d4:5f:24:ad:4f:63:c9:
97:85:2a:31:b9:a3:04:c1:cb:18:4d:7a:bb:54:82:
33:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:CC:03:38:DC:05:25:EC:33:52:76:81:16:75:2D:FE:62:5B:87:24
X509v3 Authority Key Identifier:
keyid:76:F3:11:EF:15:81:A0:0E:43:7C:D7:04:B6:28:1A:C8:62:1A:FC:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dvMR7xWBoA5DfNcEtigayGIa_FY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/525224-78ea-49e4-9749-169431296c59/1/QcwDONwFJewzUnaBFnUt_mJbhyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/525224-78ea-49e4-9749-169431296c59/1/dvMR7xWBoA5DfNcEtigayGIa_FY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.38.20.0/22
194.2.155.0/24
194.169.249.0/24
195.22.144.0/23
Signature Algorithm: sha256WithRSAEncryption
b2:89:8d:34:77:1a:21:c9:9c:39:15:40:77:03:4f:8c:a8:a9:
23:6f:7f:9e:5d:81:27:9e:7d:ea:aa:a7:b8:cb:cd:82:35:5f:
d2:18:f4:eb:0a:e6:7a:26:e2:ea:31:e1:bb:bc:b3:f9:f8:c7:
92:e7:bc:fd:e3:d4:3c:ff:ae:1b:39:f7:42:db:85:07:e0:c6:
b9:b8:86:3c:0d:d6:98:47:54:30:2c:3c:2f:4a:6a:37:46:22:
3f:e7:9c:7a:da:ab:d7:c1:aa:57:39:d7:0f:35:4e:1e:73:61:
2e:b3:52:f1:e5:d1:42:19:1e:a0:47:70:e7:01:2c:11:32:92:
49:19:e2:48:da:9c:1f:f1:e3:fa:36:c8:e7:6a:be:3b:69:cd:
b7:08:53:ee:c0:66:0e:e9:90:d7:c7:9b:71:d2:bc:6c:50:4e:
24:62:ce:b9:f5:73:ed:11:38:8a:12:61:44:8a:26:97:e7:8a:
83:ce:03:bf:80:c3:f5:35:7a:dd:8a:c4:96:7a:b6:f2:2d:b3:
30:b6:f3:29:03:75:2a:bc:24:70:74:b0:cc:42:bf:27:01:01:
15:1c:c7:19:26:01:e1:08:42:d0:6e:a1:9e:86:b7:51:64:66:
f7:80:8b:a4:43:06:2d:38:74:07:3f:d2:c9:ae:bd:6e:8c:03:
27:38:b7:a3
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEGjacrDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NmYzMTFlZjE1ODFhMDBlNDM3Y2Q3MDRiNjI4MWFjODYyMWFmYzU2MB4XDTIyMDEw
MTEwMDUxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDFjYzAzMzhkYzA1
MjVlYzMzNTI3NjgxMTY3NTJkZmU2MjViODcyNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKdYop4UCLR52TWOzQRDyWaT2xEZF28GiqF3USYt8acSR7ph
jgTCzxYeunXnj+S3yPXfHJJV7TLIqbyimKlihXVRuMI8kMZMA79tfOBo/vdNAIAH
ltu31hHB6hjj9WSQ3KOykjog4TVEsM48bfu0yecjWTfvED9nlqxHhBTrqN5HPOS4
8l9rbzBk/3i8rt3s8mKC3vDmJp7rERlVh3ALXfMTfV/7QKqNTOcq/7samvO7Q39A
i6irUKDRgEGfGPTy2IHlAef/MvpSbLqXi6kQxUhYfbnN76Cg3BbLtYYQswih81A/
dkG3OmnUXyStT2PJl4UqMbmjBMHLGE16u1SCM/sCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBRBzAM43AUl7DNSdoEWdS3+YluHJDAfBgNVHSMEGDAWgBR28xHvFYGgDkN8
1wS2KBrIYhr8VjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2R2TVI3eFdCb0E1RGZOY0V0aWdheUdJYV9GWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGEvNTI1MjI0LTc4ZWEtNDllNC05NzQ5LTE2OTQzMTI5NmM1OS8x
L1Fjd0RPTndGSmV3elVuYUJGblV0X21KYmh5US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGEv
NTI1MjI0LTc4ZWEtNDllNC05NzQ5LTE2OTQzMTI5NmM1OS8xL2R2TVI3eFdCb0E1
RGZOY0V0aWdheUdJYV9GWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEArkmFAMEAMICmwMEAMKp+QMEAcMW
kDANBgkqhkiG9w0BAQsFAAOCAQEAsomNNHcaIcmcORVAdwNPjKipI29/nl2BJ559
6qqnuMvNgjVf0hj06wrmeibi6jHhu7yz+fjHkue8/ePUPP+uGzn3QtuFB+DGubiG
PA3WmEdUMCw8L0pqN0YiP+ecetqr18GqVznXDzVOHnNhLrNS8eXRQhkeoEdw5wEs
ETKSSRniSNqcH/Hj+jbI52q+O2nNtwhT7sBmDumQ18ebcdK8bFBOJGLOufVz7RE4
ihJhRIoml+eKg84Dv4DD9TV63YrElnq28i2zMLbzKQN1KrwkcHSwzEK/JwEBFRzH
GSYB4QhC0G6hnoa3UWRm94CLpEMGLTh0Bz/Sya69bowDJzi3ow==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:33:29 2025 by rpki-client