Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/6bda82-a2e1-45c9-a181-313de4892b8d/1/q5f99yz3PEzdoeq5rNp5RJj6CCw.roa
File: q5f99yz3PEzdoeq5rNp5RJj6CCw.roa (raw, json)
Hash identifier: gMni2j1sMRTYM/8xyeh6pRW57+D0l0yCLZji8FSaFv4=
Subject key identifier: AB:97:FD:F7:2C:F7:3C:4C:DD:A1:EA:B9:AC:DA:79:44:98:FA:08:2C
Certificate issuer: /CN=a8b3eb443c06a3dcc088e2caa05ce09cf8d4e7a6
Certificate serial: 01857169DF0C6A96275B723CA2B86EAB6FE5
Authority key identifier: A8:B3:EB:44:3C:06:A3:DC:C0:88:E2:CA:A0:5C:E0:9C:F8:D4:E7:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qLPrRDwGo9zAiOLKoFzgnPjU56Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/6bda82-a2e1-45c9-a181-313de4892b8d/1/q5f99yz3PEzdoeq5rNp5RJj6CCw.roa
Signing time: Mon 02 Jan 2023 07:37:21 +0000
ROA not before: Mon 02 Jan 2023 07:37:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211494
IP address blocks: 185.235.143.0/24 maxlen: 24
2a0d:a180::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:69:df:0c:6a:96:27:5b:72:3c:a2:b8:6e:ab:6f:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8b3eb443c06a3dcc088e2caa05ce09cf8d4e7a6
Validity
Not Before: Jan 2 07:37:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ab97fdf72cf73c4cdda1eab9acda794498fa082c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:9d:2c:8c:26:f6:12:81:98:e3:af:14:a6:b6:
47:22:db:93:22:cb:df:0c:ee:79:4d:25:52:d0:12:
4b:ab:10:ae:71:bf:0b:b6:64:1e:c0:0d:50:50:0c:
ff:21:4e:90:03:9e:19:48:ea:bc:b6:ae:50:e5:82:
99:88:e7:d5:a0:50:3d:72:6c:18:1e:a6:3b:21:97:
e8:b9:bc:72:fb:a8:10:84:d8:85:e3:ec:66:30:50:
f0:9d:5f:7e:83:fd:a7:69:e9:55:ab:c5:23:e3:8b:
3e:a3:b5:c6:5a:2b:14:3b:a9:1f:75:95:91:b8:65:
d5:8a:62:82:a9:04:66:38:13:0a:d9:8d:3a:6d:7f:
95:94:ed:1d:12:82:8f:e7:b4:39:b7:9b:83:d5:e5:
f6:2d:2c:c9:a8:1f:11:87:11:a5:64:f4:98:7a:a7:
d6:27:aa:27:49:6f:32:23:53:b4:a6:ab:19:4a:06:
c7:1d:3d:5a:f5:70:f7:3b:83:91:a2:cf:c7:e9:51:
39:54:b6:73:c4:55:34:55:96:bf:e0:3c:ff:b3:58:
b2:ca:70:9a:ad:1e:5c:90:d6:06:05:31:ae:f6:21:
a4:3c:79:77:a3:00:05:64:82:c9:e7:56:59:8b:de:
d2:44:59:9b:a3:51:3a:31:7a:4f:b9:f0:cf:17:c9:
7f:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:97:FD:F7:2C:F7:3C:4C:DD:A1:EA:B9:AC:DA:79:44:98:FA:08:2C
X509v3 Authority Key Identifier:
keyid:A8:B3:EB:44:3C:06:A3:DC:C0:88:E2:CA:A0:5C:E0:9C:F8:D4:E7:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qLPrRDwGo9zAiOLKoFzgnPjU56Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6bda82-a2e1-45c9-a181-313de4892b8d/1/q5f99yz3PEzdoeq5rNp5RJj6CCw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6bda82-a2e1-45c9-a181-313de4892b8d/1/qLPrRDwGo9zAiOLKoFzgnPjU56Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.235.143.0/24
IPv6:
2a0d:a180::/32
Signature Algorithm: sha256WithRSAEncryption
18:e9:e0:c1:70:fb:ef:86:0d:03:a1:d7:3e:85:53:ed:87:69:
13:c2:5b:b1:0a:15:f9:09:94:a6:b6:02:1e:81:01:80:a3:eb:
19:0e:ba:78:8a:9c:45:5d:bf:b1:dc:bf:35:3e:38:80:00:b6:
8d:cb:53:c2:77:6d:f0:3f:76:43:f9:7c:06:f5:50:f9:b8:be:
64:a7:be:d9:0c:2e:1b:18:45:21:05:8d:6f:8c:66:0c:a7:65:
0c:e9:2c:6a:69:80:ba:bd:2f:2a:d4:71:d5:4f:03:82:bf:9b:
51:fb:31:60:45:00:d0:85:89:0d:83:44:ad:91:4e:52:34:51:
42:50:fa:b8:f3:38:5e:a9:ae:66:c5:72:3a:b7:dc:cd:b6:8c:
7b:bc:62:72:59:40:38:8d:6a:ad:80:ab:a0:dd:37:61:a3:96:
ea:83:a7:e3:0f:d3:fe:ae:27:f6:b2:6e:d0:6d:d6:93:c5:14:
94:36:49:12:1e:3d:ec:19:e7:11:14:b9:9f:7a:af:6e:cc:63:
8b:c2:ea:c5:24:28:70:49:38:0f:b2:6f:ff:5e:ab:bc:28:b8:
b2:8e:94:9b:c0:78:3b:26:6d:89:27:93:1f:15:e1:11:76:9f:
40:27:d3:fb:c7:51:0a:42:27:da:8e:b1:22:4c:a1:74:6f:33:
94:27:f4:51
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxad8MapYnW3I8orhuq2/lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4YjNlYjQ0M2MwNmEzZGNjMDg4ZTJjYWEwNWNlMDljZjhk
NGU3YTYwHhcNMjMwMTAyMDczNzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjk3ZmRmNzJjZjczYzRjZGRhMWVhYjlhY2RhNzk0NDk4ZmEwODJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm50sjCb2EoGY468UprZHItuTIsvf
DO55TSVS0BJLqxCucb8LtmQewA1QUAz/IU6QA54ZSOq8tq5Q5YKZiOfVoFA9cmwY
HqY7IZfoubxy+6gQhNiF4+xmMFDwnV9+g/2naelVq8Uj44s+o7XGWisUO6kfdZWR
uGXVimKCqQRmOBMK2Y06bX+VlO0dEoKP57Q5t5uD1eX2LSzJqB8RhxGlZPSYeqfW
J6onSW8yI1O0pqsZSgbHHT1a9XD3O4ORos/H6VE5VLZzxFU0VZa/4Dz/s1iyynCa
rR5ckNYGBTGu9iGkPHl3owAFZILJ51ZZi97SRFmbo1E6MXpPufDPF8l/3wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKuX/fcs9zxM3aHquazaeUSY+ggsMB8GA1UdIwQY
MBaAFKiz60Q8BqPcwIjiyqBc4Jz41OemMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUxQclJEd0dvOXpBaU9MS29GemduUGpVNTZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS82YmRhODItYTJlMS00NWM5LWExODEt
MzEzZGU0ODkyYjhkLzEvcTVmOTl5ejNQRXpkb2VxNXJOcDVSSmo2Q0N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS82YmRhODItYTJlMS00NWM5LWExODEtMzEzZGU0ODkyYjhk
LzEvcUxQclJEd0dvOXpBaU9MS29GemduUGpVNTZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAueuPMA0E
AgACMAcDBQAqDaGAMA0GCSqGSIb3DQEBCwUAA4IBAQAY6eDBcPvvhg0Dodc+hVPt
h2kTwluxChX5CZSmtgIegQGAo+sZDrp4ipxFXb+x3L81PjiAALaNy1PCd23wP3ZD
+XwG9VD5uL5kp77ZDC4bGEUhBY1vjGYMp2UM6SxqaYC6vS8q1HHVTwOCv5tR+zFg
RQDQhYkNg0StkU5SNFFCUPq48zheqa5mxXI6t9zNtox7vGJyWUA4jWqtgKug3Tdh
o5bqg6fjD9P+rif2sm7QbdaTxRSUNkkSHj3sGecRFLmfeq9uzGOLwurFJChwSTgP
sm//Xqu8KLiyjpSbwHg7Jm2JJ5MfFeERdp9AJ9P7x1EKQifajrEiTKF0bzOUJ/RR
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:57:01 2025 by rpki-client