Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/96dbcd-6a39-4c20-9128-d8c351d93ec6/1/dqA7FMZ5K5xHqrblLsX-LXTdzdw.roa
File: dqA7FMZ5K5xHqrblLsX-LXTdzdw.roa (raw, json)
Hash identifier: Kx45sEDguyPXOu+GkfVJbZG5B5R/Lu6WHJ5tkFd88rI=
Subject key identifier: 76:A0:3B:14:C6:79:2B:9C:47:AA:B6:E5:2E:C5:FE:2D:74:DD:CD:DC
Certificate issuer: /CN=845d042f65e1b1303a44e43e0e02748a75837b44
Certificate serial: 01832349331D257DF683BAFFAE4AC7943507
Authority key identifier: 84:5D:04:2F:65:E1:B1:30:3A:44:E4:3E:0E:02:74:8A:75:83:7B:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hF0EL2XhsTA6ROQ-DgJ0inWDe0Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/96dbcd-6a39-4c20-9128-d8c351d93ec6/1/dqA7FMZ5K5xHqrblLsX-LXTdzdw.roa
Signing time: Fri 09 Sep 2022 17:25:43 +0000
ROA not before: Fri 09 Sep 2022 17:25:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207604
IP address blocks: 185.119.90.0/24 maxlen: 24
185.119.88.0/24 maxlen: 24
185.119.89.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:23:49:33:1d:25:7d:f6:83:ba:ff:ae:4a:c7:94:35:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=845d042f65e1b1303a44e43e0e02748a75837b44
Validity
Not Before: Sep 9 17:25:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=76a03b14c6792b9c47aab6e52ec5fe2d74ddcddc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:9c:14:5a:99:7c:07:58:f3:58:c7:41:66:c4:
90:2b:15:f3:b2:bc:a2:be:96:02:1e:fe:dd:49:4c:
15:a9:81:59:16:a7:c0:60:ac:74:1f:7f:3a:1e:b7:
28:1f:7b:21:71:63:98:3b:c8:86:a1:6a:a1:85:e9:
80:0a:15:9b:b4:6f:5d:da:df:61:1d:c8:b8:80:44:
4f:26:6c:73:d2:a1:02:26:d6:79:06:4e:76:f6:5b:
5e:e8:d8:61:3b:1d:7f:db:95:70:5a:ad:22:f2:0b:
7b:b6:77:f1:cb:51:3c:53:4a:db:88:35:8d:24:9f:
0c:19:3e:3a:d4:4a:4b:84:87:ef:25:8b:6e:3c:dd:
7a:8d:a2:98:94:52:e9:8a:ec:82:80:c2:64:85:16:
16:93:5b:8c:f5:8a:b2:7e:bf:3c:9e:9d:17:27:76:
f4:60:ed:51:59:28:0a:3c:8f:5c:3c:e6:b7:04:72:
26:a5:34:dc:1a:e3:25:cc:66:91:a0:93:e5:97:fb:
43:03:7a:4e:3a:4d:71:47:09:f1:37:e3:a9:71:81:
98:c2:db:f2:99:0f:d6:6d:91:82:15:f3:9b:d1:93:
b5:b1:d0:40:3f:bd:d4:2c:9f:b9:6e:e1:7a:92:4c:
f0:28:33:0e:7a:14:72:63:ba:50:5b:19:e9:67:f2:
82:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:A0:3B:14:C6:79:2B:9C:47:AA:B6:E5:2E:C5:FE:2D:74:DD:CD:DC
X509v3 Authority Key Identifier:
keyid:84:5D:04:2F:65:E1:B1:30:3A:44:E4:3E:0E:02:74:8A:75:83:7B:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hF0EL2XhsTA6ROQ-DgJ0inWDe0Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/96dbcd-6a39-4c20-9128-d8c351d93ec6/1/dqA7FMZ5K5xHqrblLsX-LXTdzdw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/96dbcd-6a39-4c20-9128-d8c351d93ec6/1/hF0EL2XhsTA6ROQ-DgJ0inWDe0Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.119.88.0-185.119.90.255
Signature Algorithm: sha256WithRSAEncryption
18:89:a7:48:8b:19:f8:1d:39:5a:96:23:73:6a:9e:a3:43:66:
5c:d1:6d:b5:34:27:49:99:3a:3a:98:ea:6c:2d:5e:39:47:b8:
5c:e4:06:53:fc:d2:35:de:71:4d:71:0e:cd:eb:49:d9:07:33:
5c:52:dc:6e:55:d8:d3:36:fb:49:7d:88:a1:fe:a6:91:64:42:
53:47:5d:e2:dd:c1:05:f3:a1:c5:8e:e7:93:ef:94:4a:7b:d9:
19:bc:77:e9:7e:5e:d4:ca:e3:a5:d8:24:36:de:cc:4b:be:3d:
02:9d:10:35:b1:cd:54:cf:e8:6d:6a:05:30:02:a3:69:a7:36:
1b:71:8c:d1:1a:fb:31:b5:0f:49:4e:d8:9f:22:e6:3c:8b:1e:
4a:ce:ec:ea:5b:28:d8:b2:0c:79:91:9a:2d:4c:22:c7:67:63:
b4:cc:ec:92:3d:d9:5d:d3:a1:d5:08:16:ae:17:b3:13:6f:3c:
b6:67:10:4f:29:6c:17:df:ee:31:dd:23:8e:db:85:1b:5d:95:
df:fe:bd:4f:d9:16:5f:ae:82:41:c7:9d:b3:45:e1:5c:0e:b0:
2c:c8:98:03:f3:e5:64:63:66:06:da:72:6f:31:14:b1:94:c5:
03:29:5f:6b:95:90:5b:23:8b:47:3b:be:de:c2:64:93:41:76:
65:5f:f8:5c
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYMjSTMdJX32g7r/rkrHlDUHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NWQwNDJmNjVlMWIxMzAzYTQ0ZTQzZTBlMDI3NDhhNzU4
MzdiNDQwHhcNMjIwOTA5MTcyNTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmEwM2IxNGM2NzkyYjljNDdhYWI2ZTUyZWM1ZmUyZDc0ZGRjZGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJwUWpl8B1jzWMdBZsSQKxXzsryi
vpYCHv7dSUwVqYFZFqfAYKx0H386HrcoH3shcWOYO8iGoWqhhemAChWbtG9d2t9h
Hci4gERPJmxz0qECJtZ5Bk529lte6NhhOx1/25VwWq0i8gt7tnfxy1E8U0rbiDWN
JJ8MGT461EpLhIfvJYtuPN16jaKYlFLpiuyCgMJkhRYWk1uM9Yqyfr88np0XJ3b0
YO1RWSgKPI9cPOa3BHImpTTcGuMlzGaRoJPll/tDA3pOOk1xRwnxN+OpcYGYwtvy
mQ/WbZGCFfOb0ZO1sdBAP73ULJ+5buF6kkzwKDMOehRyY7pQWxnpZ/KCnwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFHagOxTGeSucR6q25S7F/i103c3cMB8GA1UdIwQY
MBaAFIRdBC9l4bEwOkTkPg4CdIp1g3tEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEYwRUwyWGhzVEE2Uk9RLURnSjBpbldEZTBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS85NmRiY2QtNmEzOS00YzIwLTkxMjgt
ZDhjMzUxZDkzZWM2LzEvZHFBN0ZNWjVLNXhIcXJibExzWC1MWFRkemR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS85NmRiY2QtNmEzOS00YzIwLTkxMjgtZDhjMzUxZDkzZWM2
LzEvaEYwRUwyWGhzVEE2Uk9RLURnSjBpbldEZTBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAO5d1gD
BAC5d1owDQYJKoZIhvcNAQELBQADggEBABiJp0iLGfgdOVqWI3NqnqNDZlzRbbU0
J0mZOjqY6mwtXjlHuFzkBlP80jXecU1xDs3rSdkHM1xS3G5V2NM2+0l9iKH+ppFk
QlNHXeLdwQXzocWO55PvlEp72Rm8d+l+XtTK46XYJDbezEu+PQKdEDWxzVTP6G1q
BTACo2mnNhtxjNEa+zG1D0lO2J8i5jyLHkrO7OpbKNiyDHmRmi1MIsdnY7TM7JI9
2V3TodUIFq4XsxNvPLZnEE8pbBff7jHdI47bhRtdld/+vU/ZFl+ugkHHnbNF4VwO
sCzImAPz5WRjZgbacm8xFLGUxQMpX2uVkFsji0c7vt7CZJNBdmVf+Fw=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:09:02 2025 by rpki-client