Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/2cb0dc-f7c0-4b68-9391-ea740ec1d1f6/1/krq3RJC-s4tfvhyQkmvwPtNaehE.roa
File: krq3RJC-s4tfvhyQkmvwPtNaehE.roa (raw, json)
Hash identifier: hRFoFo2xWFl1wIsTajCdtLMUCQxhzsXYYk7lYqMROo8=
Subject key identifier: 92:BA:B7:44:90:BE:B3:8B:5F:BE:1C:90:92:6B:F0:3E:D3:5A:7A:11
Certificate issuer: /CN=0dc9c1b717156a18a34d9323b67a0a03eda85ac9
Certificate serial: 01856F94D976873933D1EDCC0F10B83DDC33
Authority key identifier: 0D:C9:C1:B7:17:15:6A:18:A3:4D:93:23:B6:7A:0A:03:ED:A8:5A:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DcnBtxcVahijTZMjtnoKA-2oWsk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/2cb0dc-f7c0-4b68-9391-ea740ec1d1f6/1/krq3RJC-s4tfvhyQkmvwPtNaehE.roa
Signing time: Sun 01 Jan 2023 23:05:04 +0000
ROA not before: Sun 01 Jan 2023 23:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199849
IP address blocks: 185.44.112.0/24 maxlen: 24
185.44.113.0/24 maxlen: 24
185.44.114.0/24 maxlen: 24
185.44.115.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:d9:76:87:39:33:d1:ed:cc:0f:10:b8:3d:dc:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0dc9c1b717156a18a34d9323b67a0a03eda85ac9
Validity
Not Before: Jan 1 23:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=92bab74490beb38b5fbe1c90926bf03ed35a7a11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:81:54:21:4e:b9:e5:a6:3f:b0:7d:75:66:6c:
85:be:32:ff:d3:b9:31:7b:5b:7c:a2:3b:52:f1:5b:
fb:45:e2:98:79:1f:46:70:e3:8b:66:e1:09:13:39:
a1:98:1e:d9:bf:01:1c:25:47:61:b8:b3:db:2d:78:
1b:4c:51:98:32:18:d0:93:57:d3:56:17:ea:f8:a5:
4b:17:40:46:07:76:a0:33:00:70:6f:9e:77:24:c7:
2d:6a:b9:01:56:95:a6:67:10:c4:55:b4:4f:68:bb:
4f:b5:56:3d:66:1d:25:f0:53:aa:e8:e8:4c:6b:c1:
a2:db:c4:86:77:4d:7f:d3:c5:87:df:a3:0f:99:03:
f3:45:ab:a5:14:2a:c4:cc:41:8a:4f:79:07:8e:b3:
2b:67:e3:6c:1d:74:27:c9:37:6f:33:72:4b:4e:ee:
27:4c:df:6e:f6:be:d0:b6:6b:8c:6c:d4:f9:5a:12:
e0:b6:32:57:b4:fa:6a:f8:be:38:7a:65:9d:b9:52:
1b:ac:7d:aa:3c:d2:68:54:3d:81:f6:0a:a5:7f:5b:
98:f7:72:fc:8c:97:95:49:09:5f:28:94:f8:10:e6:
c1:2b:ef:7b:79:b4:96:62:08:0a:83:3a:26:ec:04:
05:bb:eb:cd:2d:97:ed:19:a9:af:81:51:0e:69:64:
b4:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:BA:B7:44:90:BE:B3:8B:5F:BE:1C:90:92:6B:F0:3E:D3:5A:7A:11
X509v3 Authority Key Identifier:
keyid:0D:C9:C1:B7:17:15:6A:18:A3:4D:93:23:B6:7A:0A:03:ED:A8:5A:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DcnBtxcVahijTZMjtnoKA-2oWsk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/2cb0dc-f7c0-4b68-9391-ea740ec1d1f6/1/krq3RJC-s4tfvhyQkmvwPtNaehE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/2cb0dc-f7c0-4b68-9391-ea740ec1d1f6/1/DcnBtxcVahijTZMjtnoKA-2oWsk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.44.112.0/22
Signature Algorithm: sha256WithRSAEncryption
5a:3c:31:c4:e0:a4:8d:68:82:05:20:e4:e2:2f:8e:a5:e7:9f:
ef:84:97:0b:24:72:ea:63:b3:ed:70:07:f6:97:9e:21:8e:86:
69:f2:3b:18:38:9f:5e:d5:ca:64:e5:74:8c:e7:87:b3:9f:66:
fe:98:c0:a7:5e:a0:99:c6:63:e5:7a:76:d6:ea:7d:7a:c1:f8:
26:80:00:27:95:09:56:bc:99:38:89:1c:34:a3:21:02:fc:2b:
0d:18:0c:31:33:59:49:7c:99:bb:d8:ed:8d:2b:56:49:5c:bd:
be:76:17:c5:e9:10:da:52:99:5b:af:f5:ac:59:76:f2:23:08:
6a:6c:fc:3a:61:68:b8:c9:72:de:8f:ff:24:a1:eb:d1:ad:38:
e4:b4:77:de:e7:e9:29:f8:44:61:81:16:32:69:95:56:2a:89:
dc:e8:27:6f:b1:a1:d5:e3:72:02:99:95:1c:f0:a6:ed:b8:aa:
0a:a6:74:fc:2c:f9:1a:e4:89:a9:e4:0c:32:a2:84:de:f8:58:
5f:8a:bb:95:a9:3a:4e:be:0d:54:3c:cd:6c:a9:28:8d:ba:a7:
41:b4:ee:31:f4:80:29:c3:bd:bd:6f:cd:41:af:fc:29:12:b4:
23:67:a6:41:66:40:8f:29:c3:b6:08:c2:54:9d:11:33:d8:ee:
15:d3:76:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvlNl2hzkz0e3MDxC4PdwzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkYzljMWI3MTcxNTZhMThhMzRkOTMyM2I2N2EwYTAzZWRh
ODVhYzkwHhcNMjMwMTAxMjMwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmJhYjc0NDkwYmViMzhiNWZiZTFjOTA5MjZiZjAzZWQzNWE3YTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAloFUIU655aY/sH11ZmyFvjL/07kx
e1t8ojtS8Vv7ReKYeR9GcOOLZuEJEzmhmB7ZvwEcJUdhuLPbLXgbTFGYMhjQk1fT
Vhfq+KVLF0BGB3agMwBwb553JMctarkBVpWmZxDEVbRPaLtPtVY9Zh0l8FOq6OhM
a8Gi28SGd01/08WH36MPmQPzRaulFCrEzEGKT3kHjrMrZ+NsHXQnyTdvM3JLTu4n
TN9u9r7QtmuMbNT5WhLgtjJXtPpq+L44emWduVIbrH2qPNJoVD2B9gqlf1uY93L8
jJeVSQlfKJT4EObBK+97ebSWYggKgzom7AQFu+vNLZftGamvgVEOaWS0qwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJK6t0SQvrOLX74ckJJr8D7TWnoRMB8GA1UdIwQY
MBaAFA3JwbcXFWoYo02TI7Z6CgPtqFrJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGNuQnR4Y1ZhaGlqVFpNanRub0tBLTJvV3NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni8yY2IwZGMtZjdjMC00YjY4LTkzOTEt
ZWE3NDBlYzFkMWY2LzEva3JxM1JKQy1zNHRmdmh5UWttdndQdE5hZWhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni8yY2IwZGMtZjdjMC00YjY4LTkzOTEtZWE3NDBlYzFkMWY2
LzEvRGNuQnR4Y1ZhaGlqVFpNanRub0tBLTJvV3NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSxwMA0G
CSqGSIb3DQEBCwUAA4IBAQBaPDHE4KSNaIIFIOTiL46l55/vhJcLJHLqY7PtcAf2
l54hjoZp8jsYOJ9e1cpk5XSM54ezn2b+mMCnXqCZxmPlenbW6n16wfgmgAAnlQlW
vJk4iRw0oyEC/CsNGAwxM1lJfJm72O2NK1ZJXL2+dhfF6RDaUplbr/WsWXbyIwhq
bPw6YWi4yXLej/8koevRrTjktHfe5+kp+ERhgRYyaZVWKonc6CdvsaHV43ICmZUc
8KbtuKoKpnT8LPka5Imp5AwyooTe+FhfiruVqTpOvg1UPM1sqSiNuqdBtO4x9IAp
w729b81Br/wpErQjZ6ZBZkCPKcO2CMJUnREz2O4V03YW
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:25:22 2025 by rpki-client