Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/181ad6-4764-4881-8962-0aff69faf68a/1/6q_QqeRP6JEDUlRTxIBRdQLB9mM.roa
File: 6q_QqeRP6JEDUlRTxIBRdQLB9mM.roa (raw, json)
Hash identifier: tFOlWfJdWVPYNluYd+atk8dp45yuBECe2xurfuo5ouM=
Subject key identifier: EA:AF:D0:A9:E4:4F:E8:91:03:52:54:53:C4:80:51:75:02:C1:F6:63
Certificate issuer: /CN=0f657093f326547bf25a9985c81cf1403140a3a8
Certificate serial: 018572D5DF9BAE3C83D7C24B1B9F192AEB1C
Authority key identifier: 0F:65:70:93:F3:26:54:7B:F2:5A:99:85:C8:1C:F1:40:31:40:A3:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D2Vwk_MmVHvyWpmFyBzxQDFAo6g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/181ad6-4764-4881-8962-0aff69faf68a/1/6q_QqeRP6JEDUlRTxIBRdQLB9mM.roa
Signing time: Mon 02 Jan 2023 14:14:57 +0000
ROA not before: Mon 02 Jan 2023 14:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207044
IP address blocks: 185.241.132.0/22 maxlen: 22
185.138.112.0/24 maxlen: 24
185.138.112.0/22 maxlen: 22
185.138.113.0/24 maxlen: 24
185.138.114.0/24 maxlen: 24
185.138.115.0/24 maxlen: 24
2a0d:4707:1400::/38 maxlen: 38
2a0d:4707:400::/38 maxlen: 38
2a0d:4707:1000::/38 maxlen: 38
2a0d:4707::/38 maxlen: 38
2a0d:4707:c00::/38 maxlen: 38
2a0d:4707:800::/38 maxlen: 38
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:d5:df:9b:ae:3c:83:d7:c2:4b:1b:9f:19:2a:eb:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f657093f326547bf25a9985c81cf1403140a3a8
Validity
Not Before: Jan 2 14:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eaafd0a9e44fe89103525453c480517502c1f663
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:3f:d1:2b:01:0b:4f:07:bc:7d:55:a6:70:d1:
bf:0f:b0:99:46:8f:32:de:3e:c2:ed:93:de:54:0d:
42:0e:41:4d:fc:b0:0b:dc:f1:e7:78:f0:33:6d:5a:
9c:bc:6d:9e:0f:c4:84:21:a6:95:1e:d2:91:bd:63:
ab:16:3f:b4:0a:94:b7:51:3f:e8:e2:4f:fa:4c:09:
a3:fe:09:d1:cd:06:db:7e:4f:02:cc:b4:4d:94:11:
82:88:2a:78:46:74:91:90:2d:0f:40:a6:76:72:68:
92:5b:be:53:26:30:ca:e7:50:1b:32:a1:fb:2c:d9:
b1:4e:46:11:e8:d5:d2:eb:46:c7:11:94:41:20:31:
8d:d8:45:eb:c6:d2:b2:45:a5:5f:9c:d0:44:2a:23:
41:3d:9f:cb:73:3f:f1:80:b7:84:f6:3f:57:aa:17:
05:8d:54:ce:06:e4:53:5d:37:6d:c7:be:71:6b:97:
cf:3f:f4:a1:72:34:85:56:10:ec:ff:df:d7:0d:46:
7a:9d:d0:a1:68:60:0e:f4:d7:01:6e:35:45:43:f5:
79:4e:31:a2:34:6a:e6:85:78:ab:32:59:35:a6:06:
d8:1b:9b:c2:09:30:a7:dc:de:86:85:6f:fc:ae:4b:
fc:55:49:e0:ba:7b:0c:33:ee:ca:2e:37:4b:07:93:
f4:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:AF:D0:A9:E4:4F:E8:91:03:52:54:53:C4:80:51:75:02:C1:F6:63
X509v3 Authority Key Identifier:
keyid:0F:65:70:93:F3:26:54:7B:F2:5A:99:85:C8:1C:F1:40:31:40:A3:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2Vwk_MmVHvyWpmFyBzxQDFAo6g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/181ad6-4764-4881-8962-0aff69faf68a/1/6q_QqeRP6JEDUlRTxIBRdQLB9mM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/181ad6-4764-4881-8962-0aff69faf68a/1/D2Vwk_MmVHvyWpmFyBzxQDFAo6g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.138.112.0/22
185.241.132.0/22
IPv6:
2a0d:4707::-2a0d:4707:17ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
70:04:68:90:fb:84:61:6c:b7:a8:4f:5a:44:63:85:86:95:54:
25:50:51:e9:42:5e:20:33:ec:ec:f9:15:1c:e9:46:d8:bf:bd:
ba:12:50:04:16:f2:f6:39:b6:29:46:ab:13:54:21:7c:4c:76:
da:d2:7a:68:fa:3d:09:3e:a4:43:17:65:b1:21:00:23:c7:90:
c8:62:fc:b8:60:e8:d7:b1:91:67:1d:83:71:c1:c1:07:56:a7:
5d:09:6b:08:85:92:11:9e:1a:70:94:9c:ff:60:6d:48:7c:61:
5a:ef:f5:90:34:8a:d5:ae:ad:a3:d9:7f:77:f8:86:2d:3c:f8:
b9:a1:88:2f:61:35:14:af:39:18:4f:78:22:97:23:a9:15:9c:
cd:b5:fe:ab:e1:22:28:18:ca:c6:21:1e:78:df:39:b8:45:17:
a2:0b:b9:75:1d:d0:d0:c8:c4:07:a6:8e:89:25:ac:a2:f1:7e:
2a:d4:b2:10:a5:ec:34:29:fa:93:a8:df:99:e5:7d:00:73:ee:
a2:f8:38:ba:78:c7:07:d5:2e:61:10:68:17:06:74:01:66:7b:
c3:2b:08:07:34:9d:89:d3:c7:b0:87:df:bb:21:0c:a1:43:d0:
32:7e:89:8d:4f:9d:25:cd:0e:45:84:e2:75:ea:98:58:df:7e:
7d:26:31:cb
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYVy1d+brjyD18JLG58ZKuscMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNjU3MDkzZjMyNjU0N2JmMjVhOTk4NWM4MWNmMTQwMzE0
MGEzYTgwHhcNMjMwMTAyMTQxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWFmZDBhOWU0NGZlODkxMDM1MjU0NTNjNDgwNTE3NTAyYzFmNjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoz/RKwELTwe8fVWmcNG/D7CZRo8y
3j7C7ZPeVA1CDkFN/LAL3PHnePAzbVqcvG2eD8SEIaaVHtKRvWOrFj+0CpS3UT/o
4k/6TAmj/gnRzQbbfk8CzLRNlBGCiCp4RnSRkC0PQKZ2cmiSW75TJjDK51AbMqH7
LNmxTkYR6NXS60bHEZRBIDGN2EXrxtKyRaVfnNBEKiNBPZ/Lcz/xgLeE9j9XqhcF
jVTOBuRTXTdtx75xa5fPP/ShcjSFVhDs/9/XDUZ6ndChaGAO9NcBbjVFQ/V5TjGi
NGrmhXirMlk1pgbYG5vCCTCn3N6GhW/8rkv8VUngunsMM+7KLjdLB5P0zwIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFOqv0KnkT+iRA1JUU8SAUXUCwfZjMB8GA1UdIwQY
MBaAFA9lcJPzJlR78lqZhcgc8UAxQKOoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDJWd2tfTW1WSHZ5V3BtRnlCenhRREZBbzZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS8xODFhZDYtNDc2NC00ODgxLTg5NjIt
MGFmZjY5ZmFmNjhhLzEvNnFfUXFlUlA2SkVEVWxSVHhJQlJkUUxCOW1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS8xODFhZDYtNDc2NC00ODgxLTg5NjItMGFmZjY5ZmFmNjhh
LzEvRDJWd2tfTW1WSHZ5V3BtRnlCenhRREZBbzZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTASBAIAATAMAwQCuYpwAwQC
ufGEMBcEAgACMBEwDwMFACoNRwcDBgMqDUcHEDANBgkqhkiG9w0BAQsFAAOCAQEA
cARokPuEYWy3qE9aRGOFhpVUJVBR6UJeIDPs7PkVHOlG2L+9uhJQBBby9jm2KUar
E1QhfEx22tJ6aPo9CT6kQxdlsSEAI8eQyGL8uGDo17GRZx2DccHBB1anXQlrCIWS
EZ4acJSc/2BtSHxhWu/1kDSK1a6to9l/d/iGLTz4uaGIL2E1FK85GE94IpcjqRWc
zbX+q+EiKBjKxiEeeN85uEUXogu5dR3Q0MjEB6aOiSWsovF+KtSyEKXsNCn6k6jf
meV9AHPuovg4unjHB9UuYRBoFwZ0AWZ7wysIBzSdidPHsIffuyEMoUPQMn6JjU+d
Jc0ORYTideqYWN9+fSYxyw==
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:52:29 2025 by rpki-client