Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/4c4058-8ee3-4e3e-a30c-bac476b97eee/1/QbFFIa57gEej9N3maZREPIf8iks.roa
File: QbFFIa57gEej9N3maZREPIf8iks.roa (raw, json)
Hash identifier: hcFXcDD6rdtpRElHfY11qibS2KvTLQnbHBW6CmjqQ7I=
Subject key identifier: 41:B1:45:21:AE:7B:80:47:A3:F4:DD:E6:69:94:44:3C:87:FC:8A:4B
Certificate issuer: /CN=ee182424b484197dc304524092dcdd992fcbe4be
Certificate serial: 07A7D2E7
Authority key identifier: EE:18:24:24:B4:84:19:7D:C3:04:52:40:92:DC:DD:99:2F:CB:E4:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hgkJLSEGX3DBFJAktzdmS_L5L4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/4c4058-8ee3-4e3e-a30c-bac476b97eee/1/QbFFIa57gEej9N3maZREPIf8iks.roa
Signing time: Sat 01 Jan 2022 08:02:52 +0000
ROA not before: Sat 01 Jan 2022 08:02:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208321
IP address blocks: 185.235.88.0/22 maxlen: 24
2a0b:e200::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 128439015 (0x7a7d2e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee182424b484197dc304524092dcdd992fcbe4be
Validity
Not Before: Jan 1 08:02:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=41b14521ae7b8047a3f4dde66994443c87fc8a4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:e9:83:a3:c8:b4:8e:65:bb:3c:1e:41:05:3e:
fe:d7:83:38:7d:75:1a:e0:5c:b5:ad:54:d4:26:43:
0a:b8:c1:b6:e7:61:5c:91:d7:03:1c:11:43:a1:83:
fe:cc:69:24:99:07:3c:b7:90:d5:07:10:9f:ee:42:
56:8d:86:79:a6:16:81:39:5d:d7:71:89:24:af:72:
91:ca:1f:9b:dd:53:b0:33:53:72:f3:61:8d:31:d8:
15:b2:fd:4b:9b:40:00:c2:a6:ba:8b:fc:e7:d2:e8:
9b:48:c1:31:93:83:86:c7:bd:d5:7b:00:99:7f:23:
33:8e:90:ba:7d:66:f1:70:9a:bc:0a:c6:f0:8a:3d:
40:77:e5:6c:30:55:d9:d3:99:3b:ea:8a:30:08:f3:
c4:d3:68:c8:5d:1f:ff:66:f0:7a:34:8d:84:a5:12:
d5:70:a8:4c:22:fe:10:f8:3e:f2:f4:e2:cb:86:22:
1c:ae:f2:4b:17:be:1c:3e:39:f7:29:e8:3b:92:48:
63:bd:ff:4e:10:0d:9c:c1:78:39:b4:c5:3c:96:e6:
e1:f6:ff:2d:6d:d7:2a:3b:f1:61:8c:63:84:03:9c:
2b:e0:57:bd:f1:c3:2c:2b:be:e0:d5:4c:34:5b:1e:
eb:0c:6f:e4:af:6d:41:d3:9e:92:bb:a0:7f:c0:8e:
da:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:B1:45:21:AE:7B:80:47:A3:F4:DD:E6:69:94:44:3C:87:FC:8A:4B
X509v3 Authority Key Identifier:
keyid:EE:18:24:24:B4:84:19:7D:C3:04:52:40:92:DC:DD:99:2F:CB:E4:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hgkJLSEGX3DBFJAktzdmS_L5L4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/4c4058-8ee3-4e3e-a30c-bac476b97eee/1/QbFFIa57gEej9N3maZREPIf8iks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/4c4058-8ee3-4e3e-a30c-bac476b97eee/1/7hgkJLSEGX3DBFJAktzdmS_L5L4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.235.88.0/22
IPv6:
2a0b:e200::/29
Signature Algorithm: sha256WithRSAEncryption
5f:fe:67:2e:c4:d8:e7:41:a5:57:cb:3b:9f:3e:5b:18:22:39:
11:a2:90:32:c9:05:82:30:fc:b4:8b:ff:c2:97:4f:b2:9c:db:
af:13:b5:70:2f:ce:52:bd:64:47:f9:f8:42:ba:93:14:7a:81:
98:33:7e:16:dc:d9:f9:5e:f3:15:1a:5a:73:90:46:77:c2:f3:
9e:40:d9:28:11:40:98:f8:4a:7e:fd:6b:4a:66:84:ec:2d:5f:
cd:42:a3:1e:71:9a:27:ed:ab:3a:65:f0:ff:26:9e:f7:01:ec:
0a:20:ae:33:3f:26:c6:63:04:55:29:6a:eb:e8:c5:10:8c:7b:
bd:16:d0:06:a4:39:34:96:d9:6b:f5:a2:d9:f8:b2:25:6a:70:
7d:7c:38:75:f9:e2:ca:c8:de:a0:31:d4:cd:eb:61:95:ba:8d:
f4:40:1b:16:2b:33:b0:dd:30:ca:20:24:f7:93:37:e8:cd:4b:
83:99:62:95:43:c7:37:27:4b:b1:e7:35:ab:68:4e:98:d4:a0:
dc:11:e4:16:80:fa:1f:15:be:5b:93:9f:ec:d4:c2:4e:5d:b6:
ad:28:86:e1:03:af:79:ab:5a:68:d4:7f:b7:fc:2a:d3:3b:82:
67:8e:a6:36:91:f5:f8:fa:6a:a4:47:08:1a:d4:82:22:96:30:
a6:35:ab:1d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEB6fS5zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZTE4MjQyNGI0ODQxOTdkYzMwNDUyNDA5MmRjZGQ5OTJmY2JlNGJlMB4XDTIyMDEw
MTA4MDI1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDFiMTQ1MjFhZTdi
ODA0N2EzZjRkZGU2Njk5NDQ0M2M4N2ZjOGE0YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN3pg6PItI5luzweQQU+/teDOH11GuBcta1U1CZDCrjBtudh
XJHXAxwRQ6GD/sxpJJkHPLeQ1QcQn+5CVo2GeaYWgTld13GJJK9ykcofm91TsDNT
cvNhjTHYFbL9S5tAAMKmuov859Lom0jBMZODhse91XsAmX8jM46Qun1m8XCavArG
8Io9QHflbDBV2dOZO+qKMAjzxNNoyF0f/2bwejSNhKUS1XCoTCL+EPg+8vTiy4Yi
HK7ySxe+HD459ynoO5JIY73/ThANnMF4ObTFPJbm4fb/LW3XKjvxYYxjhAOcK+BX
vfHDLCu+4NVMNFse6wxv5K9tQdOekrugf8CO2ncCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRBsUUhrnuAR6P03eZplEQ8h/yKSzAfBgNVHSMEGDAWgBTuGCQktIQZfcME
UkCS3N2ZL8vkvjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdoZ2tKTFNFR1gzREJGSkFrdHpkbVNfTDVMNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWIvNGM0MDU4LThlZTMtNGUzZS1hMzBjLWJhYzQ3NmI5N2VlZS8x
L1FiRkZJYTU3Z0VlajlOM21hWlJFUElmOGlrcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWIv
NGM0MDU4LThlZTMtNGUzZS1hMzBjLWJhYzQ3NmI5N2VlZS8xLzdoZ2tKTFNFR1gz
REJGSkFrdHpkbVNfTDVMNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArnrWDANBAIAAjAHAwUDKgviADAN
BgkqhkiG9w0BAQsFAAOCAQEAX/5nLsTY50GlV8s7nz5bGCI5EaKQMskFgjD8tIv/
wpdPspzbrxO1cC/OUr1kR/n4QrqTFHqBmDN+FtzZ+V7zFRpac5BGd8LznkDZKBFA
mPhKfv1rSmaE7C1fzUKjHnGaJ+2rOmXw/yae9wHsCiCuMz8mxmMEVSlq6+jFEIx7
vRbQBqQ5NJbZa/Wi2fiyJWpwfXw4dfniysjeoDHUzethlbqN9EAbFiszsN0wyiAk
95M36M1Lg5lilUPHNydLsec1q2hOmNSg3BHkFoD6HxW+W5Of7NTCTl22rSiG4QOv
eataaNR/t/wq0zuCZ46mNpH1+PpqpEcIGtSCIpYwpjWrHQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:19:48 2025 by rpki-client