Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/efbbf0-e4fa-4431-b1e7-06a24fa74667/1/qB3P0kJhyTPXl3fx23aOi41REIk.roa
File: qB3P0kJhyTPXl3fx23aOi41REIk.roa (raw, json)
Hash identifier: 8lwWi28lMVXlKBqNJpgjsBMp13y7pTKtTdqR9R15RPA=
Subject key identifier: A8:1D:CF:D2:42:61:C9:33:D7:97:77:F1:DB:76:8E:8B:8D:51:10:89
Certificate issuer: /CN=926b9336fcaf3657cedeba53c47e948010877e20
Certificate serial: 0188D90F462410308D50BA1C34237B88BCA7
Authority key identifier: 92:6B:93:36:FC:AF:36:57:CE:DE:BA:53:C4:7E:94:80:10:87:7E:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kmuTNvyvNlfO3rpTxH6UgBCHfiA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/efbbf0-e4fa-4431-b1e7-06a24fa74667/1/qB3P0kJhyTPXl3fx23aOi41REIk.roa
Signing time: Tue 20 Jun 2023 13:47:16 +0000
ROA not before: Tue 20 Jun 2023 13:47:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200428
IP address blocks: 185.229.208.0/22 maxlen: 22
185.163.4.0/22 maxlen: 22
185.151.60.0/22 maxlen: 22
2a0a:2640::/29 maxlen: 29
2a0a:5800::/29 maxlen: 29
2a0d:ce00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d9:0f:46:24:10:30:8d:50:ba:1c:34:23:7b:88:bc:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=926b9336fcaf3657cedeba53c47e948010877e20
Validity
Not Before: Jun 20 13:47:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a81dcfd24261c933d79777f1db768e8b8d511089
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:85:1a:ff:f6:20:50:d7:76:2e:cc:cc:27:4e:
b5:41:13:31:5e:3d:41:d7:6a:7b:7c:74:f5:02:f4:
36:00:32:ff:71:7b:18:cd:0e:4f:8a:ca:5f:7f:1e:
3f:16:3e:11:fc:90:42:ee:41:17:80:16:1a:f3:47:
77:76:2d:61:2c:e4:ed:77:79:9b:dc:6d:c6:c4:98:
d9:71:76:85:a1:32:31:08:23:e1:e2:4c:77:a1:39:
12:3e:28:0e:e2:58:ca:4f:c9:47:a2:56:62:b0:d3:
ee:49:96:c4:2e:16:30:fc:ba:eb:63:7b:f0:00:ca:
49:fc:d8:c8:63:e9:47:1e:b9:0b:df:07:0b:da:03:
04:e4:ae:94:96:d2:03:2e:e4:e1:ca:13:be:e0:ff:
14:ea:d6:6a:27:33:e2:f5:f6:7f:7c:60:e3:ba:31:
c2:1a:f2:9e:be:97:e7:22:43:e6:d0:ed:54:7e:75:
5e:3f:9d:e1:0f:a2:cc:9b:c4:1c:b2:49:a8:ce:35:
75:ea:03:b0:ef:41:7a:16:a7:2a:85:00:6e:34:5a:
ff:f5:2f:da:a3:f6:69:df:8d:c2:42:f3:2b:94:98:
c7:6e:5a:89:13:01:1c:40:ae:7a:52:73:be:0b:d0:
c5:ed:73:d9:28:f1:36:da:a0:36:29:44:6e:a5:cd:
c8:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:1D:CF:D2:42:61:C9:33:D7:97:77:F1:DB:76:8E:8B:8D:51:10:89
X509v3 Authority Key Identifier:
keyid:92:6B:93:36:FC:AF:36:57:CE:DE:BA:53:C4:7E:94:80:10:87:7E:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kmuTNvyvNlfO3rpTxH6UgBCHfiA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/efbbf0-e4fa-4431-b1e7-06a24fa74667/1/qB3P0kJhyTPXl3fx23aOi41REIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/efbbf0-e4fa-4431-b1e7-06a24fa74667/1/kmuTNvyvNlfO3rpTxH6UgBCHfiA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.151.60.0/22
185.163.4.0/22
185.229.208.0/22
IPv6:
2a0a:2640::/29
2a0a:5800::/29
2a0d:ce00::/29
Signature Algorithm: sha256WithRSAEncryption
2c:fe:dd:b2:a7:67:68:7d:d6:ef:8a:11:e3:ea:e7:f3:ba:ff:
73:df:41:80:60:8d:15:8a:70:4d:40:12:8d:db:bb:ba:c4:ad:
ca:33:98:80:35:9f:32:d7:98:e4:f4:98:a4:e1:8d:f0:50:d9:
62:3e:52:0f:9f:39:43:0c:25:10:0c:2e:b8:ed:41:17:b6:d1:
06:d1:e0:35:05:9c:0f:32:90:07:bb:01:5b:de:43:ae:4d:97:
b1:c3:8d:34:48:c8:8f:c2:4a:32:20:50:c0:5c:d0:e9:79:ca:
db:96:15:ea:7d:51:45:cd:59:3c:56:3d:c9:3c:93:bc:30:b7:
1f:5b:5c:22:a0:f5:33:de:4b:7d:4e:a7:f2:08:f4:b7:09:68:
b9:dd:ae:f0:02:f6:48:0a:6c:3c:04:2b:ed:8f:9c:c9:4f:e6:
66:24:ff:3a:cb:8b:fb:f8:e3:0d:ca:a1:4f:63:21:cb:6d:2b:
20:5e:5c:0a:8f:38:d4:51:e9:5c:ff:fc:2f:38:48:e5:d8:23:
69:43:f4:0a:e5:48:49:ce:23:ef:75:6a:c8:d1:c6:3d:ba:b2:
ae:77:8d:4c:04:22:5b:4a:24:65:32:98:f0:17:91:fa:58:46:
ea:de:b0:c9:30:08:73:c3:7a:b2:98:99:8f:25:28:fd:94:01:
e1:03:be:b7
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYjZD0YkEDCNULocNCN7iLynMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNmI5MzM2ZmNhZjM2NTdjZWRlYmE1M2M0N2U5NDgwMTA4
NzdlMjAwHhcNMjMwNjIwMTM0NzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODFkY2ZkMjQyNjFjOTMzZDc5Nzc3ZjFkYjc2OGU4YjhkNTExMDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYUa//YgUNd2LszMJ061QRMxXj1B
12p7fHT1AvQ2ADL/cXsYzQ5Pispffx4/Fj4R/JBC7kEXgBYa80d3di1hLOTtd3mb
3G3GxJjZcXaFoTIxCCPh4kx3oTkSPigO4ljKT8lHolZisNPuSZbELhYw/LrrY3vw
AMpJ/NjIY+lHHrkL3wcL2gME5K6UltIDLuThyhO+4P8U6tZqJzPi9fZ/fGDjujHC
GvKevpfnIkPm0O1UfnVeP53hD6LMm8QcskmozjV16gOw70F6FqcqhQBuNFr/9S/a
o/Zp343CQvMrlJjHblqJEwEcQK56UnO+C9DF7XPZKPE22qA2KURupc3I9QIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFKgdz9JCYckz15d38dt2jouNURCJMB8GA1UdIwQY
MBaAFJJrkzb8rzZXzt66U8R+lIAQh34gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva211VE52eXZObGZPM3JwVHhINlVnQkNIZmlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9lZmJiZjAtZTRmYS00NDMxLWIxZTct
MDZhMjRmYTc0NjY3LzEvcUIzUDBrSmh5VFBYbDNmeDIzYU9pNDFSRUlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9lZmJiZjAtZTRmYS00NDMxLWIxZTctMDZhMjRmYTc0NjY3
LzEva211VE52eXZObGZPM3JwVHhINlVnQkNIZmlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAYBAIAATASAwQCuZc8AwQC
uaMEAwQCueXQMBsEAgACMBUDBQMqCiZAAwUDKgpYAAMFAyoNzgAwDQYJKoZIhvcN
AQELBQADggEBACz+3bKnZ2h91u+KEePq5/O6/3PfQYBgjRWKcE1AEo3bu7rErcoz
mIA1nzLXmOT0mKThjfBQ2WI+Ug+fOUMMJRAMLrjtQRe20QbR4DUFnA8ykAe7AVve
Q65Nl7HDjTRIyI/CSjIgUMBc0Ol5ytuWFep9UUXNWTxWPck8k7wwtx9bXCKg9TPe
S31Op/II9LcJaLndrvAC9kgKbDwEK+2PnMlP5mYk/zrLi/v44w3KoU9jIcttKyBe
XAqPONRR6Vz//C84SOXYI2lD9ArlSEnOI+91asjRxj26sq53jUwEIltKJGUymPAX
kfpYRuresMkwCHPDerKYmY8lKP2UAeEDvrc=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:55 2025 by rpki-client