Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/64d7a9-cac3-4549-a7aa-61b7902ee204/1/g_qS0oW1ITnmRslBdrugaOGK8SE.roa
File: g_qS0oW1ITnmRslBdrugaOGK8SE.roa (raw, json)
Hash identifier: 8KJQhQuAe9r/CKO8UzQV85L8RbVBV0XFSQo8xm5zL3o=
Subject key identifier: 83:FA:92:D2:85:B5:21:39:E6:46:C9:41:76:BB:A0:68:E1:8A:F1:21
Certificate issuer: /CN=3c350ba82f3feb5aee28938fbf1b09c1e2fd19b4
Certificate serial: 01856E6FA01039596800719D61D82F6D271D
Authority key identifier: 3C:35:0B:A8:2F:3F:EB:5A:EE:28:93:8F:BF:1B:09:C1:E2:FD:19:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PDULqC8_61ruKJOPvxsJweL9GbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/64d7a9-cac3-4549-a7aa-61b7902ee204/1/g_qS0oW1ITnmRslBdrugaOGK8SE.roa
Signing time: Sun 01 Jan 2023 17:44:47 +0000
ROA not before: Sun 01 Jan 2023 17:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15830
IP address blocks: 217.69.16.0/20 maxlen: 20
185.3.24.0/22 maxlen: 22
2a03:6c80::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:6f:a0:10:39:59:68:00:71:9d:61:d8:2f:6d:27:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c350ba82f3feb5aee28938fbf1b09c1e2fd19b4
Validity
Not Before: Jan 1 17:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=83fa92d285b52139e646c94176bba068e18af121
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:8e:0c:f2:b9:36:ed:aa:89:8e:42:03:c4:de:
2a:fb:2d:e9:90:77:58:c8:10:98:8d:aa:e9:7b:cc:
23:c2:39:f1:4e:40:90:83:8e:ba:d6:ba:d5:1a:a7:
58:c4:a7:46:a6:e1:49:c6:95:92:f5:5e:72:9f:43:
ed:52:2c:e0:28:73:83:3b:b5:2e:09:3a:95:6d:5d:
f8:9f:ad:9c:03:1c:55:38:22:76:3b:fa:b5:1d:28:
80:e6:2f:5a:f8:1e:f1:8d:24:ef:61:b5:9a:fd:69:
da:12:9a:96:82:92:ee:d4:d5:79:b1:89:27:01:52:
34:e9:ee:6d:6e:bb:f0:fe:0a:21:9f:45:f8:7a:18:
e0:cc:1f:4a:df:1a:53:ba:6e:f7:95:86:40:52:8a:
f5:c4:bc:ed:22:ed:68:0b:1a:a2:ef:7a:ca:93:c4:
34:7e:df:64:28:4e:aa:0e:3a:21:b1:5a:f8:0d:cf:
19:fe:38:4e:10:0e:ed:74:11:02:93:83:ab:0a:e7:
23:6f:27:eb:31:03:80:3c:24:6f:77:e7:7d:d2:f9:
7a:3f:12:94:a2:12:83:6e:94:91:69:63:7b:ba:7e:
17:d3:73:f3:a1:4e:04:fb:3d:30:e0:6f:c6:d4:12:
f3:30:df:86:0d:bc:31:a9:5f:88:b1:c6:1f:80:17:
cf:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:FA:92:D2:85:B5:21:39:E6:46:C9:41:76:BB:A0:68:E1:8A:F1:21
X509v3 Authority Key Identifier:
keyid:3C:35:0B:A8:2F:3F:EB:5A:EE:28:93:8F:BF:1B:09:C1:E2:FD:19:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PDULqC8_61ruKJOPvxsJweL9GbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/64d7a9-cac3-4549-a7aa-61b7902ee204/1/g_qS0oW1ITnmRslBdrugaOGK8SE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/64d7a9-cac3-4549-a7aa-61b7902ee204/1/PDULqC8_61ruKJOPvxsJweL9GbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.3.24.0/22
217.69.16.0/20
IPv6:
2a03:6c80::/32
Signature Algorithm: sha256WithRSAEncryption
72:87:bf:3b:76:75:b5:eb:d0:74:06:9f:d0:e9:39:c8:5d:14:
f3:3e:8e:9b:62:69:7a:21:44:d8:1b:37:4a:0d:27:66:31:82:
e0:69:55:90:c5:69:70:cd:85:d0:6c:36:43:e4:7a:39:9f:fb:
50:02:4f:9f:82:a5:4e:bd:24:24:4b:dd:c4:5e:74:88:11:77:
c7:16:85:2a:37:8b:a7:a5:26:5c:ce:82:fe:fb:d0:36:02:81:
f6:ee:50:91:b9:cd:98:e1:7b:54:23:f0:33:de:9b:b6:f6:4f:
07:ff:f1:6d:c6:97:cf:a8:b7:94:aa:2e:92:b6:80:40:54:1f:
72:97:18:5f:2c:e9:4a:b3:c2:f9:61:4b:9d:ca:c8:c3:da:bb:
32:88:c1:42:f0:c2:fd:1f:e1:98:6c:5a:ee:ee:32:f0:9f:f1:
fa:1f:6e:32:00:6b:97:35:38:d5:18:53:02:78:46:35:4d:06:
9e:3f:ac:ce:fc:f5:2b:7d:fb:1a:3b:53:c3:99:88:2b:1e:c4:
f2:c4:da:22:59:ed:3b:db:59:c0:0c:de:2f:8f:0d:1a:d1:b2:
57:22:ed:3c:91:32:fc:65:70:d8:86:de:a4:b5:a6:0c:26:4e:
29:fa:d4:c1:46:ac:9b:f6:a2:c3:7a:1d:77:85:bb:88:be:c7:
52:d4:ab:30
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVub6AQOVloAHGdYdgvbScdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjMzUwYmE4MmYzZmViNWFlZTI4OTM4ZmJmMWIwOWMxZTJm
ZDE5YjQwHhcNMjMwMTAxMTc0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2ZhOTJkMjg1YjUyMTM5ZTY0NmM5NDE3NmJiYTA2OGUxOGFmMTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlY4M8rk27aqJjkIDxN4q+y3pkHdY
yBCYjarpe8wjwjnxTkCQg4661rrVGqdYxKdGpuFJxpWS9V5yn0PtUizgKHODO7Uu
CTqVbV34n62cAxxVOCJ2O/q1HSiA5i9a+B7xjSTvYbWa/WnaEpqWgpLu1NV5sYkn
AVI06e5tbrvw/gohn0X4ehjgzB9K3xpTum73lYZAUor1xLztIu1oCxqi73rKk8Q0
ft9kKE6qDjohsVr4Dc8Z/jhOEA7tdBECk4OrCucjbyfrMQOAPCRvd+d90vl6PxKU
ohKDbpSRaWN7un4X03PzoU4E+z0w4G/G1BLzMN+GDbwxqV+IscYfgBfPdwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIP6ktKFtSE55kbJQXa7oGjhivEhMB8GA1UdIwQY
MBaAFDw1C6gvP+ta7iiTj78bCcHi/Rm0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUERVTHFDOF82MXJ1S0pPUHZ4c0p3ZUw5R2JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82NGQ3YTktY2FjMy00NTQ5LWE3YWEt
NjFiNzkwMmVlMjA0LzEvZ19xUzBvVzFJVG5tUnNsQmRydWdhT0dLOFNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82NGQ3YTktY2FjMy00NTQ5LWE3YWEtNjFiNzkwMmVlMjA0
LzEvUERVTHFDOF82MXJ1S0pPUHZ4c0p3ZUw5R2JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuQMYAwQE
2UUQMA0EAgACMAcDBQAqA2yAMA0GCSqGSIb3DQEBCwUAA4IBAQByh787dnW169B0
Bp/Q6TnIXRTzPo6bYml6IUTYGzdKDSdmMYLgaVWQxWlwzYXQbDZD5Ho5n/tQAk+f
gqVOvSQkS93EXnSIEXfHFoUqN4unpSZczoL++9A2AoH27lCRuc2Y4XtUI/Az3pu2
9k8H//FtxpfPqLeUqi6StoBAVB9ylxhfLOlKs8L5YUudysjD2rsyiMFC8ML9H+GY
bFru7jLwn/H6H24yAGuXNTjVGFMCeEY1TQaeP6zO/PUrffsaO1PDmYgrHsTyxNoi
We0721nADN4vjw0a0bJXIu08kTL8ZXDYht6ktaYMJk4p+tTBRqyb9qLDeh13hbuI
vsdS1Ksw
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:05:39 2025 by rpki-client