Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/64d7a9-cac3-4549-a7aa-61b7902ee204/1/qeMpVjhSJHAxuJB21qQhuYSJsl8.roa
File: qeMpVjhSJHAxuJB21qQhuYSJsl8.roa (raw, json)
Hash identifier: 4/ZWmN6FVVzJ3qpW3ABagBQHYpOCFqOhTED1pSgNnP8=
Subject key identifier: A9:E3:29:56:38:52:24:70:31:B8:90:76:D6:A4:21:B9:84:89:B2:5F
Certificate issuer: /CN=3c350ba82f3feb5aee28938fbf1b09c1e2fd19b4
Certificate serial: 36F7CD84
Authority key identifier: 3C:35:0B:A8:2F:3F:EB:5A:EE:28:93:8F:BF:1B:09:C1:E2:FD:19:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PDULqC8_61ruKJOPvxsJweL9GbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/64d7a9-cac3-4549-a7aa-61b7902ee204/1/qeMpVjhSJHAxuJB21qQhuYSJsl8.roa
Signing time: Sat 01 Jan 2022 01:03:00 +0000
ROA not before: Sat 01 Jan 2022 01:03:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15830
IP address blocks: 217.69.16.0/20 maxlen: 20
185.3.24.0/22 maxlen: 22
2a03:6c80::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 922209668 (0x36f7cd84)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c350ba82f3feb5aee28938fbf1b09c1e2fd19b4
Validity
Not Before: Jan 1 01:03:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a9e329563852247031b89076d6a421b98489b25f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:b9:cd:6a:97:db:73:eb:64:a6:54:c9:01:a9:
38:45:11:b3:65:1a:03:81:a3:9b:58:0d:e3:d6:59:
b6:79:3b:0e:f4:a3:75:fa:52:8e:80:97:47:1d:50:
51:42:f6:2d:49:16:8f:e7:1d:40:f6:a6:47:30:d3:
a4:89:1b:45:1d:ea:af:c3:39:cf:8b:0e:64:07:eb:
bc:70:32:d7:b0:80:f4:d1:7c:50:38:e9:b7:1c:1d:
cf:1b:0a:03:12:2a:c7:53:aa:e7:3b:7e:b7:ab:f9:
59:8a:0a:f0:a2:7b:c8:1e:79:32:51:58:da:b8:0b:
bd:3a:24:ca:e0:af:19:d2:dd:29:aa:32:bb:88:eb:
43:f2:15:33:5a:df:af:7b:45:b0:4f:b2:cd:ab:bc:
14:94:3b:44:93:10:f0:4f:0e:fa:1c:08:b6:90:e3:
29:e5:58:37:ff:00:60:1a:6f:e3:80:0d:84:ac:b9:
a0:28:b5:9e:23:95:cb:e4:b0:03:03:cd:1f:89:8c:
93:9a:c9:09:f1:53:db:56:29:8e:8c:86:ed:99:46:
3e:df:e9:54:a2:34:5f:fb:cb:7d:f4:2c:89:6e:44:
1f:91:94:36:18:6a:3a:d3:41:22:a9:fe:35:5f:9f:
e9:8f:4a:20:4d:b8:6a:32:3e:e5:c4:d1:3a:b5:55:
e6:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:E3:29:56:38:52:24:70:31:B8:90:76:D6:A4:21:B9:84:89:B2:5F
X509v3 Authority Key Identifier:
keyid:3C:35:0B:A8:2F:3F:EB:5A:EE:28:93:8F:BF:1B:09:C1:E2:FD:19:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PDULqC8_61ruKJOPvxsJweL9GbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/64d7a9-cac3-4549-a7aa-61b7902ee204/1/qeMpVjhSJHAxuJB21qQhuYSJsl8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/64d7a9-cac3-4549-a7aa-61b7902ee204/1/PDULqC8_61ruKJOPvxsJweL9GbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.3.24.0/22
217.69.16.0/20
IPv6:
2a03:6c80::/32
Signature Algorithm: sha256WithRSAEncryption
49:76:cb:94:a1:a9:51:5c:39:e2:91:44:06:5e:3f:cd:40:13:
f9:b2:f9:ee:9f:16:7a:76:c7:e3:54:f5:69:56:85:e8:c5:8f:
a7:95:85:30:9f:03:94:66:62:3a:ef:92:5a:0e:99:0d:23:7f:
87:e2:02:e9:08:da:6e:0a:b2:8d:ec:8d:1c:1d:5c:00:f0:86:
65:da:68:0f:2d:44:10:6f:99:c6:6d:fb:02:75:fd:2b:99:62:
1f:44:5b:36:85:34:55:4e:c9:1c:10:40:1d:a9:55:3f:06:9c:
e1:fe:c3:08:06:59:b6:ff:65:f6:4b:79:4b:3d:cb:f6:22:8a:
97:58:45:24:0b:5a:bd:db:09:25:86:04:77:b8:cd:06:c4:2f:
23:75:82:47:73:87:a9:ad:6b:66:3d:3d:b5:3c:29:f4:fc:0f:
5e:59:3e:67:b6:f5:ca:20:12:5c:ec:aa:46:1e:46:41:1e:ea:
a6:a6:50:b5:6a:d0:f5:d4:d4:29:8e:89:e3:ee:3f:8e:32:85:
da:e9:e6:cc:db:ab:45:29:55:d4:6d:b0:a3:e5:df:13:db:98:
fb:13:a0:2c:a2:93:4c:18:dc:80:b6:e0:52:b5:d0:ba:2f:49:
75:35:8d:f7:f2:a6:66:d8:1e:94:71:f7:c4:f4:1c:bc:5c:a8:
ff:2b:e2:e3
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIENvfNhDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YzM1MGJhODJmM2ZlYjVhZWUyODkzOGZiZjFiMDljMWUyZmQxOWI0MB4XDTIyMDEw
MTAxMDMwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTllMzI5NTYzODUy
MjQ3MDMxYjg5MDc2ZDZhNDIxYjk4NDg5YjI1ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMO5zWqX23PrZKZUyQGpOEURs2UaA4Gjm1gN49ZZtnk7DvSj
dfpSjoCXRx1QUUL2LUkWj+cdQPamRzDTpIkbRR3qr8M5z4sOZAfrvHAy17CA9NF8
UDjptxwdzxsKAxIqx1Oq5zt+t6v5WYoK8KJ7yB55MlFY2rgLvTokyuCvGdLdKaoy
u4jrQ/IVM1rfr3tFsE+yzau8FJQ7RJMQ8E8O+hwItpDjKeVYN/8AYBpv44ANhKy5
oCi1niOVy+SwAwPNH4mMk5rJCfFT21YpjoyG7ZlGPt/pVKI0X/vLffQsiW5EH5GU
NhhqOtNBIqn+NV+f6Y9KIE24ajI+5cTROrVV5lsCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSp4ylWOFIkcDG4kHbWpCG5hImyXzAfBgNVHSMEGDAWgBQ8NQuoLz/rWu4o
k4+/GwnB4v0ZtDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1BEVUxxQzhfNjFydUtKT1B2eHNKd2VMOUdiUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTkvNjRkN2E5LWNhYzMtNDU0OS1hN2FhLTYxYjc5MDJlZTIwNC8x
L3FlTXBWamhTSkhBeHVKQjIxcVFodVlTSnNsOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTkv
NjRkN2E5LWNhYzMtNDU0OS1hN2FhLTYxYjc5MDJlZTIwNC8xL1BEVUxxQzhfNjFy
dUtKT1B2eHNKd2VMOUdiUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEArkDGAMEBNlFEDANBAIAAjAHAwUA
KgNsgDANBgkqhkiG9w0BAQsFAAOCAQEASXbLlKGpUVw54pFEBl4/zUAT+bL57p8W
enbH41T1aVaF6MWPp5WFMJ8DlGZiOu+SWg6ZDSN/h+IC6QjabgqyjeyNHB1cAPCG
ZdpoDy1EEG+Zxm37AnX9K5liH0RbNoU0VU7JHBBAHalVPwac4f7DCAZZtv9l9kt5
Sz3L9iKKl1hFJAtavdsJJYYEd7jNBsQvI3WCR3OHqa1rZj09tTwp9PwPXlk+Z7b1
yiASXOyqRh5GQR7qpqZQtWrQ9dTUKY6J4+4/jjKF2unmzNurRSlV1G2wo+XfE9uY
+xOgLKKTTBjcgLbgUrXQui9JdTWN9/KmZtgelHH3xPQcvFyo/yvi4w==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:00:52 2025 by rpki-client