Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/QeTFaLV5eeB9SpXcE0VH5HOuHiY.roa
File: QeTFaLV5eeB9SpXcE0VH5HOuHiY.roa (raw, json)
Hash identifier: bqNi+3eksm2GpSG1KE1p5ZvJ4mQgA8nB3oOifzWLfK8=
Subject key identifier: 41:E4:C5:68:B5:79:79:E0:7D:4A:95:DC:13:45:47:E4:73:AE:1E:26
Certificate issuer: /CN=5806da5a59251275ceb18694e17415352aedd6aa
Certificate serial: 04822B11
Authority key identifier: 58:06:DA:5A:59:25:12:75:CE:B1:86:94:E1:74:15:35:2A:ED:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WAbaWlklEnXOsYaU4XQVNSrt1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/QeTFaLV5eeB9SpXcE0VH5HOuHiY.roa
Signing time: Fri 01 Apr 2022 17:28:20 +0000
ROA not before: Fri 01 Apr 2022 17:28:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43332
IP address blocks: 185.220.145.0/24 maxlen: 24
185.187.83.0/24 maxlen: 24
185.187.80.0/23 maxlen: 23
185.187.82.0/24 maxlen: 24
2a0b:9b80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75639569 (0x4822b11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5806da5a59251275ceb18694e17415352aedd6aa
Validity
Not Before: Apr 1 17:28:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=41e4c568b57979e07d4a95dc134547e473ae1e26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:67:76:9f:d6:60:66:39:04:67:69:e7:75:4c:
b5:c8:ee:2e:97:6a:5b:35:9f:bb:b6:13:f9:fb:28:
ab:e9:78:e0:cb:a6:43:be:e0:cb:2f:62:77:51:4c:
b5:6e:c7:5c:b7:d9:59:56:d9:90:eb:78:a1:92:45:
d4:f1:63:47:be:8b:81:4c:d6:25:4c:16:07:20:98:
6d:9b:3a:1d:d5:23:7e:77:3c:42:2a:ac:7d:f7:22:
8d:b0:72:82:da:41:16:ba:b5:30:7d:97:c1:bd:14:
4a:ec:78:05:0a:87:bf:93:74:5b:f4:72:0b:78:19:
29:4f:cc:7d:33:94:50:d3:fe:d0:a5:8a:d6:22:f9:
ff:48:07:62:13:e3:96:3a:e4:3b:3f:f3:77:65:b1:
85:b6:97:5b:e0:5d:ea:7c:0c:cf:26:0c:c8:59:a1:
50:8d:43:e6:79:7e:4d:0a:58:a0:91:9e:6c:85:1e:
9e:92:f3:1b:d3:9e:cf:6c:3e:21:23:cd:39:d9:32:
13:33:59:0b:45:5f:5c:52:92:e1:54:34:aa:54:58:
82:65:f9:72:ba:24:28:4f:f6:3a:6a:67:4d:5e:70:
d4:eb:97:70:ec:2f:30:35:ea:65:11:c1:46:93:f5:
37:44:52:65:b6:15:e7:31:3c:40:d4:f3:9d:58:7d:
91:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:E4:C5:68:B5:79:79:E0:7D:4A:95:DC:13:45:47:E4:73:AE:1E:26
X509v3 Authority Key Identifier:
keyid:58:06:DA:5A:59:25:12:75:CE:B1:86:94:E1:74:15:35:2A:ED:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WAbaWlklEnXOsYaU4XQVNSrt1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/QeTFaLV5eeB9SpXcE0VH5HOuHiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/WAbaWlklEnXOsYaU4XQVNSrt1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.187.80.0/22
185.220.145.0/24
IPv6:
2a0b:9b80::/29
Signature Algorithm: sha256WithRSAEncryption
e6:b1:67:42:b3:cd:a3:f9:c6:91:8c:a7:6e:81:e0:00:da:aa:
ce:58:8a:bf:2f:9f:42:12:23:7f:2e:88:42:97:c2:f1:f5:fa:
2a:3f:d8:43:94:44:c5:d0:a9:d7:64:ce:8d:54:dd:4b:c2:5a:
fc:38:5c:16:14:03:f0:19:67:33:a5:08:8e:f6:1c:ba:c4:4e:
8b:20:1c:8b:72:82:bf:39:c3:43:c0:85:34:41:8e:4a:6f:dd:
dc:91:be:5c:53:d5:89:b2:66:85:f2:0a:d6:6d:9d:f5:3f:49:
c6:85:ec:71:97:21:7e:d8:d9:9f:d5:96:cd:23:d2:e5:d4:23:
d4:8b:99:76:75:ed:b3:ca:1e:d8:81:0e:ae:c7:69:36:7e:1e:
46:f7:3b:3f:27:d1:91:75:06:d0:5f:6c:d7:db:5f:71:0e:a6:
16:e1:a8:d0:a2:ce:10:67:03:37:0c:b9:7d:5d:07:73:44:7e:
39:54:1e:dc:e4:5f:bd:5f:2a:04:34:f2:15:6f:fb:56:56:59:
6c:0f:8f:30:82:3b:65:f1:d2:d6:f2:fb:15:e9:dc:8e:70:3b:
3b:68:17:db:24:63:9c:56:a6:ae:4e:39:8c:02:a6:14:c7:5d:
f7:e6:31:2a:7a:40:d0:74:e9:f9:89:cb:9e:f2:ec:08:63:b9:
8c:43:e1:c9
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEBIIrETANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ODA2ZGE1YTU5MjUxMjc1Y2ViMTg2OTRlMTc0MTUzNTJhZWRkNmFhMB4XDTIyMDQw
MTE3MjgyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDFlNGM1NjhiNTc5
NzllMDdkNGE5NWRjMTM0NTQ3ZTQ3M2FlMWUyNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKBndp/WYGY5BGdp53VMtcjuLpdqWzWfu7YT+fsoq+l44Mum
Q77gyy9id1FMtW7HXLfZWVbZkOt4oZJF1PFjR76LgUzWJUwWByCYbZs6HdUjfnc8
QiqsffcijbBygtpBFrq1MH2Xwb0USux4BQqHv5N0W/RyC3gZKU/MfTOUUNP+0KWK
1iL5/0gHYhPjljrkOz/zd2WxhbaXW+Bd6nwMzyYMyFmhUI1D5nl+TQpYoJGebIUe
npLzG9Oez2w+ISPNOdkyEzNZC0VfXFKS4VQ0qlRYgmX5crokKE/2OmpnTV5w1OuX
cOwvMDXqZRHBRpP1N0RSZbYV5zE8QNTznVh9kRECAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBRB5MVotXl54H1KldwTRUfkc64eJjAfBgNVHSMEGDAWgBRYBtpaWSUSdc6x
hpThdBU1Ku3WqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dBYmFXbGtsRW5YT3NZYVU0WFFWTlNydDFxby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjYvNWRmMTE5LWIxZGYtNGNlYi1iZDRmLWY3OWNjYzNmNGVhZi8x
L1FlVEZhTFY1ZWVCOVNwWGNFMFZINUhPdUhpWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjYv
NWRmMTE5LWIxZGYtNGNlYi1iZDRmLWY3OWNjYzNmNGVhZi8xL1dBYmFXbGtsRW5Y
T3NZYVU0WFFWTlNydDFxby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEArm7UAMEALnckTANBAIAAjAHAwUD
KgubgDANBgkqhkiG9w0BAQsFAAOCAQEA5rFnQrPNo/nGkYynboHgANqqzliKvy+f
QhIjfy6IQpfC8fX6Kj/YQ5RExdCp12TOjVTdS8Ja/DhcFhQD8BlnM6UIjvYcusRO
iyAci3KCvznDQ8CFNEGOSm/d3JG+XFPVibJmhfIK1m2d9T9JxoXscZchftjZn9WW
zSPS5dQj1IuZdnXts8oe2IEOrsdpNn4eRvc7PyfRkXUG0F9s19tfcQ6mFuGo0KLO
EGcDNwy5fV0Hc0R+OVQe3ORfvV8qBDTyFW/7VlZZbA+PMII7ZfHS1vL7FencjnA7
O2gX2yRjnFamrk45jAKmFMdd9+YxKnpA0HTp+YnLnvLsCGO5jEPhyQ==
-----END CERTIFICATE-----
Generated at Mon Apr 7 15:53:56 2025 by rpki-client