Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/86246a-f033-4e48-b7dd-2f4242a13d00/1/Q0QgBfNz6AtCkIG9TB2WVGY298k.roa
File: Q0QgBfNz6AtCkIG9TB2WVGY298k.roa (raw, json)
Hash identifier: besQuI8ylnr7187u7fgnuXP1MpScUowIF0eZ1lfWcZ0=
Subject key identifier: 43:44:20:05:F3:73:E8:0B:42:90:81:BD:4C:1D:96:54:66:36:F7:C9
Certificate issuer: /CN=749ea3b1e58ba060b41fc2a078f6016264759664
Certificate serial: 01856D7895A39CF6A7F6DD93FDAE2ACBED4A
Authority key identifier: 74:9E:A3:B1:E5:8B:A0:60:B4:1F:C2:A0:78:F6:01:62:64:75:96:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJ6jseWLoGC0H8KgePYBYmR1lmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/86246a-f033-4e48-b7dd-2f4242a13d00/1/Q0QgBfNz6AtCkIG9TB2WVGY298k.roa
Signing time: Sun 01 Jan 2023 13:14:57 +0000
ROA not before: Sun 01 Jan 2023 13:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59767
IP address blocks: 185.34.4.0/22 maxlen: 22
2a04:5d40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:78:95:a3:9c:f6:a7:f6:dd:93:fd:ae:2a:cb:ed:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749ea3b1e58ba060b41fc2a078f6016264759664
Validity
Not Before: Jan 1 13:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=43442005f373e80b429081bd4c1d96546636f7c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:a0:85:fa:d5:30:8a:2f:bb:ec:ff:0d:a6:f3:
3b:e7:7f:12:00:d5:7d:86:49:d4:a1:e2:1c:93:0c:
8d:75:15:47:7e:b3:93:d2:da:1c:71:bb:ae:fc:90:
4c:35:2d:bb:5c:db:86:03:b9:5f:a0:d6:99:51:1e:
87:8f:d8:11:e4:0d:25:8d:27:13:b8:0d:39:66:29:
75:c2:01:ea:e4:38:88:3b:c9:b7:f5:ca:f4:b1:1c:
6b:bb:d1:78:4f:5d:c7:5f:30:19:b7:24:a1:f7:7c:
d0:a0:44:2e:73:61:1e:1b:bf:07:e6:8d:c1:a8:30:
d3:81:d3:47:a2:85:61:e2:2c:92:6c:0c:df:7b:5e:
4d:f3:e4:d7:a3:c8:f7:84:c3:f6:c1:20:00:ff:c0:
a4:e4:2e:d0:5a:b0:99:40:d8:9b:e0:c7:a1:24:a0:
10:fc:03:d9:5c:f4:70:a1:ae:af:36:ea:aa:87:44:
26:e8:e9:72:53:9b:3f:16:ed:84:b4:14:36:65:31:
87:ee:e8:88:97:7e:5f:eb:4d:59:9d:f5:2e:22:e1:
16:4e:a7:74:c3:87:af:32:1b:86:59:12:f7:3d:ea:
f4:06:cb:32:dc:91:38:fa:ef:67:d2:ae:a4:5f:37:
2e:14:33:0c:4a:38:88:ee:38:d1:33:8c:23:15:b7:
4f:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:44:20:05:F3:73:E8:0B:42:90:81:BD:4C:1D:96:54:66:36:F7:C9
X509v3 Authority Key Identifier:
keyid:74:9E:A3:B1:E5:8B:A0:60:B4:1F:C2:A0:78:F6:01:62:64:75:96:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJ6jseWLoGC0H8KgePYBYmR1lmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/86246a-f033-4e48-b7dd-2f4242a13d00/1/Q0QgBfNz6AtCkIG9TB2WVGY298k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/86246a-f033-4e48-b7dd-2f4242a13d00/1/dJ6jseWLoGC0H8KgePYBYmR1lmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.34.4.0/22
IPv6:
2a04:5d40::/29
Signature Algorithm: sha256WithRSAEncryption
7a:51:6c:2b:1a:d4:b9:07:6b:f5:90:b7:64:d1:6e:6f:79:6a:
82:22:93:d8:bb:96:49:22:df:58:0e:c7:67:6a:20:6e:f4:a4:
fa:e3:07:5b:ce:06:33:39:6a:38:ee:c9:0b:a0:09:63:10:5d:
f2:4d:e6:30:b1:49:4e:38:e7:c1:8a:fd:39:0e:8f:4d:79:ac:
08:7b:c3:fc:35:93:0b:2a:d1:99:08:22:26:98:04:53:2e:2c:
ec:43:69:d9:73:c7:32:83:8f:a1:a0:86:d5:cb:05:61:f5:e6:
d6:ad:23:39:5e:5c:63:12:32:63:37:46:5c:33:9c:80:2d:82:
14:52:cb:e0:74:8d:50:96:6e:73:29:7e:a0:12:92:9e:38:ac:
4f:95:22:6e:1e:96:51:86:8e:7e:a1:5a:e5:0b:26:e0:1c:df:
69:b3:ae:c2:c4:48:24:15:db:1e:20:69:80:20:3e:a0:3a:4c:
df:24:de:ea:3a:a2:16:dd:8d:bf:c2:b0:af:08:bf:94:d8:c3:
fb:a4:59:15:30:bd:fd:58:d2:8c:5b:0a:c4:8a:72:3b:77:36:
97:50:cf:7c:71:97:12:98:49:b5:45:cc:93:b3:3e:d1:69:a5:
fb:0d:0f:a5:b2:e8:b1:b7:b7:f5:9a:72:de:5f:f7:a1:cf:1b:
79:23:cf:46
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVteJWjnPan9t2T/a4qy+1KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OWVhM2IxZTU4YmEwNjBiNDFmYzJhMDc4ZjYwMTYyNjQ3
NTk2NjQwHhcNMjMwMTAxMTMxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzQ0MjAwNWYzNzNlODBiNDI5MDgxYmQ0YzFkOTY1NDY2MzZmN2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3aCF+tUwii+77P8NpvM7538SANV9
hknUoeIckwyNdRVHfrOT0toccbuu/JBMNS27XNuGA7lfoNaZUR6Hj9gR5A0ljScT
uA05Zil1wgHq5DiIO8m39cr0sRxru9F4T13HXzAZtySh93zQoEQuc2EeG78H5o3B
qDDTgdNHooVh4iySbAzfe15N8+TXo8j3hMP2wSAA/8Ck5C7QWrCZQNib4MehJKAQ
/APZXPRwoa6vNuqqh0Qm6OlyU5s/Fu2EtBQ2ZTGH7uiIl35f601ZnfUuIuEWTqd0
w4evMhuGWRL3Per0Bssy3JE4+u9n0q6kXzcuFDMMSjiI7jjRM4wjFbdPlwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFENEIAXzc+gLQpCBvUwdllRmNvfJMB8GA1UdIwQY
MBaAFHSeo7Hli6BgtB/CoHj2AWJkdZZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEo2anNlV0xvR0MwSDhLZ2VQWUJZbVIxbG1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy84NjI0NmEtZjAzMy00ZTQ4LWI3ZGQt
MmY0MjQyYTEzZDAwLzEvUTBRZ0JmTno2QXRDa0lHOVRCMldWR1kyOThrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy84NjI0NmEtZjAzMy00ZTQ4LWI3ZGQtMmY0MjQyYTEzZDAw
LzEvZEo2anNlV0xvR0MwSDhLZ2VQWUJZbVIxbG1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSIEMA0E
AgACMAcDBQMqBF1AMA0GCSqGSIb3DQEBCwUAA4IBAQB6UWwrGtS5B2v1kLdk0W5v
eWqCIpPYu5ZJIt9YDsdnaiBu9KT64wdbzgYzOWo47skLoAljEF3yTeYwsUlOOOfB
iv05Do9NeawIe8P8NZMLKtGZCCImmARTLizsQ2nZc8cyg4+hoIbVywVh9ebWrSM5
XlxjEjJjN0ZcM5yALYIUUsvgdI1Qlm5zKX6gEpKeOKxPlSJuHpZRho5+oVrlCybg
HN9ps67CxEgkFdseIGmAID6gOkzfJN7qOqIW3Y2/wrCvCL+U2MP7pFkVML39WNKM
WwrEinI7dzaXUM98cZcSmEm1RcyTsz7RaaX7DQ+lsuixt7f1mnLeX/ehzxt5I89G
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:10 2025 by rpki-client