Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/ddd349-ac50-43e5-a88a-b28f07b2f45b/1/qtwCP6eyE9KFbUtdG9zMPkhD3zY.roa
File: qtwCP6eyE9KFbUtdG9zMPkhD3zY.roa (raw, json)
Hash identifier: OMkdob7FtV1JXAOiK4BPjxEJ5dAUriwDw+a4dgGLYrg=
Subject key identifier: AA:DC:02:3F:A7:B2:13:D2:85:6D:4B:5D:1B:DC:CC:3E:48:43:DF:36
Certificate issuer: /CN=1d0c7e7bb27c533a997d277cadd417ec7bd284f0
Certificate serial: 01856C8A565A67599E3C4DE187FD67D91E1D
Authority key identifier: 1D:0C:7E:7B:B2:7C:53:3A:99:7D:27:7C:AD:D4:17:EC:7B:D2:84:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HQx-e7J8UzqZfSd8rdQX7HvShPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/ddd349-ac50-43e5-a88a-b28f07b2f45b/1/qtwCP6eyE9KFbUtdG9zMPkhD3zY.roa
Signing time: Sun 01 Jan 2023 08:54:43 +0000
ROA not before: Sun 01 Jan 2023 08:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203936
IP address blocks: 185.238.84.0/23 maxlen: 23
185.238.87.0/24 maxlen: 24
185.238.86.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:8a:56:5a:67:59:9e:3c:4d:e1:87:fd:67:d9:1e:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d0c7e7bb27c533a997d277cadd417ec7bd284f0
Validity
Not Before: Jan 1 08:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aadc023fa7b213d2856d4b5d1bdccc3e4843df36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:ff:4f:b9:4f:c1:51:ae:39:77:1c:5c:93:c5:
4c:17:50:9b:e8:2f:d7:c9:2a:6d:0f:d4:00:02:02:
f4:8d:c2:cc:73:6d:2c:b1:34:d1:14:a2:a3:0f:8e:
bd:f0:f5:cf:ab:9a:b7:82:e6:16:e7:e7:4d:e2:af:
23:0e:2e:2c:04:f6:b8:e7:9c:c5:e4:d7:cb:03:bb:
87:d5:e2:21:cd:80:17:71:96:24:34:65:16:78:72:
d4:a7:21:4a:68:e1:33:37:26:6e:37:81:9c:6c:51:
3b:0b:c3:6a:b9:46:dd:d3:35:ad:f9:60:de:a6:0f:
fa:50:06:19:65:96:cd:ee:79:b8:6f:c4:f3:56:46:
ba:0e:ec:19:9d:b3:14:a5:6d:5c:56:d1:a0:dc:58:
22:bc:cc:31:46:ef:a8:60:f1:3b:18:2e:13:b2:42:
26:1b:8b:68:d2:83:e9:b5:b7:25:37:29:98:5d:55:
9b:4e:3e:f6:d1:b1:e6:8e:29:86:72:56:0e:5b:e3:
45:4e:40:e7:93:ff:ed:0f:18:b2:7c:64:77:e0:0a:
99:d0:47:9f:68:9d:16:77:61:6b:7a:69:d3:b5:8b:
e2:58:e8:6c:c7:78:1e:80:24:f9:32:04:58:5e:ce:
99:50:79:87:43:67:44:91:e0:13:03:d3:22:79:65:
1a:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:DC:02:3F:A7:B2:13:D2:85:6D:4B:5D:1B:DC:CC:3E:48:43:DF:36
X509v3 Authority Key Identifier:
keyid:1D:0C:7E:7B:B2:7C:53:3A:99:7D:27:7C:AD:D4:17:EC:7B:D2:84:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HQx-e7J8UzqZfSd8rdQX7HvShPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/ddd349-ac50-43e5-a88a-b28f07b2f45b/1/qtwCP6eyE9KFbUtdG9zMPkhD3zY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/ddd349-ac50-43e5-a88a-b28f07b2f45b/1/HQx-e7J8UzqZfSd8rdQX7HvShPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.238.84.0/22
Signature Algorithm: sha256WithRSAEncryption
b4:bc:ff:9e:31:3d:00:6d:b9:11:0c:59:63:e1:a3:f1:9c:a9:
15:dd:8f:0f:6d:e5:d0:aa:98:90:1d:88:e2:b3:a4:74:6a:19:
a2:32:5a:99:09:c4:12:2a:1d:ad:48:7f:3a:22:40:54:7a:67:
84:c5:c7:91:3c:64:96:3b:9f:a5:c6:35:d0:d8:51:62:d7:3a:
dd:7c:ad:a3:a7:dd:56:ba:3c:4d:7b:79:1a:bf:53:a3:b5:87:
5e:46:e2:83:9a:5e:0b:f7:8d:b6:31:e5:66:de:6c:fc:7d:74:
4d:c7:12:99:aa:ce:54:85:bc:b3:34:0c:3e:cc:39:b9:43:fb:
a9:00:96:5d:64:b7:c9:d2:2d:53:bf:f3:36:47:dd:f4:dc:ff:
2b:3d:3c:3f:91:3b:da:5e:16:34:a4:d8:46:d5:48:c1:24:11:
20:5e:62:bd:6d:2e:5a:70:69:1b:96:2c:cb:da:a0:89:26:4a:
8a:c6:91:71:e2:86:dd:4f:87:50:ab:6b:e2:a7:92:68:6c:04:
65:7d:ec:2e:1c:74:4a:94:c8:c4:04:a5:a7:37:5d:c5:62:37:
6e:ec:48:91:2c:31:26:b4:78:25:c6:1e:93:82:61:3a:e4:1d:
bd:65:9f:9d:30:15:35:43:70:17:cd:e7:3f:62:bb:09:b8:8f:
3a:7a:9e:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsilZaZ1mePE3hh/1n2R4dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMGM3ZTdiYjI3YzUzM2E5OTdkMjc3Y2FkZDQxN2VjN2Jk
Mjg0ZjAwHhcNMjMwMTAxMDg1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWRjMDIzZmE3YjIxM2QyODU2ZDRiNWQxYmRjY2MzZTQ4NDNkZjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6/9PuU/BUa45dxxck8VMF1Cb6C/X
ySptD9QAAgL0jcLMc20ssTTRFKKjD4698PXPq5q3guYW5+dN4q8jDi4sBPa455zF
5NfLA7uH1eIhzYAXcZYkNGUWeHLUpyFKaOEzNyZuN4GcbFE7C8NquUbd0zWt+WDe
pg/6UAYZZZbN7nm4b8TzVka6DuwZnbMUpW1cVtGg3FgivMwxRu+oYPE7GC4TskIm
G4to0oPptbclNymYXVWbTj720bHmjimGclYOW+NFTkDnk//tDxiyfGR34AqZ0Eef
aJ0Wd2FremnTtYviWOhsx3gegCT5MgRYXs6ZUHmHQ2dEkeATA9MieWUaFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKrcAj+nshPShW1LXRvczD5IQ982MB8GA1UdIwQY
MBaAFB0MfnuyfFM6mX0nfK3UF+x70oTwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFF4LWU3SjhVenFaZlNkOHJkUVg3SHZTaFBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9kZGQzNDktYWM1MC00M2U1LWE4OGEt
YjI4ZjA3YjJmNDViLzEvcXR3Q1A2ZXlFOUtGYlV0ZEc5ek1Qa2hEM3pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9kZGQzNDktYWM1MC00M2U1LWE4OGEtYjI4ZjA3YjJmNDVi
LzEvSFF4LWU3SjhVenFaZlNkOHJkUVg3SHZTaFBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCue5UMA0G
CSqGSIb3DQEBCwUAA4IBAQC0vP+eMT0AbbkRDFlj4aPxnKkV3Y8PbeXQqpiQHYji
s6R0ahmiMlqZCcQSKh2tSH86IkBUemeExceRPGSWO5+lxjXQ2FFi1zrdfK2jp91W
ujxNe3kav1OjtYdeRuKDml4L9422MeVm3mz8fXRNxxKZqs5UhbyzNAw+zDm5Q/up
AJZdZLfJ0i1Tv/M2R9303P8rPTw/kTvaXhY0pNhG1UjBJBEgXmK9bS5acGkblizL
2qCJJkqKxpFx4obdT4dQq2vip5JobARlfewuHHRKlMjEBKWnN13FYjdu7EiRLDEm
tHglxh6TgmE65B29ZZ+dMBU1Q3AXzec/YrsJuI86ep5I
-----END CERTIFICATE-----
Generated at Mon Apr 21 05:27:45 2025 by rpki-client