Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/990747-3454-4412-8f06-6b3a47667ca8/1/QSjOFneoH3r3U_UvRheMohQFWao.roa
File: QSjOFneoH3r3U_UvRheMohQFWao.roa (raw, json)
Hash identifier: 9dCkIqDuEXlXaxZo+5gQKhQaSDd4JPgJMaxFnytOAxI=
Subject key identifier: 41:28:CE:16:77:A8:1F:7A:F7:53:F5:2F:46:17:8C:A2:14:05:59:AA
Certificate issuer: /CN=2bb330942298f75823cbb980c8eb2acf0b7c0c1b
Certificate serial: 018848E3BDBD111CCCE8E43FDBCAE066252D
Authority key identifier: 2B:B3:30:94:22:98:F7:58:23:CB:B9:80:C8:EB:2A:CF:0B:7C:0C:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K7MwlCKY91gjy7mAyOsqzwt8DBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/990747-3454-4412-8f06-6b3a47667ca8/1/QSjOFneoH3r3U_UvRheMohQFWao.roa
Signing time: Tue 23 May 2023 13:54:24 +0000
ROA not before: Tue 23 May 2023 13:54:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200154
IP address blocks: 185.32.44.0/24 maxlen: 24
185.32.44.0/22 maxlen: 22
185.32.47.0/24 maxlen: 24
185.32.45.0/24 maxlen: 24
185.32.46.0/24 maxlen: 24
2a00:c0a0::/32 maxlen: 32
2a00:c0a0:c000::/34 maxlen: 34
2a00:c0a0:8000::/34 maxlen: 34
2a00:c0a0::/34 maxlen: 34
2a00:c0a0:4000::/34 maxlen: 34
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:48:e3:bd:bd:11:1c:cc:e8:e4:3f:db:ca:e0:66:25:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2bb330942298f75823cbb980c8eb2acf0b7c0c1b
Validity
Not Before: May 23 13:54:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4128ce1677a81f7af753f52f46178ca2140559aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:46:ba:a8:2d:31:4f:c3:7c:af:96:cc:51:2d:
9b:79:f4:de:4e:86:dc:6f:1e:f6:00:92:cd:78:c4:
05:ce:f2:c5:de:a7:a7:aa:77:40:5d:d5:b9:d3:fc:
9f:c8:1a:18:15:d4:48:c2:53:48:6b:9c:71:7d:96:
9a:f1:2a:94:11:cb:18:31:8d:77:b8:82:9f:12:44:
0e:b0:93:e8:e7:d4:67:2d:ec:97:6b:19:3b:67:68:
3c:04:9d:62:27:9b:77:e8:9b:03:b7:8d:5e:6f:d6:
ec:3c:09:9c:de:3b:bc:61:0c:88:8c:bf:ce:79:f1:
04:cb:df:01:27:6e:49:eb:b3:4f:ec:bc:ef:97:b2:
14:45:41:37:5d:f9:a0:31:de:81:49:c2:a1:89:6e:
c2:c8:80:bb:03:b6:32:d9:94:af:9f:fd:5d:e5:7d:
4e:e9:ac:d4:49:e8:13:b3:e5:3a:8c:b9:04:8c:a0:
7a:d4:fa:a0:d5:c9:55:9d:81:ec:98:a9:ed:4a:1b:
9d:4b:79:fc:06:1f:60:ab:91:7b:6c:fb:0a:b2:eb:
67:bc:af:c1:72:f5:f4:50:e7:ab:ff:5f:19:f0:ed:
f3:9b:ad:5f:34:ce:5e:7d:3c:03:3f:58:e7:92:8f:
1d:d0:78:54:08:b6:9a:3f:db:61:08:b5:84:a6:6a:
8a:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:28:CE:16:77:A8:1F:7A:F7:53:F5:2F:46:17:8C:A2:14:05:59:AA
X509v3 Authority Key Identifier:
keyid:2B:B3:30:94:22:98:F7:58:23:CB:B9:80:C8:EB:2A:CF:0B:7C:0C:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K7MwlCKY91gjy7mAyOsqzwt8DBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/990747-3454-4412-8f06-6b3a47667ca8/1/QSjOFneoH3r3U_UvRheMohQFWao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/990747-3454-4412-8f06-6b3a47667ca8/1/K7MwlCKY91gjy7mAyOsqzwt8DBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.32.44.0/22
IPv6:
2a00:c0a0::/32
Signature Algorithm: sha256WithRSAEncryption
86:82:ae:00:12:ac:27:fb:a6:b6:c7:82:d8:4d:35:48:c9:d0:
f2:54:9c:af:2d:3f:d0:dd:36:d5:07:d6:49:34:fd:1f:bb:2d:
cf:51:3f:84:a4:4d:9d:0f:8b:76:83:23:9d:44:db:b2:99:87:
04:45:60:d1:1c:d2:94:98:9e:85:8f:8c:29:94:9f:1f:f6:9a:
dc:4a:32:8b:6c:4c:ed:2c:ba:91:12:4c:bc:17:12:c5:55:aa:
8f:66:6c:6b:5f:ad:a7:20:cd:2b:91:c4:85:f5:84:55:73:e4:
9c:46:44:c0:4d:10:39:ab:75:36:55:1f:87:fc:38:40:33:c0:
ff:0d:0e:66:1b:77:ff:44:7f:aa:ac:b9:b6:39:43:4d:29:b8:
ed:6a:e4:e5:85:d7:bc:44:7e:44:95:a2:f1:a7:bd:46:65:47:
44:4f:cd:bf:96:d0:eb:1d:d2:e1:a4:e3:1d:9b:60:95:e2:34:
dc:95:cc:6c:fe:2a:f5:2b:8c:d0:78:e9:53:a6:cf:c0:8d:b0:
21:39:a3:a4:1d:cf:ee:32:05:de:d9:a4:48:1a:12:11:33:15:
97:59:e3:b3:a9:d2:36:eb:7e:3c:b9:1f:cd:e1:a6:9a:49:4f:
fe:32:da:d3:83:3d:7c:7f:92:92:2d:9d:e6:48:db:33:6e:8c:
ee:a3:00:18
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYhI4729ERzM6OQ/28rgZiUtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiYjMzMDk0MjI5OGY3NTgyM2NiYjk4MGM4ZWIyYWNmMGI3
YzBjMWIwHhcNMjMwNTIzMTM1NDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTI4Y2UxNjc3YTgxZjdhZjc1M2Y1MmY0NjE3OGNhMjE0MDU1OWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUa6qC0xT8N8r5bMUS2befTeTobc
bx72AJLNeMQFzvLF3qenqndAXdW50/yfyBoYFdRIwlNIa5xxfZaa8SqUEcsYMY13
uIKfEkQOsJPo59RnLeyXaxk7Z2g8BJ1iJ5t36JsDt41eb9bsPAmc3ju8YQyIjL/O
efEEy98BJ25J67NP7Lzvl7IURUE3XfmgMd6BScKhiW7CyIC7A7Yy2ZSvn/1d5X1O
6azUSegTs+U6jLkEjKB61Pqg1clVnYHsmKntShudS3n8Bh9gq5F7bPsKsutnvK/B
cvX0UOer/18Z8O3zm61fNM5efTwDP1jnko8d0HhUCLaaP9thCLWEpmqKFwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEEozhZ3qB9691P1L0YXjKIUBVmqMB8GA1UdIwQY
MBaAFCuzMJQimPdYI8u5gMjrKs8LfAwbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzdNd2xDS1k5MWdqeTdtQXlPc3F6d3Q4REJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85OTA3NDctMzQ1NC00NDEyLThmMDYt
NmIzYTQ3NjY3Y2E4LzEvUVNqT0ZuZW9IM3IzVV9VdlJoZU1vaFFGV2FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85OTA3NDctMzQ1NC00NDEyLThmMDYtNmIzYTQ3NjY3Y2E4
LzEvSzdNd2xDS1k5MWdqeTdtQXlPc3F6d3Q4REJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSAsMA0E
AgACMAcDBQAqAMCgMA0GCSqGSIb3DQEBCwUAA4IBAQCGgq4AEqwn+6a2x4LYTTVI
ydDyVJyvLT/Q3TbVB9ZJNP0fuy3PUT+EpE2dD4t2gyOdRNuymYcERWDRHNKUmJ6F
j4wplJ8f9prcSjKLbEztLLqREky8FxLFVaqPZmxrX62nIM0rkcSF9YRVc+ScRkTA
TRA5q3U2VR+H/DhAM8D/DQ5mG3f/RH+qrLm2OUNNKbjtauTlhde8RH5ElaLxp71G
ZUdET82/ltDrHdLhpOMdm2CV4jTclcxs/ir1K4zQeOlTps/AjbAhOaOkHc/uMgXe
2aRIGhIRMxWXWeOzqdI26348uR/N4aaaSU/+MtrTgz18f5KSLZ3mSNszbozuowAY
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:28:57 2025 by rpki-client