Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/QiMjnpDUCWAHdEgPk9u2Yp-WIHc.roa
File: QiMjnpDUCWAHdEgPk9u2Yp-WIHc.roa (raw, json)
Hash identifier: Hos4KdjzcQYyHB88/JM+U3dQMtyzE+BZKjnQbkTiqqw=
Subject key identifier: 42:23:23:9E:90:D4:09:60:07:74:48:0F:93:DB:B6:62:9F:96:20:77
Certificate issuer: /CN=b4a2085c7de3b598216b89fb0f2b1d930de66c19
Certificate serial: 05F03604
Authority key identifier: B4:A2:08:5C:7D:E3:B5:98:21:6B:89:FB:0F:2B:1D:93:0D:E6:6C:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tKIIXH3jtZgha4n7Dysdkw3mbBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/QiMjnpDUCWAHdEgPk9u2Yp-WIHc.roa
Signing time: Sat 29 Jan 2022 04:12:22 +0000
ROA not before: Sat 29 Jan 2022 04:12:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 185.129.17.0/24 maxlen: 24
185.129.16.0/24 maxlen: 24
2a0f:aac0::/48 maxlen: 48
2a0f:aac0:1::/48 maxlen: 48
2a0f:aac0:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99628548 (0x5f03604)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4a2085c7de3b598216b89fb0f2b1d930de66c19
Validity
Not Before: Jan 29 04:12:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4223239e90d409600774480f93dbb6629f962077
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:75:21:a9:0c:6c:ac:95:61:59:60:55:a7:0d:
9c:8c:a8:10:01:21:72:d5:0f:b7:bd:6b:57:7e:f1:
ad:79:f6:8c:bb:a8:fc:5d:07:0c:e7:7d:5f:a5:50:
a4:13:56:42:ad:4c:c1:dc:0c:f3:dc:c7:fc:48:db:
bb:7f:0d:ae:12:17:61:a9:d4:5b:82:d9:f8:80:5c:
37:c5:a3:31:eb:d5:a6:72:73:a7:a7:bf:6a:9c:e1:
50:b6:f5:d7:b6:21:eb:4e:22:b5:42:fc:67:32:6b:
7f:5b:56:41:97:30:16:10:46:c6:bf:f3:fe:1c:aa:
c5:a5:7d:de:73:43:49:e6:24:f2:8f:47:97:c9:84:
9d:ea:80:bc:b2:83:86:d2:84:36:5d:0e:1a:45:a0:
70:69:b5:bb:a5:61:84:d8:02:bc:5d:d2:ca:5b:db:
bf:35:c8:be:62:b8:bc:d9:34:52:80:93:c4:8e:bc:
60:4f:04:e7:34:67:9c:a7:b7:9c:8f:a0:46:14:b8:
8b:1b:10:01:0c:5b:bd:ee:50:26:a9:dd:96:2e:bd:
1d:4e:99:5d:72:51:26:37:d6:e1:0e:e4:2f:f3:0a:
b2:97:e2:c5:57:f0:fd:dd:c1:31:c6:9e:0b:5a:29:
09:bf:09:4d:92:3b:12:ac:1e:44:60:3f:49:0d:20:
fc:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:23:23:9E:90:D4:09:60:07:74:48:0F:93:DB:B6:62:9F:96:20:77
X509v3 Authority Key Identifier:
keyid:B4:A2:08:5C:7D:E3:B5:98:21:6B:89:FB:0F:2B:1D:93:0D:E6:6C:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKIIXH3jtZgha4n7Dysdkw3mbBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/QiMjnpDUCWAHdEgPk9u2Yp-WIHc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/tKIIXH3jtZgha4n7Dysdkw3mbBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.129.16.0/23
IPv6:
2a0f:aac0::-2a0f:aac0:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
bd:56:ee:21:8f:c1:d3:5a:ff:6e:67:36:e9:ea:bd:5e:99:db:
8b:5a:80:30:fa:43:74:ac:80:f8:fb:84:15:45:d5:08:a2:46:
d5:13:2d:d4:90:2c:a8:5a:35:8b:25:da:d2:0a:45:ce:b5:a3:
3d:84:01:0a:e0:4f:c1:0e:d0:be:7f:55:4f:46:18:a2:5e:40:
ff:cc:63:ae:ec:f0:0a:63:1f:a2:28:06:8b:e2:98:da:3b:aa:
5d:f8:12:d3:8f:82:f2:5c:30:eb:23:af:d5:eb:5b:b3:5e:ac:
19:d6:86:7b:2a:20:7c:06:9b:9d:db:9e:18:09:1c:d7:11:9a:
5a:10:80:9e:12:39:53:c2:3a:82:0c:94:14:05:dc:06:1f:ea:
bd:b0:69:eb:b1:42:38:89:0c:11:1f:70:a4:96:38:b0:c4:4a:
a6:04:9c:7a:ce:44:b6:dc:78:db:2a:29:cb:db:cc:19:43:dd:
47:11:50:9e:ae:08:55:11:14:58:ab:d6:d5:bd:19:96:1f:c3:
89:33:e9:0a:ed:2c:89:dd:a0:80:4d:98:7e:4e:ae:ca:99:03:
02:30:e1:99:73:23:3c:d7:a0:47:dc:de:f8:a3:fe:68:f3:74:
e3:f2:dd:db:e6:fb:f4:25:eb:8b:02:19:69:4d:e6:17:91:18:
37:21:04:5c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEBfA2BDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGEyMDg1YzdkZTNiNTk4MjE2Yjg5ZmIwZjJiMWQ5MzBkZTY2YzE5MB4XDTIyMDEy
OTA0MTIyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDIyMzIzOWU5MGQ0
MDk2MDA3NzQ0ODBmOTNkYmI2NjI5Zjk2MjA3NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJt1IakMbKyVYVlgVacNnIyoEAEhctUPt71rV37xrXn2jLuo
/F0HDOd9X6VQpBNWQq1MwdwM89zH/Ejbu38NrhIXYanUW4LZ+IBcN8WjMevVpnJz
p6e/apzhULb117Yh604itUL8ZzJrf1tWQZcwFhBGxr/z/hyqxaV93nNDSeYk8o9H
l8mEneqAvLKDhtKENl0OGkWgcGm1u6VhhNgCvF3SylvbvzXIvmK4vNk0UoCTxI68
YE8E5zRnnKe3nI+gRhS4ixsQAQxbve5QJqndli69HU6ZXXJRJjfW4Q7kL/MKspfi
xVfw/d3BMcaeC1opCb8JTZI7EqweRGA/SQ0g/HcCAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBRCIyOekNQJYAd0SA+T27Zin5YgdzAfBgNVHSMEGDAWgBS0oghcfeO1mCFr
ifsPKx2TDeZsGTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RLSUlYSDNqdFpnaGE0bjdEeXNka3czbWJCay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2QvZDY1MTNkLTJkNTMtNDAyMi04MzYwLTMxMTc5ODk2MDFhZC8x
L1FpTWpucERVQ1dBSGRFZ1BrOXUyWXAtV0lIYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Qv
ZDY1MTNkLTJkNTMtNDAyMi04MzYwLTMxMTc5ODk2MDFhZC8xL3RLSUlYSDNqdFpn
aGE0bjdEeXNka3czbWJCay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwDAQCAAEwBgMEAbmBEDAYBAIAAjASMBADBQYqD6rA
AwcAKg+qwAACMA0GCSqGSIb3DQEBCwUAA4IBAQC9Vu4hj8HTWv9uZzbp6r1emduL
WoAw+kN0rID4+4QVRdUIokbVEy3UkCyoWjWLJdrSCkXOtaM9hAEK4E/BDtC+f1VP
RhiiXkD/zGOu7PAKYx+iKAaL4pjaO6pd+BLTj4LyXDDrI6/V61uzXqwZ1oZ7KiB8
Bpud254YCRzXEZpaEICeEjlTwjqCDJQUBdwGH+q9sGnrsUI4iQwRH3CkljiwxEqm
BJx6zkS23HjbKinL28wZQ91HEVCerghVERRYq9bVvRmWH8OJM+kK7SyJ3aCATZh+
Tq7KmQMCMOGZcyM816BH3N74o/5o83Tj8t3b5vv0JeuLAhlpTeYXkRg3IQRc
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:53 2024 by rpki-client on console-ams.rpki-client.org