Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/bbd64b-ebb8-46d8-b4e3-62eafed5922e/1/KQV2Q0GWF9tg03kZqQY9ogCIVLg.roa
File: KQV2Q0GWF9tg03kZqQY9ogCIVLg.roa (raw, json)
Hash identifier: MROUfX+ArNHG3PUK/1sqbf9DTBoUVtbR2c/wUY41ezg=
Subject key identifier: 29:05:76:43:41:96:17:DB:60:D3:79:19:A9:06:3D:A2:00:88:54:B8
Certificate issuer: /CN=4f3bf7ac28e830656cf6e999c4993ba76cb1a98a
Certificate serial: 0696D44A
Authority key identifier: 4F:3B:F7:AC:28:E8:30:65:6C:F6:E9:99:C4:99:3B:A7:6C:B1:A9:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tzv3rCjoMGVs9umZxJk7p2yxqYo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/bbd64b-ebb8-46d8-b4e3-62eafed5922e/1/KQV2Q0GWF9tg03kZqQY9ogCIVLg.roa
Signing time: Sun 09 Jan 2022 13:15:56 +0000
ROA not before: Sun 09 Jan 2022 13:15:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21263
IP address blocks: 185.124.220.0/22 maxlen: 24
185.4.232.0/22 maxlen: 24
178.157.80.0/23 maxlen: 24
178.157.83.0/24 maxlen: 24
5.154.226.0/23 maxlen: 24
5.154.230.0/23 maxlen: 24
188.119.152.0/24 maxlen: 24
185.68.188.0/24 maxlen: 24
128.0.35.0/24 maxlen: 24
2a05:7ac0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 110548042 (0x696d44a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f3bf7ac28e830656cf6e999c4993ba76cb1a98a
Validity
Not Before: Jan 9 13:15:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=29057643419617db60d37919a9063da2008854b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:84:fd:4b:a4:48:36:65:fa:6d:9c:8d:3c:27:
54:26:d4:b8:13:2b:21:23:b3:cb:14:4d:c6:32:37:
a4:f6:7c:3d:bb:c7:9f:de:1b:7b:8d:d6:ff:b4:0a:
7a:8e:21:65:0c:83:73:bd:78:79:a1:45:55:72:bb:
86:ea:78:ef:89:5a:00:e9:03:33:24:4f:52:30:f8:
b1:05:16:67:d1:23:9d:88:57:5f:7c:7c:51:0f:a7:
7d:3b:47:09:29:ff:58:1e:32:ad:c3:c2:58:70:45:
77:15:d0:69:95:7e:ff:b9:da:c2:2e:38:f3:76:43:
bf:9a:34:7f:3b:5d:2c:71:7c:d9:27:fc:1c:1c:bf:
6b:f0:a6:55:63:7f:0a:0d:e6:65:f0:e9:51:61:3a:
ea:0e:4b:24:19:27:3c:02:6a:ac:65:b4:87:5f:dc:
d1:0a:fe:11:84:77:26:6c:22:6d:4b:ac:1a:a5:5e:
26:ae:57:d4:42:4d:ca:77:4a:ec:cc:8e:f9:50:08:
bf:f6:a6:48:a2:ed:ce:d2:83:04:09:fe:03:90:2e:
43:7f:fc:9a:99:82:ab:54:12:f3:8a:75:3c:04:d9:
9e:b8:19:8e:dd:5b:ae:0a:f5:57:02:05:6a:c9:c5:
0e:90:3d:21:a6:f8:6a:84:21:bd:3b:76:fc:df:65:
77:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:05:76:43:41:96:17:DB:60:D3:79:19:A9:06:3D:A2:00:88:54:B8
X509v3 Authority Key Identifier:
keyid:4F:3B:F7:AC:28:E8:30:65:6C:F6:E9:99:C4:99:3B:A7:6C:B1:A9:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tzv3rCjoMGVs9umZxJk7p2yxqYo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/bbd64b-ebb8-46d8-b4e3-62eafed5922e/1/KQV2Q0GWF9tg03kZqQY9ogCIVLg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/bbd64b-ebb8-46d8-b4e3-62eafed5922e/1/Tzv3rCjoMGVs9umZxJk7p2yxqYo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.226.0/23
5.154.230.0/23
128.0.35.0/24
178.157.80.0/23
178.157.83.0/24
185.4.232.0/22
185.68.188.0/24
185.124.220.0/22
188.119.152.0/24
IPv6:
2a05:7ac0::/29
Signature Algorithm: sha256WithRSAEncryption
b1:c2:3f:a4:c1:fc:9b:f4:b6:56:6b:b1:c2:d5:ec:46:fd:ab:
7d:70:ee:bb:7c:2f:51:c2:8a:1e:df:4d:3b:1f:93:8a:e9:2e:
a9:53:71:7e:dc:4b:36:fc:c6:eb:b3:46:b0:6e:9e:ad:e4:98:
c6:25:6f:65:7e:1f:d3:fd:3a:3d:54:f6:90:bc:00:b2:85:9c:
3d:ec:8f:54:df:69:35:fa:79:9b:5f:7d:60:0a:6f:82:f7:c1:
f8:e2:29:a4:fc:20:06:5a:72:ae:9a:7e:15:93:7d:9d:0b:b4:
b0:bc:b9:a7:cb:fd:7c:f9:b8:d4:31:2c:d0:fc:4a:e4:2c:68:
35:a7:d4:f8:89:d2:53:5c:b5:0f:26:c3:2f:cd:14:90:37:10:
c0:37:d6:05:fa:25:13:d2:bb:a7:bd:e8:4b:07:49:cb:95:05:
de:48:22:61:f0:4b:d8:ef:c7:cc:10:a3:5a:e9:27:17:df:5d:
f0:7b:85:29:3d:19:85:7c:77:0b:bf:d0:97:21:9d:c2:14:a1:
6f:c2:6d:3e:9f:3c:1e:ed:45:13:3d:f2:89:09:e4:ae:8e:eb:
2f:56:a6:46:e9:74:ad:d1:79:6b:e2:6b:52:97:87:a7:8a:b3:
49:3e:40:60:24:85:56:ba:3d:8c:eb:41:55:a0:a9:c0:e8:d1:
43:79:31:0d
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgIEBpbUSjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZjNiZjdhYzI4ZTgzMDY1NmNmNmU5OTljNDk5M2JhNzZjYjFhOThhMB4XDTIyMDEw
OTEzMTU1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjkwNTc2NDM0MTk2
MTdkYjYwZDM3OTE5YTkwNjNkYTIwMDg4NTRiODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPWE/UukSDZl+m2cjTwnVCbUuBMrISOzyxRNxjI3pPZ8PbvH
n94be43W/7QKeo4hZQyDc714eaFFVXK7hup474laAOkDMyRPUjD4sQUWZ9EjnYhX
X3x8UQ+nfTtHCSn/WB4yrcPCWHBFdxXQaZV+/7nawi4483ZDv5o0fztdLHF82Sf8
HBy/a/CmVWN/Cg3mZfDpUWE66g5LJBknPAJqrGW0h1/c0Qr+EYR3JmwibUusGqVe
Jq5X1EJNyndK7MyO+VAIv/amSKLtztKDBAn+A5AuQ3/8mpmCq1QS84p1PATZnrgZ
jt1brgr1VwIFasnFDpA9Iab4aoQhvTt2/N9ld7MCAwEAAaOCAkgwggJEMB0GA1Ud
DgQWBBQpBXZDQZYX22DTeRmpBj2iAIhUuDAfBgNVHSMEGDAWgBRPO/esKOgwZWz2
6ZnEmTunbLGpijAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1R6djNyQ2pvTUdWczl1bVp4Sms3cDJ5eHFZby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDgvYmJkNjRiLWViYjgtNDZkOC1iNGUzLTYyZWFmZWQ1OTIyZS8x
L0tRVjJRMEdXRjl0ZzAza1pxUVk5b2dDSVZMZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDgv
YmJkNjRiLWViYjgtNDZkOC1iNGUzLTYyZWFmZWQ1OTIyZS8xL1R6djNyQ2pvTUdW
czl1bVp4Sms3cDJ5eHFZby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBe
BggrBgEFBQcBBwEB/wRPME0wPAQCAAEwNgMEAQWa4gMEAQWa5gMEAIAAIwMEAbKd
UAMEALKdUwMEArkE6AMEALlEvAMEArl83AMEALx3mDANBAIAAjAHAwUDKgV6wDAN
BgkqhkiG9w0BAQsFAAOCAQEAscI/pMH8m/S2VmuxwtXsRv2rfXDuu3wvUcKKHt9N
Ox+TiukuqVNxftxLNvzG67NGsG6ereSYxiVvZX4f0/06PVT2kLwAsoWcPeyPVN9p
Nfp5m199YApvgvfB+OIppPwgBlpyrpp+FZN9nQu0sLy5p8v9fPm41DEs0PxK5Cxo
NafU+InSU1y1DybDL80UkDcQwDfWBfolE9K7p73oSwdJy5UF3kgiYfBL2O/HzBCj
WuknF99d8HuFKT0ZhXx3C7/QlyGdwhShb8JtPp88Hu1FEz3yiQnkro7rL1amRul0
rdF5a+JrUpeHp4qzST5AYCSFVro9jOtBVaCpwOjRQ3kxDQ==
-----END CERTIFICATE-----
Generated at Mon Apr 21 22:51:07 2025 by rpki-client