Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/2d43c2-3b2e-4f2e-a6ad-a0a72a733c02/1/QPvFQ-Qjj2zmyjTz7V-vHBVJbIY.roa
File: QPvFQ-Qjj2zmyjTz7V-vHBVJbIY.roa (raw, json)
Hash identifier: uz6Qxy2UvpZsY/AugvGkSnC0BGK43BHwcdpNsSYw2sE=
Subject key identifier: 40:FB:C5:43:E4:23:8F:6C:E6:CA:34:F3:ED:5F:AF:1C:15:49:6C:86
Certificate issuer: /CN=3db8a2adddb002850854996a94b72b87f4a7b30f
Certificate serial: 0185711E622E7C8B44B537DF4978E943A36E
Authority key identifier: 3D:B8:A2:AD:DD:B0:02:85:08:54:99:6A:94:B7:2B:87:F4:A7:B3:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pbiird2wAoUIVJlqlLcrh_Snsw8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/2d43c2-3b2e-4f2e-a6ad-a0a72a733c02/1/QPvFQ-Qjj2zmyjTz7V-vHBVJbIY.roa
Signing time: Mon 02 Jan 2023 06:14:54 +0000
ROA not before: Mon 02 Jan 2023 06:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24892
IP address blocks: 185.107.49.0/24 maxlen: 24
185.107.50.0/24 maxlen: 24
185.107.48.0/24 maxlen: 24
185.107.51.0/24 maxlen: 24
185.107.48.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:62:2e:7c:8b:44:b5:37:df:49:78:e9:43:a3:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3db8a2adddb002850854996a94b72b87f4a7b30f
Validity
Not Before: Jan 2 06:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40fbc543e4238f6ce6ca34f3ed5faf1c15496c86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:b3:d8:a2:47:ca:1a:c4:34:56:77:63:48:7e:
97:f3:cb:44:26:81:0e:d2:f9:6e:6c:6c:3c:53:cc:
cf:4a:dd:7a:cc:94:dc:42:f5:14:ff:21:b7:a0:9c:
77:46:7e:42:64:ec:31:42:f7:06:3c:2c:df:12:ac:
47:07:59:e8:59:0a:6a:78:2d:91:45:4c:f7:f3:dd:
1b:a8:dc:12:c7:ab:35:94:28:9c:4c:82:98:0e:04:
24:75:f6:f4:51:f8:5b:c3:48:01:5c:e7:54:39:d3:
de:ad:c4:46:d3:70:ff:db:11:fc:20:0a:ad:6b:53:
5c:87:82:0d:94:72:dd:ff:dd:9b:bc:96:59:be:db:
2a:85:8c:10:d6:bf:1b:5e:03:df:bf:66:61:96:4b:
f0:b1:63:14:f1:f9:10:49:b8:c1:21:cf:98:ea:f2:
a3:61:5a:b8:f4:8a:01:a1:1c:44:7c:0d:ba:f8:21:
02:11:fe:bd:c5:fb:84:32:10:00:44:71:4f:e2:74:
27:32:a2:ab:5b:b0:8b:5c:34:5a:c0:1c:14:79:b6:
98:c7:fd:f2:6f:77:29:97:71:57:e1:aa:ef:2d:1e:
74:7e:ed:bd:57:a4:2d:f6:cf:31:80:07:31:3f:11:
49:1f:95:10:9e:b3:ad:ba:78:d7:69:1d:fd:66:96:
85:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:FB:C5:43:E4:23:8F:6C:E6:CA:34:F3:ED:5F:AF:1C:15:49:6C:86
X509v3 Authority Key Identifier:
keyid:3D:B8:A2:AD:DD:B0:02:85:08:54:99:6A:94:B7:2B:87:F4:A7:B3:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pbiird2wAoUIVJlqlLcrh_Snsw8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/2d43c2-3b2e-4f2e-a6ad-a0a72a733c02/1/QPvFQ-Qjj2zmyjTz7V-vHBVJbIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/2d43c2-3b2e-4f2e-a6ad-a0a72a733c02/1/Pbiird2wAoUIVJlqlLcrh_Snsw8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.107.48.0/22
Signature Algorithm: sha256WithRSAEncryption
44:4d:3a:6d:45:5e:ff:8e:ca:61:59:f1:72:3b:37:07:34:ad:
ee:88:82:76:c3:80:8c:db:26:46:c5:49:39:e6:f9:87:ef:08:
0b:8b:05:8c:fa:ee:96:92:8c:e9:e1:50:cf:9c:d6:fa:95:95:
93:a7:db:5c:65:e4:a7:05:29:25:48:2a:ee:09:99:dd:50:b8:
57:db:61:aa:fa:86:99:f9:c6:9b:47:46:9f:bd:f1:43:55:f2:
b9:df:12:af:3f:c8:e7:85:cd:51:2b:df:fa:b5:64:52:9d:3d:
29:23:5d:5e:a8:c8:4f:53:d9:d7:21:e6:3c:af:e5:56:c6:27:
e7:20:54:b1:be:e8:2b:37:71:21:7d:26:99:b3:87:a4:ed:6a:
1c:e4:91:6e:df:82:3d:dd:8b:53:d6:47:35:d6:eb:3e:c8:25:
fb:3d:a2:fd:fe:2a:82:fc:7a:7d:92:1e:2f:1a:14:7d:94:46:
05:06:21:42:45:d8:59:21:b9:2f:c1:08:98:28:e0:b2:27:79:
43:b9:3c:59:0c:e8:1d:8d:f5:89:7d:e2:fa:81:79:40:94:88:
79:e7:3d:59:1f:46:f4:f0:72:8a:82:52:c9:7a:b2:68:2b:49:
47:66:65:1a:fa:2f:50:eb:b8:62:00:2a:5d:29:0f:fa:c4:17:
10:e3:57:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxHmIufItEtTffSXjpQ6NuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkYjhhMmFkZGRiMDAyODUwODU0OTk2YTk0YjcyYjg3ZjRh
N2IzMGYwHhcNMjMwMTAyMDYxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGZiYzU0M2U0MjM4ZjZjZTZjYTM0ZjNlZDVmYWYxYzE1NDk2Yzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbPYokfKGsQ0VndjSH6X88tEJoEO
0vlubGw8U8zPSt16zJTcQvUU/yG3oJx3Rn5CZOwxQvcGPCzfEqxHB1noWQpqeC2R
RUz3890bqNwSx6s1lCicTIKYDgQkdfb0Ufhbw0gBXOdUOdPercRG03D/2xH8IAqt
a1Nch4INlHLd/92bvJZZvtsqhYwQ1r8bXgPfv2ZhlkvwsWMU8fkQSbjBIc+Y6vKj
YVq49IoBoRxEfA26+CECEf69xfuEMhAARHFP4nQnMqKrW7CLXDRawBwUebaYx/3y
b3cpl3FX4arvLR50fu29V6Qt9s8xgAcxPxFJH5UQnrOtunjXaR39ZpaFIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFED7xUPkI49s5so08+1frxwVSWyGMB8GA1UdIwQY
MBaAFD24oq3dsAKFCFSZapS3K4f0p7MPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGJpaXJkMndBb1VJVkpscWxMY3JoX1Nuc3c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8yZDQzYzItM2IyZS00ZjJlLWE2YWQt
YTBhNzJhNzMzYzAyLzEvUVB2RlEtUWpqMnpteWpUejdWLXZIQlZKYklZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8yZDQzYzItM2IyZS00ZjJlLWE2YWQtYTBhNzJhNzMzYzAy
LzEvUGJpaXJkMndBb1VJVkpscWxMY3JoX1Nuc3c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWswMA0G
CSqGSIb3DQEBCwUAA4IBAQBETTptRV7/jsphWfFyOzcHNK3uiIJ2w4CM2yZGxUk5
5vmH7wgLiwWM+u6Wkozp4VDPnNb6lZWTp9tcZeSnBSklSCruCZndULhX22Gq+oaZ
+cabR0afvfFDVfK53xKvP8jnhc1RK9/6tWRSnT0pI11eqMhPU9nXIeY8r+VWxifn
IFSxvugrN3EhfSaZs4ek7Woc5JFu34I93YtT1kc11us+yCX7PaL9/iqC/Hp9kh4v
GhR9lEYFBiFCRdhZIbkvwQiYKOCyJ3lDuTxZDOgdjfWJfeL6gXlAlIh55z1ZH0b0
8HKKglLJerJoK0lHZmUa+i9Q67hiACpdKQ/6xBcQ41eS
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:11:56 2025 by rpki-client