Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/83f82d-1545-4074-8682-a1de58a3b35b/1/q_rpMaMJDYd5z2rPADHj8orDW0o.roa
File: q_rpMaMJDYd5z2rPADHj8orDW0o.roa (raw, json)
Hash identifier: GbDUScT4XFn/B+bVai6dk/wzNLW9YVkxgvqbgkpie+0=
Subject key identifier: AB:FA:E9:31:A3:09:0D:87:79:CF:6A:CF:00:31:E3:F2:8A:C3:5B:4A
Certificate issuer: /CN=8288903d90c01e2d5ce1878805ad4a92d28aedc9
Certificate serial: 01856FC26227AB88EF561C2FAFA3E8485A4C
Authority key identifier: 82:88:90:3D:90:C0:1E:2D:5C:E1:87:88:05:AD:4A:92:D2:8A:ED:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/goiQPZDAHi1c4YeIBa1KktKK7ck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/83f82d-1545-4074-8682-a1de58a3b35b/1/q_rpMaMJDYd5z2rPADHj8orDW0o.roa
Signing time: Sun 01 Jan 2023 23:54:48 +0000
ROA not before: Sun 01 Jan 2023 23:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206732
IP address blocks: 185.178.8.0/22 maxlen: 24
2a12:b140::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:c2:62:27:ab:88:ef:56:1c:2f:af:a3:e8:48:5a:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8288903d90c01e2d5ce1878805ad4a92d28aedc9
Validity
Not Before: Jan 1 23:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=abfae931a3090d8779cf6acf0031e3f28ac35b4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:64:28:7a:9c:92:fe:bd:69:69:8d:ed:df:8a:
fb:5f:05:02:b7:26:39:28:a4:22:00:de:5d:25:39:
e0:e2:6d:84:10:8b:63:c3:82:23:68:95:4b:67:6c:
89:7a:d9:9b:54:6b:93:84:04:ff:58:bb:3b:de:26:
62:76:52:42:4d:14:0f:fd:7c:3e:df:f2:1c:ec:36:
ca:77:4c:3b:2c:1d:7b:3b:b4:83:9e:46:a8:a3:d6:
d4:ed:3b:68:b3:33:51:db:42:73:88:f1:77:d5:6a:
a2:2e:e1:1b:24:04:6b:b7:5e:b3:c5:a9:27:bb:13:
87:99:b9:8b:a1:0e:73:36:0a:63:4a:36:cd:0c:7c:
6c:df:ca:95:4b:d4:8a:8c:0a:ea:c4:41:18:88:8c:
79:31:5c:6d:b6:e8:c8:23:5c:fe:12:49:c1:6d:a9:
f8:a2:d3:f5:b8:b4:a0:c2:49:57:e1:c2:85:99:bb:
2d:7c:f8:a4:a1:62:4f:c1:d6:7a:c8:54:1a:39:e6:
95:b8:87:f4:be:07:b3:07:58:93:2f:72:5f:c6:5f:
13:02:2c:40:b0:70:52:38:28:aa:b9:30:44:71:47:
12:40:1e:54:eb:2e:21:61:dc:71:37:0e:da:5c:eb:
c4:d0:a7:b1:dd:5a:a4:7d:48:3f:27:c2:72:75:5b:
a2:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:FA:E9:31:A3:09:0D:87:79:CF:6A:CF:00:31:E3:F2:8A:C3:5B:4A
X509v3 Authority Key Identifier:
keyid:82:88:90:3D:90:C0:1E:2D:5C:E1:87:88:05:AD:4A:92:D2:8A:ED:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/goiQPZDAHi1c4YeIBa1KktKK7ck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/83f82d-1545-4074-8682-a1de58a3b35b/1/q_rpMaMJDYd5z2rPADHj8orDW0o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/83f82d-1545-4074-8682-a1de58a3b35b/1/goiQPZDAHi1c4YeIBa1KktKK7ck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.178.8.0/22
IPv6:
2a12:b140::/29
Signature Algorithm: sha256WithRSAEncryption
96:03:15:38:93:dd:87:03:f1:86:3b:5a:9c:0a:96:90:17:97:
57:4f:92:e9:94:89:bc:3b:20:8f:f8:2d:d6:92:59:cd:3b:98:
6a:75:4b:9d:c6:67:41:b7:56:0c:1d:3f:14:1d:be:a9:38:f9:
ff:7d:74:c6:42:b0:f5:ca:1c:d6:7f:c6:44:39:30:ec:32:b2:
cc:0b:60:2b:18:9a:43:8f:be:fa:99:ab:c5:35:24:1c:31:a1:
c7:89:5d:1c:66:f2:71:4a:ba:85:de:c2:d5:0e:76:87:51:91:
52:4d:44:1d:6c:97:de:9f:54:1c:f2:9e:ba:f5:30:87:a1:1d:
6c:c7:2b:de:5c:1d:a4:d5:02:84:ac:2e:78:6f:a6:37:44:9f:
10:c0:d3:0e:67:9f:fd:91:62:36:44:94:39:f1:b2:a3:c5:a6:
1b:2f:c2:a9:0b:0e:20:43:40:db:e8:ee:96:fd:10:83:6d:74:
48:39:de:cc:cc:75:6c:6e:83:c6:f9:dc:e6:97:19:e0:c2:82:
5c:75:3d:b1:d4:6f:d4:ea:4d:b9:36:10:c4:16:71:99:bb:50:
65:87:65:87:e2:ef:d8:10:5f:a2:c5:85:bc:d7:5a:94:7a:19:
b8:9e:b1:64:f4:c0:72:c6:a5:1f:a7:3b:3f:bc:a4:29:1f:2a:
40:d7:3e:3f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvwmInq4jvVhwvr6PoSFpMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyODg5MDNkOTBjMDFlMmQ1Y2UxODc4ODA1YWQ0YTkyZDI4
YWVkYzkwHhcNMjMwMTAxMjM1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmZhZTkzMWEzMDkwZDg3NzljZjZhY2YwMDMxZTNmMjhhYzM1YjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwmQoepyS/r1paY3t34r7XwUCtyY5
KKQiAN5dJTng4m2EEItjw4IjaJVLZ2yJetmbVGuThAT/WLs73iZidlJCTRQP/Xw+
3/Ic7DbKd0w7LB17O7SDnkaoo9bU7TtoszNR20JziPF31WqiLuEbJARrt16zxakn
uxOHmbmLoQ5zNgpjSjbNDHxs38qVS9SKjArqxEEYiIx5MVxttujII1z+EknBban4
otP1uLSgwklX4cKFmbstfPikoWJPwdZ6yFQaOeaVuIf0vgezB1iTL3Jfxl8TAixA
sHBSOCiquTBEcUcSQB5U6y4hYdxxNw7aXOvE0Kex3VqkfUg/J8JydVui7QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKv66TGjCQ2Hec9qzwAx4/KKw1tKMB8GA1UdIwQY
MBaAFIKIkD2QwB4tXOGHiAWtSpLSiu3JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ29pUVBaREFIaTFjNFllSUJhMUtrdEtLN2NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi84M2Y4MmQtMTU0NS00MDc0LTg2ODIt
YTFkZTU4YTNiMzViLzEvcV9ycE1hTUpEWWQ1ejJyUEFESGo4b3JEVzBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi84M2Y4MmQtMTU0NS00MDc0LTg2ODItYTFkZTU4YTNiMzVi
LzEvZ29pUVBaREFIaTFjNFllSUJhMUtrdEtLN2NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCubIIMA0E
AgACMAcDBQMqErFAMA0GCSqGSIb3DQEBCwUAA4IBAQCWAxU4k92HA/GGO1qcCpaQ
F5dXT5LplIm8OyCP+C3WklnNO5hqdUudxmdBt1YMHT8UHb6pOPn/fXTGQrD1yhzW
f8ZEOTDsMrLMC2ArGJpDj776mavFNSQcMaHHiV0cZvJxSrqF3sLVDnaHUZFSTUQd
bJfen1Qc8p669TCHoR1sxyveXB2k1QKErC54b6Y3RJ8QwNMOZ5/9kWI2RJQ58bKj
xaYbL8KpCw4gQ0Db6O6W/RCDbXRIOd7MzHVsboPG+dzmlxngwoJcdT2x1G/U6k25
NhDEFnGZu1Blh2WH4u/YEF+ixYW811qUehm4nrFk9MByxqUfpzs/vKQpHypA1z4/
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:34:17 2025 by rpki-client