Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Qxmh--KIwrB9ICgpiI1wzLUsgak.roa
File: Qxmh--KIwrB9ICgpiI1wzLUsgak.roa (raw, json)
Hash identifier: 3XQwqOoJWuE4uLaW86KsDxiYEZoGZntFPB+eUSEGjuU=
Subject key identifier: 43:19:A1:FB:E2:88:C2:B0:7D:20:28:29:88:8D:70:CC:B5:2C:81:A9
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0187A33488905CABF2D30D064A2D8CD66AD4
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Qxmh--KIwrB9ICgpiI1wzLUsgak.roa
Signing time: Fri 21 Apr 2023 09:45:41 +0000
ROA not before: Fri 21 Apr 2023 09:45:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211167
IP address blocks: 194.180.51.0/24 maxlen: 24
85.208.137.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:a3:34:88:90:5c:ab:f2:d3:0d:06:4a:2d:8c:d6:6a:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 21 09:45:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4319a1fbe288c2b07d202829888d70ccb52c81a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:48:45:4f:9e:e5:f3:8b:2d:49:a6:59:00:93:
a3:de:4f:1f:85:86:bb:1f:b7:ad:bd:db:f9:92:68:
a5:fa:da:7c:67:2e:9c:d0:b9:ed:20:fd:84:87:b3:
68:48:bc:2b:9d:e1:3a:ce:24:3e:98:27:56:62:ff:
94:50:9f:08:26:41:28:bb:84:d0:b8:d1:3e:f9:5a:
de:4d:e5:dc:f8:55:b6:90:c7:39:ff:7b:3d:e6:b1:
fa:bb:83:12:1e:09:ca:a3:b3:01:f6:d9:f9:62:e4:
0e:38:be:38:9a:8a:6d:e9:17:05:71:8c:2f:7b:84:
ec:7c:c9:1a:82:57:a4:ec:b4:d6:ec:cd:bf:d9:25:
7d:c2:96:e4:7a:fc:0d:1a:54:cf:b5:29:63:a2:a2:
24:3e:85:43:5d:65:90:fd:26:64:ee:5a:ff:e2:e6:
8e:e5:2f:eb:5c:db:12:c3:a1:91:d5:54:98:d9:f3:
76:2c:1a:0c:0f:80:9c:49:f9:e1:2f:b6:7c:f2:d7:
41:ed:7b:d0:e9:7b:fa:af:ef:23:bf:b5:d5:82:b4:
5c:da:47:d7:2f:70:7f:7d:bd:8c:fc:ef:4a:3e:e3:
44:8a:c6:ba:66:ed:6f:17:4a:af:00:2d:ca:d3:4c:
47:45:ca:3f:bb:06:9b:66:2a:77:e4:86:48:f3:e6:
69:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:19:A1:FB:E2:88:C2:B0:7D:20:28:29:88:8D:70:CC:B5:2C:81:A9
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Qxmh--KIwrB9ICgpiI1wzLUsgak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.137.0/24
194.180.51.0/24
Signature Algorithm: sha256WithRSAEncryption
24:73:9d:04:3b:d7:77:04:66:8f:4d:6b:1b:82:57:be:57:82:
80:5f:79:65:6f:28:99:25:e0:90:c0:e8:8c:19:a0:17:e2:34:
59:d7:13:98:12:0d:82:48:d9:28:c3:1e:e1:f3:1e:5c:77:fd:
05:51:a9:da:ca:5b:f7:22:7c:34:31:c9:fb:da:77:ad:04:70:
af:25:3d:76:91:d9:21:0b:92:98:7f:b6:3d:fb:51:9e:c7:3f:
bb:1c:d0:ae:eb:b6:44:ec:02:3e:ee:90:7f:b3:cb:ce:4a:a3:
e1:c0:ad:43:f2:27:99:19:b3:60:aa:90:39:01:c1:60:17:14:
7f:0c:7c:de:96:18:b4:5b:4e:66:3e:dd:cc:0a:f0:6c:8d:7b:
dc:3c:db:82:dc:1b:b8:fc:bb:47:e7:a2:3f:c8:e2:9e:91:15:
66:2f:ce:e7:d9:61:18:19:ac:39:4e:4c:f6:3a:f1:24:70:dd:
cb:51:ad:56:d3:b4:fe:56:ec:d1:63:11:94:9e:e3:f8:a3:15:
66:8f:d0:c6:e5:52:1a:b7:5d:67:b4:9e:28:2d:99:0e:30:5f:
d2:b8:e2:5a:b3:b6:39:6a:d8:6b:66:6a:b5:17:15:ba:97:92:
9a:01:73:19:5b:62:62:c1:cf:85:b7:8b:5c:0a:9d:dc:63:cd:
0d:e9:b1:5e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYejNIiQXKvy0w0GSi2M1mrUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNDIxMDk0NTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzE5YTFmYmUyODhjMmIwN2QyMDI4Mjk4ODhkNzBjY2I1MmM4MWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0hFT57l84stSaZZAJOj3k8fhYa7
H7etvdv5kmil+tp8Zy6c0LntIP2Eh7NoSLwrneE6ziQ+mCdWYv+UUJ8IJkEou4TQ
uNE++VreTeXc+FW2kMc5/3s95rH6u4MSHgnKo7MB9tn5YuQOOL44mopt6RcFcYwv
e4TsfMkaglek7LTW7M2/2SV9wpbkevwNGlTPtSljoqIkPoVDXWWQ/SZk7lr/4uaO
5S/rXNsSw6GR1VSY2fN2LBoMD4CcSfnhL7Z88tdB7XvQ6Xv6r+8jv7XVgrRc2kfX
L3B/fb2M/O9KPuNEisa6Zu1vF0qvAC3K00xHRco/uwabZip35IZI8+ZpNQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEMZofviiMKwfSAoKYiNcMy1LIGpMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvUXhtaC0tS0l3ckI5SUNncGlJMXd6TFVzZ2FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVdCJAwQA
wrQzMA0GCSqGSIb3DQEBCwUAA4IBAQAkc50EO9d3BGaPTWsbgle+V4KAX3llbyiZ
JeCQwOiMGaAX4jRZ1xOYEg2CSNkowx7h8x5cd/0FUanaylv3Inw0Mcn72netBHCv
JT12kdkhC5KYf7Y9+1Gexz+7HNCu67ZE7AI+7pB/s8vOSqPhwK1D8ieZGbNgqpA5
AcFgFxR/DHzelhi0W05mPt3MCvBsjXvcPNuC3Bu4/LtH56I/yOKekRVmL87n2WEY
Gaw5Tkz2OvEkcN3LUa1W07T+VuzRYxGUnuP4oxVmj9DG5VIat11ntJ4oLZkOMF/S
uOJas7Y5athrZmq1FxW6l5KaAXMZW2Jiwc+Ft4tcCp3cY80N6bFe
-----END CERTIFICATE-----
Generated at Sun Apr 27 17:02:33 2025 by rpki-client