Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/b8e773-4e71-4d09-b74a-b27f552672e0/1/qoYRgkNFQRhjiDzusg7ZcoV1ql0.roa
File: qoYRgkNFQRhjiDzusg7ZcoV1ql0.roa (raw, json)
Hash identifier: gQG2F0cFNaWoy5bex5sG/FHeB1/w5E8oxx9Y7mrstFA=
Subject key identifier: AA:86:11:82:43:45:41:18:63:88:3C:EE:B2:0E:D9:72:85:75:AA:5D
Certificate issuer: /CN=4e3c01ba0c5cbf20ae3e93ca3d379e62df5c959a
Certificate serial: 0189D8E673A123A488AB4AD35D8DCA4B51BB
Authority key identifier: 4E:3C:01:BA:0C:5C:BF:20:AE:3E:93:CA:3D:37:9E:62:DF:5C:95:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TjwBugxcvyCuPpPKPTeeYt9clZo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/b8e773-4e71-4d09-b74a-b27f552672e0/1/qoYRgkNFQRhjiDzusg7ZcoV1ql0.roa
Signing time: Wed 09 Aug 2023 06:05:28 +0000
ROA not before: Wed 09 Aug 2023 06:05:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 18106
IP address blocks: 185.5.132.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d8:e6:73:a1:23:a4:88:ab:4a:d3:5d:8d:ca:4b:51:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e3c01ba0c5cbf20ae3e93ca3d379e62df5c959a
Validity
Not Before: Aug 9 06:05:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa8611824345411863883ceeb20ed9728575aa5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:29:2a:ad:8c:e9:ea:c0:22:ac:99:3f:34:57:
85:55:d1:8f:b8:c8:86:37:54:6a:f3:0b:be:71:9c:
1a:34:60:6e:87:af:be:b5:fc:66:d3:d0:ee:9f:09:
8d:7a:11:4b:71:d4:ed:b4:96:70:71:23:f9:f2:ef:
ff:04:90:cd:fb:44:71:ca:59:23:ee:7c:c1:64:be:
88:91:b5:a6:4d:10:ff:4b:65:e0:89:b2:9c:f9:d1:
8d:15:b0:42:b2:b4:94:59:1f:66:68:be:b8:26:91:
a7:c0:de:21:8c:71:e5:99:a1:c6:0b:82:c3:27:f5:
a9:0b:9c:a1:59:46:be:dd:de:d4:aa:29:5c:bf:70:
8e:8e:8d:fe:54:df:bc:79:3c:62:74:f2:0f:e3:62:
4b:81:08:62:45:0c:fe:b1:55:f1:7f:8f:73:bd:4c:
46:79:83:fc:06:7f:f0:91:40:d7:ec:6f:8b:90:3f:
16:1b:e5:fa:87:52:ae:b2:71:1e:a8:ff:4f:02:2c:
5b:1a:4f:28:72:4f:53:8e:5d:53:cb:b1:e0:62:45:
c4:cb:36:0c:7b:a2:ea:1e:60:7f:1a:1b:7f:41:9d:
43:f4:8c:31:1c:a1:47:6f:3b:ba:5f:bd:1f:ee:b3:
94:ec:95:a7:32:c5:2c:6a:24:07:ec:6b:94:e6:1b:
f9:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:86:11:82:43:45:41:18:63:88:3C:EE:B2:0E:D9:72:85:75:AA:5D
X509v3 Authority Key Identifier:
keyid:4E:3C:01:BA:0C:5C:BF:20:AE:3E:93:CA:3D:37:9E:62:DF:5C:95:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TjwBugxcvyCuPpPKPTeeYt9clZo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b8e773-4e71-4d09-b74a-b27f552672e0/1/qoYRgkNFQRhjiDzusg7ZcoV1ql0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b8e773-4e71-4d09-b74a-b27f552672e0/1/TjwBugxcvyCuPpPKPTeeYt9clZo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.5.132.0/23
Signature Algorithm: sha256WithRSAEncryption
67:be:d4:94:df:f5:b5:50:bd:74:ff:c7:6a:57:ab:af:9b:03:
7b:df:41:0c:bb:91:d7:ba:a9:e0:a5:03:84:48:6a:90:92:cb:
d6:c3:b7:25:7d:a6:0b:29:0a:8e:70:50:0e:ec:a0:31:a1:9c:
2f:bc:f3:f8:b7:70:03:9e:cb:a3:1a:7e:5c:c5:a4:fc:c9:8c:
a0:3f:b1:d9:53:18:06:0a:d2:1a:6f:74:36:5c:02:e1:71:90:
67:ee:a3:a6:85:7b:61:7a:5e:40:02:80:10:33:3c:b6:2b:d1:
1c:bb:e3:6c:66:8e:1c:15:c4:d4:84:f8:72:01:fd:59:21:71:
1a:e7:68:d1:57:2b:9b:ff:cb:ca:45:08:6c:fd:72:a0:1b:f9:
55:7b:52:1b:4c:7f:47:46:90:f6:ce:72:6c:b4:60:38:d7:0f:
4d:af:26:0f:62:03:79:1b:49:4e:c1:2d:26:6c:ab:9b:02:5d:
97:ae:bc:b9:39:7d:43:28:87:ba:7c:f4:c4:80:37:20:dc:f3:
aa:bc:db:db:b0:e1:ac:18:fa:29:d8:40:c3:6b:02:9f:81:7a:
1a:2d:64:ac:16:e0:a5:01:ac:cf:e4:13:23:a5:a9:9f:b8:5a:
1e:82:1f:12:c5:30:c8:3c:65:1e:29:18:18:05:ad:bc:e9:f0:
cc:f9:23:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnY5nOhI6SIq0rTXY3KS1G7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlM2MwMWJhMGM1Y2JmMjBhZTNlOTNjYTNkMzc5ZTYyZGY1
Yzk1OWEwHhcNMjMwODA5MDYwNTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTg2MTE4MjQzNDU0MTE4NjM4ODNjZWViMjBlZDk3Mjg1NzVhYTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSkqrYzp6sAirJk/NFeFVdGPuMiG
N1Rq8wu+cZwaNGBuh6++tfxm09DunwmNehFLcdTttJZwcSP58u//BJDN+0Rxylkj
7nzBZL6IkbWmTRD/S2XgibKc+dGNFbBCsrSUWR9maL64JpGnwN4hjHHlmaHGC4LD
J/WpC5yhWUa+3d7Uqilcv3COjo3+VN+8eTxidPIP42JLgQhiRQz+sVXxf49zvUxG
eYP8Bn/wkUDX7G+LkD8WG+X6h1KusnEeqP9PAixbGk8ock9Tjl1Ty7HgYkXEyzYM
e6LqHmB/Ght/QZ1D9IwxHKFHbzu6X70f7rOU7JWnMsUsaiQH7GuU5hv57wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKqGEYJDRUEYY4g87rIO2XKFdapdMB8GA1UdIwQY
MBaAFE48AboMXL8grj6Tyj03nmLfXJWaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGp3QnVneGN2eUN1UHBQS1BUZWVZdDljbFpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9iOGU3NzMtNGU3MS00ZDA5LWI3NGEt
YjI3ZjU1MjY3MmUwLzEvcW9ZUmdrTkZRUmhqaUR6dXNnN1pjb1YxcWwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9iOGU3NzMtNGU3MS00ZDA5LWI3NGEtYjI3ZjU1MjY3MmUw
LzEvVGp3QnVneGN2eUN1UHBQS1BUZWVZdDljbFpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuQWEMA0G
CSqGSIb3DQEBCwUAA4IBAQBnvtSU3/W1UL10/8dqV6uvmwN730EMu5HXuqngpQOE
SGqQksvWw7clfaYLKQqOcFAO7KAxoZwvvPP4t3ADnsujGn5cxaT8yYygP7HZUxgG
CtIab3Q2XALhcZBn7qOmhXthel5AAoAQMzy2K9Ecu+NsZo4cFcTUhPhyAf1ZIXEa
52jRVyub/8vKRQhs/XKgG/lVe1IbTH9HRpD2znJstGA41w9NryYPYgN5G0lOwS0m
bKubAl2Xrry5OX1DKIe6fPTEgDcg3POqvNvbsOGsGPop2EDDawKfgXoaLWSsFuCl
AazP5BMjpamfuFoegh8SxTDIPGUeKRgYBa286fDM+SP4
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:01:29 2025 by rpki-client