Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/027036-82b3-4128-b954-d012ca9ec197/1/QbxQGmbPGksbPOTzCP1K9h85yTw.roa
File: QbxQGmbPGksbPOTzCP1K9h85yTw.roa (raw, json)
Hash identifier: w4Pvw4204vjPd+ZMzp06WC0H8dpeXWctboDe/Ys65cI=
Subject key identifier: 41:BC:50:1A:66:CF:1A:4B:1B:3C:E4:F3:08:FD:4A:F6:1F:39:C9:3C
Certificate issuer: /CN=cc72e633df5635a9f98d2f68a6d2adcb44155cdc
Certificate serial: 0183037CEDF2E4B8F7AE11693A3E16E6D5BC
Authority key identifier: CC:72:E6:33:DF:56:35:A9:F9:8D:2F:68:A6:D2:AD:CB:44:15:5C:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zHLmM99WNan5jS9optKty0QVXNw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/027036-82b3-4128-b954-d012ca9ec197/1/QbxQGmbPGksbPOTzCP1K9h85yTw.roa
Signing time: Sat 03 Sep 2022 13:14:22 +0000
ROA not before: Sat 03 Sep 2022 13:14:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60051
IP address blocks: 185.71.204.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:03:7c:ed:f2:e4:b8:f7:ae:11:69:3a:3e:16:e6:d5:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc72e633df5635a9f98d2f68a6d2adcb44155cdc
Validity
Not Before: Sep 3 13:14:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=41bc501a66cf1a4b1b3ce4f308fd4af61f39c93c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:dd:e1:e0:d4:0d:22:cd:79:d5:52:e6:54:1b:
65:58:1e:6e:e0:44:67:66:57:d2:b9:d5:87:9e:4c:
b6:46:b9:dc:f0:7a:ec:31:fc:c9:c5:9c:5e:7e:3d:
f5:2b:9d:f9:ef:c4:e1:c8:1c:ec:cd:16:97:22:a1:
8e:82:df:b3:12:a9:8f:a4:71:08:43:6a:cd:9e:17:
eb:0f:f4:e0:0b:2d:16:54:19:54:28:40:9e:b2:e8:
0f:cc:ee:a2:f2:c1:47:58:37:03:47:a5:a8:ee:e7:
c1:b8:71:35:da:65:88:a2:fe:a3:85:05:0b:0b:dc:
65:de:48:f4:77:f9:2c:79:c7:51:5a:bb:2f:58:66:
cb:38:d0:02:f6:0a:d9:41:5d:0a:0f:a9:0a:a6:13:
db:d1:67:46:84:37:9c:81:c8:5d:c8:42:65:62:e0:
88:7f:17:d1:ec:0a:af:0c:16:b8:90:c5:51:ad:a1:
2e:b8:8b:95:73:c6:97:dd:88:b1:06:68:5d:60:13:
37:41:c4:02:db:1d:b8:83:e7:10:32:0d:44:fd:c5:
2d:c2:12:5c:b4:fc:4b:4a:29:5d:14:15:12:77:ce:
f9:30:41:32:6b:73:09:de:ea:87:a8:d3:dd:fc:3a:
58:28:80:e4:58:3c:33:1f:2f:4e:79:e5:38:1a:f5:
4e:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:BC:50:1A:66:CF:1A:4B:1B:3C:E4:F3:08:FD:4A:F6:1F:39:C9:3C
X509v3 Authority Key Identifier:
keyid:CC:72:E6:33:DF:56:35:A9:F9:8D:2F:68:A6:D2:AD:CB:44:15:5C:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zHLmM99WNan5jS9optKty0QVXNw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/027036-82b3-4128-b954-d012ca9ec197/1/QbxQGmbPGksbPOTzCP1K9h85yTw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/027036-82b3-4128-b954-d012ca9ec197/1/zHLmM99WNan5jS9optKty0QVXNw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.204.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:b6:85:63:5e:a9:a3:7a:c5:c9:2f:2c:19:78:30:13:b3:f0:
be:28:ed:0f:2b:5c:bd:02:40:c7:4b:c2:60:bb:a6:f4:50:97:
cf:d5:d3:f6:e1:95:93:3e:7f:80:d1:ea:f5:3c:6e:2c:fa:1c:
a1:59:1f:ca:bc:47:fa:a5:ae:28:07:21:10:5d:56:7c:8f:98:
2c:b0:c5:8b:53:03:ae:41:1a:97:11:05:80:b8:43:e0:b9:ff:
61:fc:d1:18:b1:28:20:e6:f3:22:4d:ff:af:43:ce:49:cf:86:
78:50:a9:9f:8c:c6:7c:ca:99:49:2c:bb:e0:60:0c:84:8a:2e:
1b:0d:49:fe:b3:f6:06:0b:1f:6f:5a:16:c8:59:f8:9e:f6:89:
0f:fb:0b:63:a2:64:39:a1:80:7c:18:e2:62:bd:ab:a1:15:86:
50:6b:59:01:82:ae:3e:a0:0a:2e:21:85:4c:2b:6d:b9:14:43:
29:29:06:21:ae:a5:07:28:bc:77:1a:dc:0d:60:3e:30:28:8a:
b3:40:46:ab:06:e6:58:bc:c2:fe:03:f0:a6:cc:d6:46:aa:42:
a9:a1:49:41:69:e3:ff:21:58:f2:e8:12:f9:f2:92:8f:e0:1b:
15:a0:40:4e:bb:fe:be:94:ac:89:82:ba:e6:1a:63:b1:a5:02:
dc:d3:93:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYMDfO3y5Lj3rhFpOj4W5tW8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjNzJlNjMzZGY1NjM1YTlmOThkMmY2OGE2ZDJhZGNiNDQx
NTVjZGMwHhcNMjIwOTAzMTMxNDIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWJjNTAxYTY2Y2YxYTRiMWIzY2U0ZjMwOGZkNGFmNjFmMzljOTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq93h4NQNIs151VLmVBtlWB5u4ERn
ZlfSudWHnky2Rrnc8HrsMfzJxZxefj31K53578ThyBzszRaXIqGOgt+zEqmPpHEI
Q2rNnhfrD/TgCy0WVBlUKECesugPzO6i8sFHWDcDR6Wo7ufBuHE12mWIov6jhQUL
C9xl3kj0d/ksecdRWrsvWGbLONAC9grZQV0KD6kKphPb0WdGhDecgchdyEJlYuCI
fxfR7AqvDBa4kMVRraEuuIuVc8aX3YixBmhdYBM3QcQC2x24g+cQMg1E/cUtwhJc
tPxLSildFBUSd875MEEya3MJ3uqHqNPd/DpYKIDkWDwzHy9OeeU4GvVObwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEG8UBpmzxpLGzzk8wj9SvYfOck8MB8GA1UdIwQY
MBaAFMxy5jPfVjWp+Y0vaKbSrctEFVzcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekhMbU05OVdOYW41alM5b3B0S3R5MFFWWE53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8wMjcwMzYtODJiMy00MTI4LWI5NTQt
ZDAxMmNhOWVjMTk3LzEvUWJ4UUdtYlBHa3NiUE9UekNQMUs5aDg1eVR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8wMjcwMzYtODJiMy00MTI4LWI5NTQtZDAxMmNhOWVjMTk3
LzEvekhMbU05OVdOYW41alM5b3B0S3R5MFFWWE53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuUfMMA0G
CSqGSIb3DQEBCwUAA4IBAQAPtoVjXqmjesXJLywZeDATs/C+KO0PK1y9AkDHS8Jg
u6b0UJfP1dP24ZWTPn+A0er1PG4s+hyhWR/KvEf6pa4oByEQXVZ8j5gssMWLUwOu
QRqXEQWAuEPguf9h/NEYsSgg5vMiTf+vQ85Jz4Z4UKmfjMZ8yplJLLvgYAyEii4b
DUn+s/YGCx9vWhbIWfie9okP+wtjomQ5oYB8GOJivauhFYZQa1kBgq4+oAouIYVM
K225FEMpKQYhrqUHKLx3GtwNYD4wKIqzQEarBuZYvML+A/CmzNZGqkKpoUlBaeP/
IVjy6BL58pKP4BsVoEBOu/6+lKyJgrrmGmOxpQLc05Pa
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:10:35 2025 by rpki-client