Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/d13658-af7e-4d6e-82ef-6e0696fee8e6/1/CQBxGcEES4hjRsKwUff8V3X8e0I.roa
File: CQBxGcEES4hjRsKwUff8V3X8e0I.roa (raw, json)
Hash identifier: v4CUhT4y2XAVANLWp7tTXCrlNY9rNQz9eW6HH733p1Y=
Subject key identifier: 09:00:71:19:C1:04:4B:88:63:46:C2:B0:51:F7:FC:57:75:FC:7B:42
Certificate issuer: /CN=f497673c78efae5f6bd80a25ace3d3c37193e789
Certificate serial: 018571699E1C1DFA32224C8C066C8CA976E7
Authority key identifier: F4:97:67:3C:78:EF:AE:5F:6B:D8:0A:25:AC:E3:D3:C3:71:93:E7:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9JdnPHjvrl9r2AolrOPTw3GT54k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/d13658-af7e-4d6e-82ef-6e0696fee8e6/1/CQBxGcEES4hjRsKwUff8V3X8e0I.roa
Signing time: Mon 02 Jan 2023 07:37:05 +0000
ROA not before: Mon 02 Jan 2023 07:37:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29286
IP address blocks: 77.246.60.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:69:9e:1c:1d:fa:32:22:4c:8c:06:6c:8c:a9:76:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f497673c78efae5f6bd80a25ace3d3c37193e789
Validity
Not Before: Jan 2 07:37:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09007119c1044b886346c2b051f7fc5775fc7b42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:7e:84:91:46:ee:8a:63:41:16:af:e7:ad:c9:
7f:df:f4:26:ad:a2:bd:db:a2:83:6a:70:a7:a0:fb:
1b:1a:a7:48:bf:52:37:11:67:18:6f:80:ea:38:fd:
da:b1:40:87:ae:14:c4:67:ea:7e:c2:9b:13:b8:fb:
dd:59:38:d8:ee:8a:3a:6e:95:a4:b9:7c:99:22:02:
97:3c:01:c9:b3:ac:7a:08:da:ff:33:55:fe:4a:85:
a9:c5:b8:a0:62:54:63:fc:38:fd:20:be:7b:51:ac:
fd:ba:66:cc:33:99:c1:56:0e:5a:7c:61:5a:ad:ef:
ad:83:fc:a8:33:4e:72:c8:c4:33:a4:17:cc:59:08:
dd:07:11:9c:71:da:98:af:f4:a5:c0:36:25:d4:71:
e3:6a:30:5d:33:ee:09:01:ba:60:fd:85:d4:10:9e:
cc:bd:98:0c:27:e0:53:69:8a:8b:66:2b:e8:44:2b:
90:d7:37:9e:a1:5b:da:46:5b:20:75:4a:b3:6e:0e:
32:1b:4f:41:e4:a7:fa:5b:cc:3a:18:e7:b8:c9:10:
1e:4a:b4:2b:35:76:03:7d:f1:8f:3c:76:b5:72:46:
9b:9c:d5:b3:f1:79:1b:d1:f5:b6:1c:30:5d:fd:5f:
c1:88:d0:ce:13:5e:f9:87:4c:38:99:57:2a:74:3c:
e3:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:00:71:19:C1:04:4B:88:63:46:C2:B0:51:F7:FC:57:75:FC:7B:42
X509v3 Authority Key Identifier:
keyid:F4:97:67:3C:78:EF:AE:5F:6B:D8:0A:25:AC:E3:D3:C3:71:93:E7:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9JdnPHjvrl9r2AolrOPTw3GT54k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/d13658-af7e-4d6e-82ef-6e0696fee8e6/1/CQBxGcEES4hjRsKwUff8V3X8e0I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/d13658-af7e-4d6e-82ef-6e0696fee8e6/1/9JdnPHjvrl9r2AolrOPTw3GT54k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.246.60.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:d7:a1:0a:bf:0a:d7:11:80:e4:4d:89:80:6e:61:06:e6:c1:
b0:5a:aa:f9:9e:c7:52:e3:14:79:ea:af:74:a8:07:be:c7:e8:
52:b7:1f:9b:04:1b:95:80:d9:46:0f:51:6d:f5:68:ae:4d:ed:
55:69:a9:1c:ed:76:9d:2f:df:8a:18:65:4f:22:2c:07:5b:50:
11:b5:f8:84:90:2d:1f:24:25:9f:56:2c:b8:52:ca:ff:e1:a4:
f1:59:46:b1:fe:ed:5d:aa:7b:b2:29:ef:56:36:e1:ff:d8:f4:
48:c1:b3:4f:36:5c:43:e5:f2:6c:e6:31:fd:07:c9:de:6d:39:
b2:d7:76:c8:3e:bd:27:4f:d8:94:a4:8c:ad:3e:62:f4:29:8f:
84:ae:4b:20:a6:43:3f:42:a7:28:f3:90:b9:ed:eb:a7:1f:0f:
25:6e:06:b4:60:56:82:95:2d:8b:dd:2a:77:6f:f5:bc:61:3f:
95:a3:f9:0f:ac:c1:af:82:79:bc:a5:c7:f3:18:9c:b3:47:80:
3e:8b:ef:73:64:22:9b:d4:3d:2a:77:62:a8:e9:05:0e:4f:09:
35:7e:bc:0d:b0:db:3b:da:0d:83:ad:00:62:97:9d:51:ed:9a:
56:e8:a6:93:f8:73:94:87:5a:bc:63:05:62:e4:73:ab:97:9e:
63:74:b6:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxaZ4cHfoyIkyMBmyMqXbnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0OTc2NzNjNzhlZmFlNWY2YmQ4MGEyNWFjZTNkM2MzNzE5
M2U3ODkwHhcNMjMwMTAyMDczNzA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTAwNzExOWMxMDQ0Yjg4NjM0NmMyYjA1MWY3ZmM1Nzc1ZmM3YjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAon6EkUbuimNBFq/nrcl/3/QmraK9
26KDanCnoPsbGqdIv1I3EWcYb4DqOP3asUCHrhTEZ+p+wpsTuPvdWTjY7oo6bpWk
uXyZIgKXPAHJs6x6CNr/M1X+SoWpxbigYlRj/Dj9IL57Uaz9umbMM5nBVg5afGFa
re+tg/yoM05yyMQzpBfMWQjdBxGccdqYr/SlwDYl1HHjajBdM+4JAbpg/YXUEJ7M
vZgMJ+BTaYqLZivoRCuQ1zeeoVvaRlsgdUqzbg4yG09B5Kf6W8w6GOe4yRAeSrQr
NXYDffGPPHa1ckabnNWz8Xkb0fW2HDBd/V/BiNDOE175h0w4mVcqdDzjNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAkAcRnBBEuIY0bCsFH3/Fd1/HtCMB8GA1UdIwQY
MBaAFPSXZzx4765fa9gKJazj08Nxk+eJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUpkblBIanZybDlyMkFvbHJPUFR3M0dUNTRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9kMTM2NTgtYWY3ZS00ZDZlLTgyZWYt
NmUwNjk2ZmVlOGU2LzEvQ1FCeEdjRUVTNGhqUnNLd1VmZjhWM1g4ZTBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9kMTM2NTgtYWY3ZS00ZDZlLTgyZWYtNmUwNjk2ZmVlOGU2
LzEvOUpkblBIanZybDlyMkFvbHJPUFR3M0dUNTRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATfY8MA0G
CSqGSIb3DQEBCwUAA4IBAQAu16EKvwrXEYDkTYmAbmEG5sGwWqr5nsdS4xR56q90
qAe+x+hStx+bBBuVgNlGD1Ft9WiuTe1Vaakc7XadL9+KGGVPIiwHW1ARtfiEkC0f
JCWfViy4Usr/4aTxWUax/u1dqnuyKe9WNuH/2PRIwbNPNlxD5fJs5jH9B8nebTmy
13bIPr0nT9iUpIytPmL0KY+ErksgpkM/Qqco85C57eunHw8lbga0YFaClS2L3Sp3
b/W8YT+Vo/kPrMGvgnm8pcfzGJyzR4A+i+9zZCKb1D0qd2Ko6QUOTwk1frwNsNs7
2g2DrQBil51R7ZpW6KaT+HOUh1q8YwVi5HOrl55jdLau
-----END CERTIFICATE-----
Generated at Sun Apr 20 21:30:56 2025 by rpki-client