Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/2599f9-6f76-4db6-bca7-c1331f49fc09/1/Qi3dQeuzFwAgUpcU-G4lQqmfHfc.roa
File: Qi3dQeuzFwAgUpcU-G4lQqmfHfc.roa (raw, json)
Hash identifier: /5IRiRYWeDSdKI/nhPBIUUhC12PTecKAKTspq0l08mU=
Subject key identifier: 42:2D:DD:41:EB:B3:17:00:20:52:97:14:F8:6E:25:42:A9:9F:1D:F7
Certificate issuer: /CN=bd19d4535c7e62b921e859e6557b821f278e716a
Certificate serial: 018C8C15F4C19A9CE37F5F727E58F45A574E
Authority key identifier: BD:19:D4:53:5C:7E:62:B9:21:E8:59:E6:55:7B:82:1F:27:8E:71:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vRnUU1x-Yrkh6FnmVXuCHyeOcWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/2599f9-6f76-4db6-bca7-c1331f49fc09/1/Qi3dQeuzFwAgUpcU-G4lQqmfHfc.roa
Signing time: Thu 21 Dec 2023 11:14:58 +0000
ROA not before: Thu 21 Dec 2023 11:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.134.9.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8c:15:f4:c1:9a:9c:e3:7f:5f:72:7e:58:f4:5a:57:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd19d4535c7e62b921e859e6557b821f278e716a
Validity
Not Before: Dec 21 11:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=422ddd41ebb3170020529714f86e2542a99f1df7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:6c:bd:a9:47:22:3d:04:79:ea:4b:74:b1:8c:
79:d1:1f:44:6a:fe:ee:5b:d7:05:ff:07:58:d1:5b:
80:1c:e6:64:80:cc:d4:83:e2:d9:b5:62:3e:01:68:
74:cb:2d:eb:c0:b8:4f:96:a2:fd:e8:de:3a:55:f3:
25:43:8f:e3:49:07:a4:aa:15:7c:e8:be:66:fd:f1:
9a:cf:24:6f:60:8b:27:90:04:65:3e:38:65:6c:dc:
44:ec:96:48:ba:62:23:73:2b:a1:d3:0d:63:b8:fc:
92:0b:0b:79:3f:56:26:c1:4d:0f:de:fd:e4:2b:be:
34:1f:5f:4b:0d:fd:3b:62:ef:ec:e1:da:e7:20:1b:
8c:d3:a9:5e:5f:83:c1:42:6d:77:83:77:34:12:ae:
d4:2e:32:50:ff:30:10:cc:be:78:55:a6:27:42:5c:
0b:70:b7:c7:91:ec:d6:64:79:a8:ee:af:f4:a8:a7:
06:13:be:73:d2:09:8a:fc:9a:71:77:30:71:d5:7a:
95:d4:f6:b7:bf:f4:e3:ff:a2:48:1d:f2:39:e8:97:
f8:c0:43:97:b1:0a:c5:bf:8f:e8:90:a2:16:c8:6e:
f6:69:59:6f:d8:79:6a:e0:0d:bb:b3:ac:b2:43:f0:
31:dc:a6:94:c0:79:8e:8c:af:ee:14:32:36:86:6b:
a6:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:2D:DD:41:EB:B3:17:00:20:52:97:14:F8:6E:25:42:A9:9F:1D:F7
X509v3 Authority Key Identifier:
keyid:BD:19:D4:53:5C:7E:62:B9:21:E8:59:E6:55:7B:82:1F:27:8E:71:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vRnUU1x-Yrkh6FnmVXuCHyeOcWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/2599f9-6f76-4db6-bca7-c1331f49fc09/1/Qi3dQeuzFwAgUpcU-G4lQqmfHfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/2599f9-6f76-4db6-bca7-c1331f49fc09/1/vRnUU1x-Yrkh6FnmVXuCHyeOcWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.9.0/24
Signature Algorithm: sha256WithRSAEncryption
24:d3:2c:b8:82:60:58:c9:97:a8:25:c7:af:d6:95:c7:47:75:
0c:d5:cd:ed:55:66:cc:15:ac:a1:10:40:c9:ef:21:c5:ea:70:
d4:a8:0a:b8:de:b1:04:c6:5e:80:8e:62:1b:a1:1c:a8:47:19:
99:6d:7d:59:41:d4:64:c8:52:1f:34:32:57:5c:f4:25:fe:3c:
01:55:06:1e:22:5b:ca:84:80:65:04:cd:13:57:15:a2:22:a2:
c8:6f:fa:f7:21:63:1a:a2:14:96:ba:fc:1e:2e:67:49:d9:3a:
53:5e:37:14:f7:57:db:e5:cf:34:a5:57:02:08:c0:a8:21:82:
d9:bc:d5:38:7c:eb:d0:ba:06:4b:1f:6e:ba:8f:4a:e1:d8:99:
c5:4d:4c:11:d6:b6:89:2a:f6:51:3b:b9:58:2c:66:8f:9b:e3:
c4:1b:31:25:af:39:1d:4a:63:92:78:ea:87:a3:83:a4:d7:47:
31:b4:78:0b:a9:66:37:9f:03:fb:79:8a:ff:44:c6:7d:c5:c3:
34:39:6b:d9:59:98:68:f2:9f:46:a2:4b:76:88:85:be:33:c3:
4f:6b:9a:d4:b3:1f:55:6f:e1:9e:a4:f4:4e:3f:ca:98:a2:56:
76:c2:ca:f3:42:99:62:2d:8e:51:d6:5b:c0:b9:a7:01:7b:8a:
4b:62:27:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyMFfTBmpzjf19yflj0WldOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkMTlkNDUzNWM3ZTYyYjkyMWU4NTllNjU1N2I4MjFmMjc4
ZTcxNmEwHhcNMjMxMjIxMTExNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjJkZGQ0MWViYjMxNzAwMjA1Mjk3MTRmODZlMjU0MmE5OWYxZGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGy9qUciPQR56kt0sYx50R9Eav7u
W9cF/wdY0VuAHOZkgMzUg+LZtWI+AWh0yy3rwLhPlqL96N46VfMlQ4/jSQekqhV8
6L5m/fGazyRvYIsnkARlPjhlbNxE7JZIumIjcyuh0w1juPySCwt5P1YmwU0P3v3k
K740H19LDf07Yu/s4drnIBuM06leX4PBQm13g3c0Eq7ULjJQ/zAQzL54VaYnQlwL
cLfHkezWZHmo7q/0qKcGE75z0gmK/JpxdzBx1XqV1Pa3v/Tj/6JIHfI56Jf4wEOX
sQrFv4/okKIWyG72aVlv2Hlq4A27s6yyQ/Ax3KaUwHmOjK/uFDI2hmumNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEIt3UHrsxcAIFKXFPhuJUKpnx33MB8GA1UdIwQY
MBaAFL0Z1FNcfmK5IehZ5lV7gh8njnFqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlJuVVUxeC1ZcmtoNkZubVZYdUNIeWVPY1dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy8yNTk5ZjktNmY3Ni00ZGI2LWJjYTct
YzEzMzFmNDlmYzA5LzEvUWkzZFFldXpGd0FnVXBjVS1HNGxRcW1mSGZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy8yNTk5ZjktNmY3Ni00ZGI2LWJjYTctYzEzMzFmNDlmYzA5
LzEvdlJuVVUxeC1ZcmtoNkZubVZYdUNIeWVPY1dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYYJMA0G
CSqGSIb3DQEBCwUAA4IBAQAk0yy4gmBYyZeoJcev1pXHR3UM1c3tVWbMFayhEEDJ
7yHF6nDUqAq43rEExl6AjmIboRyoRxmZbX1ZQdRkyFIfNDJXXPQl/jwBVQYeIlvK
hIBlBM0TVxWiIqLIb/r3IWMaohSWuvweLmdJ2TpTXjcU91fb5c80pVcCCMCoIYLZ
vNU4fOvQugZLH266j0rh2JnFTUwR1raJKvZRO7lYLGaPm+PEGzElrzkdSmOSeOqH
o4Ok10cxtHgLqWY3nwP7eYr/RMZ9xcM0OWvZWZho8p9Gokt2iIW+M8NPa5rUsx9V
b+GepPROP8qYolZ2wsrzQpliLY5R1lvAuacBe4pLYidR
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:19:52 2025 by rpki-client