Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/QZ-V3mtTS7z6nDhEnjQ4wd4t-64.roa
File: QZ-V3mtTS7z6nDhEnjQ4wd4t-64.roa (raw, json)
Hash identifier: mp3wJAEFlJwClaWogkf0mokCC0/rQSLnignHLXkyGk0=
Subject key identifier: 41:9F:95:DE:6B:53:4B:BC:FA:9C:38:44:9E:34:38:C1:DE:2D:FB:AE
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018835D5D00661411D91ECE03E384F3123EF
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/QZ-V3mtTS7z6nDhEnjQ4wd4t-64.roa
Signing time: Fri 19 May 2023 21:06:24 +0000
ROA not before: Fri 19 May 2023 21:06:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3507
IP address blocks: 87.121.45.0/24 maxlen: 24
85.208.139.0/24 maxlen: 24
194.59.31.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:35:d5:d0:06:61:41:1d:91:ec:e0:3e:38:4f:31:23:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 19 21:06:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=419f95de6b534bbcfa9c38449e3438c1de2dfbae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:ed:ea:a2:9c:62:be:2e:60:a5:fe:d7:8a:6b:
79:04:05:80:0d:41:9a:b2:78:b4:90:40:e3:f0:1a:
46:52:2e:75:a8:f9:59:3e:e4:7d:61:b1:8a:f5:42:
3c:8a:6c:3b:da:3a:96:ff:e3:86:b0:4f:a2:78:ef:
d4:91:59:61:24:62:4e:83:4b:eb:01:52:58:6b:72:
c7:ff:7b:4d:c2:9d:b0:36:40:b8:21:aa:34:7f:e4:
05:c9:8e:9d:8b:23:3a:dc:e5:3e:bf:13:a7:fb:47:
f5:b3:e2:91:98:70:a1:e7:74:31:10:3d:a8:bf:16:
43:8f:d2:e5:45:33:c1:f4:65:86:ee:ac:05:d3:bf:
22:5e:76:d9:76:a7:ed:c1:16:45:5c:68:5d:36:95:
f0:ea:0c:d9:b2:0c:56:76:4f:cd:7c:54:74:19:eb:
45:f4:a8:36:1b:97:81:79:25:b1:c4:38:2b:71:b5:
c6:2a:c2:69:2a:c8:78:b4:6c:c9:24:18:12:bf:0b:
50:48:e1:99:c2:02:2e:41:51:f9:41:23:3f:87:e4:
16:f5:7c:ed:16:5c:57:67:55:e3:91:0d:26:20:03:
41:ba:0d:ab:8a:4b:4c:88:4a:f6:f2:a7:22:10:50:
13:17:36:60:e2:f6:79:cf:ca:16:0c:f2:f4:21:b2:
2b:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:9F:95:DE:6B:53:4B:BC:FA:9C:38:44:9E:34:38:C1:DE:2D:FB:AE
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/QZ-V3mtTS7z6nDhEnjQ4wd4t-64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.139.0/24
87.121.45.0/24
194.59.31.0/24
Signature Algorithm: sha256WithRSAEncryption
18:ec:37:94:cf:b8:de:8b:17:0c:e3:1a:bc:9a:d4:dc:c0:81:
c7:95:54:27:60:41:2e:57:6c:af:f1:18:a2:ef:c5:96:0b:a9:
36:f0:31:b1:04:f7:4a:52:c1:76:4c:ab:54:bf:74:ea:de:f8:
f3:eb:29:96:d7:ca:8f:be:20:5e:b6:b9:7e:4c:fc:ff:bd:e3:
f1:b4:15:55:d7:96:52:63:9c:9f:70:6a:34:75:0c:49:23:bd:
19:97:02:bb:59:50:df:5f:82:fe:2b:32:59:0f:6c:c3:7d:68:
55:d9:5c:04:5b:07:64:e3:12:75:62:2b:a8:63:b9:f9:91:f7:
4f:46:be:6c:29:b5:cb:b3:ce:41:2a:0d:c7:e2:33:f1:90:d0:
35:e3:58:67:aa:63:fb:2c:b5:8f:7c:a1:05:10:8e:aa:aa:ae:
a6:47:fb:1b:52:26:1e:2c:a4:af:d3:1c:3a:74:d7:0e:41:bd:
2c:95:ce:22:d1:54:b1:db:62:99:0d:c5:55:70:96:69:79:bd:
79:2b:f6:78:44:19:90:87:00:b8:14:74:6d:f2:41:06:e7:1e:
f4:9f:4f:df:11:0e:a3:2f:71:4d:13:5c:a0:03:e2:26:ca:c1:
a5:b3:8d:cf:b1:b8:90:4c:df:f4:c4:39:46:ec:e8:5f:a9:07:
ca:f6:85:df
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYg11dAGYUEdkezgPjhPMSPvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNTE5MjEwNjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTlmOTVkZTZiNTM0YmJjZmE5YzM4NDQ5ZTM0MzhjMWRlMmRmYmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAge3qopxivi5gpf7Ximt5BAWADUGa
sni0kEDj8BpGUi51qPlZPuR9YbGK9UI8imw72jqW/+OGsE+ieO/UkVlhJGJOg0vr
AVJYa3LH/3tNwp2wNkC4Iao0f+QFyY6diyM63OU+vxOn+0f1s+KRmHCh53QxED2o
vxZDj9LlRTPB9GWG7qwF078iXnbZdqftwRZFXGhdNpXw6gzZsgxWdk/NfFR0GetF
9Kg2G5eBeSWxxDgrcbXGKsJpKsh4tGzJJBgSvwtQSOGZwgIuQVH5QSM/h+QW9Xzt
FlxXZ1XjkQ0mIANBug2riktMiEr28qciEFATFzZg4vZ5z8oWDPL0IbIrzwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEGfld5rU0u8+pw4RJ40OMHeLfuuMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvUVotVjNtdFRTN3o2bkRoRW5qUTR3ZDR0LTY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVdCLAwQA
V3ktAwQAwjsfMA0GCSqGSIb3DQEBCwUAA4IBAQAY7DeUz7jeixcM4xq8mtTcwIHH
lVQnYEEuV2yv8Rii78WWC6k28DGxBPdKUsF2TKtUv3Tq3vjz6ymW18qPviBetrl+
TPz/vePxtBVV15ZSY5yfcGo0dQxJI70ZlwK7WVDfX4L+KzJZD2zDfWhV2VwEWwdk
4xJ1YiuoY7n5kfdPRr5sKbXLs85BKg3H4jPxkNA141hnqmP7LLWPfKEFEI6qqq6m
R/sbUiYeLKSv0xw6dNcOQb0slc4i0VSx22KZDcVVcJZpeb15K/Z4RBmQhwC4FHRt
8kEG5x70n0/fEQ6jL3FNE1ygA+ImysGls43PsbiQTN/0xDlG7OhfqQfK9oXf
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:37:24 2025 by rpki-client