Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/380400-dc2e-494a-891a-2f2300b6e3d9/1/qT_6MQWFdilv9yRgjedXFXvNX7c.roa
File: qT_6MQWFdilv9yRgjedXFXvNX7c.roa (raw, json)
Hash identifier: G9BqocOBgN2F2BjcPaFdO8yGoZQUcKGXvDVAq7T6cGY=
Subject key identifier: A9:3F:FA:31:05:85:76:29:6F:F7:24:60:8D:E7:57:15:7B:CD:5F:B7
Certificate issuer: /CN=7e2eda6952b03e8ba45997be615d7abee1784f83
Certificate serial: 018540D68FC07C67DD2A4BAC0205D03BBD1A
Authority key identifier: 7E:2E:DA:69:52:B0:3E:8B:A4:59:97:BE:61:5D:7A:BE:E1:78:4F:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fi7aaVKwPoukWZe-YV16vuF4T4M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/380400-dc2e-494a-891a-2f2300b6e3d9/1/qT_6MQWFdilv9yRgjedXFXvNX7c.roa
Signing time: Fri 23 Dec 2022 21:14:41 +0000
ROA not before: Fri 23 Dec 2022 21:14:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31172
IP address blocks: 87.239.96.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:40:d6:8f:c0:7c:67:dd:2a:4b:ac:02:05:d0:3b:bd:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e2eda6952b03e8ba45997be615d7abee1784f83
Validity
Not Before: Dec 23 21:14:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a93ffa31058576296ff724608de757157bcd5fb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:27:0b:c3:16:d2:01:51:d8:b0:99:c8:73:20:
72:3e:50:e5:c1:62:28:3b:ce:12:e4:d0:f0:0b:ac:
4f:83:18:00:c1:3b:98:89:c1:c2:66:fd:c4:3b:da:
91:c5:eb:c0:3d:0e:54:c7:4c:f7:e5:0c:aa:30:18:
da:f7:25:7e:3a:ef:05:f1:61:cd:d3:89:fb:5c:20:
38:48:a1:1b:e8:6d:bf:20:cf:a2:fd:bb:60:85:04:
4a:67:ac:ca:36:91:33:61:ad:f6:0a:bc:7f:52:3d:
20:10:26:f6:9c:68:f4:be:ad:d9:29:32:8d:0a:a4:
43:4b:ce:f4:d5:d4:3b:d4:d8:f2:26:6f:b2:1f:04:
5e:f4:b2:b3:de:db:ca:09:9a:1f:0b:84:a6:28:e3:
85:d8:e3:ad:e1:d1:e3:a2:32:a5:2b:0c:ea:e7:58:
03:07:91:93:97:5b:af:66:a1:fd:e1:d5:d9:1e:c5:
4a:d0:0c:9e:e8:8a:dd:c4:a7:66:af:79:b0:0a:b0:
59:6b:32:a3:d9:5a:4f:9e:2a:72:73:b4:a1:fb:82:
c5:11:49:62:c4:ae:94:02:f4:bc:2c:17:f0:4c:94:
a2:8d:c1:0b:5c:0c:f7:d5:e7:15:c1:34:cd:40:33:
34:8d:b8:0e:f7:55:0f:60:33:8f:ea:15:0f:73:0a:
0f:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:3F:FA:31:05:85:76:29:6F:F7:24:60:8D:E7:57:15:7B:CD:5F:B7
X509v3 Authority Key Identifier:
keyid:7E:2E:DA:69:52:B0:3E:8B:A4:59:97:BE:61:5D:7A:BE:E1:78:4F:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fi7aaVKwPoukWZe-YV16vuF4T4M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/380400-dc2e-494a-891a-2f2300b6e3d9/1/qT_6MQWFdilv9yRgjedXFXvNX7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/380400-dc2e-494a-891a-2f2300b6e3d9/1/fi7aaVKwPoukWZe-YV16vuF4T4M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.239.96.0/21
Signature Algorithm: sha256WithRSAEncryption
28:d7:6a:8e:b4:1d:af:62:28:6a:2b:aa:dc:ca:c8:90:ef:f9:
61:0a:cc:28:74:9a:d6:0d:35:20:98:75:81:af:99:62:62:ee:
e9:55:89:41:67:e9:40:d1:05:d0:ff:0b:4d:76:87:d3:cc:5b:
18:e2:42:e2:09:16:e3:08:06:4a:3b:34:b6:24:7b:fe:23:f6:
55:e6:1d:7f:ac:da:0c:45:d9:e7:5d:e4:40:3c:a8:e0:28:79:
72:76:9f:af:e5:6d:1e:fd:10:be:65:03:1c:d5:06:f3:a6:fc:
2d:6b:18:24:b8:21:a9:15:23:f2:d4:3a:1a:b8:6d:be:3d:13:
47:80:c3:5e:71:05:9d:20:33:d0:e8:fc:ed:f4:b8:ac:44:cb:
dc:75:5e:d1:e4:c8:76:1f:f2:a5:10:85:ba:f2:34:cd:e3:ae:
ad:3c:14:0f:93:18:ed:0d:5a:63:01:15:5a:87:43:72:97:2d:
ea:c5:d8:4b:9c:ac:23:4d:c1:4e:b0:fa:75:7c:c2:96:bf:a1:
d4:02:f4:0f:62:32:16:bc:4b:90:03:a8:ed:b6:63:63:87:04:
3a:5f:89:1e:c5:19:54:b7:0d:d3:59:36:a8:1a:2e:23:28:63:
2c:b2:e8:67:c9:03:8a:ae:56:c3:54:34:96:59:d9:3e:8b:1e:
8e:aa:cf:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVA1o/AfGfdKkusAgXQO70aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMmVkYTY5NTJiMDNlOGJhNDU5OTdiZTYxNWQ3YWJlZTE3
ODRmODMwHhcNMjIxMjIzMjExNDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTNmZmEzMTA1ODU3NjI5NmZmNzI0NjA4ZGU3NTcxNTdiY2Q1ZmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3icLwxbSAVHYsJnIcyByPlDlwWIo
O84S5NDwC6xPgxgAwTuYicHCZv3EO9qRxevAPQ5Ux0z35QyqMBja9yV+Ou8F8WHN
04n7XCA4SKEb6G2/IM+i/btghQRKZ6zKNpEzYa32Crx/Uj0gECb2nGj0vq3ZKTKN
CqRDS8701dQ71NjyJm+yHwRe9LKz3tvKCZofC4SmKOOF2OOt4dHjojKlKwzq51gD
B5GTl1uvZqH94dXZHsVK0Aye6IrdxKdmr3mwCrBZazKj2VpPnipyc7Sh+4LFEUli
xK6UAvS8LBfwTJSijcELXAz31ecVwTTNQDM0jbgO91UPYDOP6hUPcwoP5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKk/+jEFhXYpb/ckYI3nVxV7zV+3MB8GA1UdIwQY
MBaAFH4u2mlSsD6LpFmXvmFder7heE+DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmk3YWFWS3dQb3VrV1plLVlWMTZ2dUY0VDRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8zODA0MDAtZGMyZS00OTRhLTg5MWEt
MmYyMzAwYjZlM2Q5LzEvcVRfNk1RV0ZkaWx2OXlSZ2plZFhGWHZOWDdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8zODA0MDAtZGMyZS00OTRhLTg5MWEtMmYyMzAwYjZlM2Q5
LzEvZmk3YWFWS3dQb3VrV1plLVlWMTZ2dUY0VDRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDV+9gMA0G
CSqGSIb3DQEBCwUAA4IBAQAo12qOtB2vYihqK6rcysiQ7/lhCswodJrWDTUgmHWB
r5liYu7pVYlBZ+lA0QXQ/wtNdofTzFsY4kLiCRbjCAZKOzS2JHv+I/ZV5h1/rNoM
RdnnXeRAPKjgKHlydp+v5W0e/RC+ZQMc1QbzpvwtaxgkuCGpFSPy1DoauG2+PRNH
gMNecQWdIDPQ6Pzt9LisRMvcdV7R5Mh2H/KlEIW68jTN466tPBQPkxjtDVpjARVa
h0Nyly3qxdhLnKwjTcFOsPp1fMKWv6HUAvQPYjIWvEuQA6jttmNjhwQ6X4kexRlU
tw3TWTaoGi4jKGMssuhnyQOKrlbDVDSWWdk+ix6Oqs8q
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:29:00 2025 by rpki-client