Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/138046-7be0-4017-a98b-a7247e9d5f3a/1/rce-QQ5vVXZ6RTkNfXURBg9gk40.roa
File: rce-QQ5vVXZ6RTkNfXURBg9gk40.roa (raw, json)
Hash identifier: 4cf4syRKX4ax5e4a7OW+gy7sq4cxRZaDEfGKaK4kPp0=
Subject key identifier: AD:C7:BE:41:0E:6F:55:76:7A:45:39:0D:7D:75:11:06:0F:60:93:8D
Certificate issuer: /CN=b343514630dc17f3fe9b51dd434184d0b62b03c0
Certificate serial: 018573BA9E312A8A1DC99482D97FB8B2F3CC
Authority key identifier: B3:43:51:46:30:DC:17:F3:FE:9B:51:DD:43:41:84:D0:B6:2B:03:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s0NRRjDcF_P-m1HdQ0GE0LYrA8A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/138046-7be0-4017-a98b-a7247e9d5f3a/1/rce-QQ5vVXZ6RTkNfXURBg9gk40.roa
Signing time: Mon 02 Jan 2023 18:24:48 +0000
ROA not before: Mon 02 Jan 2023 18:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207648
IP address blocks: 81.29.133.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:ba:9e:31:2a:8a:1d:c9:94:82:d9:7f:b8:b2:f3:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b343514630dc17f3fe9b51dd434184d0b62b03c0
Validity
Not Before: Jan 2 18:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=adc7be410e6f55767a45390d7d7511060f60938d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:24:96:04:19:a1:a8:e1:0a:93:04:b1:e0:82:
3e:ea:fa:bf:a3:a6:bb:9c:ab:ac:d5:64:2d:0a:62:
10:4a:42:1b:da:5e:df:c5:70:ee:b3:01:88:a0:e7:
b2:2b:73:26:a2:31:ff:d4:6d:6f:56:32:79:5e:5a:
13:4d:2b:e6:97:45:56:52:cc:37:0b:ab:fe:56:2c:
73:ef:39:76:7f:10:fe:7f:3b:da:5a:59:53:0c:57:
fe:ba:cc:91:d5:a9:89:99:32:bf:2e:32:e3:c9:93:
9e:01:03:43:0e:59:d8:07:ac:48:62:79:94:8e:5c:
e6:77:08:2e:f6:6f:80:a5:1a:66:9b:cc:3d:6d:93:
57:e3:50:7f:4b:1e:e3:e5:91:9b:3f:61:9a:45:ae:
09:9b:44:a4:7a:03:6d:36:79:ed:bd:03:87:f5:a9:
7b:cf:d4:a9:4f:bd:c1:c0:70:ba:f1:14:8c:8c:18:
03:08:9e:d0:1c:2a:3f:86:28:20:00:6b:cd:95:0c:
2b:97:7e:b6:cf:a1:d6:fe:8b:2b:dd:04:e2:55:18:
08:8d:c5:e4:26:b5:71:3c:fa:1b:60:39:1f:fd:14:
17:41:ea:a7:a4:3b:02:d8:2f:e5:f7:ba:f8:ab:75:
20:51:8b:5b:5b:38:32:4d:3e:86:30:2d:e5:0d:a5:
52:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:C7:BE:41:0E:6F:55:76:7A:45:39:0D:7D:75:11:06:0F:60:93:8D
X509v3 Authority Key Identifier:
keyid:B3:43:51:46:30:DC:17:F3:FE:9B:51:DD:43:41:84:D0:B6:2B:03:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s0NRRjDcF_P-m1HdQ0GE0LYrA8A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/138046-7be0-4017-a98b-a7247e9d5f3a/1/rce-QQ5vVXZ6RTkNfXURBg9gk40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/138046-7be0-4017-a98b-a7247e9d5f3a/1/s0NRRjDcF_P-m1HdQ0GE0LYrA8A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.29.133.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:7d:3d:89:90:f0:0a:9c:0b:bd:28:df:fb:3e:51:e0:71:62:
e5:e6:85:bc:6e:3a:0f:73:d5:60:75:3a:6b:ac:9e:b8:27:a9:
a7:93:be:32:29:d7:f9:ef:ce:0a:6b:34:65:6d:a1:46:b6:51:
65:a6:5e:3f:fb:b9:47:c4:37:3f:93:9c:05:95:80:e3:29:9f:
eb:4e:38:7e:f6:4f:53:e0:8b:e1:d6:ec:42:96:aa:13:d8:ec:
fa:fb:42:f9:3a:0d:0b:ea:15:39:54:ca:57:17:f4:4a:10:48:
a1:8f:3d:c7:5c:99:35:a2:6c:cf:4a:e8:c7:b0:35:2e:c3:20:
61:41:20:07:7a:fc:4f:39:6e:38:2a:8a:bd:31:80:c8:76:4f:
d4:7a:bc:d8:ba:76:0d:9b:cc:f1:d1:0f:e0:a8:88:84:e3:63:
f7:73:bf:18:af:21:5a:4f:f3:e0:41:59:1b:a7:d1:67:65:fc:
56:ce:f8:f5:18:0a:8c:c5:69:f9:d5:77:fa:84:c1:42:34:57:
58:03:ba:74:a3:5e:d4:c4:13:a8:63:d7:4d:ac:62:df:46:d0:
6f:32:45:4a:9c:c3:66:05:d0:cb:81:b0:89:eb:1a:c8:b0:b8:
dc:cb:df:83:a3:86:45:3f:de:5b:ba:c4:f4:bf:cd:2e:c0:a0:
c4:55:eb:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzup4xKoodyZSC2X+4svPMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzNDM1MTQ2MzBkYzE3ZjNmZTliNTFkZDQzNDE4NGQwYjYy
YjAzYzAwHhcNMjMwMTAyMTgyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGM3YmU0MTBlNmY1NTc2N2E0NTM5MGQ3ZDc1MTEwNjBmNjA5MzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoiSWBBmhqOEKkwSx4II+6vq/o6a7
nKus1WQtCmIQSkIb2l7fxXDuswGIoOeyK3MmojH/1G1vVjJ5XloTTSvml0VWUsw3
C6v+Vixz7zl2fxD+fzvaWllTDFf+usyR1amJmTK/LjLjyZOeAQNDDlnYB6xIYnmU
jlzmdwgu9m+ApRpmm8w9bZNX41B/Sx7j5ZGbP2GaRa4Jm0SkegNtNnntvQOH9al7
z9SpT73BwHC68RSMjBgDCJ7QHCo/higgAGvNlQwrl362z6HW/osr3QTiVRgIjcXk
JrVxPPobYDkf/RQXQeqnpDsC2C/l97r4q3UgUYtbWzgyTT6GMC3lDaVS7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK3HvkEOb1V2ekU5DX11EQYPYJONMB8GA1UdIwQY
MBaAFLNDUUYw3Bfz/ptR3UNBhNC2KwPAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczBOUlJqRGNGX1AtbTFIZFEwR0UwTFlyQThBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMzgwNDYtN2JlMC00MDE3LWE5OGIt
YTcyNDdlOWQ1ZjNhLzEvcmNlLVFRNXZWWFo2UlRrTmZYVVJCZzlnazQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMzgwNDYtN2JlMC00MDE3LWE5OGItYTcyNDdlOWQ1ZjNh
LzEvczBOUlJqRGNGX1AtbTFIZFEwR0UwTFlyQThBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUR2FMA0G
CSqGSIb3DQEBCwUAA4IBAQA/fT2JkPAKnAu9KN/7PlHgcWLl5oW8bjoPc9VgdTpr
rJ64J6mnk74yKdf5784KazRlbaFGtlFlpl4/+7lHxDc/k5wFlYDjKZ/rTjh+9k9T
4Ivh1uxClqoT2Oz6+0L5Og0L6hU5VMpXF/RKEEihjz3HXJk1omzPSujHsDUuwyBh
QSAHevxPOW44Koq9MYDIdk/UerzYunYNm8zx0Q/gqIiE42P3c78YryFaT/PgQVkb
p9FnZfxWzvj1GAqMxWn51Xf6hMFCNFdYA7p0o17UxBOoY9dNrGLfRtBvMkVKnMNm
BdDLgbCJ6xrIsLjcy9+Do4ZFP95busT0v80uwKDEVevx
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:41:22 2025 by rpki-client