Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/Q77jptYX44kjNLPIspHWgGHQZxo.roa
File: Q77jptYX44kjNLPIspHWgGHQZxo.roa (raw, json)
Hash identifier: CQxy9iTc38LYMtvzEgvU4yEyRQ/EXLnhtZhpEearTxY=
Subject key identifier: 43:BE:E3:A6:D6:17:E3:89:23:34:B3:C8:B2:91:D6:80:61:D0:67:1A
Certificate issuer: /CN=f71d4a4374df222ac3235b9602206d96bf1dac82
Certificate serial: 01882BEC6EAF94A9EFF8249BA9285C0E0C09
Authority key identifier: F7:1D:4A:43:74:DF:22:2A:C3:23:5B:96:02:20:6D:96:BF:1D:AC:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9x1KQ3TfIirDI1uWAiBtlr8drII.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/Q77jptYX44kjNLPIspHWgGHQZxo.roa
Signing time: Wed 17 May 2023 22:54:54 +0000
ROA not before: Wed 17 May 2023 22:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 51.199.252.0/23 maxlen: 24
51.199.254.0/23 maxlen: 24
2a06:5901:8000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:2b:ec:6e:af:94:a9:ef:f8:24:9b:a9:28:5c:0e:0c:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f71d4a4374df222ac3235b9602206d96bf1dac82
Validity
Not Before: May 17 22:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=43bee3a6d617e3892334b3c8b291d68061d0671a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:90:d4:d1:b5:e5:67:27:71:7c:25:f6:ce:00:
69:a5:fc:bc:de:6c:b6:c2:8a:e7:c3:32:37:e8:75:
84:63:80:bf:6e:71:01:8a:96:fa:8e:2f:a2:74:79:
9b:8a:bb:fa:d7:e5:4f:e4:5d:73:3c:5b:de:5f:a8:
c2:96:d5:58:6c:e9:93:56:10:1b:34:66:58:b7:66:
c5:83:c2:e1:f0:dd:4c:9a:97:79:13:db:19:12:f6:
23:ff:e5:d7:0e:d6:a6:c1:14:9e:ab:96:63:d4:ec:
27:64:b4:ef:54:2a:33:f5:09:e7:3d:6b:aa:38:cd:
5e:ef:90:9f:c3:60:4d:2e:98:14:24:b3:0c:f6:57:
6b:da:a0:39:6f:c3:49:39:2c:fc:c0:07:c6:ee:96:
7f:d8:1c:b8:1c:1c:4e:b3:0f:4e:09:36:8c:48:c7:
50:ca:f4:fa:44:27:58:a7:ef:51:06:d7:de:57:38:
17:46:0e:b2:be:a7:61:b9:8c:5a:4c:d9:af:85:c8:
7b:1e:0e:2a:93:2e:17:66:f2:f9:09:51:61:43:d6:
86:0e:4d:e9:73:bf:44:e6:ef:24:a2:9d:62:39:47:
78:06:41:14:6e:66:c5:27:57:fe:7b:3b:ec:df:5b:
a1:8e:de:70:b4:f6:9d:3c:03:41:ed:01:54:c9:0e:
02:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:BE:E3:A6:D6:17:E3:89:23:34:B3:C8:B2:91:D6:80:61:D0:67:1A
X509v3 Authority Key Identifier:
keyid:F7:1D:4A:43:74:DF:22:2A:C3:23:5B:96:02:20:6D:96:BF:1D:AC:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9x1KQ3TfIirDI1uWAiBtlr8drII.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/Q77jptYX44kjNLPIspHWgGHQZxo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/9x1KQ3TfIirDI1uWAiBtlr8drII.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.199.252.0/22
IPv6:
2a06:5901:8000::/40
Signature Algorithm: sha256WithRSAEncryption
18:bf:97:56:0d:65:cf:9c:79:dd:72:1a:dd:44:e5:a4:b9:90:
20:85:ab:af:33:3e:e7:d8:bc:09:26:32:80:f5:f3:0a:92:80:
dd:c5:9f:b6:89:90:8b:be:e6:30:c2:30:72:e2:24:f4:7c:68:
4e:85:06:da:9b:55:21:5c:4c:1d:b9:90:5e:0c:28:9d:32:a0:
8f:07:8b:61:20:10:c0:90:ec:05:fa:92:ce:1a:27:3e:7a:c8:
7c:8b:19:1c:de:c3:98:23:c4:43:f9:27:48:28:e6:a7:63:4a:
d3:17:69:d0:1a:b0:15:a4:73:0f:1e:f0:84:a7:e6:7b:97:4e:
07:47:ff:8d:a4:38:a7:12:8e:a1:74:d2:a9:f7:bb:3e:e4:ef:
c9:27:a8:5c:8a:b7:61:20:0c:a8:ff:60:dd:5e:cd:b2:63:1d:
8a:8d:70:da:cb:6a:2e:5f:0b:c2:dc:d6:06:1d:64:1c:24:14:
ad:96:0a:20:bd:27:97:8a:c3:86:d5:c7:be:68:cc:8d:63:9d:
6b:90:e1:81:81:24:16:f2:a3:4a:8e:1c:48:d7:85:6e:53:60:
f6:1c:59:43:dc:63:5e:a6:0f:cf:7f:d1:b7:5a:37:04:f5:62:
a6:ec:0e:22:10:04:3f:43:e3:bf:28:c4:13:c9:b3:7f:de:28:
88:ec:4d:98
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYgr7G6vlKnv+CSbqShcDgwJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3MWQ0YTQzNzRkZjIyMmFjMzIzNWI5NjAyMjA2ZDk2YmYx
ZGFjODIwHhcNMjMwNTE3MjI1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2JlZTNhNmQ2MTdlMzg5MjMzNGIzYzhiMjkxZDY4MDYxZDA2NzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJDU0bXlZydxfCX2zgBppfy83my2
wornwzI36HWEY4C/bnEBipb6ji+idHmbirv61+VP5F1zPFveX6jCltVYbOmTVhAb
NGZYt2bFg8Lh8N1Mmpd5E9sZEvYj/+XXDtamwRSeq5Zj1OwnZLTvVCoz9QnnPWuq
OM1e75Cfw2BNLpgUJLMM9ldr2qA5b8NJOSz8wAfG7pZ/2By4HBxOsw9OCTaMSMdQ
yvT6RCdYp+9RBtfeVzgXRg6yvqdhuYxaTNmvhch7Hg4qky4XZvL5CVFhQ9aGDk3p
c79E5u8kop1iOUd4BkEUbmbFJ1f+ezvs31uhjt5wtPadPANB7QFUyQ4CaQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFEO+46bWF+OJIzSzyLKR1oBh0GcaMB8GA1UdIwQY
MBaAFPcdSkN03yIqwyNblgIgbZa/HayCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXgxS1EzVGZJaXJESTF1V0FpQnRscjhkcklJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83NzM5ZGMtMTEzMi00ODM3LTliODUt
ZTlhYzJiMDAzMTZhLzEvUTc3anB0WVg0NGtqTkxQSXNwSFdnR0hRWnhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83NzM5ZGMtMTEzMi00ODM3LTliODUtZTlhYzJiMDAzMTZh
LzEvOXgxS1EzVGZJaXJESTF1V0FpQnRscjhkcklJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCM8f8MA4E
AgACMAgDBgAqBlkBgDANBgkqhkiG9w0BAQsFAAOCAQEAGL+XVg1lz5x53XIa3UTl
pLmQIIWrrzM+59i8CSYygPXzCpKA3cWftomQi77mMMIwcuIk9HxoToUG2ptVIVxM
HbmQXgwonTKgjweLYSAQwJDsBfqSzhonPnrIfIsZHN7DmCPEQ/knSCjmp2NK0xdp
0BqwFaRzDx7whKfme5dOB0f/jaQ4pxKOoXTSqfe7PuTvySeoXIq3YSAMqP9g3V7N
smMdio1w2stqLl8LwtzWBh1kHCQUrZYKIL0nl4rDhtXHvmjMjWOda5DhgYEkFvKj
So4cSNeFblNg9hxZQ9xjXqYPz3/Rt1o3BPVipuwOIhAEP0PjvyjEE8mzf94oiOxN
mA==
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:05:59 2025 by rpki-client