Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/720f9f-f0b8-44d2-8367-f81fdf74e655/1/qZ_aUNNPCxJO3TzTWRITuMITjXw.roa
File: qZ_aUNNPCxJO3TzTWRITuMITjXw.roa (raw, json)
Hash identifier: Dlp/v9BlIDWDaI6tliXU36iPq+2YYN0sy23GJPFYS0A=
Subject key identifier: A9:9F:DA:50:D3:4F:0B:12:4E:DD:3C:D3:59:12:13:B8:C2:13:8D:7C
Certificate issuer: /CN=aaf4969842de9c4c1e1a5759d98d1ed5c0d62ef8
Certificate serial: 0185CF7A5097A935F9369F3815B0A746704D
Authority key identifier: AA:F4:96:98:42:DE:9C:4C:1E:1A:57:59:D9:8D:1E:D5:C0:D6:2E:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qvSWmELenEweGldZ2Y0e1cDWLvg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/720f9f-f0b8-44d2-8367-f81fdf74e655/1/qZ_aUNNPCxJO3TzTWRITuMITjXw.roa
Signing time: Fri 20 Jan 2023 13:59:37 +0000
ROA not before: Fri 20 Jan 2023 13:59:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212815
IP address blocks: 45.152.70.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:cf:7a:50:97:a9:35:f9:36:9f:38:15:b0:a7:46:70:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aaf4969842de9c4c1e1a5759d98d1ed5c0d62ef8
Validity
Not Before: Jan 20 13:59:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a99fda50d34f0b124edd3cd3591213b8c2138d7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:2c:76:65:e4:5e:98:82:47:e8:93:c9:f5:56:
2f:37:4e:58:aa:cb:5b:a2:28:f8:fe:21:80:4a:2e:
96:f2:2b:7e:4a:a3:84:68:6f:b3:a2:85:b0:6c:4e:
a8:3a:00:ab:97:48:df:69:94:24:57:c8:cc:11:77:
bc:34:df:ad:cc:52:02:c3:62:bd:f1:98:9b:97:01:
da:a7:a9:63:76:5d:f5:d5:d7:c1:77:68:6a:6a:ea:
4e:74:50:83:ad:41:54:67:fc:2f:6b:ea:33:1b:62:
52:66:44:81:c9:f7:54:b9:88:1f:da:03:62:32:d6:
14:ae:81:a1:85:58:49:72:27:f0:fe:cb:05:54:ce:
d4:fe:db:f9:35:74:66:0e:ec:74:18:3d:0e:97:6b:
a0:26:78:20:ce:6a:87:5a:79:d6:7a:bf:2d:53:70:
ea:10:47:28:02:f9:e8:2e:cc:0e:cb:58:9a:18:dc:
95:e8:e3:60:50:5c:cb:f4:19:16:72:94:f2:1d:8c:
ee:7c:18:4f:f2:88:69:93:da:07:c1:d7:29:b7:4c:
6b:ad:a3:5e:6f:0e:46:e3:39:8f:62:07:f0:8b:94:
bc:76:fb:79:1f:86:a4:16:6a:b7:b2:22:4b:0c:44:
4b:92:55:c8:f4:26:2a:c4:90:41:92:67:6a:e1:66:
e5:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:9F:DA:50:D3:4F:0B:12:4E:DD:3C:D3:59:12:13:B8:C2:13:8D:7C
X509v3 Authority Key Identifier:
keyid:AA:F4:96:98:42:DE:9C:4C:1E:1A:57:59:D9:8D:1E:D5:C0:D6:2E:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qvSWmELenEweGldZ2Y0e1cDWLvg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/720f9f-f0b8-44d2-8367-f81fdf74e655/1/qZ_aUNNPCxJO3TzTWRITuMITjXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/720f9f-f0b8-44d2-8367-f81fdf74e655/1/qvSWmELenEweGldZ2Y0e1cDWLvg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.70.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:12:2d:28:8d:2a:6e:2f:ad:c2:c3:96:5f:62:3a:ec:0f:09:
95:18:cf:90:ff:a5:09:87:40:11:78:85:71:30:c6:b4:8f:ae:
66:4a:5e:47:90:ba:6e:a1:e8:fb:86:12:27:34:bd:dd:46:d6:
24:fe:d0:60:d2:21:91:1d:cb:90:71:39:f1:2e:4b:ee:a4:c6:
65:7e:f0:7e:26:3a:46:24:23:d9:c9:5e:d2:21:45:c0:2a:18:
1c:05:24:b7:a0:37:da:a0:12:4a:1d:a5:70:10:da:b4:70:08:
a1:1e:33:ff:e7:12:ec:a5:e5:5e:d6:25:6a:c5:cc:3f:e4:2f:
85:25:a6:a1:c3:ac:41:25:fe:3f:fa:83:80:96:56:24:19:8d:
a7:b7:09:af:65:d6:fd:8f:24:a1:29:a0:ea:1f:21:29:f3:db:
24:e8:c4:36:80:57:18:94:3f:0e:36:d8:aa:f3:ed:4a:58:b2:
d8:6d:36:9a:4b:0f:e6:e2:8a:3e:f4:11:69:a3:2c:4d:0e:ee:
ed:1d:5c:fa:21:f9:df:29:7f:bc:d0:81:96:45:98:6e:00:4c:
57:da:27:02:b1:11:d4:b4:a8:0d:1e:71:80:e8:6d:f3:0f:2a:
e2:73:26:6c:b6:b5:18:6d:5c:64:80:5c:ee:42:60:b8:1d:02:
b0:e4:29:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXPelCXqTX5Np84FbCnRnBNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhZjQ5Njk4NDJkZTljNGMxZTFhNTc1OWQ5OGQxZWQ1YzBk
NjJlZjgwHhcNMjMwMTIwMTM1OTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTlmZGE1MGQzNGYwYjEyNGVkZDNjZDM1OTEyMTNiOGMyMTM4ZDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Sx2ZeRemIJH6JPJ9VYvN05Yqstb
oij4/iGASi6W8it+SqOEaG+zooWwbE6oOgCrl0jfaZQkV8jMEXe8NN+tzFICw2K9
8ZiblwHap6ljdl311dfBd2hqaupOdFCDrUFUZ/wva+ozG2JSZkSByfdUuYgf2gNi
MtYUroGhhVhJcifw/ssFVM7U/tv5NXRmDux0GD0Ol2ugJnggzmqHWnnWer8tU3Dq
EEcoAvnoLswOy1iaGNyV6ONgUFzL9BkWcpTyHYzufBhP8ohpk9oHwdcpt0xrraNe
bw5G4zmPYgfwi5S8dvt5H4akFmq3siJLDERLklXI9CYqxJBBkmdq4Wbl/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKmf2lDTTwsSTt0801kSE7jCE418MB8GA1UdIwQY
MBaAFKr0lphC3pxMHhpXWdmNHtXA1i74MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXZTV21FTGVuRXdlR2xkWjJZMGUxY0RXTHZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC83MjBmOWYtZjBiOC00NGQyLTgzNjct
ZjgxZmRmNzRlNjU1LzEvcVpfYVVOTlBDeEpPM1R6VFdSSVR1TUlUalh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC83MjBmOWYtZjBiOC00NGQyLTgzNjctZjgxZmRmNzRlNjU1
LzEvcXZTV21FTGVuRXdlR2xkWjJZMGUxY0RXTHZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZhGMA0G
CSqGSIb3DQEBCwUAA4IBAQBrEi0ojSpuL63Cw5ZfYjrsDwmVGM+Q/6UJh0AReIVx
MMa0j65mSl5HkLpuoej7hhInNL3dRtYk/tBg0iGRHcuQcTnxLkvupMZlfvB+JjpG
JCPZyV7SIUXAKhgcBSS3oDfaoBJKHaVwENq0cAihHjP/5xLspeVe1iVqxcw/5C+F
Jaahw6xBJf4/+oOAllYkGY2ntwmvZdb9jyShKaDqHyEp89sk6MQ2gFcYlD8ONtiq
8+1KWLLYbTaaSw/m4oo+9BFpoyxNDu7tHVz6IfnfKX+80IGWRZhuAExX2icCsRHU
tKgNHnGA6G3zDyricyZstrUYbVxkgFzuQmC4HQKw5Ckk
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:54:51 2025 by rpki-client