Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/dab420-0de3-4321-9c09-6b5f68522a7d/1/QSqoDgkLIXvYP6PCKKo_z8tM3AU.roa
File: QSqoDgkLIXvYP6PCKKo_z8tM3AU.roa (raw, json)
Hash identifier: hgb2/AAcRMHE/+w++gLdPDEh8pKTiqWspLszuxI39EU=
Subject key identifier: 41:2A:A8:0E:09:0B:21:7B:D8:3F:A3:C2:28:AA:3F:CF:CB:4C:DC:05
Certificate issuer: /CN=a7ee182d9c43a5ce7068dfd9ba7aa8ed90e5e0ba
Certificate serial: 018571FA33554351EEEC54155ABF50E18ECD
Authority key identifier: A7:EE:18:2D:9C:43:A5:CE:70:68:DF:D9:BA:7A:A8:ED:90:E5:E0:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p-4YLZxDpc5waN_Zunqo7ZDl4Lo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/dab420-0de3-4321-9c09-6b5f68522a7d/1/QSqoDgkLIXvYP6PCKKo_z8tM3AU.roa
Signing time: Mon 02 Jan 2023 10:15:00 +0000
ROA not before: Mon 02 Jan 2023 10:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41568
IP address blocks: 217.9.10.0/24 maxlen: 24
217.9.9.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:fa:33:55:43:51:ee:ec:54:15:5a:bf:50:e1:8e:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7ee182d9c43a5ce7068dfd9ba7aa8ed90e5e0ba
Validity
Not Before: Jan 2 10:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=412aa80e090b217bd83fa3c228aa3fcfcb4cdc05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:7d:03:3d:e2:b4:44:29:9b:f5:74:2c:af:35:
0e:d4:36:71:25:2b:bb:38:27:81:9d:e7:cf:9c:34:
14:72:db:2c:cd:e0:9d:a7:e0:a6:f2:95:a4:13:f6:
c7:7a:43:b3:80:27:be:d1:ac:5b:08:83:92:66:ee:
9c:64:4b:24:94:fe:58:c4:f7:86:d4:67:b9:8c:ad:
c7:65:89:c8:af:15:07:ea:af:1e:a8:dd:07:f2:c3:
3c:ca:df:33:e6:48:6b:39:4b:06:52:1d:c2:37:45:
46:7f:9d:d8:3f:e9:a8:f7:1e:dc:22:f7:ea:20:a9:
97:b8:8c:5e:c5:4b:55:4b:1d:8c:34:32:11:aa:9e:
9e:a5:43:45:f0:34:b4:29:7e:5c:37:29:fd:fb:7e:
ca:1a:ca:64:d0:78:8e:b5:10:53:d7:cb:af:83:46:
14:eb:cd:2c:3b:a7:04:4c:c6:b5:55:62:d2:42:1c:
1b:2f:8e:76:3d:f6:9b:af:6a:af:ae:03:df:ce:99:
fc:a3:20:2c:7a:bb:90:49:76:5a:12:bc:ec:3c:e3:
7c:f5:fc:52:a7:77:f3:bb:3e:ec:82:2b:73:43:06:
71:5c:95:f9:d2:17:98:9f:b5:ff:cd:8a:27:a9:9d:
dc:c8:40:55:c9:ff:e8:9f:c2:c9:0e:9e:5f:9d:9f:
9b:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:2A:A8:0E:09:0B:21:7B:D8:3F:A3:C2:28:AA:3F:CF:CB:4C:DC:05
X509v3 Authority Key Identifier:
keyid:A7:EE:18:2D:9C:43:A5:CE:70:68:DF:D9:BA:7A:A8:ED:90:E5:E0:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p-4YLZxDpc5waN_Zunqo7ZDl4Lo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/dab420-0de3-4321-9c09-6b5f68522a7d/1/QSqoDgkLIXvYP6PCKKo_z8tM3AU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/dab420-0de3-4321-9c09-6b5f68522a7d/1/p-4YLZxDpc5waN_Zunqo7ZDl4Lo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.9.9.0-217.9.10.255
Signature Algorithm: sha256WithRSAEncryption
32:9c:40:a8:a8:e0:fc:c3:95:0e:1b:76:5d:50:b1:02:cd:de:
3d:a2:0e:12:43:67:88:1d:be:71:d1:91:dc:8d:b0:a3:f4:82:
a2:73:9d:3a:42:42:fb:23:85:89:71:af:62:cf:54:8d:52:e6:
e0:ba:85:d2:75:b6:7f:13:94:2a:7f:ce:01:08:5f:7b:4a:b3:
a1:dd:d5:94:29:d1:52:80:8f:a2:03:2e:25:51:f5:7d:94:f4:
42:8d:3d:c4:02:29:96:c6:f5:85:7a:1f:15:7c:30:a8:09:8e:
8d:6f:cd:bf:68:42:97:75:35:33:fb:5d:23:65:c7:0f:24:36:
20:a3:ec:f7:cc:cd:9f:e7:55:6c:cb:a7:b2:b6:ca:04:c4:90:
14:d1:51:7b:1c:2b:1f:7f:43:df:74:f3:7d:b0:7c:a4:03:88:
b6:d2:36:ef:78:57:44:4b:97:a2:27:5b:c9:38:16:0f:3a:1c:
7e:d8:5a:a4:e9:03:e1:4d:c8:9a:e0:5e:64:34:e5:d1:f5:7e:
61:08:6b:b5:ea:47:69:64:45:cb:9c:e6:69:38:3a:d7:3e:c7:
2c:94:0f:8a:f1:6f:d0:3a:65:21:0f:2c:8c:48:07:17:4c:65:
3d:cf:e7:f7:c4:5f:c8:5d:17:4c:1f:2d:9b:f1:85:4b:97:27:
47:b6:54:af
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVx+jNVQ1Hu7FQVWr9Q4Y7NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZWUxODJkOWM0M2E1Y2U3MDY4ZGZkOWJhN2FhOGVkOTBl
NWUwYmEwHhcNMjMwMTAyMTAxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTJhYTgwZTA5MGIyMTdiZDgzZmEzYzIyOGFhM2ZjZmNiNGNkYzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjH0DPeK0RCmb9XQsrzUO1DZxJSu7
OCeBnefPnDQUctsszeCdp+Cm8pWkE/bHekOzgCe+0axbCIOSZu6cZEsklP5YxPeG
1Ge5jK3HZYnIrxUH6q8eqN0H8sM8yt8z5khrOUsGUh3CN0VGf53YP+mo9x7cIvfq
IKmXuIxexUtVSx2MNDIRqp6epUNF8DS0KX5cNyn9+37KGspk0HiOtRBT18uvg0YU
680sO6cETMa1VWLSQhwbL452Pfabr2qvrgPfzpn8oyAseruQSXZaErzsPON89fxS
p3fzuz7sgitzQwZxXJX50heYn7X/zYonqZ3cyEBVyf/on8LJDp5fnZ+bUwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFEEqqA4JCyF72D+jwiiqP8/LTNwFMB8GA1UdIwQY
MBaAFKfuGC2cQ6XOcGjf2bp6qO2Q5eC6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcC00WUxaeERwYzV3YU5fWnVucW83WkRsNExvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9kYWI0MjAtMGRlMy00MzIxLTljMDkt
NmI1ZjY4NTIyYTdkLzEvUVNxb0Rna0xJWHZZUDZQQ0tLb196OHRNM0FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9kYWI0MjAtMGRlMy00MzIxLTljMDktNmI1ZjY4NTIyYTdk
LzEvcC00WUxaeERwYzV3YU5fWnVucW83WkRsNExvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADZCQkD
BADZCQowDQYJKoZIhvcNAQELBQADggEBADKcQKio4PzDlQ4bdl1QsQLN3j2iDhJD
Z4gdvnHRkdyNsKP0gqJznTpCQvsjhYlxr2LPVI1S5uC6hdJ1tn8TlCp/zgEIX3tK
s6Hd1ZQp0VKAj6IDLiVR9X2U9EKNPcQCKZbG9YV6HxV8MKgJjo1vzb9oQpd1NTP7
XSNlxw8kNiCj7PfMzZ/nVWzLp7K2ygTEkBTRUXscKx9/Q990832wfKQDiLbSNu94
V0RLl6InW8k4Fg86HH7YWqTpA+FNyJrgXmQ05dH1fmEIa7XqR2lkRcuc5mk4Otc+
xyyUD4rxb9A6ZSEPLIxIBxdMZT3P5/fEX8hdF0wfLZvxhUuXJ0e2VK8=
-----END CERTIFICATE-----
Generated at Thu Apr 17 03:16:24 2025 by rpki-client