Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/3edb47-fd6e-4c59-a7ab-e42a58064a63/1/qNrTxhzDHn__kPunzfcekEwqr3M.roa
File: qNrTxhzDHn__kPunzfcekEwqr3M.roa (raw, json)
Hash identifier: WQpZ7k1+I5KwKoRH3HahePdHQgfkd4U25tzXsjSa2Yw=
Subject key identifier: A8:DA:D3:C6:1C:C3:1E:7F:FF:90:FB:A7:CD:F7:1E:90:4C:2A:AF:73
Certificate issuer: /CN=e10d5c29a3439703d89b5abf03a75d861771bef4
Certificate serial: 01856D66115245C19FF09BBADC23DEFE7481
Authority key identifier: E1:0D:5C:29:A3:43:97:03:D8:9B:5A:BF:03:A7:5D:86:17:71:BE:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4Q1cKaNDlwPYm1q_A6ddhhdxvvQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/3edb47-fd6e-4c59-a7ab-e42a58064a63/1/qNrTxhzDHn__kPunzfcekEwqr3M.roa
Signing time: Sun 01 Jan 2023 12:54:43 +0000
ROA not before: Sun 01 Jan 2023 12:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 64447
IP address blocks: 188.119.29.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:66:11:52:45:c1:9f:f0:9b:ba:dc:23:de:fe:74:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e10d5c29a3439703d89b5abf03a75d861771bef4
Validity
Not Before: Jan 1 12:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a8dad3c61cc31e7fff90fba7cdf71e904c2aaf73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:88:42:8d:d2:69:e1:ab:ca:13:a8:14:58:56:
bf:e9:e3:00:75:27:ef:7f:8a:08:48:4e:0d:fe:d1:
54:88:40:22:25:2f:38:69:4c:7c:7e:ef:93:31:d2:
cf:31:ad:fa:0f:74:ba:e6:22:f6:62:d6:35:da:5b:
f2:41:01:f4:8d:da:bf:fa:55:a9:be:1c:b6:4e:de:
1f:cb:66:64:89:a3:a5:76:76:97:99:13:6f:81:6d:
08:17:a0:f7:69:ef:3e:ee:cb:49:ad:72:24:94:68:
87:04:96:3c:72:18:57:ab:bc:ef:63:ca:60:16:e5:
7d:00:85:dc:d8:12:b4:d3:23:7e:e6:53:f3:d9:23:
a6:a0:69:27:f4:cf:4e:af:82:04:c3:93:15:f9:e1:
8b:ef:4a:26:fe:55:f3:90:5c:f8:43:b8:e5:e2:13:
04:ad:12:80:9d:2d:20:16:62:15:9f:e3:8c:97:e2:
87:e2:29:38:55:91:dc:04:35:b2:f8:b1:77:98:1e:
4e:64:2c:42:35:39:e2:7d:ac:cd:e2:e1:79:fc:dd:
bf:a7:75:b0:4c:97:da:33:e4:f2:53:a5:cf:2a:bf:
ad:64:2f:04:4f:de:30:3a:8b:aa:a2:8f:b5:b8:60:
f7:be:e9:8c:e0:31:bd:ae:75:53:12:62:98:45:76:
40:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:DA:D3:C6:1C:C3:1E:7F:FF:90:FB:A7:CD:F7:1E:90:4C:2A:AF:73
X509v3 Authority Key Identifier:
keyid:E1:0D:5C:29:A3:43:97:03:D8:9B:5A:BF:03:A7:5D:86:17:71:BE:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4Q1cKaNDlwPYm1q_A6ddhhdxvvQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/3edb47-fd6e-4c59-a7ab-e42a58064a63/1/qNrTxhzDHn__kPunzfcekEwqr3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/3edb47-fd6e-4c59-a7ab-e42a58064a63/1/4Q1cKaNDlwPYm1q_A6ddhhdxvvQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.119.29.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:a6:9a:6b:eb:fb:74:eb:57:2b:be:d4:98:bd:3f:97:85:59:
4a:b2:18:6d:2c:9a:ff:b4:1b:49:25:70:f8:45:3e:e0:28:7c:
2a:6f:8e:98:ab:b0:c4:2e:fa:2d:13:56:7a:80:41:f5:1d:8c:
3e:82:7e:3c:06:96:95:c4:70:63:50:a2:55:98:30:85:c3:83:
a0:b8:3f:ec:d2:14:13:c0:c0:f4:64:03:f0:a5:ff:07:4c:db:
47:db:ca:9d:4d:48:b9:08:6e:76:b5:ac:df:7d:e0:12:e8:40:
6e:db:bd:03:ad:bc:68:cb:94:1b:3f:cb:e1:ae:da:eb:ae:50:
93:ce:0c:dd:1b:65:2c:5e:0e:90:10:24:36:13:fb:e2:2e:ec:
d1:dd:64:d4:ae:99:d5:9c:69:72:c3:05:2b:61:b8:93:70:0f:
ed:69:34:78:32:c0:ee:d4:40:be:e4:94:b1:64:25:f5:ce:a5:
2a:45:71:2b:54:20:2b:e4:85:a3:26:d2:11:27:16:d0:e2:5b:
24:82:ac:10:df:5b:32:b9:0f:99:cd:70:c4:36:6a:a4:8d:02:
4b:76:04:9e:7a:28:5e:bc:46:b2:4a:66:54:ac:53:4f:5b:00:
d9:c3:fd:b1:60:55:00:90:7e:c7:35:c6:97:c7:6c:41:f0:4f:
8d:47:44:30
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtZhFSRcGf8Ju63CPe/nSBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxMGQ1YzI5YTM0Mzk3MDNkODliNWFiZjAzYTc1ZDg2MTc3
MWJlZjQwHhcNMjMwMTAxMTI1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGRhZDNjNjFjYzMxZTdmZmY5MGZiYTdjZGY3MWU5MDRjMmFhZjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4hCjdJp4avKE6gUWFa/6eMAdSfv
f4oISE4N/tFUiEAiJS84aUx8fu+TMdLPMa36D3S65iL2YtY12lvyQQH0jdq/+lWp
vhy2Tt4fy2ZkiaOldnaXmRNvgW0IF6D3ae8+7stJrXIklGiHBJY8chhXq7zvY8pg
FuV9AIXc2BK00yN+5lPz2SOmoGkn9M9Or4IEw5MV+eGL70om/lXzkFz4Q7jl4hME
rRKAnS0gFmIVn+OMl+KH4ik4VZHcBDWy+LF3mB5OZCxCNTnifazN4uF5/N2/p3Ww
TJfaM+TyU6XPKr+tZC8ET94wOouqoo+1uGD3vumM4DG9rnVTEmKYRXZANQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKja08Ycwx5//5D7p833HpBMKq9zMB8GA1UdIwQY
MBaAFOENXCmjQ5cD2JtavwOnXYYXcb70MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFExY0thTkRsd1BZbTFxX0E2ZGRoaGR4dnZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8zZWRiNDctZmQ2ZS00YzU5LWE3YWIt
ZTQyYTU4MDY0YTYzLzEvcU5yVHhoekRIbl9fa1B1bnpmY2VrRXdxcjNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8zZWRiNDctZmQ2ZS00YzU5LWE3YWItZTQyYTU4MDY0YTYz
LzEvNFExY0thTkRsd1BZbTFxX0E2ZGRoaGR4dnZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvHcdMA0G
CSqGSIb3DQEBCwUAA4IBAQAvpppr6/t061crvtSYvT+XhVlKshhtLJr/tBtJJXD4
RT7gKHwqb46Yq7DELvotE1Z6gEH1HYw+gn48BpaVxHBjUKJVmDCFw4OguD/s0hQT
wMD0ZAPwpf8HTNtH28qdTUi5CG52tazffeAS6EBu270Drbxoy5QbP8vhrtrrrlCT
zgzdG2UsXg6QECQ2E/viLuzR3WTUrpnVnGlywwUrYbiTcA/taTR4MsDu1EC+5JSx
ZCX1zqUqRXErVCAr5IWjJtIRJxbQ4lskgqwQ31syuQ+ZzXDENmqkjQJLdgSeeihe
vEaySmZUrFNPWwDZw/2xYFUAkH7HNcaXx2xB8E+NR0Qw
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:49 2025 by rpki-client