Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/3bc1c4-2b7b-40ee-9181-9b34428ed424/1/qguExnMZbvwcP0UopP7-18UvBQA.roa
File: qguExnMZbvwcP0UopP7-18UvBQA.roa (raw, json)
Hash identifier: 2MyGTAPaxzPOcqjqae2+pggFao/A2CyDxkhtCFVE88o=
Subject key identifier: AA:0B:84:C6:73:19:6E:FC:1C:3F:45:28:A4:FE:FE:D7:C5:2F:05:00
Certificate issuer: /CN=9051da9f4e0341d0c8de5eac54c63a11e9ef5b5f
Certificate serial: 01856F2FF6E3911A4BDD1C1CBE0E59AC6735
Authority key identifier: 90:51:DA:9F:4E:03:41:D0:C8:DE:5E:AC:54:C6:3A:11:E9:EF:5B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kFHan04DQdDI3l6sVMY6EenvW18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/3bc1c4-2b7b-40ee-9181-9b34428ed424/1/qguExnMZbvwcP0UopP7-18UvBQA.roa
Signing time: Sun 01 Jan 2023 21:14:52 +0000
ROA not before: Sun 01 Jan 2023 21:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15404
IP address blocks: 193.41.71.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:2f:f6:e3:91:1a:4b:dd:1c:1c:be:0e:59:ac:67:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9051da9f4e0341d0c8de5eac54c63a11e9ef5b5f
Validity
Not Before: Jan 1 21:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa0b84c673196efc1c3f4528a4fefed7c52f0500
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:6d:61:0e:29:13:8e:bf:75:95:85:3f:27:29:
00:44:f2:90:2a:23:27:cd:02:86:a3:ba:09:29:7d:
a4:9b:ec:58:6c:7d:82:e6:d5:08:13:c3:e6:07:ab:
e4:a2:f0:a9:ac:a3:d2:14:98:0e:5e:95:73:1e:a7:
c2:46:95:cb:69:73:ed:ee:e4:f0:6f:35:67:02:2b:
d1:d8:78:91:e9:aa:00:71:ad:09:8d:e4:d4:55:bd:
de:a1:b1:54:f2:80:ba:14:43:c8:e8:0a:65:4b:57:
60:63:60:ba:bc:c3:4f:5c:70:bd:52:08:98:45:ec:
91:56:cf:03:ae:8c:4f:4b:2d:54:d4:ab:c6:9d:c1:
9a:29:97:3f:3c:46:d1:94:51:45:a4:6a:5f:f5:8f:
92:47:67:87:98:5d:94:18:bb:34:09:eb:80:0e:3c:
43:83:6d:57:69:f4:43:a5:7c:99:18:59:82:7c:c7:
02:35:30:b6:46:3f:98:a7:47:31:87:b2:e0:1f:57:
fe:59:63:e9:dc:1c:50:8f:ca:0c:81:7a:f1:61:e3:
2b:7a:6d:05:83:be:68:94:3a:7b:a2:2f:fe:0f:0c:
c3:11:12:2d:f9:93:c5:a2:63:bc:cd:f9:53:5a:4d:
17:86:1f:96:40:0c:b3:c2:70:3a:7b:09:87:c9:13:
d4:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:0B:84:C6:73:19:6E:FC:1C:3F:45:28:A4:FE:FE:D7:C5:2F:05:00
X509v3 Authority Key Identifier:
keyid:90:51:DA:9F:4E:03:41:D0:C8:DE:5E:AC:54:C6:3A:11:E9:EF:5B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kFHan04DQdDI3l6sVMY6EenvW18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3bc1c4-2b7b-40ee-9181-9b34428ed424/1/qguExnMZbvwcP0UopP7-18UvBQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3bc1c4-2b7b-40ee-9181-9b34428ed424/1/kFHan04DQdDI3l6sVMY6EenvW18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.41.71.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:fa:78:36:b6:b5:50:25:ae:33:f1:d6:92:75:b0:6e:0f:1a:
12:c1:20:cf:77:d8:f1:87:f2:3f:20:6b:e0:cd:39:d6:68:94:
bf:92:72:22:f3:79:5c:45:a4:ef:07:66:72:5c:fd:54:d3:21:
c1:93:44:fe:7f:b5:59:5e:50:e8:31:6f:2d:18:33:1e:28:05:
6a:a9:88:84:b2:b1:ed:3f:6b:9f:0f:45:d4:55:e3:08:7a:bc:
36:0e:a5:23:f3:ff:2d:39:5e:7d:00:85:27:a8:63:de:76:38:
9f:3d:77:f4:ad:7a:87:7a:37:4b:94:92:00:d2:2b:ad:f4:2a:
99:3a:a9:11:b9:51:b0:48:a9:f9:55:f0:c8:89:42:ed:b6:7f:
25:0c:6f:23:4c:58:3d:92:83:7c:9c:0e:87:cc:5e:94:44:ca:
ed:8f:35:68:11:32:0d:c3:f4:e8:69:f3:73:f7:e8:44:22:a2:
11:34:7b:71:5a:d0:1c:c1:97:b8:80:ef:3d:9b:05:07:3d:13:
75:8d:a7:a8:b0:a4:29:69:04:b7:e3:10:af:24:98:32:a8:ec:
ec:8e:79:f4:c7:e0:aa:20:53:e5:41:1f:c5:52:86:6f:83:ce:
0a:03:23:fa:54:51:a6:6e:07:74:98:ea:2d:36:3b:a9:fe:2b:
84:1d:87:27
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvL/bjkRpL3Rwcvg5ZrGc1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwNTFkYTlmNGUwMzQxZDBjOGRlNWVhYzU0YzYzYTExZTll
ZjViNWYwHhcNMjMwMTAxMjExNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTBiODRjNjczMTk2ZWZjMWMzZjQ1MjhhNGZlZmVkN2M1MmYwNTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlW1hDikTjr91lYU/JykARPKQKiMn
zQKGo7oJKX2km+xYbH2C5tUIE8PmB6vkovCprKPSFJgOXpVzHqfCRpXLaXPt7uTw
bzVnAivR2HiR6aoAca0JjeTUVb3eobFU8oC6FEPI6AplS1dgY2C6vMNPXHC9UgiY
ReyRVs8DroxPSy1U1KvGncGaKZc/PEbRlFFFpGpf9Y+SR2eHmF2UGLs0CeuADjxD
g21XafRDpXyZGFmCfMcCNTC2Rj+Yp0cxh7LgH1f+WWPp3BxQj8oMgXrxYeMrem0F
g75olDp7oi/+DwzDERIt+ZPFomO8zflTWk0Xhh+WQAyzwnA6ewmHyRPUIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKoLhMZzGW78HD9FKKT+/tfFLwUAMB8GA1UdIwQY
MBaAFJBR2p9OA0HQyN5erFTGOhHp71tfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0ZIYW4wNERRZERJM2w2c1ZNWTZFZW52VzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8zYmMxYzQtMmI3Yi00MGVlLTkxODEt
OWIzNDQyOGVkNDI0LzEvcWd1RXhuTVpidndjUDBVb3BQNy0xOFV2QlFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8zYmMxYzQtMmI3Yi00MGVlLTkxODEtOWIzNDQyOGVkNDI0
LzEva0ZIYW4wNERRZERJM2w2c1ZNWTZFZW52VzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSlHMA0G
CSqGSIb3DQEBCwUAA4IBAQCb+ng2trVQJa4z8daSdbBuDxoSwSDPd9jxh/I/IGvg
zTnWaJS/knIi83lcRaTvB2ZyXP1U0yHBk0T+f7VZXlDoMW8tGDMeKAVqqYiEsrHt
P2ufD0XUVeMIerw2DqUj8/8tOV59AIUnqGPedjifPXf0rXqHejdLlJIA0iut9CqZ
OqkRuVGwSKn5VfDIiULttn8lDG8jTFg9koN8nA6HzF6URMrtjzVoETINw/ToafNz
9+hEIqIRNHtxWtAcwZe4gO89mwUHPRN1jaeosKQpaQS34xCvJJgyqOzsjnn0x+Cq
IFPlQR/FUoZvg84KAyP6VFGmbgd0mOotNjup/iuEHYcn
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:30 2025 by rpki-client