Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/q4tHzrBxIHRAEMpWNO6j1lk4d7E.roa
File: q4tHzrBxIHRAEMpWNO6j1lk4d7E.roa (raw, json)
Hash identifier: q3ZA+QC+mF3W9LQRWsTV2E5R6nYSOZq/1pFNq7XFSEw=
Subject key identifier: AB:8B:47:CE:B0:71:20:74:40:10:CA:56:34:EE:A3:D6:59:38:77:B1
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 018B8FA41203F6FCADA53BE2EBE34BB944F2
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/q4tHzrBxIHRAEMpWNO6j1lk4d7E.roa
Signing time: Thu 02 Nov 2023 10:46:16 +0000
ROA not before: Thu 02 Nov 2023 10:46:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 45049
IP address blocks: 194.28.97.0/24 maxlen: 24
2a0c:b641:400::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8f:a4:12:03:f6:fc:ad:a5:3b:e2:eb:e3:4b:b9:44:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Nov 2 10:46:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ab8b47ceb07120744010ca5634eea3d6593877b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:35:2d:b7:04:f7:d7:08:fd:57:d0:75:99:27:
ab:80:73:6c:58:f4:ef:3c:91:13:cd:d4:ef:4f:db:
35:0c:a3:2b:7f:d5:0a:06:43:20:64:6d:4f:45:28:
9f:28:40:7c:3e:64:38:f3:d1:7a:4c:1e:5f:79:ee:
73:f3:3d:fb:3c:1b:b6:90:16:13:86:e7:5f:c3:af:
6d:8a:11:ce:c6:7f:47:16:8d:2d:93:22:bb:d6:87:
94:14:3a:fe:5c:20:36:04:63:ba:32:c8:c3:c9:83:
b0:eb:9a:d6:30:d8:d0:e3:4d:28:c7:37:97:3f:1c:
fb:56:73:7e:af:73:a0:b7:78:5b:f7:bf:81:3c:04:
2a:2c:30:14:5a:51:b4:b1:c5:1e:42:40:bc:f1:3a:
c3:43:49:9f:23:7e:dc:31:8b:ec:62:99:df:45:bc:
6e:32:cb:14:15:ff:a0:b4:88:99:b1:7a:40:a4:5f:
3b:32:83:f0:37:67:0e:03:20:af:70:0b:0a:b5:de:
0c:94:73:80:a1:00:e2:42:4e:a7:3d:cb:42:89:f9:
22:9f:bc:be:2c:59:59:c3:5f:d6:a9:c3:b9:dd:0f:
11:0b:4b:f4:1a:02:30:fa:c7:8c:f1:49:6d:48:1f:
af:b8:42:4c:aa:61:d1:a8:c9:30:b9:49:db:44:85:
e6:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:8B:47:CE:B0:71:20:74:40:10:CA:56:34:EE:A3:D6:59:38:77:B1
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/q4tHzrBxIHRAEMpWNO6j1lk4d7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.28.97.0/24
IPv6:
2a0c:b641:400::/44
Signature Algorithm: sha256WithRSAEncryption
39:ea:a3:19:73:b4:1a:d9:e4:4a:fd:a3:46:2b:3e:1b:8c:63:
84:2e:4e:e6:1a:32:b3:09:58:12:5a:9b:fc:a7:c7:1a:38:e0:
8a:93:a9:bf:bd:d9:54:77:2a:d9:85:5e:2d:be:61:09:80:6f:
6d:33:d0:f1:00:c2:e0:21:c0:ea:f6:8d:ab:ac:36:a3:41:c2:
fa:b7:e9:7e:a4:90:de:32:bc:09:2c:3f:05:fe:79:0e:87:ef:
eb:4e:9c:9d:14:52:34:0c:78:19:1c:89:60:3a:52:c6:27:f2:
08:de:13:7f:40:94:21:b9:20:2a:62:fe:93:37:b5:dc:89:56:
57:10:84:fa:16:1c:a9:1a:82:a1:95:9d:9e:fc:f2:8e:c4:be:
2e:ab:d1:f8:f8:3f:56:f7:c8:7a:7f:8b:da:f1:75:c0:a1:7d:
10:bd:a8:1b:1a:7e:88:08:6e:36:65:ad:e0:0b:58:40:ff:b9:
75:a7:0c:58:bb:2e:d9:4f:a4:10:4a:e8:bb:be:dd:19:01:f8:
11:8a:3f:de:16:42:c8:52:b0:30:74:2a:bc:13:90:20:d2:c9:
c3:18:bf:f8:5b:6c:89:01:89:f2:62:39:76:e5:c5:c5:02:8a:
2f:2a:7b:24:7f:ed:13:4d:5c:04:d9:03:13:42:dc:c7:1c:e5:
48:79:02:bf
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuPpBID9vytpTvi6+NLuUTyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjMxMTAyMTA0NjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjhiNDdjZWIwNzEyMDc0NDAxMGNhNTYzNGVlYTNkNjU5Mzg3N2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgTUttwT31wj9V9B1mSergHNsWPTv
PJETzdTvT9s1DKMrf9UKBkMgZG1PRSifKEB8PmQ489F6TB5fee5z8z37PBu2kBYT
hudfw69tihHOxn9HFo0tkyK71oeUFDr+XCA2BGO6MsjDyYOw65rWMNjQ400oxzeX
Pxz7VnN+r3Ogt3hb97+BPAQqLDAUWlG0scUeQkC88TrDQ0mfI37cMYvsYpnfRbxu
MssUFf+gtIiZsXpApF87MoPwN2cOAyCvcAsKtd4MlHOAoQDiQk6nPctCifkin7y+
LFlZw1/WqcO53Q8RC0v0GgIw+seM8UltSB+vuEJMqmHRqMkwuUnbRIXmmQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKuLR86wcSB0QBDKVjTuo9ZZOHexMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvcTR0SHpyQnhJSFJBRU1wV05PNmoxbGs0ZDdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwhxhMA8E
AgACMAkDBwQqDLZBBAAwDQYJKoZIhvcNAQELBQADggEBADnqoxlztBrZ5Er9o0Yr
PhuMY4QuTuYaMrMJWBJam/ynxxo44IqTqb+92VR3KtmFXi2+YQmAb20z0PEAwuAh
wOr2jausNqNBwvq36X6kkN4yvAksPwX+eQ6H7+tOnJ0UUjQMeBkciWA6UsYn8gje
E39AlCG5ICpi/pM3tdyJVlcQhPoWHKkagqGVnZ788o7Evi6r0fj4P1b3yHp/i9rx
dcChfRC9qBsafogIbjZlreALWED/uXWnDFi7LtlPpBBK6Lu+3RkB+BGKP94WQshS
sDB0KrwTkCDSycMYv/hbbIkBifJiOXblxcUCii8qeyR/7RNNXATZAxNC3Mcc5Uh5
Ar8=
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:10:21 2025 by rpki-client