Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/322693-e58b-48e2-bdd9-02953ce63843/1/qdto-t0oHD13OYHfniFdGDq4Zj4.roa
File: qdto-t0oHD13OYHfniFdGDq4Zj4.roa (raw, json)
Hash identifier: zckQixGdInjYqEqu2f5BJdoe3Y1yuM3IVPrbTpdFocg=
Subject key identifier: A9:DB:68:FA:DD:28:1C:3D:77:39:81:DF:9E:21:5D:18:3A:B8:66:3E
Certificate issuer: /CN=3f5bc44014285b6f3e2872aecf5d4f33e268ce8b
Certificate serial: 018ACD53367458D9546227E89330399690DC
Authority key identifier: 3F:5B:C4:40:14:28:5B:6F:3E:28:72:AE:CF:5D:4F:33:E2:68:CE:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P1vEQBQoW28-KHKuz11PM-Jozos.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/322693-e58b-48e2-bdd9-02953ce63843/1/qdto-t0oHD13OYHfniFdGDq4Zj4.roa
Signing time: Mon 25 Sep 2023 17:11:37 +0000
ROA not before: Mon 25 Sep 2023 17:11:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41699
IP address blocks: 195.170.185.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cd:53:36:74:58:d9:54:62:27:e8:93:30:39:96:90:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f5bc44014285b6f3e2872aecf5d4f33e268ce8b
Validity
Not Before: Sep 25 17:11:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9db68fadd281c3d773981df9e215d183ab8663e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:3f:84:d0:8a:4b:a4:20:81:35:c0:0f:c3:9d:
29:18:f3:9e:0c:4b:2a:a5:0e:26:3c:61:69:7f:73:
de:fe:c8:1c:53:97:0f:ce:05:0f:32:4f:66:46:63:
34:33:a3:5d:d9:9e:56:39:67:9d:c4:30:3d:93:bc:
74:fd:34:f5:a9:aa:94:85:c6:51:ac:c1:ea:77:02:
03:9b:d4:27:64:82:43:15:7b:2b:da:7c:b5:9e:e3:
e7:75:86:d8:8f:02:6f:42:fa:25:3b:ba:48:ca:05:
1e:c6:d8:67:ad:02:7f:82:86:fe:c3:5a:c7:84:b3:
d6:fc:95:7e:7c:13:cf:96:2d:1b:ba:85:93:9f:70:
bf:6a:de:f5:73:73:5a:5f:0c:75:28:02:ac:24:5b:
6e:36:14:51:8f:07:bf:5a:71:f3:85:bb:c4:35:23:
77:86:e5:9e:ab:72:d9:43:ab:ac:8f:01:0c:ef:e1:
60:31:7c:54:ba:92:f3:37:a4:09:6a:74:55:31:ee:
a0:d1:4b:42:04:51:8d:69:b3:d4:b8:44:08:71:9b:
a8:b5:c8:67:cf:50:14:f7:ab:4e:d8:4d:ad:e2:9e:
55:77:32:a0:00:89:34:ae:00:79:cf:f2:7b:e7:84:
29:ce:d4:44:17:df:c3:e9:e6:18:52:a5:4c:56:52:
30:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:DB:68:FA:DD:28:1C:3D:77:39:81:DF:9E:21:5D:18:3A:B8:66:3E
X509v3 Authority Key Identifier:
keyid:3F:5B:C4:40:14:28:5B:6F:3E:28:72:AE:CF:5D:4F:33:E2:68:CE:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P1vEQBQoW28-KHKuz11PM-Jozos.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/322693-e58b-48e2-bdd9-02953ce63843/1/qdto-t0oHD13OYHfniFdGDq4Zj4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/322693-e58b-48e2-bdd9-02953ce63843/1/P1vEQBQoW28-KHKuz11PM-Jozos.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.170.185.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:c3:aa:7d:59:06:c2:a4:f9:e2:72:5e:9b:c6:19:7c:6c:8a:
e1:a4:40:d6:70:36:b3:f7:9e:0b:24:c9:45:e7:9c:89:e9:a2:
b8:d8:92:2c:c6:e0:91:84:4b:4d:d0:11:40:36:b4:bb:36:d0:
38:1a:61:74:ef:7b:7a:42:81:72:6e:b9:ca:25:3b:cc:76:8a:
3a:fa:73:ef:de:a9:f9:39:9b:09:6b:e8:3a:96:45:b8:f4:8b:
4d:9e:1c:d9:2c:95:1c:8f:9d:1b:4a:dd:9e:13:1a:d4:80:75:
9f:6c:39:6a:41:a0:c0:11:f9:bf:6a:0f:03:23:6a:7b:62:f6:
a2:5a:5d:bf:22:10:2d:7a:12:15:0f:0e:a2:49:b0:70:69:7a:
b0:d6:fc:af:cd:1f:e4:80:5a:82:b7:96:45:70:13:e5:76:db:
8f:e0:c9:4f:0d:42:e3:4e:eb:72:17:1a:2e:be:11:90:32:11:
84:41:95:fb:00:c6:2a:70:89:d0:2f:07:b1:86:b5:19:b9:63:
94:69:87:e0:78:66:db:de:57:a9:39:0d:54:72:c8:7b:f8:b8:
bb:f2:77:12:78:22:52:41:53:12:78:82:ae:ec:d2:ee:65:19:
b7:3f:7f:43:50:f6:a6:cd:fe:0d:e1:8c:6c:eb:b4:4b:bf:31:
c5:44:67:9c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrNUzZ0WNlUYifokzA5lpDcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmNWJjNDQwMTQyODViNmYzZTI4NzJhZWNmNWQ0ZjMzZTI2
OGNlOGIwHhcNMjMwOTI1MTcxMTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWRiNjhmYWRkMjgxYzNkNzczOTgxZGY5ZTIxNWQxODNhYjg2NjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuz+E0IpLpCCBNcAPw50pGPOeDEsq
pQ4mPGFpf3Pe/sgcU5cPzgUPMk9mRmM0M6Nd2Z5WOWedxDA9k7x0/TT1qaqUhcZR
rMHqdwIDm9QnZIJDFXsr2ny1nuPndYbYjwJvQvolO7pIygUexthnrQJ/gob+w1rH
hLPW/JV+fBPPli0buoWTn3C/at71c3NaXwx1KAKsJFtuNhRRjwe/WnHzhbvENSN3
huWeq3LZQ6usjwEM7+FgMXxUupLzN6QJanRVMe6g0UtCBFGNabPUuEQIcZuotchn
z1AU96tO2E2t4p5VdzKgAIk0rgB5z/J754QpztREF9/D6eYYUqVMVlIwfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKnbaPrdKBw9dzmB354hXRg6uGY+MB8GA1UdIwQY
MBaAFD9bxEAUKFtvPihyrs9dTzPiaM6LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDF2RVFCUW9XMjgtS0hLdXoxMVBNLUpvem9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8zMjI2OTMtZTU4Yi00OGUyLWJkZDkt
MDI5NTNjZTYzODQzLzEvcWR0by10MG9IRDEzT1lIZm5pRmRHRHE0Wmo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8zMjI2OTMtZTU4Yi00OGUyLWJkZDktMDI5NTNjZTYzODQz
LzEvUDF2RVFCUW9XMjgtS0hLdXoxMVBNLUpvem9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw6q5MA0G
CSqGSIb3DQEBCwUAA4IBAQCdw6p9WQbCpPnicl6bxhl8bIrhpEDWcDaz954LJMlF
55yJ6aK42JIsxuCRhEtN0BFANrS7NtA4GmF073t6QoFybrnKJTvMdoo6+nPv3qn5
OZsJa+g6lkW49ItNnhzZLJUcj50bSt2eExrUgHWfbDlqQaDAEfm/ag8DI2p7Yvai
Wl2/IhAtehIVDw6iSbBwaXqw1vyvzR/kgFqCt5ZFcBPldtuP4MlPDULjTutyFxou
vhGQMhGEQZX7AMYqcInQLwexhrUZuWOUaYfgeGbb3lepOQ1Ucsh7+Li78ncSeCJS
QVMSeIKu7NLuZRm3P39DUPamzf4N4Yxs67RLvzHFRGec
-----END CERTIFICATE-----
Generated at Sat Apr 12 20:15:15 2025 by rpki-client