Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/379a1d-52b9-4669-9625-62306abdfa03/1/Qo9_VcbaPJZw9lxedz39D3edKtI.roa
File: Qo9_VcbaPJZw9lxedz39D3edKtI.roa (raw, json)
Hash identifier: Hf13C3b6Ljs1Y50fZUaTbVBXNO3hpbgYIvjgKH7k7KY=
Subject key identifier: 42:8F:7F:55:C6:DA:3C:96:70:F6:5C:5E:77:3D:FD:0F:77:9D:2A:D2
Certificate issuer: /CN=5f41c664c0c013dffb6e0dd1d73b369cba5fbd1c
Certificate serial: 01856D5D0A2C6D08E8F2FBDB9B1618A0C242
Authority key identifier: 5F:41:C6:64:C0:C0:13:DF:FB:6E:0D:D1:D7:3B:36:9C:BA:5F:BD:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X0HGZMDAE9_7bg3R1zs2nLpfvRw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/379a1d-52b9-4669-9625-62306abdfa03/1/Qo9_VcbaPJZw9lxedz39D3edKtI.roa
Signing time: Sun 01 Jan 2023 12:44:51 +0000
ROA not before: Sun 01 Jan 2023 12:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 185.98.156.0/24 maxlen: 24
2a12:a900:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:5d:0a:2c:6d:08:e8:f2:fb:db:9b:16:18:a0:c2:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f41c664c0c013dffb6e0dd1d73b369cba5fbd1c
Validity
Not Before: Jan 1 12:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=428f7f55c6da3c9670f65c5e773dfd0f779d2ad2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:aa:8d:b2:7e:a4:6d:89:85:04:86:89:b9:d6:
20:63:bc:ab:cf:24:9d:92:f0:9e:79:b1:13:9c:a8:
d1:f0:da:b5:46:12:dc:8d:42:8e:8d:d6:7e:4c:9f:
52:fd:58:91:52:ca:83:bd:77:3a:e8:6a:46:7a:b0:
b6:90:fd:53:c7:02:18:ed:0c:85:95:d9:87:bf:d4:
ec:c6:47:56:fb:44:95:66:a4:33:5f:4e:00:b8:4f:
b4:8d:e5:93:d5:9c:f5:aa:c7:e0:bf:76:79:58:72:
8a:e6:55:a5:8f:69:4a:18:bb:d3:7d:38:9a:ff:9b:
67:7b:01:b0:85:e1:19:c8:17:28:f7:f5:03:56:c8:
52:89:f0:1f:03:6b:50:0c:89:cd:a7:4e:cf:c5:03:
a8:a7:2c:3c:d7:02:a7:bd:e6:ee:63:d4:69:eb:ee:
3b:7b:0b:b9:f4:e1:d8:70:c9:61:d6:1a:b7:02:7e:
df:9d:e9:6a:69:e7:0d:1f:44:76:98:c1:37:8f:3a:
1a:c1:76:36:fa:d5:65:4e:5b:61:90:5b:1d:af:55:
a1:88:4d:70:4b:cd:0a:94:39:61:70:6a:95:48:b9:
06:a7:96:b5:3e:39:0b:a1:75:a8:d1:99:04:3d:da:
e8:ed:9a:11:5d:68:7e:b1:4a:58:54:b9:0f:94:50:
55:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:8F:7F:55:C6:DA:3C:96:70:F6:5C:5E:77:3D:FD:0F:77:9D:2A:D2
X509v3 Authority Key Identifier:
keyid:5F:41:C6:64:C0:C0:13:DF:FB:6E:0D:D1:D7:3B:36:9C:BA:5F:BD:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X0HGZMDAE9_7bg3R1zs2nLpfvRw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/379a1d-52b9-4669-9625-62306abdfa03/1/Qo9_VcbaPJZw9lxedz39D3edKtI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/379a1d-52b9-4669-9625-62306abdfa03/1/X0HGZMDAE9_7bg3R1zs2nLpfvRw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.98.156.0/24
IPv6:
2a12:a900:1::/48
Signature Algorithm: sha256WithRSAEncryption
64:24:af:c6:7e:8a:53:e7:78:9d:d6:39:9c:9d:c0:25:cf:97:
17:e1:88:48:dc:14:68:51:4a:8d:45:32:8f:47:b1:d7:34:a8:
0b:3e:d6:a1:74:8e:23:e3:8c:06:11:ba:c8:e1:76:1d:ce:e6:
6d:6a:dd:11:44:5c:ee:8b:d0:31:34:26:33:94:c6:b2:ce:21:
e7:0a:ae:48:7e:8c:a8:96:56:f3:90:40:51:38:fb:62:93:34:
a1:e9:b7:11:34:07:33:fa:b4:ee:90:04:e1:4c:89:17:16:08:
9a:07:41:85:0b:41:46:d8:5b:45:19:55:ec:3c:ba:aa:50:3b:
25:e6:0a:94:25:61:04:05:5a:5a:ba:bb:55:9c:af:b7:77:cd:
10:d7:20:a1:68:f1:cb:6c:46:d0:22:46:0b:91:19:b4:e9:c6:
9d:65:4f:dc:13:f1:ca:03:04:9d:da:78:f9:48:83:c2:bf:19:
7c:c7:13:cd:74:a9:75:40:09:41:eb:7a:ac:d6:0f:7d:21:ac:
d5:c9:48:57:28:b7:32:da:ae:53:5a:ae:40:9d:a9:38:52:f5:
f2:79:37:79:dd:de:0f:7a:ac:4a:60:e7:99:b9:d6:1f:a7:96:
c6:74:24:6b:e0:01:96:4e:b7:9b:4f:55:6c:4d:c6:9c:cf:a0:
a9:fd:6e:8b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVtXQosbQjo8vvbmxYYoMJCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmNDFjNjY0YzBjMDEzZGZmYjZlMGRkMWQ3M2IzNjljYmE1
ZmJkMWMwHhcNMjMwMTAxMTI0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjhmN2Y1NWM2ZGEzYzk2NzBmNjVjNWU3NzNkZmQwZjc3OWQyYWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtqqNsn6kbYmFBIaJudYgY7yrzySd
kvCeebETnKjR8Nq1RhLcjUKOjdZ+TJ9S/ViRUsqDvXc66GpGerC2kP1TxwIY7QyF
ldmHv9TsxkdW+0SVZqQzX04AuE+0jeWT1Zz1qsfgv3Z5WHKK5lWlj2lKGLvTfTia
/5tnewGwheEZyBco9/UDVshSifAfA2tQDInNp07PxQOopyw81wKnvebuY9Rp6+47
ewu59OHYcMlh1hq3An7fnelqaecNH0R2mME3jzoawXY2+tVlTlthkFsdr1WhiE1w
S80KlDlhcGqVSLkGp5a1PjkLoXWo0ZkEPdro7ZoRXWh+sUpYVLkPlFBV1QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEKPf1XG2jyWcPZcXnc9/Q93nSrSMB8GA1UdIwQY
MBaAFF9BxmTAwBPf+24N0dc7Npy6X70cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDBIR1pNREFFOV83YmczUjF6czJuTHBmdlJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8zNzlhMWQtNTJiOS00NjY5LTk2MjUt
NjIzMDZhYmRmYTAzLzEvUW85X1ZjYmFQSlp3OWx4ZWR6MzlEM2VkS3RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8zNzlhMWQtNTJiOS00NjY5LTk2MjUtNjIzMDZhYmRmYTAz
LzEvWDBIR1pNREFFOV83YmczUjF6czJuTHBmdlJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuWKcMA8E
AgACMAkDBwAqEqkAAAEwDQYJKoZIhvcNAQELBQADggEBAGQkr8Z+ilPneJ3WOZyd
wCXPlxfhiEjcFGhRSo1FMo9Hsdc0qAs+1qF0jiPjjAYRusjhdh3O5m1q3RFEXO6L
0DE0JjOUxrLOIecKrkh+jKiWVvOQQFE4+2KTNKHptxE0BzP6tO6QBOFMiRcWCJoH
QYULQUbYW0UZVew8uqpQOyXmCpQlYQQFWlq6u1Wcr7d3zRDXIKFo8ctsRtAiRguR
GbTpxp1lT9wT8coDBJ3aePlIg8K/GXzHE810qXVACUHreqzWD30hrNXJSFcotzLa
rlNarkCdqThS9fJ5N3nd3g96rEpg55m51h+nlsZ0JGvgAZZOt5tPVWxNxpzPoKn9
bos=
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:43:26 2025 by rpki-client