Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/QKEYG7lZ9uQrqcV9DEf550cn1ow.roa
File: QKEYG7lZ9uQrqcV9DEf550cn1ow.roa (raw, json)
Hash identifier: yHMqEN9JOzywVHSOPoOd90wdCbY6MlqwdYOQP7hTuoQ=
Subject key identifier: 40:A1:18:1B:B9:59:F6:E4:2B:A9:C5:7D:0C:47:F9:E7:47:27:D6:8C
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 01856D8B15FD2284E7BBEE84C7A044FE283F
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/QKEYG7lZ9uQrqcV9DEf550cn1ow.roa
Signing time: Sun 01 Jan 2023 13:35:09 +0000
ROA not before: Sun 01 Jan 2023 13:35:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207539
IP address blocks: 193.5.63.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8b:15:fd:22:84:e7:bb:ee:84:c7:a0:44:fe:28:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 13:35:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40a1181bb959f6e42ba9c57d0c47f9e74727d68c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:1c:6a:55:1e:9e:2c:1d:69:b5:4a:9f:c1:b8:
ba:1c:88:56:5a:62:30:8d:a0:7b:97:ba:6a:6b:d6:
77:0f:98:3d:7d:d8:1d:f2:3d:83:02:cb:fa:bb:ab:
7b:b7:89:92:b3:6e:d0:98:11:59:1d:67:d9:7f:06:
e1:2c:8d:91:71:e0:59:c2:f6:9d:46:71:a8:4c:bc:
5c:1b:d0:73:37:8e:39:01:5f:0c:62:a6:f9:50:b3:
8e:3b:b2:74:86:c1:99:de:aa:cf:2e:13:78:f1:da:
95:ac:b8:a1:04:34:e8:46:fc:c9:1a:9b:73:fc:17:
b5:ea:8b:3a:65:13:72:1e:06:38:d3:3f:f9:c1:94:
12:bc:b8:92:2e:c3:7e:f9:1a:35:c7:31:84:3b:cd:
c2:ba:49:b0:10:ca:36:9d:6d:e0:21:7b:4d:bf:0f:
05:cc:a2:43:80:4c:2c:c3:21:42:04:2e:e3:d7:31:
e7:e1:5b:49:3a:be:a3:8d:a1:87:4e:e3:ae:1b:0e:
c1:d2:aa:8a:2b:1b:16:47:a6:d0:e4:1f:85:79:31:
7a:f7:b6:e4:ef:37:10:7c:74:d3:d1:cf:7a:b1:06:
49:fd:fc:32:c8:c3:38:eb:9f:79:d9:da:a9:f4:f9:
67:53:df:b5:44:b9:c4:72:bc:a5:d9:16:7b:89:83:
6f:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:A1:18:1B:B9:59:F6:E4:2B:A9:C5:7D:0C:47:F9:E7:47:27:D6:8C
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/QKEYG7lZ9uQrqcV9DEf550cn1ow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.5.63.0/24
Signature Algorithm: sha256WithRSAEncryption
84:9f:66:2b:f1:b3:91:d2:02:d0:34:03:3b:3b:a3:41:8d:ba:
3e:c5:5f:4c:3f:56:41:21:ef:c8:0a:e5:78:c2:d1:49:b8:ad:
6f:67:a7:f1:d9:c6:bd:9a:dd:2e:d2:9c:28:49:ff:17:55:88:
ae:52:8d:42:87:b7:82:36:0f:de:90:4c:d3:de:62:cd:15:01:
f0:82:18:66:ed:81:02:f8:cc:14:bd:6d:9a:b9:d7:ee:fa:88:
22:7a:f7:a8:3b:e8:35:eb:f6:ce:ba:8f:45:f9:3f:3a:95:31:
47:69:a8:6b:f6:0f:4e:3f:3b:e1:cc:fa:11:fe:e5:ce:15:c4:
2f:e0:6d:bf:a4:69:0c:21:f8:d8:c1:f2:03:8f:b3:6d:28:9a:
80:6c:b8:c5:c8:65:ea:cb:48:5c:01:38:24:ae:1f:3c:2a:d5:
71:2a:d1:af:74:33:49:89:b1:59:03:59:c7:6c:96:a3:0c:d3:
e9:74:46:73:21:2e:a5:55:dd:05:de:f8:0d:0c:8d:d0:42:66:
0d:ec:5d:e4:8a:3f:da:7d:d0:38:6c:6a:ca:f1:55:e2:b5:c4:
3b:2a:cd:4a:64:a3:0b:74:fc:e5:ae:7f:c3:a7:20:3a:fa:64:
79:64:70:15:43:0a:bd:3b:a5:eb:ba:35:5b:5d:4c:a2:72:5a:
25:4a:8f:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtixX9IoTnu+6Ex6BE/ig/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjNmM2RiMTUyZTA1NWFjMTQ1YmRiYjQyOWUwMTg2NTQy
MDRjOGQwHhcNMjMwMTAxMTMzNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGExMTgxYmI5NTlmNmU0MmJhOWM1N2QwYzQ3ZjllNzQ3MjdkNjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkxxqVR6eLB1ptUqfwbi6HIhWWmIw
jaB7l7pqa9Z3D5g9fdgd8j2DAsv6u6t7t4mSs27QmBFZHWfZfwbhLI2RceBZwvad
RnGoTLxcG9BzN445AV8MYqb5ULOOO7J0hsGZ3qrPLhN48dqVrLihBDToRvzJGptz
/Be16os6ZRNyHgY40z/5wZQSvLiSLsN++Ro1xzGEO83CukmwEMo2nW3gIXtNvw8F
zKJDgEwswyFCBC7j1zHn4VtJOr6jjaGHTuOuGw7B0qqKKxsWR6bQ5B+FeTF697bk
7zcQfHTT0c96sQZJ/fwyyMM465952dqp9PlnU9+1RLnEcryl2RZ7iYNvZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEChGBu5WfbkK6nFfQxH+edHJ9aMMB8GA1UdIwQY
MBaAFCZj89sVLgVawUW9u0KeAYZUIEyNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUt
YmQxOTI2NzZjOWJiLzEvUUtFWUc3bFo5dVFycWNWOURFZjU1MGNuMW93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUtYmQxOTI2NzZjOWJi
LzEvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQU/MA0G
CSqGSIb3DQEBCwUAA4IBAQCEn2Yr8bOR0gLQNAM7O6NBjbo+xV9MP1ZBIe/ICuV4
wtFJuK1vZ6fx2ca9mt0u0pwoSf8XVYiuUo1Ch7eCNg/ekEzT3mLNFQHwghhm7YEC
+MwUvW2audfu+ogieveoO+g16/bOuo9F+T86lTFHaahr9g9OPzvhzPoR/uXOFcQv
4G2/pGkMIfjYwfIDj7NtKJqAbLjFyGXqy0hcATgkrh88KtVxKtGvdDNJibFZA1nH
bJajDNPpdEZzIS6lVd0F3vgNDI3QQmYN7F3kij/afdA4bGrK8VXitcQ7Ks1KZKML
dPzlrn/DpyA6+mR5ZHAVQwq9O6XrujVbXUyiclolSo9v
-----END CERTIFICATE-----
Generated at Wed Apr 9 17:05:17 2025 by rpki-client