Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/qfIgnm0c6dajRTwKBWXEjsuRlm0.roa
File: qfIgnm0c6dajRTwKBWXEjsuRlm0.roa (raw, json)
Hash identifier: p9APyvVzOyVTGSlh6pg+Oxs44CUO80p99iE7Kd7UrWU=
Subject key identifier: A9:F2:20:9E:6D:1C:E9:D6:A3:45:3C:0A:05:65:C4:8E:CB:91:96:6D
Certificate issuer: /CN=9e4b3281b08e6b5ec1fdeb0d0440528ed934dc3f
Certificate serial: 0187E70DC51D3F13D0F4AE686459A4AA4662
Authority key identifier: 9E:4B:32:81:B0:8E:6B:5E:C1:FD:EB:0D:04:40:52:8E:D9:34:DC:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nksygbCOa17B_esNBEBSjtk03D8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/qfIgnm0c6dajRTwKBWXEjsuRlm0.roa
Signing time: Thu 04 May 2023 13:57:31 +0000
ROA not before: Thu 04 May 2023 13:57:31 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29447
IP address blocks: 78.208.0.0/12 maxlen: 12
81.56.0.0/15 maxlen: 17
2a01:e10::/30 maxlen: 30
2a01:e09::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e7:0d:c5:1d:3f:13:d0:f4:ae:68:64:59:a4:aa:46:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e4b3281b08e6b5ec1fdeb0d0440528ed934dc3f
Validity
Not Before: May 4 13:57:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9f2209e6d1ce9d6a3453c0a0565c48ecb91966d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:90:06:4f:45:5b:98:e5:94:a1:44:e5:e5:de:
69:38:a2:e3:cf:8a:a8:5a:bf:17:a7:3a:a0:e6:69:
a4:e9:38:da:b9:ef:24:a7:db:1e:b8:07:0f:92:aa:
1f:74:df:2a:02:b6:b3:fe:6f:6e:52:f8:84:df:34:
aa:c4:9b:ee:e2:bb:21:3d:58:ba:86:5e:82:8b:17:
fc:42:c2:da:3f:0f:c8:3b:93:51:82:84:00:97:70:
8d:4e:de:af:0c:f9:2c:c3:e8:7d:d9:aa:b2:5e:aa:
33:83:94:fd:c5:0b:0e:09:51:01:f6:46:0e:b7:11:
f3:05:f0:6a:43:11:7e:fd:ec:ad:bd:37:88:e5:1d:
98:43:24:61:63:eb:49:3a:1d:1f:4f:0f:00:65:09:
c7:57:c5:84:28:50:dc:64:05:d4:27:64:a0:ef:28:
57:4e:5b:5f:e2:01:75:6e:81:f6:40:24:50:9c:8e:
73:7d:dd:f1:f4:72:dc:bc:58:1b:18:91:87:89:14:
8a:b1:a0:0c:ab:c5:98:a5:93:a9:97:79:28:48:bb:
fa:4f:c9:35:29:4d:c1:6b:31:53:8a:d2:44:29:c9:
c6:be:89:c8:93:c6:a4:04:95:8c:aa:da:1b:cf:08:
e9:f9:cc:30:5a:21:be:86:d4:2a:3a:f2:00:86:af:
d5:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:F2:20:9E:6D:1C:E9:D6:A3:45:3C:0A:05:65:C4:8E:CB:91:96:6D
X509v3 Authority Key Identifier:
keyid:9E:4B:32:81:B0:8E:6B:5E:C1:FD:EB:0D:04:40:52:8E:D9:34:DC:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nksygbCOa17B_esNBEBSjtk03D8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/qfIgnm0c6dajRTwKBWXEjsuRlm0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/nksygbCOa17B_esNBEBSjtk03D8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.208.0.0/12
81.56.0.0/15
IPv6:
2a01:e09::/32
2a01:e10::/30
Signature Algorithm: sha256WithRSAEncryption
06:4f:ac:6f:54:1d:9c:ef:98:ed:3b:b5:ec:72:cf:49:28:a2:
9a:6f:2f:7c:f6:de:44:ba:62:74:e2:e9:ad:7b:07:32:38:33:
a8:cf:45:04:26:54:7d:87:0d:ab:92:97:ff:c5:08:d1:4b:99:
3b:1a:37:52:94:4a:00:d2:94:b1:03:0b:46:ca:97:95:90:8b:
16:58:0f:cb:5b:c3:f0:06:61:b4:d0:f2:47:71:34:0e:82:2b:
67:88:4d:40:81:9e:03:d2:b3:9d:a8:3d:04:e8:c3:0b:92:ef:
7b:14:1f:85:cf:4d:95:4e:23:ad:e8:5e:80:01:1a:28:87:ac:
e7:c1:28:1e:0d:55:92:35:d6:e6:20:b0:6c:e0:83:25:e1:72:
9b:4e:d0:5f:d6:2a:08:9d:f3:22:01:34:a2:5a:88:77:87:92:
9a:88:49:5d:87:c1:44:58:c1:1a:95:e9:8f:b5:f5:e1:e5:e4:
c6:18:35:06:92:63:98:b6:5a:ff:36:73:6a:5f:a6:9e:c2:8b:
4d:43:a3:a0:17:b0:03:5a:9a:d8:b1:aa:63:48:6a:1d:79:5d:
7b:2f:00:3a:e6:54:97:70:db:21:0a:35:a0:7a:74:46:20:01:
9a:fb:09:bb:ff:36:79:ba:94:48:ac:b1:6f:fa:d9:43:36:35:
fc:7a:fb:9b
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYfnDcUdPxPQ9K5oZFmkqkZiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNGIzMjgxYjA4ZTZiNWVjMWZkZWIwZDA0NDA1MjhlZDkz
NGRjM2YwHhcNMjMwNTA0MTM1NzMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWYyMjA5ZTZkMWNlOWQ2YTM0NTNjMGEwNTY1YzQ4ZWNiOTE5NjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZAGT0VbmOWUoUTl5d5pOKLjz4qo
Wr8Xpzqg5mmk6Tjaue8kp9seuAcPkqofdN8qAraz/m9uUviE3zSqxJvu4rshPVi6
hl6Cixf8QsLaPw/IO5NRgoQAl3CNTt6vDPksw+h92aqyXqozg5T9xQsOCVEB9kYO
txHzBfBqQxF+/eytvTeI5R2YQyRhY+tJOh0fTw8AZQnHV8WEKFDcZAXUJ2Sg7yhX
Tltf4gF1boH2QCRQnI5zfd3x9HLcvFgbGJGHiRSKsaAMq8WYpZOpl3koSLv6T8k1
KU3BazFTitJEKcnGvonIk8akBJWMqtobzwjp+cwwWiG+htQqOvIAhq/VNQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFKnyIJ5tHOnWo0U8CgVlxI7LkZZtMB8GA1UdIwQY
MBaAFJ5LMoGwjmtewf3rDQRAUo7ZNNw/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmtzeWdiQ09hMTdCX2VzTkJFQlNqdGswM0Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9mZjdkMzMtZTRmNy00M2MwLTkyNGIt
NmIyZDQ2OTI0YzZmLzEvcWZJZ25tMGM2ZGFqUlR3S0JXWEVqc3VSbG0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9mZjdkMzMtZTRmNy00M2MwLTkyNGItNmIyZDQ2OTI0YzZm
LzEvbmtzeWdiQ09hMTdCX2VzTkJFQlNqdGswM0Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAQBAIAATAKAwMETtADAwFR
ODAUBAIAAjAOAwUAKgEOCQMFAioBDhAwDQYJKoZIhvcNAQELBQADggEBAAZPrG9U
HZzvmO07texyz0kooppvL3z23kS6YnTi6a17BzI4M6jPRQQmVH2HDauSl//FCNFL
mTsaN1KUSgDSlLEDC0bKl5WQixZYD8tbw/AGYbTQ8kdxNA6CK2eITUCBngPSs52o
PQTowwuS73sUH4XPTZVOI63oXoABGiiHrOfBKB4NVZI11uYgsGzggyXhcptO0F/W
Kgid8yIBNKJaiHeHkpqISV2HwURYwRqV6Y+19eHl5MYYNQaSY5i2Wv82c2pfpp7C
i01Do6AXsANamtixqmNIah15XXsvADrmVJdw2yEKNaB6dEYgAZr7Cbv/Nnm6lEis
sW/62UM2Nfx6+5s=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:13 2025 by rpki-client