Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/c80d48-830c-4cc3-ae52-e6812dab6999/1/dQMAXKxTnPD9Li7RrSYnBKb2FqU.roa
File: dQMAXKxTnPD9Li7RrSYnBKb2FqU.roa (raw, json)
Hash identifier: nHuzxt9ABgsDME7rmRhbBV0yMVbpt6g7LrVaonvBsAg=
Subject key identifier: 75:03:00:5C:AC:53:9C:F0:FD:2E:2E:D1:AD:26:27:04:A6:F6:16:A5
Certificate issuer: /CN=e43baafc64b33e43db78dc7aed605ef70406d9af
Certificate serial: 018BAE6D8D8D50018D2F1C1DA98C9AA1EE60
Authority key identifier: E4:3B:AA:FC:64:B3:3E:43:DB:78:DC:7A:ED:60:5E:F7:04:06:D9:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5Duq_GSzPkPbeNx67WBe9wQG2a8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/c80d48-830c-4cc3-ae52-e6812dab6999/1/dQMAXKxTnPD9Li7RrSYnBKb2FqU.roa
Signing time: Wed 08 Nov 2023 10:14:57 +0000
ROA not before: Wed 08 Nov 2023 10:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3209
IP address blocks: 83.169.128.0/18 maxlen: 18
185.19.196.0/22 maxlen: 22
90.187.0.0/16 maxlen: 16
31.16.0.0/14 maxlen: 24
188.192.0.0/14 maxlen: 24
91.64.0.0/14 maxlen: 14
24.134.0.0/16 maxlen: 16
88.134.0.0/16 maxlen: 24
146.52.0.0/16 maxlen: 24
109.84.0.0/15 maxlen: 15
37.4.0.0/15 maxlen: 23
109.47.0.0/16 maxlen: 16
77.20.0.0/14 maxlen: 24
77.24.0.0/16 maxlen: 16
95.88.0.0/14 maxlen: 24
178.24.0.0/14 maxlen: 24
77.25.0.0/17 maxlen: 23
2a02:8100::/27 maxlen: 27
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ae:6d:8d:8d:50:01:8d:2f:1c:1d:a9:8c:9a:a1:ee:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e43baafc64b33e43db78dc7aed605ef70406d9af
Validity
Not Before: Nov 8 10:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7503005cac539cf0fd2e2ed1ad262704a6f616a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:3b:4e:01:04:89:df:27:a2:4c:24:66:c9:bc:
bc:1f:08:08:89:33:12:77:82:7c:1c:0f:07:ec:28:
72:30:8e:e5:69:f8:2e:41:2a:d4:1e:3a:d0:c9:7c:
bf:9d:36:6f:ee:46:37:ac:38:9f:b7:c0:85:dc:70:
19:07:eb:3c:4f:a9:c5:60:d9:c1:a0:64:40:f4:96:
1f:be:b1:88:6e:54:41:a9:df:76:cc:7a:ad:a0:e2:
fa:f3:d4:5c:e2:06:ba:26:71:7a:0d:aa:dc:99:b7:
7f:e4:9a:43:72:19:e7:b4:56:44:95:e6:40:19:cf:
da:4e:26:0b:43:07:4b:6a:67:60:76:2e:95:4b:80:
37:bc:26:08:8b:5e:8b:f8:36:6e:1a:f6:00:eb:32:
11:22:4b:cd:f7:db:75:fa:34:89:f1:96:0f:ca:37:
6b:c9:47:07:c8:1c:94:f5:cd:fe:a9:41:46:41:89:
63:a6:c1:1f:82:11:41:e7:16:52:6b:d4:49:55:7b:
2c:63:1b:79:bf:1b:b6:8b:54:64:62:04:e2:5e:71:
19:32:27:77:65:1d:f1:2b:c2:72:dc:31:70:e0:2b:
5c:a1:c5:f1:9d:b0:97:a5:c9:06:a6:3a:98:f6:30:
ce:1d:c5:3e:34:3b:47:9b:91:20:1a:c0:91:e3:b9:
ec:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:03:00:5C:AC:53:9C:F0:FD:2E:2E:D1:AD:26:27:04:A6:F6:16:A5
X509v3 Authority Key Identifier:
keyid:E4:3B:AA:FC:64:B3:3E:43:DB:78:DC:7A:ED:60:5E:F7:04:06:D9:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Duq_GSzPkPbeNx67WBe9wQG2a8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/c80d48-830c-4cc3-ae52-e6812dab6999/1/dQMAXKxTnPD9Li7RrSYnBKb2FqU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/c80d48-830c-4cc3-ae52-e6812dab6999/1/5Duq_GSzPkPbeNx67WBe9wQG2a8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
24.134.0.0/16
31.16.0.0/14
37.4.0.0/15
77.20.0.0-77.25.127.255
83.169.128.0/18
88.134.0.0/16
90.187.0.0/16
91.64.0.0/14
95.88.0.0/14
109.47.0.0/16
109.84.0.0/15
146.52.0.0/16
178.24.0.0/14
185.19.196.0/22
188.192.0.0/14
IPv6:
2a02:8100::/27
Signature Algorithm: sha256WithRSAEncryption
17:e3:e4:87:f9:0b:85:4f:12:2e:09:d7:f0:93:69:d3:b9:39:
cb:e7:b0:e2:02:8c:d6:11:35:79:4c:99:7b:54:b9:ff:fc:8c:
01:01:d0:bb:38:77:67:b1:5f:e5:70:c6:a9:b1:e7:0f:ac:37:
bc:c7:0b:09:75:1c:25:d3:e1:02:19:e5:34:df:e7:bc:b9:9f:
14:74:64:82:b6:c5:f2:9f:8a:70:76:ea:b4:33:9c:a2:ad:cf:
00:8d:8f:3d:5c:d0:da:8a:36:ac:a3:70:b3:00:32:24:9c:4f:
59:68:9d:f2:2d:44:71:20:af:77:e1:27:b8:1b:a3:a3:45:1f:
bc:88:fe:b4:1f:91:6a:5e:20:50:07:10:69:cb:a3:3a:12:10:
83:30:70:21:f3:17:5c:d4:d3:50:7c:e3:93:fc:cb:65:30:a7:
1b:7a:c6:a5:27:78:c0:25:f0:29:f2:bd:7c:e6:5f:b5:e3:0e:
08:05:c1:bc:40:f8:88:d6:1c:a1:38:c7:14:e5:99:fd:3c:18:
75:52:9e:b8:7a:28:cb:e3:2b:0a:e3:91:b1:0f:3e:76:30:fe:
ae:16:87:6b:2f:05:ac:be:0e:1a:c6:af:95:69:5f:a5:b3:88:
ff:2e:93:9f:78:2c:b2:7b:49:fa:86:6c:fb:e9:a0:24:f6:b2:
25:ff:99:d3
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAYuubY2NUAGNLxwdqYyaoe5gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0M2JhYWZjNjRiMzNlNDNkYjc4ZGM3YWVkNjA1ZWY3MDQw
NmQ5YWYwHhcNMjMxMTA4MTAxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTAzMDA1Y2FjNTM5Y2YwZmQyZTJlZDFhZDI2MjcwNGE2ZjYxNmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjtOAQSJ3yeiTCRmyby8HwgIiTMS
d4J8HA8H7ChyMI7lafguQSrUHjrQyXy/nTZv7kY3rDift8CF3HAZB+s8T6nFYNnB
oGRA9JYfvrGIblRBqd92zHqtoOL689Rc4ga6JnF6Darcmbd/5JpDchnntFZEleZA
Gc/aTiYLQwdLamdgdi6VS4A3vCYIi16L+DZuGvYA6zIRIkvN99t1+jSJ8ZYPyjdr
yUcHyByU9c3+qUFGQYljpsEfghFB5xZSa9RJVXssYxt5vxu2i1RkYgTiXnEZMid3
ZR3xK8Jy3DFw4CtcocXxnbCXpckGpjqY9jDOHcU+NDtHm5EgGsCR47nsGQIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFHUDAFysU5zw/S4u0a0mJwSm9halMB8GA1UdIwQY
MBaAFOQ7qvxksz5D23jceu1gXvcEBtmvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUR1cV9HU3pQa1BiZU54NjdXQmU5d1FHMmE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9jODBkNDgtODMwYy00Y2MzLWFlNTIt
ZTY4MTJkYWI2OTk5LzEvZFFNQVhLeFRuUEQ5TGk3UnJTWW5CS2IyRnFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9jODBkNDgtODMwYy00Y2MzLWFlNTItZTY4MTJkYWI2OTk5
LzEvNUR1cV9HU3pQa1BiZU54NjdXQmU5d1FHMmE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBbBAIAATBVAwMAGIYDAwIf
EAMDASUEMAsDAwJNFAMEB00ZAAMEBlOpgAMDAFiGAwMAWrsDAwJbQAMDAl9YAwMA
bS8DAwFtVAMDAJI0AwMCshgDBAK5E8QDAwK8wDANBAIAAjAHAwUFKgKBADANBgkq
hkiG9w0BAQsFAAOCAQEAF+Pkh/kLhU8SLgnX8JNp07k5y+ew4gKM1hE1eUyZe1S5
//yMAQHQuzh3Z7Ff5XDGqbHnD6w3vMcLCXUcJdPhAhnlNN/nvLmfFHRkgrbF8p+K
cHbqtDOcoq3PAI2PPVzQ2oo2rKNwswAyJJxPWWid8i1EcSCvd+EnuBujo0UfvIj+
tB+Ral4gUAcQacujOhIQgzBwIfMXXNTTUHzjk/zLZTCnG3rGpSd4wCXwKfK9fOZf
teMOCAXBvED4iNYcoTjHFOWZ/TwYdVKeuHooy+MrCuORsQ8+djD+rhaHay8FrL4O
GsavlWlfpbOI/y6Tn3gssntJ+oZs++mgJPayJf+Z0w==
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:52:58 2025 by rpki-client