Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/qzPLaXaHQi8E6XJD-lJJJZmjfBY.roa
File: qzPLaXaHQi8E6XJD-lJJJZmjfBY.roa (raw, json)
Hash identifier: VWIu4uNSWn3oTxm9f0XXxUhE03HjOD6b5IEk3kEf87k=
Subject key identifier: AB:33:CB:69:76:87:42:2F:04:E9:72:43:FA:52:49:25:99:A3:7C:16
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 01879458837CA24AD6C6FB3F6256956A5805
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/qzPLaXaHQi8E6XJD-lJJJZmjfBY.roa
Signing time: Tue 18 Apr 2023 12:30:41 +0000
ROA not before: Tue 18 Apr 2023 12:30:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.121.40.0/24 maxlen: 24
212.69.13.0/24 maxlen: 24
109.233.184.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:94:58:83:7c:a2:4a:d6:c6:fb:3f:62:56:95:6a:58:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Apr 18 12:30:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ab33cb697687422f04e97243fa52492599a37c16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:4b:ff:e9:71:8c:90:e4:09:e6:0e:e2:bf:74:
71:af:8b:17:ef:e1:f1:0a:61:f3:a5:f0:d2:54:4c:
4b:ea:6d:df:50:9d:af:bb:12:c6:d1:8c:3d:44:1e:
76:20:50:ac:b7:f4:51:2e:6c:3f:da:e1:f6:7b:4d:
6b:97:66:42:2a:25:7b:99:ae:f3:30:8e:a1:f1:7d:
99:22:ff:2c:cc:2f:cc:3a:10:e3:3c:82:23:83:90:
99:27:f5:39:6a:05:9b:be:c0:02:63:71:28:ff:ab:
44:ac:67:4c:f0:5e:e7:39:37:0d:ca:07:f7:ce:4c:
f2:68:a9:40:49:8e:26:29:03:29:ed:b5:26:b9:48:
8f:87:cd:70:70:e0:cd:6f:02:76:f1:70:c4:c3:48:
71:a1:8a:06:70:b1:e4:37:e5:8c:85:48:df:c3:30:
08:24:d1:7d:fa:a7:63:cb:c3:4c:d5:6d:f8:a4:4a:
11:bf:68:6a:a7:ca:a7:71:73:5e:86:cb:c5:d8:42:
27:2f:5a:3f:bf:9d:f2:7b:09:ab:98:eb:d6:ca:95:
f6:5e:98:70:9b:35:5d:db:6b:7a:77:98:1e:00:e5:
81:f5:56:12:cb:33:2e:f6:49:9f:b0:c8:0b:1a:47:
08:61:20:8f:3a:32:88:30:29:56:03:a3:e7:17:7a:
20:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:33:CB:69:76:87:42:2F:04:E9:72:43:FA:52:49:25:99:A3:7C:16
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/qzPLaXaHQi8E6XJD-lJJJZmjfBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.121.40.0/24
109.233.184.0/24
212.69.13.0/24
Signature Algorithm: sha256WithRSAEncryption
93:08:19:8c:e9:f1:45:cd:ef:e4:d4:a9:dc:b8:6d:1f:8e:25:
9d:c4:d8:48:19:5d:95:3a:ef:11:37:66:ae:5d:df:ec:ad:9a:
65:c1:49:5a:f6:6e:a5:4a:5f:20:ee:dd:57:4c:ff:80:9d:ab:
aa:48:af:81:82:75:30:e7:fe:7c:cb:c7:06:6b:4d:e1:5d:fd:
f7:cd:b9:14:8c:cc:31:2b:37:c4:b6:9d:5a:47:08:67:10:11:
29:bc:cf:9b:a4:da:a2:67:de:18:87:41:ac:b9:55:71:db:32:
37:c3:fa:9e:c7:1f:cd:37:b8:07:f8:48:b4:fe:87:6e:d1:f2:
62:fa:5e:0a:fc:b2:3b:62:2b:70:70:d1:20:3b:2c:93:92:f9:
92:cd:72:56:f5:a9:a0:c3:d7:16:1b:84:3a:69:7e:b8:ee:ed:
6a:6f:c5:c4:12:ee:c7:37:31:46:23:67:58:75:03:b8:c9:44:
42:58:9b:3e:48:a8:a1:99:a5:a1:96:85:d4:f8:8c:83:07:21:
2a:74:1e:cb:e6:df:63:60:00:6a:25:9c:f6:2e:0c:22:e8:ea:
e9:60:c0:a9:f5:3e:5e:79:24:12:be:cf:f2:20:a0:ee:26:48:
43:02:39:04:a2:c6:27:b4:a5:58:9d:9a:5c:b9:7c:2d:8c:ea:
7f:87:05:cd
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYeUWIN8okrWxvs/YlaValgFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMwNDE4MTIzMDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjMzY2I2OTc2ODc0MjJmMDRlOTcyNDNmYTUyNDkyNTk5YTM3YzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEv/6XGMkOQJ5g7iv3Rxr4sX7+Hx
CmHzpfDSVExL6m3fUJ2vuxLG0Yw9RB52IFCst/RRLmw/2uH2e01rl2ZCKiV7ma7z
MI6h8X2ZIv8szC/MOhDjPIIjg5CZJ/U5agWbvsACY3Eo/6tErGdM8F7nOTcNygf3
zkzyaKlASY4mKQMp7bUmuUiPh81wcODNbwJ28XDEw0hxoYoGcLHkN+WMhUjfwzAI
JNF9+qdjy8NM1W34pEoRv2hqp8qncXNehsvF2EInL1o/v53yewmrmOvWypX2Xphw
mzVd22t6d5geAOWB9VYSyzMu9kmfsMgLGkcIYSCPOjKIMClWA6PnF3ogDQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKszy2l2h0IvBOlyQ/pSSSWZo3wWMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvcXpQTGFYYUhRaThFNlhKRC1sSkpKWm1qZkJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAbXkoAwQA
bem4AwQA1EUNMA0GCSqGSIb3DQEBCwUAA4IBAQCTCBmM6fFFze/k1KncuG0fjiWd
xNhIGV2VOu8RN2auXd/srZplwUla9m6lSl8g7t1XTP+AnauqSK+BgnUw5/58y8cG
a03hXf33zbkUjMwxKzfEtp1aRwhnEBEpvM+bpNqiZ94Yh0GsuVVx2zI3w/qexx/N
N7gH+Ei0/odu0fJi+l4K/LI7YitwcNEgOyyTkvmSzXJW9amgw9cWG4Q6aX647u1q
b8XEEu7HNzFGI2dYdQO4yURCWJs+SKihmaWhloXU+IyDByEqdB7L5t9jYABqJZz2
Lgwi6OrpYMCp9T5eeSQSvs/yIKDuJkhDAjkEosYntKVYnZpcuXwtjOp/hwXN
-----END CERTIFICATE-----
Generated at Sat Jun 7 01:23:53 2025 by rpki-client