Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/0fd5f4-56c0-48ba-b02b-d138a9c4e43f/1/qho55gKwDecqfWINu90-t0uwLw0.roa
File: qho55gKwDecqfWINu90-t0uwLw0.roa (raw, json)
Hash identifier: FfB65q8/I/33HZc1A5vplvNT16sLQqIOfxzega2HERk=
Subject key identifier: AA:1A:39:E6:02:B0:0D:E7:2A:7D:62:0D:BB:DD:3E:B7:4B:B0:2F:0D
Certificate issuer: /CN=ea93edfc2aa748e4981050ec06e3a66920265e17
Certificate serial: 0187B490811AADB0DEDC6F88D42E88A0C4A6
Authority key identifier: EA:93:ED:FC:2A:A7:48:E4:98:10:50:EC:06:E3:A6:69:20:26:5E:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6pPt_CqnSOSYEFDsBuOmaSAmXhc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/0fd5f4-56c0-48ba-b02b-d138a9c4e43f/1/qho55gKwDecqfWINu90-t0uwLw0.roa
Signing time: Mon 24 Apr 2023 18:39:41 +0000
ROA not before: Mon 24 Apr 2023 18:39:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35280
IP address blocks: 132.72.0.0/16 maxlen: 16
132.73.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b4:90:81:1a:ad:b0:de:dc:6f:88:d4:2e:88:a0:c4:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea93edfc2aa748e4981050ec06e3a66920265e17
Validity
Not Before: Apr 24 18:39:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa1a39e602b00de72a7d620dbbdd3eb74bb02f0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c0:11:e7:33:47:67:9a:ac:fd:99:dd:76:0d:
2e:e6:25:66:c1:4c:26:1e:dd:4f:42:28:62:dd:9e:
fb:88:df:b0:3e:31:ce:c7:a1:d3:f0:ee:ed:c2:89:
85:47:70:93:1f:97:7a:2e:5e:fb:b8:4a:40:51:b3:
4d:e0:75:db:6a:36:97:c7:71:8e:26:02:06:4e:a8:
33:fb:fc:b4:c5:7b:36:7a:f0:fc:86:88:d8:ab:6f:
20:e3:3d:cc:f9:ee:4d:9f:1f:fb:2c:50:f4:ca:66:
ac:32:bb:cf:02:ec:0e:40:ae:a7:e2:85:30:0f:78:
85:31:b2:91:cc:01:51:1b:e2:21:fe:a2:a2:00:e7:
56:d9:3f:a9:f1:da:1d:b1:c4:45:b1:41:66:46:2f:
b6:9a:07:10:84:7c:63:b0:3d:82:60:9a:fe:87:93:
b1:9c:25:81:e6:4b:e0:14:45:54:17:c6:c5:b8:39:
8c:54:aa:1f:95:e2:b4:a1:1e:da:77:8f:c5:17:4a:
b6:88:bb:2d:03:e1:97:d6:55:f9:81:92:80:e1:6f:
fc:3f:c9:24:fb:7b:4d:cf:f7:df:c7:cf:27:ed:1e:
05:f9:39:fb:77:0c:1b:15:2f:06:aa:5c:f6:f5:9d:
b7:18:13:c2:93:8e:13:b4:c3:f3:df:a5:97:7e:06:
43:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:1A:39:E6:02:B0:0D:E7:2A:7D:62:0D:BB:DD:3E:B7:4B:B0:2F:0D
X509v3 Authority Key Identifier:
keyid:EA:93:ED:FC:2A:A7:48:E4:98:10:50:EC:06:E3:A6:69:20:26:5E:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6pPt_CqnSOSYEFDsBuOmaSAmXhc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/0fd5f4-56c0-48ba-b02b-d138a9c4e43f/1/qho55gKwDecqfWINu90-t0uwLw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/0fd5f4-56c0-48ba-b02b-d138a9c4e43f/1/6pPt_CqnSOSYEFDsBuOmaSAmXhc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
132.72.0.0/15
Signature Algorithm: sha256WithRSAEncryption
58:e0:a4:23:42:70:3f:b8:27:ac:be:8e:9b:ed:22:c5:8b:12:
c2:ae:0f:53:0a:ab:da:bc:78:f3:1c:b7:1a:d7:80:cd:bb:84:
32:d9:32:e4:6a:a9:8c:7f:9a:37:42:20:c2:ef:3e:33:bc:88:
f6:6d:a5:86:5a:5e:73:f3:1c:c5:54:c1:50:3f:da:bc:64:91:
dd:bf:5e:11:2f:a9:38:29:b5:f4:dd:2f:9a:c3:78:40:e5:c9:
ef:bf:ee:00:63:b4:52:cf:66:e4:d8:b1:ab:1d:bc:8b:02:82:
4e:6e:f6:b1:b0:09:f2:93:df:dd:d2:9e:86:3e:97:5a:d5:b1:
81:1d:59:36:8e:18:ae:f8:0d:93:11:99:b1:b3:ae:07:82:7d:
5c:50:ad:7d:fe:ad:d4:85:34:b9:00:14:1b:d8:db:26:d5:6f:
70:92:09:97:c7:cc:37:bc:fa:45:fe:8a:a5:a1:50:ab:2a:e7:
ef:f7:da:9d:b4:e5:a6:25:40:3c:22:3f:cd:57:ed:29:61:22:
41:f5:53:72:40:f5:8d:27:2c:4e:62:83:7e:b5:f4:08:ef:11:
1c:a7:f2:ea:76:16:5e:f2:86:5d:a0:58:3b:2b:67:93:8e:24:
7d:00:64:cf:a8:b9:66:91:59:45:36:f8:39:89:7b:9f:78:10:
d4:0d:2f:5c
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYe0kIEarbDe3G+I1C6IoMSmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhOTNlZGZjMmFhNzQ4ZTQ5ODEwNTBlYzA2ZTNhNjY5MjAy
NjVlMTcwHhcNMjMwNDI0MTgzOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTFhMzllNjAyYjAwZGU3MmE3ZDYyMGRiYmRkM2ViNzRiYjAyZjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAssAR5zNHZ5qs/Znddg0u5iVmwUwm
Ht1PQihi3Z77iN+wPjHOx6HT8O7twomFR3CTH5d6Ll77uEpAUbNN4HXbajaXx3GO
JgIGTqgz+/y0xXs2evD8hojYq28g4z3M+e5Nnx/7LFD0ymasMrvPAuwOQK6n4oUw
D3iFMbKRzAFRG+Ih/qKiAOdW2T+p8dodscRFsUFmRi+2mgcQhHxjsD2CYJr+h5Ox
nCWB5kvgFEVUF8bFuDmMVKofleK0oR7ad4/FF0q2iLstA+GX1lX5gZKA4W/8P8kk
+3tNz/ffx88n7R4F+Tn7dwwbFS8Gqlz29Z23GBPCk44TtMPz36WXfgZD0wIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFKoaOeYCsA3nKn1iDbvdPrdLsC8NMB8GA1UdIwQY
MBaAFOqT7fwqp0jkmBBQ7AbjpmkgJl4XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnBQdF9DcW5TT1NZRUZEc0J1T21hU0FtWGhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy8wZmQ1ZjQtNTZjMC00OGJhLWIwMmIt
ZDEzOGE5YzRlNDNmLzEvcWhvNTVnS3dEZWNxZldJTnU5MC10MHV3THcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy8wZmQ1ZjQtNTZjMC00OGJhLWIwMmItZDEzOGE5YzRlNDNm
LzEvNnBQdF9DcW5TT1NZRUZEc0J1T21hU0FtWGhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMBhEgwDQYJ
KoZIhvcNAQELBQADggEBAFjgpCNCcD+4J6y+jpvtIsWLEsKuD1MKq9q8ePMctxrX
gM27hDLZMuRqqYx/mjdCIMLvPjO8iPZtpYZaXnPzHMVUwVA/2rxkkd2/XhEvqTgp
tfTdL5rDeEDlye+/7gBjtFLPZuTYsasdvIsCgk5u9rGwCfKT393SnoY+l1rVsYEd
WTaOGK74DZMRmbGzrgeCfVxQrX3+rdSFNLkAFBvY2ybVb3CSCZfHzDe8+kX+iqWh
UKsq5+/32p205aYlQDwiP81X7SlhIkH1U3JA9Y0nLE5ig3619AjvERyn8up2Fl7y
hl2gWDsrZ5OOJH0AZM+ouWaRWUU2+DmJe594ENQNL1w=
-----END CERTIFICATE-----
Generated at Fri Apr 18 16:02:24 2025 by rpki-client