Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/qKmhTh87DdeQns-wf2moZ-me5dI.roa
File: qKmhTh87DdeQns-wf2moZ-me5dI.roa (raw, json)
Hash identifier: HqU0Eark8YF/3UIw1CM99O5e5ATSOLN65xgagQZxXSE=
Subject key identifier: A8:A9:A1:4E:1F:3B:0D:D7:90:9E:CF:B0:7F:69:A8:67:E9:9E:E5:D2
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 018948D786F8EBDE52BAB603F928A0B6FF99
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/qKmhTh87DdeQns-wf2moZ-me5dI.roa
Signing time: Wed 12 Jul 2023 06:43:51 +0000
ROA not before: Wed 12 Jul 2023 06:43:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 55154
IP address blocks: 37.128.252.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:48:d7:86:f8:eb:de:52:ba:b6:03:f9:28:a0:b6:ff:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Jul 12 06:43:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a8a9a14e1f3b0dd7909ecfb07f69a867e99ee5d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:06:41:91:37:eb:9f:d2:d9:23:ed:ed:09:3a:
00:d3:b4:1e:f3:fb:31:ea:dd:22:a5:3a:c0:d5:f1:
b5:e8:4f:5a:37:4b:38:26:1d:2e:fe:c1:7b:38:12:
fa:ca:c8:fe:8a:d4:26:2b:14:81:9a:8b:d8:7e:1d:
4d:95:37:5a:5a:bb:6c:41:99:c2:4b:e3:fb:52:f9:
2c:5e:e7:61:2d:11:07:c3:4c:c1:b4:f6:7f:00:8b:
47:6e:ab:66:04:71:d3:f5:27:67:4b:99:a5:e0:1a:
e0:da:25:c9:56:77:f7:1e:e4:80:80:17:9b:b2:3a:
f5:c4:b9:57:31:19:50:04:74:d9:80:03:f6:1d:6d:
2e:4e:83:a9:46:21:ef:c8:36:68:c6:df:8d:31:9e:
ee:d2:60:76:1d:b7:6c:25:53:29:45:50:47:a1:7f:
dd:c3:61:47:89:f0:56:ed:b7:ab:a3:d8:3a:c6:18:
65:80:77:36:7c:d0:3b:79:3e:af:bf:b1:fe:db:06:
63:78:e4:91:fa:1e:40:31:18:bb:42:aa:b5:be:8e:
09:d0:11:69:7e:f6:8e:79:1e:a3:88:3f:27:72:8d:
b4:fa:2c:75:3f:f1:a3:c6:9e:5d:16:2e:48:61:7e:
4f:e1:b8:ed:3a:80:b9:9e:c5:8d:a3:02:2f:c6:8b:
60:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:A9:A1:4E:1F:3B:0D:D7:90:9E:CF:B0:7F:69:A8:67:E9:9E:E5:D2
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/qKmhTh87DdeQns-wf2moZ-me5dI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.252.0/23
Signature Algorithm: sha256WithRSAEncryption
b7:d5:3a:b9:3c:16:00:68:8d:9f:95:f1:b6:24:35:2f:ea:33:
9f:23:1e:65:cc:53:e8:2a:3b:2c:f3:03:75:3c:47:3f:14:66:
a5:a0:05:82:24:db:7a:1b:d7:75:6f:a2:88:da:02:2e:b4:9b:
aa:0a:f6:f3:e1:f5:72:13:6a:65:36:90:bd:c4:19:a3:92:26:
d3:ce:a1:44:3d:12:0f:29:5d:1d:46:be:bb:2f:dc:0f:21:11:
ef:d8:de:78:9d:6f:a0:c9:cd:26:6b:3c:aa:bc:39:d8:a5:e1:
0c:05:35:c0:2d:df:2a:ec:89:17:2b:2c:3c:c1:57:c6:e8:84:
15:e3:6a:e0:71:17:b7:5f:f6:f9:0e:6e:43:a1:2b:0b:77:ad:
a3:42:7d:ea:47:1e:40:09:77:d3:2b:5c:aa:4d:cc:df:3b:86:
da:2a:0a:2a:3a:56:1d:1c:0b:20:93:a4:da:c8:e0:06:a6:8f:
07:ce:8d:9c:93:e5:26:7a:3a:e1:4f:46:26:55:1d:c0:d7:2d:
dc:54:22:c0:8f:ea:d6:17:cf:f0:0f:23:21:0c:31:1a:73:4f:
ca:27:e6:0d:57:67:3d:b1:cb:a5:ad:16:89:51:6b:56:55:19:
ab:43:44:98:10:87:fc:0d:b3:3c:a0:ad:56:7a:66:c8:2e:82:
5d:08:2e:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlI14b4695SurYD+Sigtv+ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjMwNzEyMDY0MzUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGE5YTE0ZTFmM2IwZGQ3OTA5ZWNmYjA3ZjY5YTg2N2U5OWVlNWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQZBkTfrn9LZI+3tCToA07Qe8/sx
6t0ipTrA1fG16E9aN0s4Jh0u/sF7OBL6ysj+itQmKxSBmovYfh1NlTdaWrtsQZnC
S+P7UvksXudhLREHw0zBtPZ/AItHbqtmBHHT9SdnS5ml4Brg2iXJVnf3HuSAgBeb
sjr1xLlXMRlQBHTZgAP2HW0uToOpRiHvyDZoxt+NMZ7u0mB2HbdsJVMpRVBHoX/d
w2FHifBW7bero9g6xhhlgHc2fNA7eT6vv7H+2wZjeOSR+h5AMRi7Qqq1vo4J0BFp
fvaOeR6jiD8nco20+ix1P/Gjxp5dFi5IYX5P4bjtOoC5nsWNowIvxotgiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKipoU4fOw3XkJ7PsH9pqGfpnuXSMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvcUttaFRoODdEZGVRbnMtd2YybW9aLW1lNWRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBJYD8MA0G
CSqGSIb3DQEBCwUAA4IBAQC31Tq5PBYAaI2flfG2JDUv6jOfIx5lzFPoKjss8wN1
PEc/FGaloAWCJNt6G9d1b6KI2gIutJuqCvbz4fVyE2plNpC9xBmjkibTzqFEPRIP
KV0dRr67L9wPIRHv2N54nW+gyc0mazyqvDnYpeEMBTXALd8q7IkXKyw8wVfG6IQV
42rgcRe3X/b5Dm5DoSsLd62jQn3qRx5ACXfTK1yqTczfO4baKgoqOlYdHAsgk6Ta
yOAGpo8Hzo2ck+UmejrhT0YmVR3A1y3cVCLAj+rWF8/wDyMhDDEac0/KJ+YNV2c9
sculrRaJUWtWVRmrQ0SYEIf8DbM8oK1WembILoJdCC6P
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:20:08 2025 by rpki-client