Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/a01f82-9193-4199-95a8-83ae5d9c832f/1/QIpDes9_3e2fV9wvEwjb7wTTLaA.roa
File: QIpDes9_3e2fV9wvEwjb7wTTLaA.roa (raw, json)
Hash identifier: NEVYTmfeob4EMgp6F8zUCNseYX0rE1/2QYVNH6jU5kg=
Subject key identifier: 40:8A:43:7A:CF:7F:DD:ED:9F:57:DC:2F:13:08:DB:EF:04:D3:2D:A0
Certificate issuer: /CN=a59ac8323ebb6be20fae89d098ca24138f8c9005
Certificate serial: 01856D4A9EE7A765E12274B0ECB24ABD758F
Authority key identifier: A5:9A:C8:32:3E:BB:6B:E2:0F:AE:89:D0:98:CA:24:13:8F:8C:90:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pZrIMj67a-IPronQmMokE4-MkAU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/a01f82-9193-4199-95a8-83ae5d9c832f/1/QIpDes9_3e2fV9wvEwjb7wTTLaA.roa
Signing time: Sun 01 Jan 2023 12:24:44 +0000
ROA not before: Sun 01 Jan 2023 12:24:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24595
IP address blocks: 85.159.96.0/21 maxlen: 21
185.94.120.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:4a:9e:e7:a7:65:e1:22:74:b0:ec:b2:4a:bd:75:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a59ac8323ebb6be20fae89d098ca24138f8c9005
Validity
Not Before: Jan 1 12:24:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=408a437acf7fdded9f57dc2f1308dbef04d32da0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f8:6b:22:7d:0a:89:c7:6a:be:60:90:94:56:
3a:fd:a9:82:e7:22:60:43:3b:7d:6b:f0:bf:ef:ab:
19:02:9f:7f:bb:29:8a:3a:ca:f9:0d:39:fa:21:55:
47:26:6e:fd:59:d3:09:ca:19:0b:2c:8a:92:d3:5e:
39:9e:75:37:c0:91:b5:27:d5:b1:cb:53:5f:a6:27:
f2:19:59:a1:5c:d7:87:b5:62:15:c1:4b:c8:ab:fb:
df:fb:2b:98:49:2e:f7:ac:40:6f:49:dd:ae:1e:f0:
5a:bd:35:71:59:bc:26:9e:0c:64:f0:ae:98:dd:2a:
82:49:92:fb:b3:86:ed:3f:c1:9c:7b:65:82:36:ab:
07:ff:66:63:f1:eb:95:cf:38:f1:55:76:6e:ad:02:
1d:f0:cc:62:7d:a8:a2:fb:ac:9e:2f:98:b5:1c:de:
9c:07:93:49:d0:3a:c2:19:80:a9:03:8f:1d:dd:81:
5a:44:1a:30:2f:08:4d:4d:fb:1b:13:e4:6f:0c:fe:
56:9a:72:83:5a:3d:42:b5:7b:7e:7d:38:34:18:c3:
c4:1f:8a:bf:91:97:f5:32:cd:14:de:5f:fc:ec:7d:
80:f0:61:09:07:df:e5:6c:fa:b3:11:2b:35:1a:1e:
22:0f:08:04:1d:40:89:b9:1e:53:bc:99:65:f9:30:
ff:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:8A:43:7A:CF:7F:DD:ED:9F:57:DC:2F:13:08:DB:EF:04:D3:2D:A0
X509v3 Authority Key Identifier:
keyid:A5:9A:C8:32:3E:BB:6B:E2:0F:AE:89:D0:98:CA:24:13:8F:8C:90:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pZrIMj67a-IPronQmMokE4-MkAU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/a01f82-9193-4199-95a8-83ae5d9c832f/1/QIpDes9_3e2fV9wvEwjb7wTTLaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/a01f82-9193-4199-95a8-83ae5d9c832f/1/pZrIMj67a-IPronQmMokE4-MkAU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.159.96.0/21
185.94.120.0/22
Signature Algorithm: sha256WithRSAEncryption
e0:3b:58:5b:97:cb:db:46:77:38:6d:b0:99:62:b3:0c:7b:87:
44:48:6a:ca:4b:d8:3a:fc:ae:91:56:21:a4:34:18:6c:ce:d5:
ac:1b:a9:91:a5:90:d2:57:87:73:27:b2:94:5a:c1:11:98:3f:
27:6c:6a:f7:7d:e7:38:51:d8:48:1b:12:58:db:f9:d6:96:15:
af:10:3b:ca:60:15:5f:e3:f7:d6:c6:81:c8:c2:46:3e:35:ad:
d6:02:c2:e2:ea:00:01:96:dd:a2:d9:ca:1d:d5:72:50:3b:be:
75:f6:3f:de:4a:d8:9c:24:1e:1c:d9:54:06:82:92:d0:08:f3:
3b:02:c4:0f:2a:f7:7d:5c:26:f9:65:e6:57:d6:63:17:ed:62:
25:aa:88:30:98:4b:2f:20:22:f2:95:84:5d:5e:07:16:09:65:
51:0e:7c:f1:9d:d7:da:97:43:4c:55:3b:9d:28:08:a8:86:2f:
11:47:67:6a:73:79:59:d8:83:14:4f:79:4c:46:01:32:87:f1:
b1:8a:03:29:6e:cb:bc:d0:64:e3:62:f6:42:b1:97:f8:19:2b:
b2:ba:55:83:fb:ff:5d:2a:7b:5f:3f:37:54:7e:43:97:e0:c4:
8b:e1:bd:97:b7:55:69:c8:f0:84:de:b7:90:c4:24:24:55:4c:
58:72:a4:3c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtSp7np2XhInSw7LJKvXWPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1OWFjODMyM2ViYjZiZTIwZmFlODlkMDk4Y2EyNDEzOGY4
YzkwMDUwHhcNMjMwMTAxMTIyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDhhNDM3YWNmN2ZkZGVkOWY1N2RjMmYxMzA4ZGJlZjA0ZDMyZGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvhrIn0KicdqvmCQlFY6/amC5yJg
Qzt9a/C/76sZAp9/uymKOsr5DTn6IVVHJm79WdMJyhkLLIqS0145nnU3wJG1J9Wx
y1NfpifyGVmhXNeHtWIVwUvIq/vf+yuYSS73rEBvSd2uHvBavTVxWbwmngxk8K6Y
3SqCSZL7s4btP8Gce2WCNqsH/2Zj8euVzzjxVXZurQId8Mxifaii+6yeL5i1HN6c
B5NJ0DrCGYCpA48d3YFaRBowLwhNTfsbE+RvDP5WmnKDWj1CtXt+fTg0GMPEH4q/
kZf1Ms0U3l/87H2A8GEJB9/lbPqzESs1Gh4iDwgEHUCJuR5TvJll+TD/EwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFECKQ3rPf93tn1fcLxMI2+8E0y2gMB8GA1UdIwQY
MBaAFKWayDI+u2viD66J0JjKJBOPjJAFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFpySU1qNjdhLUlQcm9uUW1Nb2tFNC1Na0FVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9hMDFmODItOTE5My00MTk5LTk1YTgt
ODNhZTVkOWM4MzJmLzEvUUlwRGVzOV8zZTJmVjl3dkV3amI3d1RUTGFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9hMDFmODItOTE5My00MTk5LTk1YTgtODNhZTVkOWM4MzJm
LzEvcFpySU1qNjdhLUlQcm9uUW1Nb2tFNC1Na0FVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDVZ9gAwQC
uV54MA0GCSqGSIb3DQEBCwUAA4IBAQDgO1hbl8vbRnc4bbCZYrMMe4dESGrKS9g6
/K6RViGkNBhsztWsG6mRpZDSV4dzJ7KUWsERmD8nbGr3fec4UdhIGxJY2/nWlhWv
EDvKYBVf4/fWxoHIwkY+Na3WAsLi6gABlt2i2cod1XJQO7519j/eSticJB4c2VQG
gpLQCPM7AsQPKvd9XCb5ZeZX1mMX7WIlqogwmEsvICLylYRdXgcWCWVRDnzxndfa
l0NMVTudKAiohi8RR2dqc3lZ2IMUT3lMRgEyh/GxigMpbsu80GTjYvZCsZf4GSuy
ulWD+/9dKntfPzdUfkOX4MSL4b2Xt1VpyPCE3reQxCQkVUxYcqQ8
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:24:51 2025 by rpki-client