Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/4fd090-6fae-4a6a-8f9e-34d71485c547/1/QrIqBCIr1KE944xLLTDbPAP3x0I.roa
File: QrIqBCIr1KE944xLLTDbPAP3x0I.roa (raw, json)
Hash identifier: cn1dzEaYtmT8WfVM3ckeEWMmGgdZ6jIoVKugkSV+CDo=
Subject key identifier: 42:B2:2A:04:22:2B:D4:A1:3D:E3:8C:4B:2D:30:DB:3C:03:F7:C7:42
Certificate issuer: /CN=3ef325ef4cbaa66cc71ffcc6880877e76e149afd
Certificate serial: 01847A0E3AF918BD87FFBF9B3A18D4AE9E87
Authority key identifier: 3E:F3:25:EF:4C:BA:A6:6C:C7:1F:FC:C6:88:08:77:E7:6E:14:9A:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PvMl70y6pmzHH_zGiAh3524Umv0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/4fd090-6fae-4a6a-8f9e-34d71485c547/1/QrIqBCIr1KE944xLLTDbPAP3x0I.roa
Signing time: Tue 15 Nov 2022 06:51:03 +0000
ROA not before: Tue 15 Nov 2022 06:51:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201470
IP address blocks: 155.133.24.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7a:0e:3a:f9:18:bd:87:ff:bf:9b:3a:18:d4:ae:9e:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ef325ef4cbaa66cc71ffcc6880877e76e149afd
Validity
Not Before: Nov 15 06:51:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=42b22a04222bd4a13de38c4b2d30db3c03f7c742
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:1b:5c:d6:73:83:b5:06:f6:1e:32:56:c8:a0:
f6:85:94:0b:83:61:b8:67:16:e2:67:4d:68:c1:93:
1c:16:27:74:38:c8:bd:0d:fd:2e:55:5b:14:f6:ef:
7c:04:34:61:78:12:e4:1c:51:0a:5c:18:6c:c3:15:
5d:ce:37:b5:0a:09:42:99:9e:5e:7d:be:34:09:c0:
e5:e1:8f:f9:2c:c9:2a:18:7a:97:9a:ff:4b:e4:95:
9c:13:c2:80:e2:4f:ee:0a:57:88:e8:3c:b7:c0:49:
fd:77:cd:6e:05:03:7e:c8:35:f0:58:b4:b0:93:e6:
7b:8c:2e:d2:0c:a7:ca:8a:49:7c:93:5d:a6:ff:29:
b1:1c:4b:bd:01:a9:05:64:9e:28:d2:a1:92:c2:26:
f2:77:59:5f:06:93:fb:64:9d:83:82:9c:31:11:81:
b1:cf:88:73:47:21:f7:c5:70:d6:4c:da:14:5f:2a:
a3:f5:ec:f4:f1:fd:e2:29:ce:79:56:d7:b0:2c:f2:
ec:df:5e:78:bb:b9:c8:13:26:04:ca:52:71:f2:06:
71:3a:6a:8c:f6:c7:cf:c1:3b:66:b0:08:d0:19:cd:
b8:3f:a0:48:ca:0c:32:fb:54:3f:c1:e3:f5:7c:02:
bc:86:4b:99:02:41:c9:3b:40:9a:fa:7a:30:75:86:
ec:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:B2:2A:04:22:2B:D4:A1:3D:E3:8C:4B:2D:30:DB:3C:03:F7:C7:42
X509v3 Authority Key Identifier:
keyid:3E:F3:25:EF:4C:BA:A6:6C:C7:1F:FC:C6:88:08:77:E7:6E:14:9A:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PvMl70y6pmzHH_zGiAh3524Umv0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/4fd090-6fae-4a6a-8f9e-34d71485c547/1/QrIqBCIr1KE944xLLTDbPAP3x0I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/4fd090-6fae-4a6a-8f9e-34d71485c547/1/PvMl70y6pmzHH_zGiAh3524Umv0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.133.24.0/23
Signature Algorithm: sha256WithRSAEncryption
84:7a:ad:fc:00:d6:5c:97:5b:7f:c2:e4:ba:b3:2e:34:b8:74:
ba:24:d4:a8:19:19:22:2b:5e:cf:ef:a7:2f:8a:80:b5:62:db:
36:dd:17:59:5d:76:e2:17:6e:7e:ba:cc:48:d8:02:ce:43:bf:
df:60:d3:07:57:94:da:43:07:e1:dc:e5:49:08:1d:e2:38:9f:
37:6a:5a:2d:3c:17:ea:83:f4:20:7e:61:b4:80:ad:fa:83:be:
0c:a1:a4:96:bc:f1:49:b6:8e:88:48:c7:6d:5d:af:42:32:5e:
42:d5:c0:30:bb:14:0f:c9:07:ec:76:61:bd:79:53:ee:b9:6a:
c5:4e:08:79:df:89:f9:20:d0:00:bb:95:97:bf:9f:b7:a1:a8:
ec:f1:7f:87:71:54:a2:e5:4d:31:55:5f:d6:97:2e:ad:19:d9:
03:60:38:60:1b:7f:fd:ed:f8:71:e3:d3:27:6d:8b:bd:76:7d:
a6:28:fb:d4:91:f3:65:36:b6:f7:6d:cd:3f:a2:d5:eb:28:64:
ff:df:e3:bb:d5:98:a5:84:ae:80:48:86:4d:28:c5:9a:40:34:
b9:15:1d:02:14:a8:91:54:bd:ff:d7:d9:52:d9:e5:dc:da:10:
79:f8:ca:08:44:25:af:78:8b:88:5f:de:14:c9:45:d1:46:42:
7e:18:0a:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYR6Djr5GL2H/7+bOhjUrp6HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZjMyNWVmNGNiYWE2NmNjNzFmZmNjNjg4MDg3N2U3NmUx
NDlhZmQwHhcNMjIxMTE1MDY1MTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmIyMmEwNDIyMmJkNGExM2RlMzhjNGIyZDMwZGIzYzAzZjdjNzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3xtc1nODtQb2HjJWyKD2hZQLg2G4
ZxbiZ01owZMcFid0OMi9Df0uVVsU9u98BDRheBLkHFEKXBhswxVdzje1CglCmZ5e
fb40CcDl4Y/5LMkqGHqXmv9L5JWcE8KA4k/uCleI6Dy3wEn9d81uBQN+yDXwWLSw
k+Z7jC7SDKfKikl8k12m/ymxHEu9AakFZJ4o0qGSwibyd1lfBpP7ZJ2DgpwxEYGx
z4hzRyH3xXDWTNoUXyqj9ez08f3iKc55VtewLPLs3154u7nIEyYEylJx8gZxOmqM
9sfPwTtmsAjQGc24P6BIygwy+1Q/weP1fAK8hkuZAkHJO0Ca+nowdYbszQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEKyKgQiK9ShPeOMSy0w2zwD98dCMB8GA1UdIwQY
MBaAFD7zJe9MuqZsxx/8xogId+duFJr9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHZNbDcweTZwbXpISF96R2lBaDM1MjRVbXYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS80ZmQwOTAtNmZhZS00YTZhLThmOWUt
MzRkNzE0ODVjNTQ3LzEvUXJJcUJDSXIxS0U5NDR4TExURGJQQVAzeDBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS80ZmQwOTAtNmZhZS00YTZhLThmOWUtMzRkNzE0ODVjNTQ3
LzEvUHZNbDcweTZwbXpISF96R2lBaDM1MjRVbXYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBm4UYMA0G
CSqGSIb3DQEBCwUAA4IBAQCEeq38ANZcl1t/wuS6sy40uHS6JNSoGRkiK17P76cv
ioC1Yts23RdZXXbiF25+usxI2ALOQ7/fYNMHV5TaQwfh3OVJCB3iOJ83alotPBfq
g/QgfmG0gK36g74MoaSWvPFJto6ISMdtXa9CMl5C1cAwuxQPyQfsdmG9eVPuuWrF
Tgh534n5INAAu5WXv5+3oajs8X+HcVSi5U0xVV/Wly6tGdkDYDhgG3/97fhx49Mn
bYu9dn2mKPvUkfNlNrb3bc0/otXrKGT/3+O71ZilhK6ASIZNKMWaQDS5FR0CFKiR
VL3/19lS2eXc2hB5+MoIRCWveIuIX94UyUXRRkJ+GApb
-----END CERTIFICATE-----
Generated at Sun Apr 6 09:43:24 2025 by rpki-client