Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/0c7243-1ffb-49d2-b5c1-b402e8a1d934/1/qN3jSZR54vxFM7Z5wDAeOaIzxO8.roa
File: qN3jSZR54vxFM7Z5wDAeOaIzxO8.roa (raw, json)
Hash identifier: I/FXRWTFw/oQDEcSOXmOz/Kv6QTIZAioW96NlleTL6o=
Subject key identifier: A8:DD:E3:49:94:79:E2:FC:45:33:B6:79:C0:30:1E:39:A2:33:C4:EF
Certificate issuer: /CN=7fe0e759354e83cc19320381109de22da0f1a700
Certificate serial: 018606A2A517B7E5FC9CE6F1A4A4D88D2411
Authority key identifier: 7F:E0:E7:59:35:4E:83:CC:19:32:03:81:10:9D:E2:2D:A0:F1:A7:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f-DnWTVOg8wZMgOBEJ3iLaDxpwA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/0c7243-1ffb-49d2-b5c1-b402e8a1d934/1/qN3jSZR54vxFM7Z5wDAeOaIzxO8.roa
Signing time: Tue 31 Jan 2023 07:02:47 +0000
ROA not before: Tue 31 Jan 2023 07:02:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49814
IP address blocks: 176.65.32.0/19 maxlen: 19
31.24.24.0/21 maxlen: 21
91.226.73.0/24 maxlen: 24
2a00:9700::/32 maxlen: 32
2a00:9700::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:06:a2:a5:17:b7:e5:fc:9c:e6:f1:a4:a4:d8:8d:24:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7fe0e759354e83cc19320381109de22da0f1a700
Validity
Not Before: Jan 31 07:02:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a8dde3499479e2fc4533b679c0301e39a233c4ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:e4:50:75:f0:d3:49:3d:0a:1c:39:53:ba:42:
c0:51:92:83:49:9f:b8:24:f7:d8:c5:da:a9:70:d8:
f1:8e:99:5b:8d:47:ae:1f:0e:9b:27:30:46:f7:96:
ea:4b:74:e2:d2:4a:01:1d:ce:dd:87:68:3c:3a:9c:
9d:fc:0a:13:8a:b6:99:15:44:78:85:9f:d0:8d:67:
d8:b0:cd:01:d1:1d:64:9a:8e:3d:f7:26:d5:9b:23:
ba:2d:54:8f:df:b3:e6:ee:18:bb:ca:e5:65:d1:64:
ae:6c:da:da:22:97:02:f1:65:bd:8b:60:89:72:4d:
1e:46:7c:ee:28:42:c3:2a:7d:15:8e:cf:cd:c3:3d:
44:1a:97:e2:db:e7:c0:fb:37:38:c6:4a:2e:ad:13:
48:fb:f1:9c:84:a3:16:a3:68:b2:6c:a2:4c:62:1b:
ac:c4:9a:df:63:8b:24:0f:ac:05:82:a7:45:1a:9b:
cc:58:af:e9:1e:e6:53:6e:24:70:80:54:55:c9:44:
2c:0a:f2:4c:31:c5:74:e3:c3:5b:d7:ec:29:6a:b6:
e6:98:aa:a0:0b:dc:51:ca:23:14:be:f7:d0:22:9c:
57:e4:36:ca:95:0e:8c:6c:3c:6e:77:ee:2e:51:7c:
bb:d5:51:64:60:6e:75:03:2d:b6:02:39:34:41:f1:
0b:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:DD:E3:49:94:79:E2:FC:45:33:B6:79:C0:30:1E:39:A2:33:C4:EF
X509v3 Authority Key Identifier:
keyid:7F:E0:E7:59:35:4E:83:CC:19:32:03:81:10:9D:E2:2D:A0:F1:A7:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f-DnWTVOg8wZMgOBEJ3iLaDxpwA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/0c7243-1ffb-49d2-b5c1-b402e8a1d934/1/qN3jSZR54vxFM7Z5wDAeOaIzxO8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/0c7243-1ffb-49d2-b5c1-b402e8a1d934/1/f-DnWTVOg8wZMgOBEJ3iLaDxpwA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.24.0/21
91.226.73.0/24
176.65.32.0/19
IPv6:
2a00:9700::/32
Signature Algorithm: sha256WithRSAEncryption
39:c8:08:5e:70:eb:e7:6c:af:bb:03:4d:02:17:00:61:d8:fa:
85:22:95:2d:cd:ab:7f:aa:f7:1a:8e:e4:a6:a1:d1:0d:ca:7a:
51:ed:ca:55:e4:f9:79:66:12:eb:7e:23:ee:29:b6:fa:83:de:
54:84:11:f9:bf:a2:ca:ec:e9:5e:a4:10:dd:15:fa:1e:40:55:
7f:b4:f4:33:0f:03:34:61:0c:0b:39:39:7a:8d:3b:b9:e0:f1:
63:61:17:65:a9:95:c8:31:2e:d2:87:51:ad:7f:d4:74:29:9b:
8a:cd:7c:78:59:09:6f:e9:db:d8:3a:09:7a:d5:7f:bf:b0:d8:
29:ba:5f:63:cd:88:f3:35:dc:d6:f1:0a:57:65:40:68:45:a3:
0f:13:f0:af:05:c5:60:8d:cc:8e:48:35:cb:ba:f3:bf:f7:ec:
34:75:3c:35:9b:5b:ab:a5:bf:44:93:d9:b0:82:58:6a:a4:46:
2a:1f:dc:9a:50:80:ad:44:87:81:52:cf:31:69:2a:eb:cf:af:
1e:d6:6e:20:17:f8:7f:ab:8a:4d:38:a0:30:6b:ec:f1:5f:f1:
0e:3f:f5:15:07:54:ee:c2:68:f2:24:80:a4:a2:d7:64:21:2f:
85:37:0f:f4:bb:52:e4:9e:7d:d3:7a:54:31:08:c8:7c:99:25:
d0:54:70:9e
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYYGoqUXt+X8nObxpKTYjSQRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmZTBlNzU5MzU0ZTgzY2MxOTMyMDM4MTEwOWRlMjJkYTBm
MWE3MDAwHhcNMjMwMTMxMDcwMjQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGRkZTM0OTk0NzllMmZjNDUzM2I2NzljMDMwMWUzOWEyMzNjNGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3uRQdfDTST0KHDlTukLAUZKDSZ+4
JPfYxdqpcNjxjplbjUeuHw6bJzBG95bqS3Ti0koBHc7dh2g8Opyd/AoTiraZFUR4
hZ/QjWfYsM0B0R1kmo499ybVmyO6LVSP37Pm7hi7yuVl0WSubNraIpcC8WW9i2CJ
ck0eRnzuKELDKn0Vjs/Nwz1EGpfi2+fA+zc4xkourRNI+/GchKMWo2iybKJMYhus
xJrfY4skD6wFgqdFGpvMWK/pHuZTbiRwgFRVyUQsCvJMMcV048Nb1+wparbmmKqg
C9xRyiMUvvfQIpxX5DbKlQ6MbDxud+4uUXy71VFkYG51Ay22Ajk0QfELbQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFKjd40mUeeL8RTO2ecAwHjmiM8TvMB8GA1UdIwQY
MBaAFH/g51k1ToPMGTIDgRCd4i2g8acAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZi1EbldUVk9nOHdaTWdPQkVKM2lMYUR4cHdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8wYzcyNDMtMWZmYi00OWQyLWI1YzEt
YjQwMmU4YTFkOTM0LzEvcU4zalNaUjU0dnhGTTdaNXdEQWVPYUl6eE84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8wYzcyNDMtMWZmYi00OWQyLWI1YzEtYjQwMmU4YTFkOTM0
LzEvZi1EbldUVk9nOHdaTWdPQkVKM2lMYUR4cHdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDHxgYAwQA
W+JJAwQFsEEgMA0EAgACMAcDBQAqAJcAMA0GCSqGSIb3DQEBCwUAA4IBAQA5yAhe
cOvnbK+7A00CFwBh2PqFIpUtzat/qvcajuSmodENynpR7cpV5Pl5ZhLrfiPuKbb6
g95UhBH5v6LK7OlepBDdFfoeQFV/tPQzDwM0YQwLOTl6jTu54PFjYRdlqZXIMS7S
h1Gtf9R0KZuKzXx4WQlv6dvYOgl61X+/sNgpul9jzYjzNdzW8QpXZUBoRaMPE/Cv
BcVgjcyOSDXLuvO/9+w0dTw1m1urpb9Ek9mwglhqpEYqH9yaUICtRIeBUs8xaSrr
z68e1m4gF/h/q4pNOKAwa+zxX/EOP/UVB1TuwmjyJICkotdkIS+FNw/0u1Lknn3T
elQxCMh8mSXQVHCe
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:37:36 2025 by rpki-client