Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/SQxHfPgjJZhgnmZSTJ0nc5nnBrc.roa
File: SQxHfPgjJZhgnmZSTJ0nc5nnBrc.roa (raw, json)
Hash identifier: IOqR1MVej5uLUU+tDb0kiynP6u+JOCI/27jye64Isgo=
Subject key identifier: 49:0C:47:7C:F8:23:25:98:60:9E:66:52:4C:9D:27:73:99:E7:06:B7
Certificate issuer: /CN=d07d7573aacae821c87d6d36431cfe4b2801ab41
Certificate serial: 01856B811759196E16C0FA64FFD68851A6F3
Authority key identifier: D0:7D:75:73:AA:CA:E8:21:C8:7D:6D:36:43:1C:FE:4B:28:01:AB:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0H11c6rK6CHIfW02Qxz-SygBq0E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/SQxHfPgjJZhgnmZSTJ0nc5nnBrc.roa
Signing time: Sun 01 Jan 2023 04:05:00 +0000
ROA not before: Sun 01 Jan 2023 04:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42625
IP address blocks: 213.145.96.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:81:17:59:19:6e:16:c0:fa:64:ff:d6:88:51:a6:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d07d7573aacae821c87d6d36431cfe4b2801ab41
Validity
Not Before: Jan 1 04:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=490c477cf8232598609e66524c9d277399e706b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:b3:f4:e2:8d:c7:29:da:dd:02:8d:74:2c:b8:
13:e3:64:9b:be:d5:11:f9:88:89:dd:24:93:6a:aa:
9b:ed:81:00:76:63:fa:71:c5:75:f8:8d:95:68:9e:
ce:37:59:29:f8:51:9d:eb:63:62:d1:b7:4c:c9:a7:
5f:48:6b:69:c0:7d:fe:41:21:77:8e:eb:51:ee:56:
f0:bb:bb:ff:b5:e1:d9:e2:18:c3:3c:a0:8b:94:b2:
5e:55:d2:0d:cd:1e:56:47:cb:2a:b4:c4:d6:6c:76:
d6:72:bc:d5:1f:50:54:ab:c0:7f:80:8f:01:ab:cb:
d0:9b:7b:7b:23:53:17:ee:f0:76:fa:1a:04:29:d3:
d2:55:5a:c4:17:f2:0e:6f:27:c6:68:71:27:1b:9a:
79:d5:1b:8d:30:73:8e:7a:ab:99:9d:32:12:b4:75:
bf:a1:7a:c7:23:95:04:71:f0:1e:70:0a:b8:af:e1:
5b:e4:e8:22:c8:6a:aa:fc:da:8f:5e:b9:5c:2b:5a:
c0:91:b2:17:99:64:19:9f:f3:d4:40:26:8d:ef:56:
e0:9e:31:63:82:7c:bc:02:23:98:81:d7:cb:54:10:
05:63:15:3c:e4:38:11:ee:68:62:8d:06:8d:5a:f0:
d5:a4:5f:05:a9:b3:4b:bd:00:07:62:bd:68:14:82:
ab:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:0C:47:7C:F8:23:25:98:60:9E:66:52:4C:9D:27:73:99:E7:06:B7
X509v3 Authority Key Identifier:
keyid:D0:7D:75:73:AA:CA:E8:21:C8:7D:6D:36:43:1C:FE:4B:28:01:AB:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0H11c6rK6CHIfW02Qxz-SygBq0E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/SQxHfPgjJZhgnmZSTJ0nc5nnBrc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/0H11c6rK6CHIfW02Qxz-SygBq0E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.145.96.0/24
Signature Algorithm: sha256WithRSAEncryption
30:13:76:39:28:6b:aa:d7:63:e2:1c:c7:eb:95:03:5c:01:d6:
b7:95:68:7c:c8:4c:38:98:45:40:92:13:75:fb:8a:b9:c3:a6:
20:96:f4:48:7f:90:c0:94:00:4a:bf:52:5a:e3:ee:d4:56:81:
ab:ff:f6:e5:f6:24:85:7e:da:15:b6:d9:47:05:02:d4:21:58:
64:44:42:2d:7f:b4:60:8f:6e:cb:42:91:d3:8a:f0:7b:11:c0:
07:66:48:a5:f3:59:7e:f4:d6:1c:c1:fd:9b:ca:4a:98:d5:92:
0a:64:af:de:e1:0d:87:ab:cc:54:a6:25:bf:c7:03:31:d9:21:
dc:89:75:21:df:47:75:0b:4f:4f:55:1f:8b:e8:dc:9a:03:f8:
6b:7a:3a:23:4b:fb:80:3c:a6:d4:3a:8d:19:cd:f0:67:92:3d:
70:f4:27:3b:41:ab:c3:f7:39:15:4d:eb:7e:25:a4:9c:ba:0d:
92:12:b0:2b:c9:ba:1a:f3:b1:67:7f:ce:b6:5e:89:ac:d2:79:
3b:a7:d3:d2:53:67:42:8a:55:e5:d9:87:0c:9c:5e:45:99:16:
ac:9e:ce:44:42:a6:62:5f:79:50:2a:fd:3a:de:45:a4:93:54:
5b:25:7d:d3:8d:2b:64:74:e8:bc:9b:16:31:30:ca:0e:1b:e7:
84:38:e8:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrgRdZGW4WwPpk/9aIUabzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwN2Q3NTczYWFjYWU4MjFjODdkNmQzNjQzMWNmZTRiMjgw
MWFiNDEwHhcNMjMwMTAxMDQwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTBjNDc3Y2Y4MjMyNTk4NjA5ZTY2NTI0YzlkMjc3Mzk5ZTcwNmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgLP04o3HKdrdAo10LLgT42SbvtUR
+YiJ3SSTaqqb7YEAdmP6ccV1+I2VaJ7ON1kp+FGd62Ni0bdMyadfSGtpwH3+QSF3
jutR7lbwu7v/teHZ4hjDPKCLlLJeVdINzR5WR8sqtMTWbHbWcrzVH1BUq8B/gI8B
q8vQm3t7I1MX7vB2+hoEKdPSVVrEF/IObyfGaHEnG5p51RuNMHOOequZnTIStHW/
oXrHI5UEcfAecAq4r+Fb5OgiyGqq/NqPXrlcK1rAkbIXmWQZn/PUQCaN71bgnjFj
gny8AiOYgdfLVBAFYxU85DgR7mhijQaNWvDVpF8FqbNLvQAHYr1oFIKrjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEkMR3z4IyWYYJ5mUkydJ3OZ5wa3MB8GA1UdIwQY
MBaAFNB9dXOqyughyH1tNkMc/ksoAatBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEgxMWM2cks2Q0hJZlcwMlF4ei1TeWdCcTBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi81NzI1Y2MtYWQ3MC00NmY4LWJiNjIt
Y2Y5ZGM1YmFhYTc5LzEvU1F4SGZQZ2pKWmhnbm1aU1RKMG5jNW5uQnJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi81NzI1Y2MtYWQ3MC00NmY4LWJiNjItY2Y5ZGM1YmFhYTc5
LzEvMEgxMWM2cks2Q0hJZlcwMlF4ei1TeWdCcTBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1ZFgMA0G
CSqGSIb3DQEBCwUAA4IBAQAwE3Y5KGuq12PiHMfrlQNcAda3lWh8yEw4mEVAkhN1
+4q5w6YglvRIf5DAlABKv1Ja4+7UVoGr//bl9iSFftoVttlHBQLUIVhkREItf7Rg
j27LQpHTivB7EcAHZkil81l+9NYcwf2bykqY1ZIKZK/e4Q2Hq8xUpiW/xwMx2SHc
iXUh30d1C09PVR+L6NyaA/hrejojS/uAPKbUOo0ZzfBnkj1w9Cc7QavD9zkVTet+
JaScug2SErAryboa87Fnf862Xoms0nk7p9PSU2dCilXl2YcMnF5FmRasns5EQqZi
X3lQKv063kWkk1RbJX3TjStkdOi8mxYxMMoOG+eEOOh1
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:18:52 2025 by rpki-client