Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/097111-3098-4cf7-ac0f-9f7e0f862f1e/1/dQ9KnmA5WWKmcHqe_hl_mXy8zJ8.roa
File: dQ9KnmA5WWKmcHqe_hl_mXy8zJ8.roa (raw, json)
Hash identifier: Z5aLqPryksHwGKL3ZFiHy6igxEPED6hXddf7t4X40BA=
Subject key identifier: 75:0F:4A:9E:60:39:59:62:A6:70:7A:9E:FE:19:7F:99:7C:BC:CC:9F
Certificate issuer: /CN=0d4ee193b301665b56f6780f225fd44d144093af
Certificate serial: 40516976
Authority key identifier: 0D:4E:E1:93:B3:01:66:5B:56:F6:78:0F:22:5F:D4:4D:14:40:93:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DU7hk7MBZltW9ngPIl_UTRRAk68.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/097111-3098-4cf7-ac0f-9f7e0f862f1e/1/dQ9KnmA5WWKmcHqe_hl_mXy8zJ8.roa
Signing time: Sat 01 Jan 2022 03:56:03 +0000
ROA not before: Sat 01 Jan 2022 03:56:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12833
IP address blocks: 193.236.100.0/23 maxlen: 23
2001:7f8:a::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1079077238 (0x40516976)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d4ee193b301665b56f6780f225fd44d144093af
Validity
Not Before: Jan 1 03:56:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=750f4a9e60395962a6707a9efe197f997cbccc9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:c2:d7:23:b9:dd:31:ba:2a:87:d6:3a:d6:76:
9e:2f:bc:3c:28:bf:ea:60:7f:ec:79:4b:f7:62:d9:
63:8f:e8:d9:e4:30:0d:33:6d:a1:78:dd:46:54:43:
a1:e1:e3:54:1f:7d:bf:4a:40:c1:8b:f2:ff:80:c9:
2f:b9:7a:71:53:ba:b8:c2:6e:21:b3:57:36:78:67:
32:98:a0:db:52:d9:17:ba:04:26:dd:75:b4:a9:fd:
05:aa:19:5c:d7:c3:ac:74:f0:08:7b:d3:05:51:8e:
63:f2:51:4e:5e:7a:7a:40:91:33:3f:12:82:ff:2e:
1e:ec:18:0c:e5:8a:b6:a8:58:b5:d1:f2:38:42:d5:
e3:fd:be:cc:94:d1:ba:d3:4b:3d:f8:26:74:c7:eb:
73:ec:80:a0:2f:d3:ab:18:e2:42:d9:6e:ae:5c:c9:
69:a2:99:b7:01:0e:df:5a:bf:aa:d8:99:ec:2f:54:
8a:3f:bf:c9:d2:fb:2b:ad:ef:a6:c6:30:a9:ba:34:
93:e2:f1:36:d9:af:77:41:22:8f:30:e5:02:fb:7c:
42:7e:63:3a:65:6e:25:b2:ef:c6:c5:09:67:96:bf:
32:bd:05:8c:1e:a2:34:dd:e5:fc:5a:8c:c6:31:89:
f0:63:3d:95:82:1b:02:64:56:df:8b:a6:4c:48:cd:
ed:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:0F:4A:9E:60:39:59:62:A6:70:7A:9E:FE:19:7F:99:7C:BC:CC:9F
X509v3 Authority Key Identifier:
keyid:0D:4E:E1:93:B3:01:66:5B:56:F6:78:0F:22:5F:D4:4D:14:40:93:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DU7hk7MBZltW9ngPIl_UTRRAk68.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/097111-3098-4cf7-ac0f-9f7e0f862f1e/1/dQ9KnmA5WWKmcHqe_hl_mXy8zJ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/097111-3098-4cf7-ac0f-9f7e0f862f1e/1/DU7hk7MBZltW9ngPIl_UTRRAk68.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.236.100.0/23
IPv6:
2001:7f8:a::/48
Signature Algorithm: sha256WithRSAEncryption
a8:4d:72:bc:fb:84:62:5d:aa:5e:94:5f:9e:96:9a:c4:1c:f5:
c3:45:d3:4d:01:0c:a5:bb:a7:c5:b9:d5:73:74:8f:82:f4:49:
3e:94:3e:53:2c:23:27:9a:4a:ee:6a:66:c0:9b:0c:d7:84:bd:
34:bd:d7:41:65:22:23:68:ac:4d:f2:4d:6d:da:12:eb:40:b4:
ca:a0:52:c5:86:87:c3:e8:b4:8c:93:2a:1a:4b:28:7a:62:52:
e9:6f:b5:a1:1a:06:28:e4:c6:96:ff:e3:b9:1a:bd:57:e3:00:
8e:ce:a4:2d:a6:79:54:8a:4a:f6:4f:ac:9a:73:50:86:58:d0:
66:d0:99:15:d5:dc:f6:f9:68:af:fb:61:b5:52:da:e4:10:fa:
ed:1c:30:d6:ba:8b:6f:10:62:94:15:71:33:5a:0a:38:e4:bc:
c9:13:2e:4a:29:bc:44:1e:55:06:55:42:be:37:2f:76:fa:50:
0a:8d:70:df:45:21:a6:23:ee:c9:6f:92:ff:81:a7:fc:a7:5f:
41:cd:cd:0f:04:44:fb:63:f4:51:fa:8b:81:fd:e9:a9:d0:e0:
47:b9:65:ca:9e:3f:ce:35:75:1f:08:0c:73:68:86:75:7a:8b:
83:4f:9b:62:93:3e:bb:76:fa:a6:7c:93:a0:de:9b:12:7d:fa:
e8:87:b8:61
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEQFFpdjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZDRlZTE5M2IzMDE2NjViNTZmNjc4MGYyMjVmZDQ0ZDE0NDA5M2FmMB4XDTIyMDEw
MTAzNTYwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzUwZjRhOWU2MDM5
NTk2MmE2NzA3YTllZmUxOTdmOTk3Y2JjY2M5ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANDC1yO53TG6KofWOtZ2ni+8PCi/6mB/7HlL92LZY4/o2eQw
DTNtoXjdRlRDoeHjVB99v0pAwYvy/4DJL7l6cVO6uMJuIbNXNnhnMpig21LZF7oE
Jt11tKn9BaoZXNfDrHTwCHvTBVGOY/JRTl56ekCRMz8Sgv8uHuwYDOWKtqhYtdHy
OELV4/2+zJTRutNLPfgmdMfrc+yAoC/TqxjiQtlurlzJaaKZtwEO31q/qtiZ7C9U
ij+/ydL7K63vpsYwqbo0k+LxNtmvd0EijzDlAvt8Qn5jOmVuJbLvxsUJZ5a/Mr0F
jB6iNN3l/FqMxjGJ8GM9lYIbAmRW34umTEjN7bkCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBR1D0qeYDlZYqZwep7+GX+ZfLzMnzAfBgNVHSMEGDAWgBQNTuGTswFmW1b2
eA8iX9RNFECTrzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RVN2hrN01CWmx0VzluZ1BJbF9VVFJSQWs2OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTcvMDk3MTExLTMwOTgtNGNmNy1hYzBmLTlmN2UwZjg2MmYxZS8x
L2RROUtubUE1V1dLbWNIcWVfaGxfbVh5OHpKOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTcv
MDk3MTExLTMwOTgtNGNmNy1hYzBmLTlmN2UwZjg2MmYxZS8xL0RVN2hrN01CWmx0
VzluZ1BJbF9VVFJSQWs2OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAcHsZDAPBAIAAjAJAwcAIAEH+AAK
MA0GCSqGSIb3DQEBCwUAA4IBAQCoTXK8+4RiXapelF+elprEHPXDRdNNAQylu6fF
udVzdI+C9Ek+lD5TLCMnmkruambAmwzXhL00vddBZSIjaKxN8k1t2hLrQLTKoFLF
hofD6LSMkyoaSyh6YlLpb7WhGgYo5MaW/+O5Gr1X4wCOzqQtpnlUikr2T6yac1CG
WNBm0JkV1dz2+Wiv+2G1UtrkEPrtHDDWuotvEGKUFXEzWgo45LzJEy5KKbxEHlUG
VUK+Ny92+lAKjXDfRSGmI+7Jb5L/gaf8p19Bzc0PBET7Y/RR+ouB/emp0OBHuWXK
nj/ONXUfCAxzaIZ1eouDT5tikz67dvqmfJOg3psSffroh7hh
-----END CERTIFICATE-----
Generated at Tue Apr 8 01:27:59 2025 by rpki-client