Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/qpie0mF_75RpqvCgeZM1Rox4TDA.roa
File: qpie0mF_75RpqvCgeZM1Rox4TDA.roa (raw, json)
Hash identifier: b6U9JSigjll9zkmn//Q4NsnBd4gSavgqWfkkfrGKy0k=
Subject key identifier: AA:98:9E:D2:61:7F:EF:94:69:AA:F0:A0:79:93:35:46:8C:78:4C:30
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 27A91CFB
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/qpie0mF_75RpqvCgeZM1Rox4TDA.roa
Signing time: Sat 01 Jan 2022 16:08:32 +0000
ROA not before: Sat 01 Jan 2022 16:08:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49319
IP address blocks: 146.120.180.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 665394427 (0x27a91cfb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 1 16:08:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aa989ed2617fef9469aaf0a0799335468c784c30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:f8:3d:36:4b:25:1f:12:5c:5f:90:ae:70:10:
00:69:d0:03:0a:21:3a:28:c8:7f:f8:ff:50:3c:70:
74:fd:e8:9b:83:2e:07:5d:86:f1:f2:48:4f:f5:d0:
be:c4:75:74:50:56:58:ee:31:9e:f0:bd:a6:ff:b9:
cb:77:e4:fe:68:6c:8e:93:8b:19:9d:53:5a:d6:f1:
38:09:58:36:9d:cc:40:5c:a2:28:c4:ca:af:e3:c0:
8b:56:95:da:78:c1:f4:1f:cd:a6:69:6b:28:6e:a5:
28:b4:ba:bf:40:0f:46:74:14:c2:15:0e:f4:9e:d3:
97:fc:5a:df:62:d7:93:a5:f8:7e:e6:d2:26:f4:c8:
a1:cc:d6:cd:74:be:de:b2:dc:3e:5c:d9:dd:83:cd:
d2:fd:c4:4c:a2:ce:86:7a:50:04:05:c8:ce:0a:d1:
4d:cc:82:8e:5f:ea:a8:13:80:77:b0:ab:a3:92:51:
57:1f:c0:af:32:78:b6:b9:79:af:26:1b:ff:0c:0f:
5f:3c:92:f2:2e:c0:d2:ad:44:54:7d:e0:8c:10:51:
96:9d:6d:40:5e:98:67:ee:0c:97:46:6f:05:6b:ba:
f6:76:2a:02:12:d8:b6:58:cf:19:01:e1:ea:e0:5d:
da:cb:b0:b7:24:59:03:c4:55:c7:70:09:f4:d1:d7:
bd:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:98:9E:D2:61:7F:EF:94:69:AA:F0:A0:79:93:35:46:8C:78:4C:30
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/qpie0mF_75RpqvCgeZM1Rox4TDA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.180.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:54:8c:03:52:a9:c6:a4:d3:07:b4:11:09:8d:7a:3c:7e:6b:
9b:56:83:c4:57:b0:1e:d1:55:61:e8:d3:93:3b:40:31:08:d1:
4e:a9:e8:11:c3:d4:80:2e:77:59:fc:61:54:ba:4b:28:46:1f:
6d:ea:5f:ad:8a:62:d9:38:ce:97:9d:dd:aa:7b:66:ee:80:26:
b1:26:ac:17:cf:72:3d:b4:25:65:7e:e1:19:ad:aa:58:0e:1f:
7a:2f:7e:2e:06:2c:f7:89:7b:92:75:f0:a0:32:6d:7f:b7:f5:
e5:b1:f4:00:67:fa:47:2b:b2:ce:7d:de:14:0c:d5:de:eb:8e:
a9:57:ae:df:d1:d0:a5:57:60:7b:b3:b8:eb:ec:b2:d1:fc:8a:
9b:d3:e9:85:c5:75:d0:e7:2c:ad:70:da:7a:4d:c5:0b:24:40:
e7:b9:cb:44:07:ee:a3:5d:a3:54:b5:27:ab:b8:39:12:39:a1:
ba:cf:41:8b:2a:fe:a0:c0:a7:77:bf:0c:85:16:20:88:cc:3f:
5a:e3:f9:28:f6:65:ae:72:21:0b:d6:95:39:3c:bf:e5:ec:93:
ca:5c:0a:78:31:19:64:71:66:68:89:eb:df:b7:de:fd:73:e8:
47:67:54:b0:82:d2:39:4d:e4:b2:df:4d:64:e1:da:a4:1e:fe:
e8:ca:55:8f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEJ6kc+zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDkxMjJjMzU0MzhhNGViMjYyMzNmZGM2ZTRiYjFkZjJkYWFlZjQyMB4XDTIyMDEw
MTE2MDgzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWE5ODllZDI2MTdm
ZWY5NDY5YWFmMGEwNzk5MzM1NDY4Yzc4NGMzMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ74PTZLJR8SXF+QrnAQAGnQAwohOijIf/j/UDxwdP3om4Mu
B12G8fJIT/XQvsR1dFBWWO4xnvC9pv+5y3fk/mhsjpOLGZ1TWtbxOAlYNp3MQFyi
KMTKr+PAi1aV2njB9B/NpmlrKG6lKLS6v0APRnQUwhUO9J7Tl/xa32LXk6X4fubS
JvTIoczWzXS+3rLcPlzZ3YPN0v3ETKLOhnpQBAXIzgrRTcyCjl/qqBOAd7Cro5JR
Vx/ArzJ4trl5ryYb/wwPXzyS8i7A0q1EVH3gjBBRlp1tQF6YZ+4Ml0ZvBWu69nYq
AhLYtljPGQHh6uBd2suwtyRZA8RVx3AJ9NHXvWkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSqmJ7SYX/vlGmq8KB5kzVGjHhMMDAfBgNVHSMEGDAWgBR0kSLDVDik6yYj
P9xuS7HfLarvQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RKRWl3MVE0cE9zbUl6X2Nia3V4M3kycTcwSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTgvMThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8x
L3FwaWUwbUZfNzVScHF2Q2dlWk0xUm94NFREQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgv
MThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8xL2RKRWl3MVE0cE9z
bUl6X2Nia3V4M3kycTcwSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEApJ4tDANBgkqhkiG9w0BAQsFAAOC
AQEALFSMA1KpxqTTB7QRCY16PH5rm1aDxFewHtFVYejTkztAMQjRTqnoEcPUgC53
WfxhVLpLKEYfbepfrYpi2TjOl53dqntm7oAmsSasF89yPbQlZX7hGa2qWA4fei9+
LgYs94l7knXwoDJtf7f15bH0AGf6Ryuyzn3eFAzV3uuOqVeu39HQpVdge7O46+yy
0fyKm9PphcV10OcsrXDaek3FCyRA57nLRAfuo12jVLUnq7g5Ejmhus9Biyr+oMCn
d78MhRYgiMw/WuP5KPZlrnIhC9aVOTy/5eyTylwKeDEZZHFmaInr37fe/XPoR2dU
sILSOU3kst9NZOHapB7+6MpVjw==
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:00:53 2025 by rpki-client