Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/QwfbafKfbvcQawQGJ40ZrOgHigU.roa
File: QwfbafKfbvcQawQGJ40ZrOgHigU.roa (raw, json)
Hash identifier: 0bXxOeKwTEDvG6T+3NCMFEDAi4lTq2KGx3wDWodvYok=
Subject key identifier: 43:07:DB:69:F2:9F:6E:F7:10:6B:04:06:27:8D:19:AC:E8:07:8A:05
Certificate issuer: /CN=1e9fdc7fb39ebbbed4ee54f703d3ac6153ddee69
Certificate serial: 018B75AE40C23B436BB820EBBAE1AA9EDB47
Authority key identifier: 1E:9F:DC:7F:B3:9E:BB:BE:D4:EE:54:F7:03:D3:AC:61:53:DD:EE:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/QwfbafKfbvcQawQGJ40ZrOgHigU.roa
Signing time: Sat 28 Oct 2023 09:47:15 +0000
ROA not before: Sat 28 Oct 2023 09:47:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62300
IP address blocks: 185.232.17.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:75:ae:40:c2:3b:43:6b:b8:20:eb:ba:e1:aa:9e:db:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e9fdc7fb39ebbbed4ee54f703d3ac6153ddee69
Validity
Not Before: Oct 28 09:47:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4307db69f29f6ef7106b0406278d19ace8078a05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:fb:41:80:fd:9e:f7:f5:19:e7:2c:e1:37:ab:
e0:03:49:e8:54:7c:b6:c2:7a:b5:01:67:48:4c:cc:
d2:ba:ef:98:43:3a:d3:d1:d4:14:d8:56:3f:98:f0:
51:d1:3d:18:7f:67:dd:5d:4c:98:de:56:d0:ef:f9:
51:e6:9e:0f:2d:50:da:c4:fb:e1:9b:48:9c:bd:e7:
8e:54:60:55:f8:e0:4f:ad:8c:96:2c:42:6b:1f:ff:
78:8c:4d:7f:95:45:bd:0d:ce:71:2c:45:10:2d:12:
de:61:75:bb:04:a6:6a:f7:ba:06:05:bd:d1:f5:15:
56:3e:01:02:cf:c5:fd:6b:a7:6e:1d:96:2a:3b:e9:
77:c4:9f:c5:d4:53:ec:1a:bf:36:98:b3:90:83:bd:
6b:83:1d:74:21:cd:6a:bb:68:2f:ea:98:bb:c8:ad:
2c:ef:e2:1b:c1:dd:6e:b1:6e:d9:0f:d3:9a:43:ab:
df:ef:b3:8f:f2:20:d3:5c:ab:d4:c4:59:c2:97:01:
74:56:e3:1b:e8:de:ab:43:36:89:7b:56:a3:03:18:
ae:c0:de:c1:bf:ce:fb:3e:bd:fa:6b:e7:b8:a5:9a:
4a:ef:64:83:c6:13:bf:1b:a9:6b:6b:aa:ff:68:98:
ca:e8:d3:d2:0b:19:ae:95:64:db:b5:1a:2f:06:87:
8e:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:07:DB:69:F2:9F:6E:F7:10:6B:04:06:27:8D:19:AC:E8:07:8A:05
X509v3 Authority Key Identifier:
keyid:1E:9F:DC:7F:B3:9E:BB:BE:D4:EE:54:F7:03:D3:AC:61:53:DD:EE:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/QwfbafKfbvcQawQGJ40ZrOgHigU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.232.17.0/24
Signature Algorithm: sha256WithRSAEncryption
93:07:a6:b5:66:5e:7a:56:35:45:d3:2e:3a:17:37:e6:cf:ad:
dd:65:55:94:f1:b2:78:da:6c:11:9c:d6:7c:3d:d1:74:a1:0d:
53:20:f1:8b:9a:f6:07:ec:4a:13:27:46:8b:7d:1c:a7:72:7e:
2f:d9:31:3c:f2:07:bc:29:6f:e0:0e:7f:3e:b1:b3:52:fa:74:
b6:69:13:d0:f7:31:2e:99:d3:22:16:0f:d6:10:9e:f9:8e:d8:
f6:e7:73:b4:04:7c:58:fe:cf:eb:62:ce:d8:3f:a1:8b:2d:82:
dd:52:0c:ad:4f:91:1e:19:93:7f:b7:7a:ac:2e:9b:4e:72:bc:
22:2c:c2:5a:f2:c0:11:b6:b8:90:42:d1:aa:13:9f:f2:4c:3e:
04:6d:16:ea:ba:f2:0f:a9:fd:ee:66:48:eb:cb:ec:c6:68:7c:
63:3c:d9:05:38:ad:d8:45:79:bf:8d:e4:54:24:42:e8:8b:24:
01:42:df:34:6f:62:29:49:e5:db:9a:7a:55:58:41:13:e4:0d:
0d:e8:0d:4f:69:24:e3:f1:0a:3f:10:9f:28:93:69:e7:20:41:
3e:b1:70:7b:09:5d:03:4e:ad:99:f4:97:6b:9b:72:66:a8:2b:
15:64:93:c8:c7:e2:52:7d:6e:82:fe:e8:a6:9d:ce:33:13:9a:
d6:71:5f:1c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYt1rkDCO0NruCDruuGqnttHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOWZkYzdmYjM5ZWJiYmVkNGVlNTRmNzAzZDNhYzYxNTNk
ZGVlNjkwHhcNMjMxMDI4MDk0NzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzA3ZGI2OWYyOWY2ZWY3MTA2YjA0MDYyNzhkMTlhY2U4MDc4YTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ftBgP2e9/UZ5yzhN6vgA0noVHy2
wnq1AWdITMzSuu+YQzrT0dQU2FY/mPBR0T0Yf2fdXUyY3lbQ7/lR5p4PLVDaxPvh
m0icveeOVGBV+OBPrYyWLEJrH/94jE1/lUW9Dc5xLEUQLRLeYXW7BKZq97oGBb3R
9RVWPgECz8X9a6duHZYqO+l3xJ/F1FPsGr82mLOQg71rgx10Ic1qu2gv6pi7yK0s
7+Ibwd1usW7ZD9OaQ6vf77OP8iDTXKvUxFnClwF0VuMb6N6rQzaJe1ajAxiuwN7B
v877Pr36a+e4pZpK72SDxhO/G6lra6r/aJjK6NPSCxmulWTbtRovBoeOKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEMH22nyn273EGsEBieNGazoB4oFMB8GA1UdIwQY
MBaAFB6f3H+znru+1O5U9wPTrGFT3e5pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHBfY2Y3T2V1NzdVN2xUM0E5T3NZVlBkN21rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS80MGZkZDEtMTA5Mi00ZjY5LWI2NDgt
NjkxZmY1YjQ0YjAxLzEvUXdmYmFmS2ZidmNRYXdRR0o0MFpyT2dIaWdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS80MGZkZDEtMTA5Mi00ZjY5LWI2NDgtNjkxZmY1YjQ0YjAx
LzEvSHBfY2Y3T2V1NzdVN2xUM0E5T3NZVlBkN21rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuegRMA0G
CSqGSIb3DQEBCwUAA4IBAQCTB6a1Zl56VjVF0y46Fzfmz63dZVWU8bJ42mwRnNZ8
PdF0oQ1TIPGLmvYH7EoTJ0aLfRyncn4v2TE88ge8KW/gDn8+sbNS+nS2aRPQ9zEu
mdMiFg/WEJ75jtj253O0BHxY/s/rYs7YP6GLLYLdUgytT5EeGZN/t3qsLptOcrwi
LMJa8sARtriQQtGqE5/yTD4EbRbquvIPqf3uZkjry+zGaHxjPNkFOK3YRXm/jeRU
JELoiyQBQt80b2IpSeXbmnpVWEET5A0N6A1PaSTj8Qo/EJ8ok2nnIEE+sXB7CV0D
Tq2Z9Jdrm3JmqCsVZJPIx+JSfW6C/uimnc4zE5rWcV8c
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:44:56 2025 by rpki-client