Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/e6f5d7-1be1-4851-b994-1a143e971cee/1/Q8JifUI1lYyUDywK8h-3NaXTvFI.roa
File: Q8JifUI1lYyUDywK8h-3NaXTvFI.roa (raw, json)
Hash identifier: 3S+88PHsif2oV2FOB2p9oLwDPTgM6PwRAdE4+gRS+pQ=
Subject key identifier: 43:C2:62:7D:42:35:95:8C:94:0F:2C:0A:F2:1F:B7:35:A5:D3:BC:52
Certificate issuer: /CN=1a5073145b926e9a6905eba918e21eb4cf1cae10
Certificate serial: 1104F1A0
Authority key identifier: 1A:50:73:14:5B:92:6E:9A:69:05:EB:A9:18:E2:1E:B4:CF:1C:AE:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GlBzFFuSbpppBeupGOIetM8crhA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/e6f5d7-1be1-4851-b994-1a143e971cee/1/Q8JifUI1lYyUDywK8h-3NaXTvFI.roa
Signing time: Sat 01 Jan 2022 01:50:47 +0000
ROA not before: Sat 01 Jan 2022 01:50:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43061
IP address blocks: 77.94.128.0/19 maxlen: 19
2a02:d90::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 285536672 (0x1104f1a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a5073145b926e9a6905eba918e21eb4cf1cae10
Validity
Not Before: Jan 1 01:50:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=43c2627d4235958c940f2c0af21fb735a5d3bc52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:46:b5:38:03:32:bf:f7:ef:79:b3:fe:99:f3:
2b:ce:a3:4c:36:78:47:a9:14:57:7c:56:3c:2b:7c:
75:78:30:f1:7c:38:03:ca:d7:38:7d:5e:a5:97:a4:
9e:51:f9:3d:44:11:81:1b:76:79:72:be:72:91:8a:
5e:ff:05:62:e3:37:c0:45:10:f4:e9:ac:fe:f1:20:
ca:71:54:66:bc:3c:9c:28:dd:bf:0a:39:0c:fa:a3:
0c:84:d1:39:52:5d:34:dd:9e:d7:bb:32:8a:69:4f:
52:0c:d8:19:76:00:12:dd:6d:f5:8c:a4:6e:52:5e:
e8:5b:6a:2d:0a:d0:5d:a5:ea:ed:a1:0c:d5:d7:de:
88:e3:47:da:45:5f:b5:57:f3:c8:b0:ee:6b:09:2e:
e4:68:0a:73:a6:01:e0:fb:6e:8b:39:70:7f:9f:09:
04:cc:66:12:c2:15:c6:70:14:5b:3d:68:d9:07:c2:
81:e2:52:21:1c:d9:97:f4:95:8a:b4:e2:24:3d:54:
a8:93:85:c4:75:a0:10:ac:e0:73:d1:9a:ab:d1:c0:
bc:70:fa:80:b9:f8:3d:1b:02:77:d4:d7:e2:ab:28:
bc:e0:59:3e:8c:c4:09:8e:a5:ca:38:67:0c:e0:a3:
0d:be:60:06:05:4f:57:dd:e9:5a:07:90:27:5a:a7:
dc:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:C2:62:7D:42:35:95:8C:94:0F:2C:0A:F2:1F:B7:35:A5:D3:BC:52
X509v3 Authority Key Identifier:
keyid:1A:50:73:14:5B:92:6E:9A:69:05:EB:A9:18:E2:1E:B4:CF:1C:AE:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GlBzFFuSbpppBeupGOIetM8crhA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/e6f5d7-1be1-4851-b994-1a143e971cee/1/Q8JifUI1lYyUDywK8h-3NaXTvFI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/e6f5d7-1be1-4851-b994-1a143e971cee/1/GlBzFFuSbpppBeupGOIetM8crhA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.94.128.0/19
IPv6:
2a02:d90::/32
Signature Algorithm: sha256WithRSAEncryption
6e:69:16:de:d9:33:27:ae:3b:6e:35:93:26:8b:12:30:4e:1d:
9b:2f:32:a0:6d:f9:f9:f8:7d:09:87:79:2a:5c:8b:3b:cf:cc:
1a:e3:97:35:a7:cf:be:c4:0d:17:9f:4d:8b:c1:90:bf:3c:bc:
ef:21:62:6c:ff:3b:3c:76:b0:f1:82:80:d0:02:b0:7e:05:90:
b9:66:cc:07:e2:7f:33:db:de:de:32:d9:61:29:ac:5a:bc:b5:
59:b1:87:71:c5:44:7e:67:5e:02:b6:b8:08:d5:d0:bf:8b:73:
fa:2d:5c:e6:dd:d8:56:ae:68:42:3e:09:5b:a3:81:86:0f:c6:
49:64:75:3d:29:cd:13:49:3e:0a:b5:63:1d:e2:af:2d:3d:48:
03:ec:b3:0f:92:7f:e0:08:6f:15:66:02:51:54:fa:68:98:24:
43:8d:44:6d:b9:27:3d:f3:73:61:d8:14:58:2d:e9:b8:c8:b2:
75:d4:4b:f4:b2:06:83:55:38:75:13:7b:93:49:37:9f:50:8f:
55:f2:a7:ae:f9:bd:c1:49:92:1c:96:b0:7e:2f:80:46:d4:84:
15:5a:55:04:cc:e9:63:5b:c7:55:06:77:2e:63:c7:dd:84:3d:
a3:56:1c:6a:13:e5:14:95:2c:63:07:72:01:2b:5a:6e:c0:ee:
56:4d:79:1a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEEQTxoDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YTUwNzMxNDViOTI2ZTlhNjkwNWViYTkxOGUyMWViNGNmMWNhZTEwMB4XDTIyMDEw
MTAxNTA0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDNjMjYyN2Q0MjM1
OTU4Yzk0MGYyYzBhZjIxZmI3MzVhNWQzYmM1MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANhGtTgDMr/373mz/pnzK86jTDZ4R6kUV3xWPCt8dXgw8Xw4
A8rXOH1epZeknlH5PUQRgRt2eXK+cpGKXv8FYuM3wEUQ9Oms/vEgynFUZrw8nCjd
vwo5DPqjDITROVJdNN2e17syimlPUgzYGXYAEt1t9YykblJe6FtqLQrQXaXq7aEM
1dfeiONH2kVftVfzyLDuawku5GgKc6YB4Ptuizlwf58JBMxmEsIVxnAUWz1o2QfC
geJSIRzZl/SVirTiJD1UqJOFxHWgEKzgc9Gaq9HAvHD6gLn4PRsCd9TX4qsovOBZ
PozECY6lyjhnDOCjDb5gBgVPV93pWgeQJ1qn3FcCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRDwmJ9QjWVjJQPLAryH7c1pdO8UjAfBgNVHSMEGDAWgBQaUHMUW5JummkF
66kY4h60zxyuEDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dsQnpGRnVTYnBwcEJldXBHT0lldE04Y3JoQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjAvZTZmNWQ3LTFiZTEtNDg1MS1iOTk0LTFhMTQzZTk3MWNlZS8x
L1E4SmlmVUkxbFl5VUR5d0s4aC0zTmFYVHZGSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjAv
ZTZmNWQ3LTFiZTEtNDg1MS1iOTk0LTFhMTQzZTk3MWNlZS8xL0dsQnpGRnVTYnBw
cEJldXBHT0lldE04Y3JoQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEBU1egDANBAIAAjAHAwUAKgINkDAN
BgkqhkiG9w0BAQsFAAOCAQEAbmkW3tkzJ647bjWTJosSME4dmy8yoG35+fh9CYd5
KlyLO8/MGuOXNafPvsQNF59Ni8GQvzy87yFibP87PHaw8YKA0AKwfgWQuWbMB+J/
M9ve3jLZYSmsWry1WbGHccVEfmdeAra4CNXQv4tz+i1c5t3YVq5oQj4JW6OBhg/G
SWR1PSnNE0k+CrVjHeKvLT1IA+yzD5J/4AhvFWYCUVT6aJgkQ41EbbknPfNzYdgU
WC3puMiyddRL9LIGg1U4dRN7k0k3n1CPVfKnrvm9wUmSHJawfi+ARtSEFVpVBMzp
Y1vHVQZ3LmPH3YQ9o1YcahPlFJUsYwdyAStabsDuVk15Gg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:06:47 2025 by rpki-client