Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/6453c4-6687-4ef9-9fdc-a88bb7805b09/1/qjEe1OQiglju3hH-BgPkVYdB9Hw.roa
File: qjEe1OQiglju3hH-BgPkVYdB9Hw.roa (raw, json)
Hash identifier: gIZqaR6h3YA/JkIY7cnSYKf1DSAd23oh6hhQcQgKlgw=
Subject key identifier: AA:31:1E:D4:E4:22:82:58:EE:DE:11:FE:06:03:E4:55:87:41:F4:7C
Certificate issuer: /CN=d2ef46a4134194e72423d572a1b66d4a9d2e4c13
Certificate serial: 01889AC91EAA53150EAA853E4C36834B9C63
Authority key identifier: D2:EF:46:A4:13:41:94:E7:24:23:D5:72:A1:B6:6D:4A:9D:2E:4C:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0u9GpBNBlOckI9VyobZtSp0uTBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/6453c4-6687-4ef9-9fdc-a88bb7805b09/1/qjEe1OQiglju3hH-BgPkVYdB9Hw.roa
Signing time: Thu 08 Jun 2023 11:34:11 +0000
ROA not before: Thu 08 Jun 2023 11:34:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202629
IP address blocks: 185.235.28.0/24 maxlen: 24
185.235.28.0/23 maxlen: 24
185.235.28.0/22 maxlen: 24
185.235.31.0/24 maxlen: 24
185.235.30.0/24 maxlen: 24
185.235.30.0/23 maxlen: 24
185.235.29.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:9a:c9:1e:aa:53:15:0e:aa:85:3e:4c:36:83:4b:9c:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2ef46a4134194e72423d572a1b66d4a9d2e4c13
Validity
Not Before: Jun 8 11:34:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa311ed4e4228258eede11fe0603e4558741f47c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:4d:8e:0b:c4:d0:b3:17:1a:d0:7e:fd:06:13:
44:30:cf:ee:5f:f9:47:0b:d2:23:9c:ae:3e:bc:10:
bf:95:64:5c:b5:f4:8d:83:cc:e3:bc:99:2b:c1:1c:
9f:61:32:cf:63:93:0e:91:a9:d8:38:07:f2:c2:29:
e2:73:e5:4f:d7:93:51:19:da:f8:19:9d:b4:e4:f2:
3e:f1:3e:1f:86:a8:c6:68:53:1a:1e:2b:67:95:90:
ea:6a:9a:ad:4b:cd:26:ee:eb:b5:34:f3:04:1a:a9:
cb:df:fb:03:2c:07:e8:8c:3c:d1:b5:04:87:30:bd:
b0:a5:35:1b:ea:3b:17:a8:2b:13:45:9b:17:d4:37:
0a:d9:11:11:a3:26:12:60:96:03:c9:5f:67:42:cf:
4f:2f:53:bd:cd:4e:d5:18:5a:59:e4:db:3f:d0:30:
94:73:ac:cb:c3:76:ae:84:88:96:08:41:12:cc:86:
d7:19:96:2c:36:29:d3:22:52:7f:84:a3:b5:17:3e:
82:60:38:84:4b:12:f4:6b:88:9f:bf:19:9a:50:fd:
8b:99:7a:b9:a5:62:a0:02:94:c4:76:81:fb:7f:3d:
da:eb:dd:e1:b8:54:23:d5:0d:bc:62:ca:3a:6f:19:
d7:06:46:c1:fa:31:19:23:53:01:a0:a2:90:e0:b6:
52:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:31:1E:D4:E4:22:82:58:EE:DE:11:FE:06:03:E4:55:87:41:F4:7C
X509v3 Authority Key Identifier:
keyid:D2:EF:46:A4:13:41:94:E7:24:23:D5:72:A1:B6:6D:4A:9D:2E:4C:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0u9GpBNBlOckI9VyobZtSp0uTBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/6453c4-6687-4ef9-9fdc-a88bb7805b09/1/qjEe1OQiglju3hH-BgPkVYdB9Hw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/6453c4-6687-4ef9-9fdc-a88bb7805b09/1/0u9GpBNBlOckI9VyobZtSp0uTBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.235.28.0/22
Signature Algorithm: sha256WithRSAEncryption
d6:3b:8d:a9:12:f7:56:6c:e4:cf:12:fb:9e:ea:ce:0d:c4:59:
8f:5b:c3:e8:b6:cb:7c:b7:fd:83:26:bf:36:fa:4a:ad:12:8a:
d0:22:c3:7d:63:d8:55:a4:14:07:45:3c:e4:42:14:a2:49:46:
ec:31:57:32:e5:1e:ac:91:31:25:67:84:d1:cd:cb:3d:4a:e2:
72:4b:37:4d:4b:e7:94:7e:9a:d6:ca:ed:c1:35:75:3f:42:0e:
a2:83:91:21:62:c4:8d:f4:ef:bb:6c:d7:b3:22:77:1a:c8:cd:
6a:e7:ec:0c:29:e7:fd:32:c6:18:1d:2e:dd:11:82:27:ac:eb:
49:2b:57:a2:ca:d9:9b:b9:c6:4e:77:12:0d:9c:bc:1a:c0:e4:
43:cf:cb:0b:7a:ef:20:31:0c:6d:71:5c:82:d9:8d:c7:be:6b:
49:e1:af:09:47:06:ec:45:19:3f:ee:b7:e6:85:f4:e4:d3:cd:
8a:01:bb:d0:c7:55:84:01:39:a0:6c:50:39:5c:da:16:bb:b1:
36:10:59:1a:87:bf:56:88:06:80:98:3a:df:ff:c6:af:f9:3d:
34:9d:b0:d9:c1:6c:62:c1:14:d1:32:05:94:09:c0:57:7e:a1:
68:c6:7f:ab:d5:be:2a:a6:42:78:c5:46:1f:57:01:05:a2:d8:
c1:09:dc:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiayR6qUxUOqoU+TDaDS5xjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyZWY0NmE0MTM0MTk0ZTcyNDIzZDU3MmExYjY2ZDRhOWQy
ZTRjMTMwHhcNMjMwNjA4MTEzNDExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTMxMWVkNGU0MjI4MjU4ZWVkZTExZmUwNjAzZTQ1NTg3NDFmNDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr02OC8TQsxca0H79BhNEMM/uX/lH
C9IjnK4+vBC/lWRctfSNg8zjvJkrwRyfYTLPY5MOkanYOAfywinic+VP15NRGdr4
GZ205PI+8T4fhqjGaFMaHitnlZDqapqtS80m7uu1NPMEGqnL3/sDLAfojDzRtQSH
ML2wpTUb6jsXqCsTRZsX1DcK2RERoyYSYJYDyV9nQs9PL1O9zU7VGFpZ5Ns/0DCU
c6zLw3auhIiWCEESzIbXGZYsNinTIlJ/hKO1Fz6CYDiESxL0a4ifvxmaUP2LmXq5
pWKgApTEdoH7fz3a693huFQj1Q28Yso6bxnXBkbB+jEZI1MBoKKQ4LZS7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKoxHtTkIoJY7t4R/gYD5FWHQfR8MB8GA1UdIwQY
MBaAFNLvRqQTQZTnJCPVcqG2bUqdLkwTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHU5R3BCTkJsT2NrSTlWeW9iWnRTcDB1VEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS82NDUzYzQtNjY4Ny00ZWY5LTlmZGMt
YTg4YmI3ODA1YjA5LzEvcWpFZTFPUWlnbGp1M2hILUJnUGtWWWRCOUh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS82NDUzYzQtNjY4Ny00ZWY5LTlmZGMtYTg4YmI3ODA1YjA5
LzEvMHU5R3BCTkJsT2NrSTlWeW9iWnRTcDB1VEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuescMA0G
CSqGSIb3DQEBCwUAA4IBAQDWO42pEvdWbOTPEvue6s4NxFmPW8Potst8t/2DJr82
+kqtEorQIsN9Y9hVpBQHRTzkQhSiSUbsMVcy5R6skTElZ4TRzcs9SuJySzdNS+eU
fprWyu3BNXU/Qg6ig5EhYsSN9O+7bNezIncayM1q5+wMKef9MsYYHS7dEYInrOtJ
K1eiytmbucZOdxINnLwawORDz8sLeu8gMQxtcVyC2Y3HvmtJ4a8JRwbsRRk/7rfm
hfTk082KAbvQx1WEATmgbFA5XNoWu7E2EFkah79WiAaAmDrf/8av+T00nbDZwWxi
wRTRMgWUCcBXfqFoxn+r1b4qpkJ4xUYfVwEFotjBCdwk
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:57:22 2025 by rpki-client