Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/QNzTHFfrthVSJVEzFTPDr6qpNG8.roa
File: QNzTHFfrthVSJVEzFTPDr6qpNG8.roa (raw, json)
Hash identifier: umb/uyd8u4Hs3MT5pe+LBfYOeF9Qmf0ZnxUE3Jy82W4=
Subject key identifier: 40:DC:D3:1C:57:EB:B6:15:52:25:51:33:15:33:C3:AF:AA:A9:34:6F
Certificate issuer: /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial: 018B9E3159F47D46996684783EE6FC3FD3E0
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/QNzTHFfrthVSJVEzFTPDr6qpNG8.roa
Signing time: Sun 05 Nov 2023 06:35:16 +0000
ROA not before: Sun 05 Nov 2023 06:35:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209181
IP address blocks: 81.21.2.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:9e:31:59:f4:7d:46:99:66:84:78:3e:e6:fc:3f:d3:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
Validity
Not Before: Nov 5 06:35:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40dcd31c57ebb615522551331533c3afaaa9346f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:64:ed:3e:ef:0b:d6:12:a1:d6:93:08:18:e0:
1e:a6:98:e4:ef:ff:bc:04:65:a3:3a:f5:8f:04:fd:
d5:05:95:92:23:6e:d4:62:7f:68:f2:84:77:aa:e7:
b4:4a:73:e8:3a:17:ed:6c:5f:76:68:b0:9c:14:8c:
50:b4:36:63:b2:84:7f:a7:b6:93:6d:0d:38:be:24:
0c:a7:f0:cf:20:e4:d1:e1:ad:e1:8f:f4:85:c2:54:
b3:0c:ff:5b:8c:dc:c6:9b:00:eb:06:1c:dd:d8:f1:
0a:43:d3:e3:9c:bf:f8:07:dd:fc:67:59:f3:c3:15:
8e:03:8a:ff:d3:f0:f6:34:bb:08:6a:0f:ac:39:69:
16:aa:14:c2:20:ce:e7:f8:80:f2:dd:0a:eb:a6:eb:
61:23:d6:7f:30:ea:b9:44:d7:f9:80:88:8c:8b:09:
de:2c:29:31:ac:46:b5:ca:73:a5:50:f9:80:6e:99:
ec:a6:f1:80:91:14:66:8b:a7:da:8a:15:a9:07:dd:
1c:77:13:42:f9:18:dc:34:22:f4:d7:40:76:bc:3c:
f9:45:58:51:05:db:47:44:b3:a5:4d:06:96:dd:3a:
2f:4a:59:1f:a3:c8:78:58:80:5d:fb:23:1e:f6:a7:
03:3a:04:d5:b9:5b:e9:a7:96:b7:e9:4b:c4:41:84:
26:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:DC:D3:1C:57:EB:B6:15:52:25:51:33:15:33:C3:AF:AA:A9:34:6F
X509v3 Authority Key Identifier:
keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/QNzTHFfrthVSJVEzFTPDr6qpNG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.21.2.0/24
Signature Algorithm: sha256WithRSAEncryption
11:b3:ad:07:77:cf:50:82:89:61:bc:37:91:2e:76:d8:b0:b8:
c1:31:9f:40:de:bd:3c:11:7e:db:c9:4c:bb:73:6c:73:39:1b:
84:6a:7f:ee:de:dc:b6:f2:db:d2:61:52:4c:08:50:f5:12:98:
d1:4f:51:3e:ce:c2:0f:5b:27:59:14:d1:70:83:a1:c0:73:5d:
b4:3e:b0:8e:56:53:43:0c:52:0d:e4:11:5a:b2:79:e0:a4:74:
c3:51:65:a2:26:e3:20:ff:54:a0:0f:18:f5:ab:61:9c:6a:64:
1e:d3:74:4b:82:e4:b8:a9:53:34:4a:43:11:1e:78:e4:20:71:
65:d9:78:d8:35:b7:29:fb:50:d2:97:fc:68:44:25:3d:27:cc:
04:c2:bb:15:db:51:50:a0:db:8a:7d:1e:3c:bf:ae:05:5f:fc:
c1:67:09:97:5c:13:d4:27:b9:10:71:40:9e:ad:90:a3:aa:ef:
ae:0d:4b:94:15:6c:ea:d4:f0:55:36:1d:b2:e8:95:41:45:ac:
5e:ef:f8:bc:35:6d:cb:8f:af:0e:ec:a2:8d:96:73:a5:77:5e:
ea:01:c8:e0:66:46:a7:44:7b:44:d4:a3:13:c5:15:29:b6:e8:
90:2c:3a:bd:b5:aa:ee:30:dc:ca:59:e6:23:41:3a:df:18:02:
dc:cf:9d:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYueMVn0fUaZZoR4Pub8P9PgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjMxMTA1MDYzNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGRjZDMxYzU3ZWJiNjE1NTIyNTUxMzMxNTMzYzNhZmFhYTkzNDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGTtPu8L1hKh1pMIGOAeppjk7/+8
BGWjOvWPBP3VBZWSI27UYn9o8oR3que0SnPoOhftbF92aLCcFIxQtDZjsoR/p7aT
bQ04viQMp/DPIOTR4a3hj/SFwlSzDP9bjNzGmwDrBhzd2PEKQ9PjnL/4B938Z1nz
wxWOA4r/0/D2NLsIag+sOWkWqhTCIM7n+IDy3QrrputhI9Z/MOq5RNf5gIiMiwne
LCkxrEa1ynOlUPmAbpnspvGAkRRmi6faihWpB90cdxNC+RjcNCL010B2vDz5RVhR
BdtHRLOlTQaW3TovSlkfo8h4WIBd+yMe9qcDOgTVuVvpp5a36UvEQYQmdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEDc0xxX67YVUiVRMxUzw6+qqTRvMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvUU56VEhGZnJ0aFZTSlZFekZUUERyNnFwTkc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAURUCMA0G
CSqGSIb3DQEBCwUAA4IBAQARs60Hd89QgolhvDeRLnbYsLjBMZ9A3r08EX7byUy7
c2xzORuEan/u3ty28tvSYVJMCFD1EpjRT1E+zsIPWydZFNFwg6HAc120PrCOVlND
DFIN5BFasnngpHTDUWWiJuMg/1SgDxj1q2GcamQe03RLguS4qVM0SkMRHnjkIHFl
2XjYNbcp+1DSl/xoRCU9J8wEwrsV21FQoNuKfR48v64FX/zBZwmXXBPUJ7kQcUCe
rZCjqu+uDUuUFWzq1PBVNh2y6JVBRaxe7/i8NW3Lj68O7KKNlnOld17qAcjgZkan
RHtE1KMTxRUptuiQLDq9taruMNzKWeYjQTrfGALcz53y
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:22:29 2025 by rpki-client