Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/ddc26e-31da-43dd-b4d1-063a0881a6d2/1/qZ0bGoEwCRf06CqDXLjzKQtI8Bo.roa
File: qZ0bGoEwCRf06CqDXLjzKQtI8Bo.roa (raw, json)
Hash identifier: lBV3tUQNZNmnQeIZ+7u4sggab5kojMpvKQ7BO7/ZNXo=
Subject key identifier: A9:9D:1B:1A:81:30:09:17:F4:E8:2A:83:5C:B8:F3:29:0B:48:F0:1A
Certificate issuer: /CN=472694d8a399a3a66f442ec72295c754acbbad41
Certificate serial: 01820138221F110A4CA2C64A0099B2D0C6EF
Authority key identifier: 47:26:94:D8:A3:99:A3:A6:6F:44:2E:C7:22:95:C7:54:AC:BB:AD:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RyaU2KOZo6ZvRC7HIpXHVKy7rUE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/ddc26e-31da-43dd-b4d1-063a0881a6d2/1/qZ0bGoEwCRf06CqDXLjzKQtI8Bo.roa
Signing time: Fri 15 Jul 2022 09:37:12 +0000
ROA not before: Fri 15 Jul 2022 09:37:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200807
IP address blocks: 78.31.213.0/24 maxlen: 24
78.31.212.0/23 maxlen: 23
78.31.212.0/24 maxlen: 24
185.173.164.0/22 maxlen: 22
2a0b:4f00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:01:38:22:1f:11:0a:4c:a2:c6:4a:00:99:b2:d0:c6:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=472694d8a399a3a66f442ec72295c754acbbad41
Validity
Not Before: Jul 15 09:37:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a99d1b1a81300917f4e82a835cb8f3290b48f01a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:66:bb:18:a5:09:4d:93:76:67:50:06:03:3f:
ff:dd:92:98:9b:7e:58:33:90:da:ba:ed:85:eb:95:
71:a7:24:3b:f2:71:e8:e1:65:78:ca:75:66:58:9b:
c2:19:57:db:2a:7e:b2:4f:29:8e:37:47:0a:ad:3a:
66:23:22:b1:ae:48:77:f4:cc:cf:3e:98:43:df:4e:
1c:28:1b:63:4c:70:1b:5e:5f:31:63:d2:9d:cb:fe:
1a:ca:f1:63:e3:0f:4e:54:b1:15:39:7f:0a:23:6e:
94:a2:28:9a:c1:b8:a8:bf:bf:4f:7c:13:be:84:91:
40:da:cf:21:4a:a9:91:c3:86:5c:8c:ba:05:3b:4e:
37:6e:a0:9d:51:27:36:ff:6b:6f:fa:95:1a:3e:b2:
49:03:67:b5:e2:90:94:45:26:ff:19:28:cc:7e:e0:
e9:45:a6:99:31:1a:67:3f:b1:46:5b:90:f6:e7:e2:
c6:cb:52:5b:c5:dc:5a:15:4b:c6:a0:c5:eb:95:93:
ab:a7:b7:a4:b1:04:f9:dc:9d:f9:bb:9e:c0:88:07:
83:6e:ed:bd:3b:b2:de:b2:0e:da:2c:fc:e4:41:66:
05:6e:22:37:c3:85:48:02:ee:b4:a1:1b:37:df:cd:
c2:77:a7:b1:c1:9d:0c:d8:8c:20:79:1a:f3:1f:fb:
d7:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:9D:1B:1A:81:30:09:17:F4:E8:2A:83:5C:B8:F3:29:0B:48:F0:1A
X509v3 Authority Key Identifier:
keyid:47:26:94:D8:A3:99:A3:A6:6F:44:2E:C7:22:95:C7:54:AC:BB:AD:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RyaU2KOZo6ZvRC7HIpXHVKy7rUE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/ddc26e-31da-43dd-b4d1-063a0881a6d2/1/qZ0bGoEwCRf06CqDXLjzKQtI8Bo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/ddc26e-31da-43dd-b4d1-063a0881a6d2/1/RyaU2KOZo6ZvRC7HIpXHVKy7rUE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.31.212.0/23
185.173.164.0/22
IPv6:
2a0b:4f00::/32
Signature Algorithm: sha256WithRSAEncryption
01:3e:2e:96:11:99:2e:08:80:a1:64:c7:7c:1a:55:21:99:4f:
70:64:fa:04:e0:13:9d:2d:64:52:88:db:e9:eb:b3:3f:6b:0d:
8d:7e:ca:7f:86:85:39:d5:fe:f1:ae:57:e9:d8:79:81:dd:94:
ac:dd:f8:07:45:1c:2a:e3:a6:b1:93:d0:57:d3:d4:d7:1d:12:
9e:50:37:73:0f:91:4f:21:13:c3:30:e1:c3:2a:e7:dc:73:5c:
9a:ff:56:43:b7:e4:b6:4a:d7:2c:fd:3f:35:03:33:e9:f4:52:
73:1d:43:b5:7a:25:76:f2:05:e1:18:e5:cf:bb:50:e3:2a:5a:
9b:b6:6b:6a:bc:55:b8:3b:68:9d:ec:66:d9:85:d6:f0:ab:45:
85:86:ea:6c:df:39:01:b6:7b:88:23:b3:26:b1:56:02:0c:d8:
e0:81:7f:78:63:7a:5f:a3:7f:b4:7c:5f:38:79:c1:7b:c0:c4:
cf:c6:66:13:bd:1e:00:da:25:0e:ae:3f:d7:eb:37:5d:a2:25:
47:2e:7a:b0:9f:ef:1a:97:89:d1:c1:1d:1c:3b:37:02:8e:35:
89:23:86:17:6c:4d:37:e9:ce:a9:48:d7:c8:ec:74:24:11:16:
0e:3a:34:f5:e6:6a:70:9e:69:e9:e3:5c:53:86:d2:64:af:c3:
01:d2:c6:35
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYIBOCIfEQpMosZKAJmy0MbvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3MjY5NGQ4YTM5OWEzYTY2ZjQ0MmVjNzIyOTVjNzU0YWNi
YmFkNDEwHhcNMjIwNzE1MDkzNzEyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTlkMWIxYTgxMzAwOTE3ZjRlODJhODM1Y2I4ZjMyOTBiNDhmMDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWa7GKUJTZN2Z1AGAz//3ZKYm35Y
M5Dauu2F65VxpyQ78nHo4WV4ynVmWJvCGVfbKn6yTymON0cKrTpmIyKxrkh39MzP
PphD304cKBtjTHAbXl8xY9Kdy/4ayvFj4w9OVLEVOX8KI26Uoiiawbiov79PfBO+
hJFA2s8hSqmRw4ZcjLoFO043bqCdUSc2/2tv+pUaPrJJA2e14pCURSb/GSjMfuDp
RaaZMRpnP7FGW5D25+LGy1JbxdxaFUvGoMXrlZOrp7eksQT53J35u57AiAeDbu29
O7Lesg7aLPzkQWYFbiI3w4VIAu60oRs3383Cd6exwZ0M2IwgeRrzH/vX0wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKmdGxqBMAkX9Ogqg1y48ykLSPAaMB8GA1UdIwQY
MBaAFEcmlNijmaOmb0QuxyKVx1Ssu61BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnlhVTJLT1pvNlp2UkM3SElwWEhWS3k3clVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9kZGMyNmUtMzFkYS00M2RkLWI0ZDEt
MDYzYTA4ODFhNmQyLzEvcVowYkdvRXdDUmYwNkNxRFhManpLUXRJOEJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9kZGMyNmUtMzFkYS00M2RkLWI0ZDEtMDYzYTA4ODFhNmQy
LzEvUnlhVTJLT1pvNlp2UkM3SElwWEhWS3k3clVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBTh/UAwQC
ua2kMA0EAgACMAcDBQAqC08AMA0GCSqGSIb3DQEBCwUAA4IBAQABPi6WEZkuCICh
ZMd8GlUhmU9wZPoE4BOdLWRSiNvp67M/aw2Nfsp/hoU51f7xrlfp2HmB3ZSs3fgH
RRwq46axk9BX09TXHRKeUDdzD5FPIRPDMOHDKufcc1ya/1ZDt+S2Stcs/T81AzPp
9FJzHUO1eiV28gXhGOXPu1DjKlqbtmtqvFW4O2id7GbZhdbwq0WFhups3zkBtnuI
I7MmsVYCDNjggX94Y3pfo3+0fF84ecF7wMTPxmYTvR4A2iUOrj/X6zddoiVHLnqw
n+8al4nRwR0cOzcCjjWJI4YXbE036c6pSNfI7HQkERYOOjT15mpwnmnp41xThtJk
r8MB0sY1
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:56:10 2025 by rpki-client