Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/1b1ca0-bbf2-4419-8a0c-50cbcb5b19c2/1/hqoiD4ZcfQc7h8KaRGX6n0WKQzE.roa
File: hqoiD4ZcfQc7h8KaRGX6n0WKQzE.roa (raw, json)
Hash identifier: k3OOylCHEo4Y0hbf+dGvMY4xCx61xTFype3S+CfXq+4=
Subject key identifier: 86:AA:22:0F:86:5C:7D:07:3B:87:C2:9A:44:65:FA:9F:45:8A:43:31
Certificate issuer: /CN=ab1c800aa1b78a17a43e19fd9938355d0411e94a
Certificate serial: 0185710BEF5639873A571D2EF5D77DB1DAFA
Authority key identifier: AB:1C:80:0A:A1:B7:8A:17:A4:3E:19:FD:99:38:35:5D:04:11:E9:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qxyACqG3ihekPhn9mTg1XQQR6Uo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/1b1ca0-bbf2-4419-8a0c-50cbcb5b19c2/1/hqoiD4ZcfQc7h8KaRGX6n0WKQzE.roa
Signing time: Mon 02 Jan 2023 05:54:45 +0000
ROA not before: Mon 02 Jan 2023 05:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25584
IP address blocks: 217.173.205.0/24 maxlen: 24
2a04:9444::/30 maxlen: 30
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0b:ef:56:39:87:3a:57:1d:2e:f5:d7:7d:b1:da:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab1c800aa1b78a17a43e19fd9938355d0411e94a
Validity
Not Before: Jan 2 05:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=86aa220f865c7d073b87c29a4465fa9f458a4331
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:17:05:31:05:88:52:49:1d:a5:a7:1a:5b:9f:
f3:d7:99:d2:99:ad:fe:9f:9d:85:e1:01:5e:53:5e:
6a:16:8f:4e:ff:b7:01:e9:8e:e5:14:f5:da:6a:6e:
b9:d8:4e:5d:4c:9d:20:f7:80:8a:fc:86:d0:4a:8f:
56:7f:00:05:1c:fb:da:e7:a2:60:54:49:b4:d3:c3:
7c:88:5e:bb:1c:a2:29:fa:e8:0c:2c:75:9d:f1:e1:
24:5f:56:71:5f:a3:26:aa:e6:48:0a:b0:6a:a0:bf:
10:37:10:9a:5d:3b:9a:b6:46:93:57:9b:25:e7:58:
e6:5f:8c:dd:54:7a:0b:fb:51:36:59:23:e5:e5:f5:
47:72:8e:9d:2f:cf:78:3a:aa:8b:29:b2:ed:e8:06:
f9:b0:7f:4d:f3:27:30:cb:75:5e:f0:2c:4f:ab:be:
33:ff:43:2d:be:da:f4:97:85:b8:5e:b4:11:aa:e7:
ec:e6:52:91:0f:4d:a4:1a:5a:5d:b8:f0:0a:b2:d6:
03:94:49:b5:42:e5:9e:56:1e:f9:01:55:cc:b3:45:
ed:88:34:7c:79:cf:d5:e9:cb:26:de:50:a9:5c:57:
48:de:03:9e:44:36:73:06:03:72:b9:8c:7f:e6:e9:
d0:95:d3:d8:f0:ab:90:7f:b2:18:df:ea:cf:af:38:
4a:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:AA:22:0F:86:5C:7D:07:3B:87:C2:9A:44:65:FA:9F:45:8A:43:31
X509v3 Authority Key Identifier:
keyid:AB:1C:80:0A:A1:B7:8A:17:A4:3E:19:FD:99:38:35:5D:04:11:E9:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qxyACqG3ihekPhn9mTg1XQQR6Uo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/1b1ca0-bbf2-4419-8a0c-50cbcb5b19c2/1/hqoiD4ZcfQc7h8KaRGX6n0WKQzE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/1b1ca0-bbf2-4419-8a0c-50cbcb5b19c2/1/qxyACqG3ihekPhn9mTg1XQQR6Uo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.173.205.0/24
IPv6:
2a04:9444::/30
Signature Algorithm: sha256WithRSAEncryption
ad:04:cc:de:53:19:e7:ef:e0:f1:17:29:46:eb:69:d1:76:53:
99:44:54:2c:5f:49:0e:8f:ee:fb:65:d4:7b:97:1e:91:7e:e5:
74:e0:9f:a5:3f:95:3d:fc:4c:2d:52:1d:40:8f:62:93:bf:ba:
22:f3:2c:0e:8e:7f:92:ec:45:a8:e1:16:61:50:df:e6:5d:1d:
ad:59:89:ab:43:3c:11:47:41:a5:b4:ad:7f:60:46:df:c2:25:
fd:5a:be:9a:23:f7:ff:1f:5c:bb:af:1b:e5:3a:6c:70:fa:4f:
8a:0f:e3:69:3a:8c:86:d8:44:75:33:37:8a:f0:39:30:ff:c3:
15:61:52:72:30:2c:9a:26:d7:d1:94:fe:64:93:2a:16:0d:10:
80:06:ab:d1:54:3d:12:b1:50:c3:3b:b1:89:57:39:fc:96:81:
0b:71:b7:c4:f3:14:15:54:49:8f:c1:24:28:7c:b6:69:dd:b0:
58:a8:12:74:64:0c:84:cd:2c:db:98:cb:d5:3f:a3:6e:ed:20:
77:ef:cb:59:29:6f:7b:1c:7b:44:ef:63:ad:54:24:33:ab:48:
e1:38:6b:36:bc:8a:23:f2:8e:c4:b3:9f:74:f5:4c:49:06:c4:
69:49:21:39:e2:61:7a:cc:2c:2e:66:71:f6:fa:8c:ef:0e:e7:
66:5f:80:16
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxC+9WOYc6Vx0u9dd9sdr6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMWM4MDBhYTFiNzhhMTdhNDNlMTlmZDk5MzgzNTVkMDQx
MWU5NGEwHhcNMjMwMTAyMDU1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmFhMjIwZjg2NWM3ZDA3M2I4N2MyOWE0NDY1ZmE5ZjQ1OGE0MzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyRcFMQWIUkkdpacaW5/z15nSma3+
n52F4QFeU15qFo9O/7cB6Y7lFPXaam652E5dTJ0g94CK/IbQSo9WfwAFHPva56Jg
VEm008N8iF67HKIp+ugMLHWd8eEkX1ZxX6MmquZICrBqoL8QNxCaXTuatkaTV5sl
51jmX4zdVHoL+1E2WSPl5fVHco6dL894OqqLKbLt6Ab5sH9N8ycwy3Ve8CxPq74z
/0Mtvtr0l4W4XrQRqufs5lKRD02kGlpduPAKstYDlEm1QuWeVh75AVXMs0XtiDR8
ec/V6csm3lCpXFdI3gOeRDZzBgNyuYx/5unQldPY8KuQf7IY3+rPrzhKWQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIaqIg+GXH0HO4fCmkRl+p9FikMxMB8GA1UdIwQY
MBaAFKscgAqht4oXpD4Z/Zk4NV0EEelKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXh5QUNxRzNpaGVrUGhuOW1UZzFYUVFSNlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS8xYjFjYTAtYmJmMi00NDE5LThhMGMt
NTBjYmNiNWIxOWMyLzEvaHFvaUQ0WmNmUWM3aDhLYVJHWDZuMFdLUXpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS8xYjFjYTAtYmJmMi00NDE5LThhMGMtNTBjYmNiNWIxOWMy
LzEvcXh5QUNxRzNpaGVrUGhuOW1UZzFYUVFSNlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQA2a3NMA0E
AgACMAcDBQIqBJREMA0GCSqGSIb3DQEBCwUAA4IBAQCtBMzeUxnn7+DxFylG62nR
dlOZRFQsX0kOj+77ZdR7lx6RfuV04J+lP5U9/EwtUh1Aj2KTv7oi8ywOjn+S7EWo
4RZhUN/mXR2tWYmrQzwRR0GltK1/YEbfwiX9Wr6aI/f/H1y7rxvlOmxw+k+KD+Np
OoyG2ER1MzeK8Dkw/8MVYVJyMCyaJtfRlP5kkyoWDRCABqvRVD0SsVDDO7GJVzn8
loELcbfE8xQVVEmPwSQofLZp3bBYqBJ0ZAyEzSzbmMvVP6Nu7SB378tZKW97HHtE
72OtVCQzq0jhOGs2vIoj8o7Es5909UxJBsRpSSE54mF6zCwuZnH2+ozvDudmX4AW
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:33:50 2025 by rpki-client