Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/e35ac1-05d1-406d-b668-36eaf7948531/1/qBcuJz9jsb3B13NyItIKfQ32TTc.roa
File: qBcuJz9jsb3B13NyItIKfQ32TTc.roa (raw, json)
Hash identifier: Jgz0pEmZUeWL7KHKH94yLMScwfl3tcibikEI49Z/qLk=
Subject key identifier: A8:17:2E:27:3F:63:B1:BD:C1:D7:73:72:22:D2:0A:7D:0D:F6:4D:37
Certificate issuer: /CN=365b4abab716ad1407a902e5176560ecc37c966d
Certificate serial: 01856F1D81CFE35EC4A2E18C46BF4867E0AB
Authority key identifier: 36:5B:4A:BA:B7:16:AD:14:07:A9:02:E5:17:65:60:EC:C3:7C:96:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NltKurcWrRQHqQLlF2Vg7MN8lm0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/e35ac1-05d1-406d-b668-36eaf7948531/1/qBcuJz9jsb3B13NyItIKfQ32TTc.roa
Signing time: Sun 01 Jan 2023 20:54:42 +0000
ROA not before: Sun 01 Jan 2023 20:54:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29405
IP address blocks: 130.193.18.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:81:cf:e3:5e:c4:a2:e1:8c:46:bf:48:67:e0:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=365b4abab716ad1407a902e5176560ecc37c966d
Validity
Not Before: Jan 1 20:54:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a8172e273f63b1bdc1d7737222d20a7d0df64d37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:d0:0f:6b:ba:fd:38:2f:cf:c9:23:4d:97:d3:
0f:fd:10:74:94:16:8a:e5:3a:75:97:14:a7:c6:cf:
3f:72:5b:d0:38:66:2f:c5:2d:8a:d8:e3:82:6e:83:
ff:6a:86:6f:b6:2c:d9:74:f0:ea:9f:c3:00:09:d2:
31:71:61:14:91:28:5f:91:15:e8:f9:9e:48:0d:95:
93:fe:46:0e:6e:b5:0f:b1:4c:ce:ef:9a:b3:1e:25:
9b:61:c9:74:f3:55:40:10:19:fb:6f:ea:ed:8c:ca:
67:1b:d0:b1:7d:7a:44:c4:4a:0a:63:dd:b5:31:9c:
b7:20:9e:86:68:7b:8e:5d:88:21:c4:28:d1:e1:4d:
f8:4b:74:50:d0:09:d9:45:7b:d9:d8:d6:83:1d:04:
4d:0a:88:31:f9:ac:bc:9f:21:78:43:67:6f:64:9b:
ae:a1:97:57:b7:5f:f0:45:4f:f9:fb:a6:a8:65:be:
b9:fa:13:89:ee:cb:c3:98:a1:fe:31:e0:a8:5c:38:
f6:a1:52:2c:1a:cd:29:fd:2d:7a:87:59:f2:8f:12:
44:57:29:5d:be:a1:4e:64:b2:33:09:51:97:80:40:
4b:b2:a5:85:bc:40:6e:6e:29:21:07:6f:24:5d:5b:
30:7a:d4:35:21:a4:77:b1:0e:a2:da:51:be:42:72:
bb:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:17:2E:27:3F:63:B1:BD:C1:D7:73:72:22:D2:0A:7D:0D:F6:4D:37
X509v3 Authority Key Identifier:
keyid:36:5B:4A:BA:B7:16:AD:14:07:A9:02:E5:17:65:60:EC:C3:7C:96:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NltKurcWrRQHqQLlF2Vg7MN8lm0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/e35ac1-05d1-406d-b668-36eaf7948531/1/qBcuJz9jsb3B13NyItIKfQ32TTc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/e35ac1-05d1-406d-b668-36eaf7948531/1/NltKurcWrRQHqQLlF2Vg7MN8lm0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.193.18.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:cd:ba:fa:28:82:3c:f3:89:b8:26:ad:1d:3c:19:5a:21:6b:
ce:2a:ae:f2:e0:7c:6f:72:fe:96:97:7d:54:14:1f:7b:4a:72:
9a:5a:a4:40:a7:97:ca:90:2c:f9:0d:13:fe:b4:4c:55:af:da:
98:1c:ec:65:0a:fc:2a:32:ef:0e:e6:4a:44:7c:ad:d9:43:b1:
5b:6e:1d:14:1d:f3:c1:2d:cf:54:4d:cd:14:b3:b7:68:e2:ad:
e6:61:33:b8:49:55:3d:8c:40:3e:46:8c:90:fe:75:3e:c8:13:
0a:23:c9:1a:c6:23:3a:99:61:0b:c2:7f:60:80:6f:89:72:85:
b5:c4:7e:e2:7a:d1:29:e3:b6:f8:5d:a4:43:9e:73:cc:39:f3:
45:36:6c:d7:cb:fd:b6:c1:9b:0d:f1:e1:94:ae:4a:79:76:64:
52:f9:5b:04:4f:6c:ab:58:e7:ba:e0:8e:7f:af:19:81:92:63:
23:d8:c7:5f:2e:08:85:13:1e:49:f6:9c:0e:30:e0:45:0c:4b:
a3:3c:b0:15:ba:6e:fb:94:59:04:9b:41:24:e9:63:e3:64:a2:
0c:c7:ce:3c:1a:c7:dd:c7:2c:3b:f2:53:9e:49:cc:77:db:aa:
1c:31:0f:f2:c0:a0:3b:7b:a0:18:09:c1:c3:10:37:86:d8:e2:
fa:98:43:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvHYHP417EouGMRr9IZ+CrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2NWI0YWJhYjcxNmFkMTQwN2E5MDJlNTE3NjU2MGVjYzM3
Yzk2NmQwHhcNMjMwMTAxMjA1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODE3MmUyNzNmNjNiMWJkYzFkNzczNzIyMmQyMGE3ZDBkZjY0ZDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhNAPa7r9OC/PySNNl9MP/RB0lBaK
5Tp1lxSnxs8/clvQOGYvxS2K2OOCboP/aoZvtizZdPDqn8MACdIxcWEUkShfkRXo
+Z5IDZWT/kYObrUPsUzO75qzHiWbYcl081VAEBn7b+rtjMpnG9CxfXpExEoKY921
MZy3IJ6GaHuOXYghxCjR4U34S3RQ0AnZRXvZ2NaDHQRNCogx+ay8nyF4Q2dvZJuu
oZdXt1/wRU/5+6aoZb65+hOJ7svDmKH+MeCoXDj2oVIsGs0p/S16h1nyjxJEVyld
vqFOZLIzCVGXgEBLsqWFvEBubikhB28kXVswetQ1IaR3sQ6i2lG+QnK7nQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKgXLic/Y7G9wddzciLSCn0N9k03MB8GA1UdIwQY
MBaAFDZbSrq3Fq0UB6kC5RdlYOzDfJZtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmx0S3VyY1dyUlFIcVFMbEYyVmc3TU44bG0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9lMzVhYzEtMDVkMS00MDZkLWI2Njgt
MzZlYWY3OTQ4NTMxLzEvcUJjdUp6OWpzYjNCMTNOeUl0SUtmUTMyVFRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9lMzVhYzEtMDVkMS00MDZkLWI2NjgtMzZlYWY3OTQ4NTMx
LzEvTmx0S3VyY1dyUlFIcVFMbEYyVmc3TU44bG0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAgsESMA0G
CSqGSIb3DQEBCwUAA4IBAQA6zbr6KII884m4Jq0dPBlaIWvOKq7y4Hxvcv6Wl31U
FB97SnKaWqRAp5fKkCz5DRP+tExVr9qYHOxlCvwqMu8O5kpEfK3ZQ7Fbbh0UHfPB
Lc9UTc0Us7do4q3mYTO4SVU9jEA+RoyQ/nU+yBMKI8kaxiM6mWELwn9ggG+JcoW1
xH7ietEp47b4XaRDnnPMOfNFNmzXy/22wZsN8eGUrkp5dmRS+VsET2yrWOe64I5/
rxmBkmMj2MdfLgiFEx5J9pwOMOBFDEujPLAVum77lFkEm0Ek6WPjZKIMx848Gsfd
xyw78lOeScx326ocMQ/ywKA7e6AYCcHDEDeG2OL6mEN5
-----END CERTIFICATE-----
Generated at Sun Apr 13 11:00:29 2025 by rpki-client