Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/412345-903e-4cc1-997a-e8682f322940/1/qpKzQPLTmTeBouigm-_LCT47ptg.roa
File: qpKzQPLTmTeBouigm-_LCT47ptg.roa (raw, json)
Hash identifier: E4sWsXmAGl2UKbGyN/Js8W4KJD2lZmWAcUYRus49okI=
Subject key identifier: AA:92:B3:40:F2:D3:99:37:81:A2:E8:A0:9B:EF:CB:09:3E:3B:A6:D8
Certificate issuer: /CN=e15c506035fa8dd6091b43a4e889767fcdcc48f1
Certificate serial: 01886BA6AB360AB18976CF0D367707B6DBF4
Authority key identifier: E1:5C:50:60:35:FA:8D:D6:09:1B:43:A4:E8:89:76:7F:CD:CC:48:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4VxQYDX6jdYJG0Ok6Il2f83MSPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/412345-903e-4cc1-997a-e8682f322940/1/qpKzQPLTmTeBouigm-_LCT47ptg.roa
Signing time: Tue 30 May 2023 07:54:24 +0000
ROA not before: Tue 30 May 2023 07:54:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202709
IP address blocks: 193.25.194.0/24 maxlen: 24
193.24.36.0/24 maxlen: 24
2a0f:76c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:6b:a6:ab:36:0a:b1:89:76:cf:0d:36:77:07:b6:db:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e15c506035fa8dd6091b43a4e889767fcdcc48f1
Validity
Not Before: May 30 07:54:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa92b340f2d3993781a2e8a09befcb093e3ba6d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:50:88:44:71:4e:e7:aa:45:7a:e9:94:6d:a1:
ee:5c:6f:55:ed:86:e3:65:fc:22:56:ad:05:43:9b:
fc:e4:20:84:9c:5e:c8:e0:29:e7:30:00:22:c9:1b:
31:bc:0f:c3:45:58:90:c4:4a:d2:32:14:d0:ff:b5:
c4:57:b0:2a:25:95:cf:c2:86:f7:60:4f:bf:e8:12:
0a:91:d1:e9:31:73:87:2a:9e:d8:ab:dc:61:0c:a2:
5f:0e:f0:88:21:2e:ad:3a:a8:41:d0:da:05:b7:35:
32:8c:7e:a3:c3:14:08:6a:b5:89:ce:19:f3:b8:e2:
6d:a8:c1:4e:f0:62:2e:94:4f:f3:ea:a7:43:9b:3f:
79:bb:dc:6a:47:08:11:6f:ff:fa:65:ce:ad:6b:5d:
e5:fa:25:d3:a6:0c:9b:a3:96:c9:3f:3b:c6:7e:de:
dc:aa:a5:a8:3e:28:60:89:3f:31:29:3f:d5:91:a3:
e2:21:95:5a:58:d6:67:1f:b0:a3:8d:f2:46:c8:bc:
fc:d4:e1:09:ca:73:ed:c5:1a:da:43:ab:99:16:25:
26:5e:2a:22:53:5c:ab:91:bc:b2:a1:01:35:25:e1:
74:b3:58:08:95:a3:cc:a9:b6:a9:d5:f8:fb:a2:8c:
b3:08:2a:6a:26:ee:ef:8e:b1:d5:66:81:8a:ff:97:
48:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:92:B3:40:F2:D3:99:37:81:A2:E8:A0:9B:EF:CB:09:3E:3B:A6:D8
X509v3 Authority Key Identifier:
keyid:E1:5C:50:60:35:FA:8D:D6:09:1B:43:A4:E8:89:76:7F:CD:CC:48:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4VxQYDX6jdYJG0Ok6Il2f83MSPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/412345-903e-4cc1-997a-e8682f322940/1/qpKzQPLTmTeBouigm-_LCT47ptg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/412345-903e-4cc1-997a-e8682f322940/1/4VxQYDX6jdYJG0Ok6Il2f83MSPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.24.36.0/24
193.25.194.0/24
IPv6:
2a0f:76c0::/29
Signature Algorithm: sha256WithRSAEncryption
85:8c:ef:ff:fb:08:51:5d:d9:39:15:fd:23:e4:46:e9:84:d1:
6f:06:fc:52:fa:a5:ff:4e:c5:47:a0:f5:96:15:fe:18:a6:03:
5d:58:16:34:33:37:71:db:94:f6:0e:3d:66:45:d6:6a:2b:15:
63:6b:ed:63:94:b2:34:b0:06:ad:88:71:da:56:93:6a:a3:43:
85:4b:78:bc:40:43:ed:68:6c:53:e7:53:d8:3b:1f:ea:69:70:
08:74:d1:99:0c:cb:b3:92:29:c8:ab:78:83:97:57:f3:97:f7:
4b:2f:a9:98:54:7f:8d:6a:87:97:01:83:a9:0f:e5:31:ec:a6:
64:9e:d4:76:a5:2a:9c:ec:ea:fb:06:ad:34:51:94:86:b5:b3:
12:f7:3a:3f:c6:cd:95:da:48:6c:c4:f2:f1:0d:4a:f5:99:05:
55:61:8a:51:80:12:96:61:23:d2:92:7e:f1:7d:cd:6b:6d:23:
80:fb:84:18:6f:22:68:31:cb:29:91:60:28:6b:75:b2:dc:43:
9b:8b:a3:52:1a:48:19:87:3a:d9:b1:af:88:f9:30:5e:4b:7f:
e7:ec:70:58:e4:51:27:50:93:03:c4:8b:14:42:90:0a:07:d7:
7a:db:b2:8c:ed:a0:fb:f8:9b:d5:94:b4:fc:21:88:0b:3d:49:
12:e4:69:ac
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYhrpqs2CrGJds8NNncHttv0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNWM1MDYwMzVmYThkZDYwOTFiNDNhNGU4ODk3NjdmY2Rj
YzQ4ZjEwHhcNMjMwNTMwMDc1NDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTkyYjM0MGYyZDM5OTM3ODFhMmU4YTA5YmVmY2IwOTNlM2JhNmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA01CIRHFO56pFeumUbaHuXG9V7Ybj
ZfwiVq0FQ5v85CCEnF7I4CnnMAAiyRsxvA/DRViQxErSMhTQ/7XEV7AqJZXPwob3
YE+/6BIKkdHpMXOHKp7Yq9xhDKJfDvCIIS6tOqhB0NoFtzUyjH6jwxQIarWJzhnz
uOJtqMFO8GIulE/z6qdDmz95u9xqRwgRb//6Zc6ta13l+iXTpgybo5bJPzvGft7c
qqWoPihgiT8xKT/VkaPiIZVaWNZnH7CjjfJGyLz81OEJynPtxRraQ6uZFiUmXioi
U1yrkbyyoQE1JeF0s1gIlaPMqbap1fj7ooyzCCpqJu7vjrHVZoGK/5dICwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKqSs0Dy05k3gaLooJvvywk+O6bYMB8GA1UdIwQY
MBaAFOFcUGA1+o3WCRtDpOiJdn/NzEjxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFZ4UVlEWDZqZFlKRzBPazZJbDJmODNNU1BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80MTIzNDUtOTAzZS00Y2MxLTk5N2Et
ZTg2ODJmMzIyOTQwLzEvcXBLelFQTFRtVGVCb3VpZ20tX0xDVDQ3cHRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80MTIzNDUtOTAzZS00Y2MxLTk5N2EtZTg2ODJmMzIyOTQw
LzEvNFZ4UVlEWDZqZFlKRzBPazZJbDJmODNNU1BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAwRgkAwQA
wRnCMA0EAgACMAcDBQMqD3bAMA0GCSqGSIb3DQEBCwUAA4IBAQCFjO//+whRXdk5
Ff0j5EbphNFvBvxS+qX/TsVHoPWWFf4YpgNdWBY0Mzdx25T2Dj1mRdZqKxVja+1j
lLI0sAatiHHaVpNqo0OFS3i8QEPtaGxT51PYOx/qaXAIdNGZDMuzkinIq3iDl1fz
l/dLL6mYVH+NaoeXAYOpD+Ux7KZkntR2pSqc7Or7Bq00UZSGtbMS9zo/xs2V2khs
xPLxDUr1mQVVYYpRgBKWYSPSkn7xfc1rbSOA+4QYbyJoMcspkWAoa3Wy3EObi6NS
GkgZhzrZsa+I+TBeS3/n7HBY5FEnUJMDxIsUQpAKB9d627KM7aD7+JvVlLT8IYgL
PUkS5Gms
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:09 2025 by rpki-client