Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/qcKxB0amuf0xMExcGAO4PZczleE.roa
File: qcKxB0amuf0xMExcGAO4PZczleE.roa (raw, json)
Hash identifier: L701GprUI+ngbQj8eb0aqlHp+QWzugPy9gIMy34iq+0=
Subject key identifier: A9:C2:B1:07:46:A6:B9:FD:31:30:4C:5C:18:03:B8:3D:97:33:95:E1
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01855D0A6AB3B253D2B9CF358465EC34D559
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/qcKxB0amuf0xMExcGAO4PZczleE.roa
Signing time: Thu 29 Dec 2022 08:40:41 +0000
ROA not before: Thu 29 Dec 2022 08:40:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204843
IP address blocks: 81.5.191.0/24 maxlen: 24
82.153.242.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:5d:0a:6a:b3:b2:53:d2:b9:cf:35:84:65:ec:34:d5:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 29 08:40:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a9c2b10746a6b9fd31304c5c1803b83d973395e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:7a:c9:46:70:2b:45:51:2a:af:97:59:20:ca:
75:55:21:6f:4a:7e:c7:4a:98:1d:c6:5c:0a:af:b4:
f2:53:d6:5e:16:60:c7:10:5c:f0:f1:09:f2:a7:b8:
70:17:69:6e:94:90:2b:79:2a:d1:6b:f7:b2:e9:12:
ef:fe:a8:79:9f:4d:8e:44:b7:29:24:fb:10:a7:0e:
f1:8e:d9:c9:cd:76:65:fc:bb:99:00:2a:ce:5e:46:
92:4c:de:09:2d:19:8c:09:19:ab:87:20:5b:96:6b:
88:3c:47:d9:fe:25:ec:da:a2:e0:11:f9:19:90:51:
3f:51:81:4f:14:c9:41:e9:5b:d5:d5:ad:87:b6:22:
82:37:2c:9d:73:37:1b:29:e6:69:45:b4:9a:da:c0:
ca:56:5a:a2:89:1c:71:8f:0c:c0:e1:0b:bf:b6:94:
7b:f0:19:ab:b4:66:4b:8e:cd:7e:7b:96:6a:3a:73:
03:9a:06:3b:e6:0f:60:11:85:9e:84:04:73:8f:a5:
2c:00:34:60:a0:24:b0:39:01:40:2c:75:3e:bf:2b:
0c:14:7d:5d:4e:b5:06:ce:7e:9b:32:fd:6b:86:f2:
06:11:fc:06:03:b0:c5:53:9c:ef:7e:8c:fe:2d:f7:
17:42:48:d3:d5:39:b7:da:61:9b:a2:0a:37:d5:18:
16:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:C2:B1:07:46:A6:B9:FD:31:30:4C:5C:18:03:B8:3D:97:33:95:E1
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/qcKxB0amuf0xMExcGAO4PZczleE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.191.0/24
82.153.242.0/24
Signature Algorithm: sha256WithRSAEncryption
28:2e:63:4f:71:4a:99:4f:e3:fd:13:01:ba:a2:93:d7:6c:76:
ca:40:23:38:06:94:0b:92:00:0a:0a:48:d9:c1:c6:9a:d3:5e:
0a:d9:f9:ce:36:49:12:bf:e1:d3:ce:d7:df:27:dd:c2:b5:d9:
d6:b9:19:34:dc:81:db:01:c4:e6:d7:6c:06:53:6a:5d:e3:9d:
8a:95:b0:54:cf:45:74:9f:53:6f:1e:b2:90:a0:ca:59:57:69:
92:63:2a:c8:27:72:f7:83:a6:46:89:3e:5d:dd:b4:4d:76:1e:
3b:f2:80:1c:cb:0f:f5:fe:9b:c1:05:07:88:0f:c3:03:93:5b:
2b:1e:1c:5b:ba:42:cd:8b:46:07:5d:fd:bc:b8:f9:63:17:10:
25:d4:15:2b:8b:4e:0d:1a:5e:3b:e8:e1:fc:a8:28:27:33:2e:
40:06:0d:05:f3:41:b3:fa:bc:36:ca:d7:40:df:9d:53:34:9a:
ab:0c:af:c2:34:34:4e:86:95:6b:f7:3b:ec:af:63:90:25:b4:
11:ff:66:7d:98:3e:e4:55:b9:31:00:ee:53:8a:1e:cf:3e:4f:
7a:1f:e0:ce:04:42:e7:0a:92:e1:6d:0d:76:c6:6e:c8:7d:b9:
63:2f:31:ea:63:ac:bc:b2:ba:39:fe:bc:f2:33:3f:76:41:ca:
60:a0:1a:00
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVdCmqzslPSuc81hGXsNNVZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjIxMjI5MDg0MDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWMyYjEwNzQ2YTZiOWZkMzEzMDRjNWMxODAzYjgzZDk3MzM5NWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAknrJRnArRVEqr5dZIMp1VSFvSn7H
SpgdxlwKr7TyU9ZeFmDHEFzw8Qnyp7hwF2lulJAreSrRa/ey6RLv/qh5n02ORLcp
JPsQpw7xjtnJzXZl/LuZACrOXkaSTN4JLRmMCRmrhyBblmuIPEfZ/iXs2qLgEfkZ
kFE/UYFPFMlB6VvV1a2HtiKCNyydczcbKeZpRbSa2sDKVlqiiRxxjwzA4Qu/tpR7
8BmrtGZLjs1+e5ZqOnMDmgY75g9gEYWehARzj6UsADRgoCSwOQFALHU+vysMFH1d
TrUGzn6bMv1rhvIGEfwGA7DFU5zvfoz+LfcXQkjT1Tm32mGbogo31RgW3wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKnCsQdGprn9MTBMXBgDuD2XM5XhMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcWNLeEIwYW11ZjB4TUV4Y0dBTzRQWmN6bGVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUQW/AwQA
UpnyMA0GCSqGSIb3DQEBCwUAA4IBAQAoLmNPcUqZT+P9EwG6opPXbHbKQCM4BpQL
kgAKCkjZwcaa014K2fnONkkSv+HTztffJ93CtdnWuRk03IHbAcTm12wGU2pd452K
lbBUz0V0n1NvHrKQoMpZV2mSYyrIJ3L3g6ZGiT5d3bRNdh478oAcyw/1/pvBBQeI
D8MDk1srHhxbukLNi0YHXf28uPljFxAl1BUri04NGl476OH8qCgnMy5ABg0F80Gz
+rw2ytdA351TNJqrDK/CNDROhpVr9zvsr2OQJbQR/2Z9mD7kVbkxAO5Tih7PPk96
H+DOBELnCpLhbQ12xm7IfbljLzHqY6y8sro5/rzyMz92QcpgoBoA
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:19:38 2025 by rpki-client