Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/c3f4a2-8b8e-49a3-aa9f-d92d64b9f801/1/qI8FbPo9W8JZxaP7QCpDbhdAnvY.roa
File: qI8FbPo9W8JZxaP7QCpDbhdAnvY.roa (raw, json)
Hash identifier: 5CG5IFRNSbv+21azIWvqD8BNKkn7a7cyZUdDp3AVofg=
Subject key identifier: A8:8F:05:6C:FA:3D:5B:C2:59:C5:A3:FB:40:2A:43:6E:17:40:9E:F6
Certificate issuer: /CN=a57089c45c55088fe90eb61002f07f0f95862672
Certificate serial: 01856EAFDF70813AD2E4D0A4D147B24B3985
Authority key identifier: A5:70:89:C4:5C:55:08:8F:E9:0E:B6:10:02:F0:7F:0F:95:86:26:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXCJxFxVCI_pDrYQAvB_D5WGJnI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/c3f4a2-8b8e-49a3-aa9f-d92d64b9f801/1/qI8FbPo9W8JZxaP7QCpDbhdAnvY.roa
Signing time: Sun 01 Jan 2023 18:54:57 +0000
ROA not before: Sun 01 Jan 2023 18:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59987
IP address blocks: 176.119.196.0/24 maxlen: 24
2a06:6840::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:df:70:81:3a:d2:e4:d0:a4:d1:47:b2:4b:39:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a57089c45c55088fe90eb61002f07f0f95862672
Validity
Not Before: Jan 1 18:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a88f056cfa3d5bc259c5a3fb402a436e17409ef6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b6:40:e1:03:35:c9:87:cb:b1:3d:06:8e:72:
81:b3:78:ae:5a:74:59:3c:44:76:9b:58:4a:87:76:
ea:af:87:34:1d:72:db:9b:7a:8f:f3:98:dc:bf:b3:
fa:b3:15:a5:4f:93:bc:84:91:a9:d6:a9:b6:8c:90:
5c:7c:de:05:0b:a0:27:ee:93:0a:84:4d:08:8a:44:
bb:f4:53:08:0e:f3:fc:f5:30:b4:dd:18:61:b4:64:
b9:8e:13:a8:ea:70:0c:13:2e:04:31:9c:06:ec:93:
a4:aa:0e:94:b6:99:21:8a:ed:09:0c:1e:d7:89:02:
98:48:da:d6:cf:e8:51:aa:92:f4:9f:81:b9:28:cb:
3e:1c:8a:73:26:db:05:25:87:a6:02:1e:0a:96:17:
ff:ff:e2:55:61:35:3c:ef:57:32:a7:0d:c3:2f:d9:
5e:90:0d:bb:62:a7:c7:94:35:8e:f2:5b:7e:b7:82:
bb:52:e0:36:d5:c9:26:b6:09:d4:cb:02:cb:7b:a9:
b7:a3:af:44:21:03:8b:e4:e1:c4:32:7c:2d:dd:64:
1d:cb:64:0e:b7:e9:91:a2:36:1b:c2:20:bc:6f:b8:
e6:b9:f5:a1:0a:d8:86:6f:53:90:84:1d:f7:f8:95:
9d:36:dd:ba:88:a9:28:60:fb:9f:68:ca:52:6c:8e:
32:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:8F:05:6C:FA:3D:5B:C2:59:C5:A3:FB:40:2A:43:6E:17:40:9E:F6
X509v3 Authority Key Identifier:
keyid:A5:70:89:C4:5C:55:08:8F:E9:0E:B6:10:02:F0:7F:0F:95:86:26:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXCJxFxVCI_pDrYQAvB_D5WGJnI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c3f4a2-8b8e-49a3-aa9f-d92d64b9f801/1/qI8FbPo9W8JZxaP7QCpDbhdAnvY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c3f4a2-8b8e-49a3-aa9f-d92d64b9f801/1/pXCJxFxVCI_pDrYQAvB_D5WGJnI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.119.196.0/24
IPv6:
2a06:6840::/29
Signature Algorithm: sha256WithRSAEncryption
62:76:3b:98:da:2c:b8:0c:5f:1b:24:c2:98:66:fa:88:f7:0b:
e3:b8:ac:e1:d2:35:60:82:b6:c3:d6:33:2d:2f:22:12:3b:72:
f9:38:ad:a5:da:e1:aa:19:cc:9f:28:1b:2a:c9:22:31:ff:8a:
b4:94:d3:85:30:75:b6:00:e7:d2:cb:c2:02:23:c8:35:16:59:
21:36:35:32:a7:c3:24:d3:a2:7e:33:aa:1c:fa:ca:06:20:e5:
95:cd:ae:3c:19:2f:b7:1b:3e:2a:0e:d1:c9:a2:90:8f:ca:10:
d9:94:06:b9:e3:d5:5c:bd:d0:ad:ac:b4:a9:ad:17:67:4e:ef:
dd:70:39:95:9b:a0:30:8e:2e:9a:d6:28:c4:42:66:8c:7d:58:
4c:75:89:45:e0:f2:45:eb:a7:7e:c8:a8:0a:71:a7:b7:31:5a:
4a:1e:dd:8e:04:d1:a2:ef:94:b6:3f:8f:57:c1:cd:22:94:86:
f9:2d:f9:93:57:7a:a8:55:ce:f6:df:ae:f8:ec:0b:88:60:30:
d0:fa:72:b3:41:3b:0a:c6:e5:54:fb:4c:4c:d4:72:ed:2d:2d:
1c:e6:ed:01:5e:7b:1e:26:ab:ac:a4:46:80:b9:83:47:87:e6:
e6:14:c2:d5:07:29:6b:f7:1c:52:7c:2d:00:0b:92:b5:e4:ab:
9b:ce:f5:20
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVur99wgTrS5NCk0UeySzmFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzA4OWM0NWM1NTA4OGZlOTBlYjYxMDAyZjA3ZjBmOTU4
NjI2NzIwHhcNMjMwMTAxMTg1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODhmMDU2Y2ZhM2Q1YmMyNTljNWEzZmI0MDJhNDM2ZTE3NDA5ZWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurZA4QM1yYfLsT0GjnKBs3iuWnRZ
PER2m1hKh3bqr4c0HXLbm3qP85jcv7P6sxWlT5O8hJGp1qm2jJBcfN4FC6An7pMK
hE0IikS79FMIDvP89TC03RhhtGS5jhOo6nAMEy4EMZwG7JOkqg6Utpkhiu0JDB7X
iQKYSNrWz+hRqpL0n4G5KMs+HIpzJtsFJYemAh4Klhf//+JVYTU871cypw3DL9le
kA27YqfHlDWO8lt+t4K7UuA21ckmtgnUywLLe6m3o69EIQOL5OHEMnwt3WQdy2QO
t+mRojYbwiC8b7jmufWhCtiGb1OQhB33+JWdNt26iKkoYPufaMpSbI4yuQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKiPBWz6PVvCWcWj+0AqQ24XQJ72MB8GA1UdIwQY
MBaAFKVwicRcVQiP6Q62EALwfw+VhiZyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhDSnhGeFZDSV9wRHJZUUF2Ql9ENVdHSm5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9jM2Y0YTItOGI4ZS00OWEzLWFhOWYt
ZDkyZDY0YjlmODAxLzEvcUk4RmJQbzlXOEpaeGFQN1FDcERiaGRBbnZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9jM2Y0YTItOGI4ZS00OWEzLWFhOWYtZDkyZDY0YjlmODAx
LzEvcFhDSnhGeFZDSV9wRHJZUUF2Ql9ENVdHSm5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAsHfEMA0E
AgACMAcDBQMqBmhAMA0GCSqGSIb3DQEBCwUAA4IBAQBidjuY2iy4DF8bJMKYZvqI
9wvjuKzh0jVggrbD1jMtLyISO3L5OK2l2uGqGcyfKBsqySIx/4q0lNOFMHW2AOfS
y8ICI8g1FlkhNjUyp8Mk06J+M6oc+soGIOWVza48GS+3Gz4qDtHJopCPyhDZlAa5
49VcvdCtrLSprRdnTu/dcDmVm6Awji6a1ijEQmaMfVhMdYlF4PJF66d+yKgKcae3
MVpKHt2OBNGi75S2P49Xwc0ilIb5LfmTV3qoVc7236747AuIYDDQ+nKzQTsKxuVU
+0xM1HLtLS0c5u0BXnseJquspEaAuYNHh+bmFMLVBylr9xxSfC0AC5K15KubzvUg
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:35:58 2025 by rpki-client