Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/d67b7b-c798-4901-80f9-e3834516fc08/1/qT2TVIkMv72prnAS7SXxLY2727U.roa
File: qT2TVIkMv72prnAS7SXxLY2727U.roa (raw, json)
Hash identifier: X8f6YbiqbQwKtgE+eCv2ZicXHgPoh7AjZsQNAV1fu2c=
Subject key identifier: A9:3D:93:54:89:0C:BF:BD:A9:AE:70:12:ED:25:F1:2D:8D:BB:DB:B5
Certificate issuer: /CN=58d2d2715f43f747bea762dce166bca4b8e965eb
Certificate serial: 40378D95
Authority key identifier: 58:D2:D2:71:5F:43:F7:47:BE:A7:62:DC:E1:66:BC:A4:B8:E9:65:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WNLScV9D90e-p2Lc4Wa8pLjpZes.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/d67b7b-c798-4901-80f9-e3834516fc08/1/qT2TVIkMv72prnAS7SXxLY2727U.roa
Signing time: Sat 01 Jan 2022 06:04:38 +0000
ROA not before: Sat 01 Jan 2022 06:04:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6724
IP address blocks: 81.169.128.0/17 maxlen: 24
194.45.97.0/24 maxlen: 24
193.141.3.0/24 maxlen: 24
192.67.197.0/24 maxlen: 24
192.67.198.0/24 maxlen: 24
185.56.148.0/22 maxlen: 24
85.214.0.0/15 maxlen: 24
2a01:238::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1077382549 (0x40378d95)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58d2d2715f43f747bea762dce166bca4b8e965eb
Validity
Not Before: Jan 1 06:04:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a93d9354890cbfbda9ae7012ed25f12d8dbbdbb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:cb:4c:e3:42:12:e1:ce:c6:19:57:b3:20:c1:
76:c6:db:2a:a2:ce:ed:a2:96:33:8d:19:0b:25:ef:
3e:25:f9:62:64:21:ee:fa:c7:2d:7a:94:31:c4:62:
b3:09:70:85:a1:e5:35:ae:72:b2:0c:05:7f:d3:5a:
c3:cc:b7:a5:c3:85:f8:d5:b2:08:a6:59:9b:83:8b:
87:26:fa:7b:d5:9c:88:9e:f4:6f:44:df:d1:ab:ce:
a3:33:9e:75:e7:06:7a:f6:ad:12:29:f3:69:64:c3:
8a:e9:18:66:bc:51:69:4d:61:e5:e2:72:90:69:75:
6e:c8:4f:ae:c5:34:5f:3d:d8:67:56:ca:9f:da:ec:
74:15:7d:b8:d1:ac:68:00:33:07:1e:2a:b4:d6:b1:
c6:79:78:cf:ff:92:ea:a9:29:61:5c:02:99:e6:c7:
79:3c:2f:4d:50:ae:8c:75:b9:31:ae:cd:33:1c:a5:
2b:1f:71:4b:82:06:45:91:c8:27:59:d3:e9:c2:af:
88:60:3a:7f:c5:1e:f0:fa:8c:8a:dd:8f:2c:d1:d8:
16:f2:57:7a:c6:84:fd:2f:50:41:b9:32:07:5c:02:
04:0f:eb:86:af:72:25:7d:1d:ea:09:7d:6d:4e:17:
0f:97:5f:04:52:08:6d:ad:b7:11:f5:20:75:2c:97:
2d:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:3D:93:54:89:0C:BF:BD:A9:AE:70:12:ED:25:F1:2D:8D:BB:DB:B5
X509v3 Authority Key Identifier:
keyid:58:D2:D2:71:5F:43:F7:47:BE:A7:62:DC:E1:66:BC:A4:B8:E9:65:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WNLScV9D90e-p2Lc4Wa8pLjpZes.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/d67b7b-c798-4901-80f9-e3834516fc08/1/qT2TVIkMv72prnAS7SXxLY2727U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/d67b7b-c798-4901-80f9-e3834516fc08/1/WNLScV9D90e-p2Lc4Wa8pLjpZes.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.169.128.0/17
85.214.0.0/15
185.56.148.0/22
192.67.197.0-192.67.198.255
193.141.3.0/24
194.45.97.0/24
IPv6:
2a01:238::/29
Signature Algorithm: sha256WithRSAEncryption
76:eb:25:14:64:07:5b:b1:c2:64:06:5c:ae:45:a5:6f:46:84:
84:a4:4e:a1:93:72:3f:5d:75:38:fb:0e:32:b2:e7:af:ac:35:
63:77:fe:75:0e:56:b8:30:bb:a3:0f:0d:fa:e5:b1:35:42:6f:
00:08:c8:4e:5b:37:30:c3:e0:fc:51:a7:ec:42:2c:68:fb:df:
93:89:cc:34:f0:ce:1b:7a:67:01:a2:2b:c4:50:87:1d:e5:f6:
ea:ae:5b:12:dd:bf:33:9d:af:d1:6c:2f:be:31:61:de:1b:87:
1c:0c:e2:00:00:87:95:3b:6d:24:29:5f:0a:4a:72:fa:b1:16:
95:ad:86:37:65:0b:38:56:e8:f0:93:1c:57:db:89:6e:5b:4d:
37:f4:94:91:43:89:d7:e9:09:a1:76:fc:a8:6b:b6:e5:66:ed:
03:c5:57:6e:74:4c:36:94:19:2b:03:6b:d2:ce:d8:18:c9:fd:
6c:70:67:4f:4d:db:57:88:08:e1:7a:d6:4d:2b:11:99:3c:1e:
05:a8:81:94:a9:a3:0f:e7:cf:49:ce:a9:19:f3:b8:7a:f3:95:
15:5d:09:30:a0:12:c0:6b:a7:14:30:b4:f4:03:92:0d:b9:38:
dc:e4:a8:84:5a:7e:ab:87:4f:ed:80:a9:5d:96:60:6b:bf:3d:
66:fe:b1:1c
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIEQDeNlTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
OGQyZDI3MTVmNDNmNzQ3YmVhNzYyZGNlMTY2YmNhNGI4ZTk2NWViMB4XDTIyMDEw
MTA2MDQzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTkzZDkzNTQ4OTBj
YmZiZGE5YWU3MDEyZWQyNWYxMmQ4ZGJiZGJiNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK3LTONCEuHOxhlXsyDBdsbbKqLO7aKWM40ZCyXvPiX5YmQh
7vrHLXqUMcRiswlwhaHlNa5ysgwFf9Naw8y3pcOF+NWyCKZZm4OLhyb6e9WciJ70
b0Tf0avOozOedecGevatEinzaWTDiukYZrxRaU1h5eJykGl1bshPrsU0Xz3YZ1bK
n9rsdBV9uNGsaAAzBx4qtNaxxnl4z/+S6qkpYVwCmebHeTwvTVCujHW5Ma7NMxyl
Kx9xS4IGRZHIJ1nT6cKviGA6f8Ue8PqMit2PLNHYFvJXesaE/S9QQbkyB1wCBA/r
hq9yJX0d6gl9bU4XD5dfBFIIba23EfUgdSyXLXUCAwEAAaOCAj0wggI5MB0GA1Ud
DgQWBBSpPZNUiQy/vamucBLtJfEtjbvbtTAfBgNVHSMEGDAWgBRY0tJxX0P3R76n
YtzhZrykuOll6zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dOTFNjVjlEOTBlLXAyTGM0V2E4cExqcFplcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGEvZDY3YjdiLWM3OTgtNDkwMS04MGY5LWUzODM0NTE2ZmMwOC8x
L3FUMlRWSWtNdjcycHJuQVM3U1h4TFkyNzI3VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGEv
ZDY3YjdiLWM3OTgtNDkwMS04MGY5LWUzODM0NTE2ZmMwOC8xL1dOTFNjVjlEOTBl
LXAyTGM0V2E4cExqcFplcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBT
BggrBgEFBQcBBwEB/wREMEIwMQQCAAEwKwMEB1GpgAMDAVXWAwQCuTiUMAwDBADA
Q8UDBADAQ8YDBADBjQMDBADCLWEwDQQCAAIwBwMFAyoBAjgwDQYJKoZIhvcNAQEL
BQADggEBAHbrJRRkB1uxwmQGXK5FpW9GhISkTqGTcj9ddTj7DjKy56+sNWN3/nUO
Vrgwu6MPDfrlsTVCbwAIyE5bNzDD4PxRp+xCLGj735OJzDTwzht6ZwGiK8RQhx3l
9uquWxLdvzOdr9FsL74xYd4bhxwM4gAAh5U7bSQpXwpKcvqxFpWthjdlCzhW6PCT
HFfbiW5bTTf0lJFDidfpCaF2/KhrtuVm7QPFV250TDaUGSsDa9LO2BjJ/WxwZ09N
21eICOF61k0rEZk8HgWogZSpow/nz0nOqRnzuHrzlRVdCTCgEsBrpxQwtPQDkg25
ONzkqIRafquHT+2AqV2WYGu/PWb+sRw=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:42:28 2025 by rpki-client