Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/78b1a7-9fbd-4f6f-8eb4-7b622ddf84f4/1/qWHBqGV961g23_D3fqQKU8hkZI0.roa
File: qWHBqGV961g23_D3fqQKU8hkZI0.roa (raw, json)
Hash identifier: PK2pmdgiLV1THh+uUPMhZrIpk5N2st5eMIPvVEF6ohE=
Subject key identifier: A9:61:C1:A8:65:7D:EB:58:36:DF:F0:F7:7E:A4:0A:53:C8:64:64:8D
Certificate issuer: /CN=588394e3910d94a7bf0a78a0f302d02ae9907273
Certificate serial: 0185719E7645A8C674010177536906C255A5
Authority key identifier: 58:83:94:E3:91:0D:94:A7:BF:0A:78:A0:F3:02:D0:2A:E9:90:72:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIOU45ENlKe_Cnig8wLQKumQcnM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/78b1a7-9fbd-4f6f-8eb4-7b622ddf84f4/1/qWHBqGV961g23_D3fqQKU8hkZI0.roa
Signing time: Mon 02 Jan 2023 08:34:48 +0000
ROA not before: Mon 02 Jan 2023 08:34:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56851
IP address blocks: 193.111.60.0/22 maxlen: 24
31.131.16.0/20 maxlen: 24
2001:67c:15e4::/48 maxlen: 48
2001:67c:15f0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:9e:76:45:a8:c6:74:01:01:77:53:69:06:c2:55:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=588394e3910d94a7bf0a78a0f302d02ae9907273
Validity
Not Before: Jan 2 08:34:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a961c1a8657deb5836dff0f77ea40a53c864648d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:6b:69:33:e0:4c:ad:66:8a:d3:98:1c:ab:45:
ed:de:5c:b3:cb:df:8f:0d:2c:8d:da:43:e3:94:26:
57:40:2c:e9:2d:2b:e8:b5:3e:b7:4d:8b:35:93:6a:
b5:b6:70:94:1f:50:4e:be:6d:ff:87:bc:c1:4f:af:
b3:3f:5d:b1:87:ef:af:5f:5e:b7:5d:74:d2:64:60:
8e:62:2d:82:1c:78:ca:fb:3e:e4:ac:05:9b:f1:23:
4e:e8:44:27:ce:1a:97:ac:71:a6:66:33:cc:c6:cd:
37:e2:69:ba:00:56:7f:93:43:50:09:45:df:da:71:
1a:a9:93:5b:25:58:91:25:87:87:93:82:90:5f:76:
8c:25:83:9c:a3:07:19:a1:5a:dc:05:a7:00:40:01:
40:4b:f0:b4:c9:bb:a3:66:6d:43:c4:59:09:c7:0a:
56:04:2f:de:02:44:dd:84:8b:8d:a0:ef:3f:b6:f2:
a2:cb:07:b1:dc:42:39:98:cd:bd:3b:ab:bc:ae:19:
5c:c0:8a:08:9b:bf:99:40:3f:94:28:55:35:4a:62:
b4:f8:6b:39:bf:8b:e4:5e:3f:5a:b4:94:d4:7f:84:
b7:7b:af:33:3d:22:92:e7:62:63:86:45:bb:6d:65:
2f:9f:c9:e5:a9:15:87:07:de:47:16:da:7a:d1:e7:
4b:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:61:C1:A8:65:7D:EB:58:36:DF:F0:F7:7E:A4:0A:53:C8:64:64:8D
X509v3 Authority Key Identifier:
keyid:58:83:94:E3:91:0D:94:A7:BF:0A:78:A0:F3:02:D0:2A:E9:90:72:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIOU45ENlKe_Cnig8wLQKumQcnM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/78b1a7-9fbd-4f6f-8eb4-7b622ddf84f4/1/qWHBqGV961g23_D3fqQKU8hkZI0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/78b1a7-9fbd-4f6f-8eb4-7b622ddf84f4/1/WIOU45ENlKe_Cnig8wLQKumQcnM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.131.16.0/20
193.111.60.0/22
IPv6:
2001:67c:15e4::/48
2001:67c:15f0::/48
Signature Algorithm: sha256WithRSAEncryption
2e:51:5c:36:21:06:a2:ab:3a:4c:17:e4:bc:88:de:a3:ab:94:
0c:b5:68:d0:b1:24:79:dc:84:93:1b:2b:91:68:fc:8f:88:b5:
07:77:b5:5d:fc:4f:c6:f6:da:7d:5c:e4:65:e8:bd:24:ae:8e:
7b:28:05:f6:11:99:38:cb:f4:d4:53:70:e3:5d:ea:63:38:5c:
75:d1:d1:39:ed:42:8c:e4:df:ea:57:dc:ef:ae:8d:f2:95:8a:
9f:16:8c:5f:8e:d8:c9:17:40:5b:ec:49:ec:2c:bc:ab:cb:54:
68:f0:81:b8:aa:b0:45:e1:4b:ae:d7:b9:48:02:dd:99:26:38:
f5:46:9b:af:95:e4:9a:fb:fc:2e:f1:ab:a1:5d:ea:d6:27:0a:
6b:99:3c:71:ca:79:66:d5:15:46:8e:9a:f1:45:84:24:dd:9c:
68:09:bd:78:c2:d8:ae:dd:0c:dd:cc:8c:88:f2:2b:4a:25:48:
92:47:f8:27:6a:05:b5:f4:c6:88:d9:40:59:b2:82:54:e2:c5:
ad:8a:f8:9a:cb:70:3d:de:30:ba:76:b4:8f:7a:23:fe:be:a3:
92:d2:4f:c1:71:a9:41:7c:97:ca:e8:2c:c6:47:0d:2a:be:a4:
68:20:51:de:14:9f:25:36:58:86:f3:09:79:57:b9:a6:f9:9d:
83:6e:03:81
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVxnnZFqMZ0AQF3U2kGwlWlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODM5NGUzOTEwZDk0YTdiZjBhNzhhMGYzMDJkMDJhZTk5
MDcyNzMwHhcNMjMwMTAyMDgzNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTYxYzFhODY1N2RlYjU4MzZkZmYwZjc3ZWE0MGE1M2M4NjQ2NDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2tpM+BMrWaK05gcq0Xt3lyzy9+P
DSyN2kPjlCZXQCzpLSvotT63TYs1k2q1tnCUH1BOvm3/h7zBT6+zP12xh++vX163
XXTSZGCOYi2CHHjK+z7krAWb8SNO6EQnzhqXrHGmZjPMxs034mm6AFZ/k0NQCUXf
2nEaqZNbJViRJYeHk4KQX3aMJYOcowcZoVrcBacAQAFAS/C0ybujZm1DxFkJxwpW
BC/eAkTdhIuNoO8/tvKiywex3EI5mM29O6u8rhlcwIoIm7+ZQD+UKFU1SmK0+Gs5
v4vkXj9atJTUf4S3e68zPSKS52JjhkW7bWUvn8nlqRWHB95HFtp60edLbwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFKlhwahlfetYNt/w936kClPIZGSNMB8GA1UdIwQY
MBaAFFiDlOORDZSnvwp4oPMC0CrpkHJzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lPVTQ1RU5sS2VfQ25pZzh3TFFLdW1RY25NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS83OGIxYTctOWZiZC00ZjZmLThlYjQt
N2I2MjJkZGY4NGY0LzEvcVdIQnFHVjk2MWcyM19EM2ZxUUtVOGhrWkkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS83OGIxYTctOWZiZC00ZjZmLThlYjQtN2I2MjJkZGY4NGY0
LzEvV0lPVTQ1RU5sS2VfQ25pZzh3TFFLdW1RY25NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQEH4MQAwQC
wW88MBgEAgACMBIDBwAgAQZ8FeQDBwAgAQZ8FfAwDQYJKoZIhvcNAQELBQADggEB
AC5RXDYhBqKrOkwX5LyI3qOrlAy1aNCxJHnchJMbK5Fo/I+ItQd3tV38T8b22n1c
5GXovSSujnsoBfYRmTjL9NRTcONd6mM4XHXR0TntQozk3+pX3O+ujfKVip8WjF+O
2MkXQFvsSewsvKvLVGjwgbiqsEXhS67XuUgC3ZkmOPVGm6+V5Jr7/C7xq6Fd6tYn
CmuZPHHKeWbVFUaOmvFFhCTdnGgJvXjC2K7dDN3MjIjyK0olSJJH+CdqBbX0xojZ
QFmyglTixa2K+JrLcD3eMLp2tI96I/6+o5LST8FxqUF8l8roLMZHDSq+pGggUd4U
nyU2WIbzCXlXuab5nYNuA4E=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:02:26 2025 by rpki-client