Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/b44a03-4472-4315-8758-7544df3004b2/1/rQbDiiM0M-Pi3brfeUicPwb8shc.roa
File: rQbDiiM0M-Pi3brfeUicPwb8shc.roa (raw, json)
Hash identifier: 8llmCTOotnZOwQFBU5EydAPXgS/N2eSpMIbY111laVw=
Subject key identifier: AD:06:C3:8A:23:34:33:E3:E2:DD:BA:DF:79:48:9C:3F:06:FC:B2:17
Certificate issuer: /CN=a8f02318f2ce972e72408cccc7d320af30cd2b0d
Certificate serial: 052AE8D3
Authority key identifier: A8:F0:23:18:F2:CE:97:2E:72:40:8C:CC:C7:D3:20:AF:30:CD:2B:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qPAjGPLOly5yQIzMx9MgrzDNKw0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/b44a03-4472-4315-8758-7544df3004b2/1/rQbDiiM0M-Pi3brfeUicPwb8shc.roa
Signing time: Sat 01 Jan 2022 06:02:43 +0000
ROA not before: Sat 01 Jan 2022 06:02:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20493
IP address blocks: 193.108.21.0/24 maxlen: 24
185.113.160.0/22 maxlen: 24
2a06:6a00::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86698195 (0x52ae8d3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8f02318f2ce972e72408cccc7d320af30cd2b0d
Validity
Not Before: Jan 1 06:02:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ad06c38a233433e3e2ddbadf79489c3f06fcb217
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:c5:d7:94:6a:5d:33:d9:f5:14:13:0b:b1:a7:
c2:d2:db:44:ab:42:eb:af:27:b9:94:93:0c:e9:10:
17:13:9d:62:f8:90:48:16:b1:fb:45:79:75:cb:93:
26:b0:94:52:dd:04:1e:93:03:19:c7:2b:f7:f6:aa:
77:d7:62:c8:d0:69:53:34:04:b3:84:52:1e:b8:26:
96:bc:00:dd:1b:54:53:19:1e:4c:f2:d8:ef:ef:25:
b4:bb:16:34:67:1a:33:f2:75:20:89:57:be:5b:de:
37:37:10:8a:b3:cb:2e:53:fd:fc:68:80:1f:8f:a5:
c3:30:ae:83:06:5d:9e:6c:8f:d8:79:b3:87:57:ab:
ab:dd:55:2b:2b:bb:6d:88:df:2d:34:5b:38:43:81:
98:ad:69:b8:5a:eb:d1:6d:21:29:80:da:11:f6:9b:
b8:8e:2d:74:9f:95:e7:4a:f9:26:cd:6f:8b:86:7e:
5f:e8:1d:a3:f9:43:7e:4a:80:d8:c5:4b:73:9c:61:
12:f1:8e:5f:e7:c8:f2:55:16:58:35:50:cf:dc:9e:
83:4e:b6:04:27:f2:72:03:81:eb:d6:c5:ca:ec:6d:
0c:f3:42:ec:18:3a:e6:e1:c1:ef:04:b1:fc:51:df:
72:b9:05:e9:d5:27:4c:9c:d6:55:9a:03:40:a4:f3:
d4:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:06:C3:8A:23:34:33:E3:E2:DD:BA:DF:79:48:9C:3F:06:FC:B2:17
X509v3 Authority Key Identifier:
keyid:A8:F0:23:18:F2:CE:97:2E:72:40:8C:CC:C7:D3:20:AF:30:CD:2B:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qPAjGPLOly5yQIzMx9MgrzDNKw0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/b44a03-4472-4315-8758-7544df3004b2/1/rQbDiiM0M-Pi3brfeUicPwb8shc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/b44a03-4472-4315-8758-7544df3004b2/1/qPAjGPLOly5yQIzMx9MgrzDNKw0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.113.160.0/22
193.108.21.0/24
IPv6:
2a06:6a00::/29
Signature Algorithm: sha256WithRSAEncryption
32:cb:4c:6d:33:60:8c:f1:4b:2f:56:07:cf:68:69:b5:1a:81:
a9:82:36:38:40:68:4c:a3:c6:8f:a1:79:ba:6c:74:f8:cb:8c:
d3:4e:4b:26:0f:4c:a4:30:de:dc:1b:f3:38:2f:bf:59:07:2c:
b0:51:62:1e:bc:24:d2:aa:fe:db:85:2d:10:fd:af:15:9d:b6:
ce:07:54:e1:33:79:97:a5:7d:7e:74:59:c4:cf:ad:62:1b:d3:
64:3a:40:04:f4:0a:38:a2:3d:5e:6c:e0:54:9b:d3:26:c0:fa:
3d:4a:7b:7a:bf:ba:f7:79:23:55:3e:ac:98:12:7d:69:89:93:
23:29:32:35:6a:d0:e0:9f:b2:c8:97:02:38:3c:25:91:97:9f:
8f:ca:fb:74:39:44:55:4d:6c:11:7f:22:10:ab:29:4a:d0:8b:
3e:f3:39:4d:0a:e6:d5:0f:24:2c:a2:5c:4f:66:bd:d5:76:f6:
95:c1:cf:f3:92:92:e8:8a:90:7e:25:b2:b2:be:f6:6b:d3:d4:
34:1e:a0:50:2f:ff:72:87:3e:c6:b3:b8:09:6c:0f:52:00:da:
52:fc:69:b7:a6:10:c8:cf:0d:20:f9:c3:25:91:44:d0:7e:39:
3f:87:47:9f:4d:80:17:2f:19:0a:4d:d9:d1:2c:c3:88:7f:36:
b1:89:70:75
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEBSro0zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
OGYwMjMxOGYyY2U5NzJlNzI0MDhjY2NjN2QzMjBhZjMwY2QyYjBkMB4XDTIyMDEw
MTA2MDI0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWQwNmMzOGEyMzM0
MzNlM2UyZGRiYWRmNzk0ODljM2YwNmZjYjIxNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANTF15RqXTPZ9RQTC7GnwtLbRKtC668nuZSTDOkQFxOdYviQ
SBax+0V5dcuTJrCUUt0EHpMDGccr9/aqd9diyNBpUzQEs4RSHrgmlrwA3RtUUxke
TPLY7+8ltLsWNGcaM/J1IIlXvlveNzcQirPLLlP9/GiAH4+lwzCugwZdnmyP2Hmz
h1erq91VKyu7bYjfLTRbOEOBmK1puFrr0W0hKYDaEfabuI4tdJ+V50r5Js1vi4Z+
X+gdo/lDfkqA2MVLc5xhEvGOX+fI8lUWWDVQz9yeg062BCfycgOB69bFyuxtDPNC
7Bg65uHB7wSx/FHfcrkF6dUnTJzWVZoDQKTz1OkCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBStBsOKIzQz4+Ldut95SJw/BvyyFzAfBgNVHSMEGDAWgBSo8CMY8s6XLnJA
jMzH0yCvMM0rDTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FQQWpHUExPbHk1eVFJek14OU1ncnpETkt3MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWEvYjQ0YTAzLTQ0NzItNDMxNS04NzU4LTc1NDRkZjMwMDRiMi8x
L3JRYkRpaU0wTS1QaTNicmZlVWljUHdiOHNoYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWEv
YjQ0YTAzLTQ0NzItNDMxNS04NzU4LTc1NDRkZjMwMDRiMi8xL3FQQWpHUExPbHk1
eVFJek14OU1ncnpETkt3MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEArlxoAMEAMFsFTANBAIAAjAHAwUD
KgZqADANBgkqhkiG9w0BAQsFAAOCAQEAMstMbTNgjPFLL1YHz2hptRqBqYI2OEBo
TKPGj6F5umx0+MuM005LJg9MpDDe3BvzOC+/WQcssFFiHrwk0qr+24UtEP2vFZ22
zgdU4TN5l6V9fnRZxM+tYhvTZDpABPQKOKI9XmzgVJvTJsD6PUp7er+693kjVT6s
mBJ9aYmTIykyNWrQ4J+yyJcCODwlkZefj8r7dDlEVU1sEX8iEKspStCLPvM5TQrm
1Q8kLKJcT2a91Xb2lcHP85KS6IqQfiWysr72a9PUNB6gUC//coc+xrO4CWwPUgDa
Uvxpt6YQyM8NIPnDJZFE0H45P4dHn02AFy8ZCk3Z0SzDiH82sYlwdQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:41:10 2025 by rpki-client