Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/3ef96e-f8a6-4f9b-9bc7-fe26e899deb8/1/QOp3ndjCu9jstOvur-UcdDpNa90.roa
File: QOp3ndjCu9jstOvur-UcdDpNa90.roa (raw, json)
Hash identifier: y+JivaXQSS/X9F/ruaLaq0ptbYF8SBjW2PAYTA6hrEY=
Subject key identifier: 40:EA:77:9D:D8:C2:BB:D8:EC:B4:EB:EE:AF:E5:1C:74:3A:4D:6B:DD
Certificate issuer: /CN=20f81274f66bde89f12c243d09a9edc3e5b1e229
Certificate serial: 015CAF
Authority key identifier: 20:F8:12:74:F6:6B:DE:89:F1:2C:24:3D:09:A9:ED:C3:E5:B1:E2:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IPgSdPZr3onxLCQ9Cantw-Wx4ik.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/3ef96e-f8a6-4f9b-9bc7-fe26e899deb8/1/QOp3ndjCu9jstOvur-UcdDpNa90.roa
Signing time: Thu 09 Jun 2022 18:10:30 +0000
ROA not before: Thu 09 Jun 2022 18:10:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207568
IP address blocks: 2.57.222.0/23 maxlen: 23
2a09:d9c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89263 (0x15caf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20f81274f66bde89f12c243d09a9edc3e5b1e229
Validity
Not Before: Jun 9 18:10:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=40ea779dd8c2bbd8ecb4ebeeafe51c743a4d6bdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:fa:78:5d:a0:5c:c6:76:7d:fc:9f:9b:78:c0:
cd:97:fd:07:0f:37:09:5c:ed:97:69:df:f9:0a:5c:
d9:81:22:6c:c4:02:1c:dc:52:19:0e:15:5e:dd:cb:
41:4c:ff:63:b4:72:a5:96:10:4e:d3:da:c0:2f:2e:
be:75:64:30:40:65:93:d6:6e:0e:f8:f4:d7:48:17:
18:bf:9a:2d:d1:87:1b:80:9d:b0:41:65:97:f4:13:
6b:09:14:1b:42:3d:c9:7d:ad:58:53:e4:98:77:fe:
4b:50:e0:d7:bb:08:2d:0f:82:f3:96:cb:34:3b:73:
40:35:c9:66:92:8c:d4:0f:98:8e:b7:36:79:17:cd:
03:23:a9:80:19:d9:45:b3:b1:b5:ac:fe:a3:9a:c5:
0c:bb:b6:07:a8:41:83:f4:b9:75:26:2a:e6:db:9f:
cc:60:e5:83:22:8d:42:1b:fa:ad:8f:8e:84:1f:1b:
ad:33:35:d7:20:2a:a5:2f:56:d9:71:7b:01:f9:85:
30:2b:3a:33:86:98:a4:ba:7c:15:d6:71:b3:60:a9:
1f:70:f0:19:1b:bc:d7:93:11:69:31:c1:7c:2a:04:
a8:7d:e7:eb:5f:5d:3e:1b:90:cd:99:b5:8e:da:76:
b9:b1:a7:77:1e:de:fd:9f:9a:da:4a:09:9d:2f:97:
45:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:EA:77:9D:D8:C2:BB:D8:EC:B4:EB:EE:AF:E5:1C:74:3A:4D:6B:DD
X509v3 Authority Key Identifier:
keyid:20:F8:12:74:F6:6B:DE:89:F1:2C:24:3D:09:A9:ED:C3:E5:B1:E2:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IPgSdPZr3onxLCQ9Cantw-Wx4ik.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/3ef96e-f8a6-4f9b-9bc7-fe26e899deb8/1/QOp3ndjCu9jstOvur-UcdDpNa90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/3ef96e-f8a6-4f9b-9bc7-fe26e899deb8/1/IPgSdPZr3onxLCQ9Cantw-Wx4ik.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.222.0/23
IPv6:
2a09:d9c0::/32
Signature Algorithm: sha256WithRSAEncryption
70:d4:18:af:d3:46:b9:96:cd:e6:ef:be:01:58:3e:bb:7b:5a:
cb:f4:68:51:f6:74:f0:96:d2:04:1d:a3:08:98:3b:6d:f8:5e:
cc:68:16:a5:74:fb:24:19:cc:0b:e1:e0:9f:71:19:0c:45:77:
d7:33:24:74:91:10:e1:c6:a9:f3:de:3f:3b:b2:fc:7e:c3:28:
f1:d9:b9:c4:5d:a2:e8:76:9b:b6:78:3c:f5:9a:c7:99:df:b6:
c0:39:99:ff:30:91:07:92:d3:24:e4:00:f5:32:1b:cb:0d:a6:
72:bb:86:4f:cc:30:e8:a4:71:15:4a:12:f0:85:c8:ad:e9:b2:
00:4e:8e:ef:a9:d0:34:53:9e:77:e7:eb:37:eb:71:e6:97:b0:
89:be:5d:c6:b4:23:db:0d:98:e1:02:a2:b8:99:d8:32:54:2b:
13:eb:d4:00:0c:24:11:42:79:6a:b2:40:ed:a3:c2:8c:74:23:
01:1d:2d:f2:a9:fb:5b:e4:34:35:e9:36:62:c6:d8:4c:13:12:
f9:e4:41:ea:cd:50:9c:c3:a8:8a:7d:5e:d4:c4:a9:bc:5d:8a:
45:c4:17:1d:45:f3:e3:9d:4b:d8:1e:8a:da:8b:9f:c7:d4:ab:
ff:0d:04:f6:c0:f1:6d:be:76:51:44:01:4c:35:75:cb:95:a9:
de:a4:0e:b7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIDAVyvMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDIw
ZjgxMjc0ZjY2YmRlODlmMTJjMjQzZDA5YTllZGMzZTViMWUyMjkwHhcNMjIwNjA5
MTgxMDMwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg0MGVhNzc5ZGQ4YzJi
YmQ4ZWNiNGViZWVhZmU1MWM3NDNhNGQ2YmRkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA4Pp4XaBcxnZ9/J+beMDNl/0HDzcJXO2Xad/5ClzZgSJsxAIc
3FIZDhVe3ctBTP9jtHKllhBO09rALy6+dWQwQGWT1m4O+PTXSBcYv5ot0YcbgJ2w
QWWX9BNrCRQbQj3Jfa1YU+SYd/5LUODXuwgtD4Lzlss0O3NANclmkozUD5iOtzZ5
F80DI6mAGdlFs7G1rP6jmsUMu7YHqEGD9Ll1Jirm25/MYOWDIo1CG/qtj46EHxut
MzXXICqlL1bZcXsB+YUwKzozhpikunwV1nGzYKkfcPAZG7zXkxFpMcF8KgSofefr
X10+G5DNmbWO2na5sad3Ht79n5raSgmdL5dFMwIDAQABo4ICGDCCAhQwHQYDVR0O
BBYEFEDqd53YwrvY7LTr7q/lHHQ6TWvdMB8GA1UdIwQYMBaAFCD4EnT2a96J8Swk
PQmp7cPlseIpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
SVBnU2RQWnIzb254TENROUNhbnR3LVd4NGlrLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC85Yi8zZWY5NmUtZjhhNi00ZjliLTliYzctZmUyNmU4OTlkZWI4LzEv
UU9wM25kakN1OWpzdE92dXItVWNkRHBOYTkwLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8z
ZWY5NmUtZjhhNi00ZjliLTliYzctZmUyNmU4OTlkZWI4LzEvSVBnU2RQWnIzb254
TENROUNhbnR3LVd4NGlrLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4G
CCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBAjneMA0EAgACMAcDBQAqCdnAMA0G
CSqGSIb3DQEBCwUAA4IBAQBw1Biv00a5ls3m774BWD67e1rL9GhR9nTwltIEHaMI
mDtt+F7MaBaldPskGcwL4eCfcRkMRXfXMyR0kRDhxqnz3j87svx+wyjx2bnEXaLo
dpu2eDz1mseZ37bAOZn/MJEHktMk5AD1MhvLDaZyu4ZPzDDopHEVShLwhcit6bIA
To7vqdA0U5535+s363Hml7CJvl3GtCPbDZjhAqK4mdgyVCsT69QADCQRQnlqskDt
o8KMdCMBHS3yqftb5DQ16TZixthMExL55EHqzVCcw6iKfV7UxKm8XYpFxBcdRfPj
nUvYHorai5/H1Kv/DQT2wPFtvnZRRAFMNXXLlanepA63
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:15:29 2025 by rpki-client