Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/1b9185-40b5-490b-9af8-55c140c9f54f/1/4qgDAG3bgLUgo2lY8FszoddBKaE.roa
File: 4qgDAG3bgLUgo2lY8FszoddBKaE.roa (raw, json)
Hash identifier: ZpOW4iwha9t9+ueQdzR/Oupx+kX0tgcMykCv7Oh7O4U=
Subject key identifier: E2:A8:03:00:6D:DB:80:B5:20:A3:69:58:F0:5B:33:A1:D7:41:29:A1
Certificate issuer: /CN=a82c9bc2d2dacfd6f130d85a84fedeabf179a567
Certificate serial: 01856DDD45D7B42C50C8A8A63D68ED4E915C
Authority key identifier: A8:2C:9B:C2:D2:DA:CF:D6:F1:30:D8:5A:84:FE:DE:AB:F1:79:A5:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qCybwtLaz9bxMNhahP7eq_F5pWc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/1b9185-40b5-490b-9af8-55c140c9f54f/1/4qgDAG3bgLUgo2lY8FszoddBKaE.roa
Signing time: Sun 01 Jan 2023 15:04:55 +0000
ROA not before: Sun 01 Jan 2023 15:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1881
IP address blocks: 143.118.0.0/16 maxlen: 16
2001:1400::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:dd:45:d7:b4:2c:50:c8:a8:a6:3d:68:ed:4e:91:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a82c9bc2d2dacfd6f130d85a84fedeabf179a567
Validity
Not Before: Jan 1 15:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e2a803006ddb80b520a36958f05b33a1d74129a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:dc:e8:b5:83:49:19:a5:6e:34:dc:58:ca:10:
52:5d:91:f1:40:26:dd:9f:eb:92:da:5f:00:88:2d:
71:d4:53:e5:ba:93:42:54:26:5e:aa:e6:1e:07:94:
b0:d7:16:76:e6:f7:3d:7e:18:38:05:af:2c:18:4d:
0a:3a:ae:eb:32:e3:10:61:57:98:0c:7d:4a:bd:87:
20:14:1a:76:15:ec:ab:92:45:68:08:1f:78:9e:ad:
b3:be:61:cf:52:ed:86:3d:ed:fa:2c:01:8e:1c:6b:
cf:c3:b4:db:22:2b:2a:1c:af:7f:2d:50:2f:57:6c:
f8:06:d9:9c:fd:7a:bc:0d:03:93:cb:b2:6c:da:b1:
2c:2d:51:35:60:20:49:8d:00:c8:13:96:8c:88:dc:
11:7f:5a:8e:6b:e3:2b:28:64:29:a7:63:c9:d0:bc:
f7:27:19:f4:5d:f8:fc:ff:bb:47:8d:9d:44:79:d1:
0b:03:99:01:6e:f5:44:96:96:2a:e9:3b:7d:d3:69:
7a:69:6c:fd:aa:01:f5:48:2c:e0:42:c8:20:68:5f:
3a:19:9d:ec:4d:02:71:bc:80:c1:87:c4:56:ed:48:
89:18:55:f4:8c:e9:3e:f7:fd:bf:cc:04:ba:e3:2a:
cc:c8:30:f4:15:48:13:94:f2:16:6c:f4:ee:b6:9a:
37:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:A8:03:00:6D:DB:80:B5:20:A3:69:58:F0:5B:33:A1:D7:41:29:A1
X509v3 Authority Key Identifier:
keyid:A8:2C:9B:C2:D2:DA:CF:D6:F1:30:D8:5A:84:FE:DE:AB:F1:79:A5:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qCybwtLaz9bxMNhahP7eq_F5pWc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/1b9185-40b5-490b-9af8-55c140c9f54f/1/4qgDAG3bgLUgo2lY8FszoddBKaE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/1b9185-40b5-490b-9af8-55c140c9f54f/1/qCybwtLaz9bxMNhahP7eq_F5pWc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.118.0.0/16
IPv6:
2001:1400::/48
Signature Algorithm: sha256WithRSAEncryption
9e:05:36:27:5c:3d:e8:a5:6a:8d:1f:2c:3e:71:31:e9:38:85:
e3:9d:67:65:75:73:68:7c:b0:3d:95:bd:a2:5f:20:64:e3:95:
6f:49:e2:62:02:4d:7f:08:da:fc:2b:8a:d2:6b:75:01:41:6e:
89:86:53:84:5a:b1:36:9f:99:a1:e3:6b:b6:15:ba:66:69:e7:
af:19:2e:1f:f0:4e:20:e6:a6:65:9f:ba:5d:f3:ff:39:aa:25:
2e:0f:25:f8:b3:8d:0c:c1:ef:ea:3d:c5:f7:7d:45:39:48:84:
ad:83:64:29:98:db:ba:4e:27:2b:4b:78:65:fa:2a:19:2a:84:
0a:d6:d4:a7:c1:79:fa:2d:50:1a:4f:6a:41:08:ec:36:38:35:
f7:7c:3d:65:1a:37:54:1b:7b:04:94:5f:c5:ee:e7:a1:e0:a8:
50:63:85:d9:37:4d:8c:bf:a0:3c:91:b6:41:80:d4:e0:8c:8f:
b3:a3:57:f6:ff:24:f4:58:aa:c1:cf:54:d1:75:52:c0:7b:19:
3e:89:ec:fd:62:b1:1b:4f:72:24:78:cd:87:28:43:cd:1a:e5:
23:c7:5d:62:ae:c5:43:ad:34:dd:36:35:3d:c6:3e:0e:66:e1:
9a:27:7e:c8:d1:a0:a9:2a:58:15:9b:2b:2d:ca:56:36:9b:67:
52:00:da:8c
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVt3UXXtCxQyKimPWjtTpFcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4MmM5YmMyZDJkYWNmZDZmMTMwZDg1YTg0ZmVkZWFiZjE3
OWE1NjcwHhcNMjMwMTAxMTUwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmE4MDMwMDZkZGI4MGI1MjBhMzY5NThmMDViMzNhMWQ3NDEyOWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9zotYNJGaVuNNxYyhBSXZHxQCbd
n+uS2l8AiC1x1FPlupNCVCZequYeB5Sw1xZ25vc9fhg4Ba8sGE0KOq7rMuMQYVeY
DH1KvYcgFBp2FeyrkkVoCB94nq2zvmHPUu2GPe36LAGOHGvPw7TbIisqHK9/LVAv
V2z4Btmc/Xq8DQOTy7Js2rEsLVE1YCBJjQDIE5aMiNwRf1qOa+MrKGQpp2PJ0Lz3
Jxn0Xfj8/7tHjZ1EedELA5kBbvVElpYq6Tt902l6aWz9qgH1SCzgQsggaF86GZ3s
TQJxvIDBh8RW7UiJGFX0jOk+9/2/zAS64yrMyDD0FUgTlPIWbPTutpo3KwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFOKoAwBt24C1IKNpWPBbM6HXQSmhMB8GA1UdIwQY
MBaAFKgsm8LS2s/W8TDYWoT+3qvxeaVnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUN5Ynd0TGF6OWJ4TU5oYWhQN2VxX0Y1cFdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS8xYjkxODUtNDBiNS00OTBiLTlhZjgt
NTVjMTQwYzlmNTRmLzEvNHFnREFHM2JnTFVnbzJsWThGc3pvZGRCS2FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS8xYjkxODUtNDBiNS00OTBiLTlhZjgtNTVjMTQwYzlmNTRm
LzEvcUN5Ynd0TGF6OWJ4TU5oYWhQN2VxX0Y1cFdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjALBAIAATAFAwMAj3YwDwQC
AAIwCQMHACABFAAAADANBgkqhkiG9w0BAQsFAAOCAQEAngU2J1w96KVqjR8sPnEx
6TiF451nZXVzaHywPZW9ol8gZOOVb0niYgJNfwja/CuK0mt1AUFuiYZThFqxNp+Z
oeNrthW6ZmnnrxkuH/BOIOamZZ+6XfP/OaolLg8l+LONDMHv6j3F931FOUiErYNk
KZjbuk4nK0t4ZfoqGSqECtbUp8F5+i1QGk9qQQjsNjg193w9ZRo3VBt7BJRfxe7n
oeCoUGOF2TdNjL+gPJG2QYDU4IyPs6NX9v8k9Fiqwc9U0XVSwHsZPons/WKxG09y
JHjNhyhDzRrlI8ddYq7FQ6003TY1PcY+Dmbhmid+yNGgqSpYFZsrLcpWNptnUgDa
jA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:27:03 2025 by rpki-client