Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/732a87-4db0-4ef1-bafb-ac4016120cb9/1/QGdet9BefIpC1Ak-wfu0azBCEWM.roa
File: QGdet9BefIpC1Ak-wfu0azBCEWM.roa (raw, json)
Hash identifier: U8WHF0YgTyRW2hrsGT3+pV5R4vgmRGEjxH1Kmhkxkb4=
Subject key identifier: 40:67:5E:B7:D0:5E:7C:8A:42:D4:09:3E:C1:FB:B4:6B:30:42:11:63
Certificate issuer: /CN=f7b50c7e81d8cf264d1209b6ad5a3ccb82c16fdd
Certificate serial: 01850BB9F07A3DF5262FE88875C91FFB657E
Authority key identifier: F7:B5:0C:7E:81:D8:CF:26:4D:12:09:B6:AD:5A:3C:CB:82:C1:6F:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/97UMfoHYzyZNEgm2rVo8y4LBb90.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/732a87-4db0-4ef1-bafb-ac4016120cb9/1/QGdet9BefIpC1Ak-wfu0azBCEWM.roa
Signing time: Tue 13 Dec 2022 13:43:33 +0000
ROA not before: Tue 13 Dec 2022 13:43:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 63473
IP address blocks: 109.205.61.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:0b:b9:f0:7a:3d:f5:26:2f:e8:88:75:c9:1f:fb:65:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7b50c7e81d8cf264d1209b6ad5a3ccb82c16fdd
Validity
Not Before: Dec 13 13:43:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=40675eb7d05e7c8a42d4093ec1fbb46b30421163
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:9c:a0:d0:f7:e8:5b:27:64:f5:fa:c5:1d:32:
ec:54:d3:95:22:d9:47:08:c2:d5:28:bf:01:a2:10:
85:41:96:c4:96:99:49:8f:8f:ba:11:c6:8b:24:57:
ee:d0:97:05:a7:39:9e:53:f8:75:0a:92:55:ca:39:
e8:5b:fe:03:87:19:79:5f:1f:92:a3:48:f4:e3:85:
1a:04:23:ef:41:d3:b0:8c:59:1d:0c:72:d7:6a:06:
38:3e:d6:2f:cd:12:50:4e:3d:56:87:71:6b:f4:65:
79:ee:8d:a4:2f:01:ad:ef:7c:dc:a3:5f:f7:bf:10:
99:25:a9:1f:2a:6f:af:90:d0:81:f6:91:9c:50:75:
db:b2:48:32:09:61:32:df:f1:d5:c4:ce:f4:97:23:
ce:78:53:8b:88:3e:11:07:d3:ef:99:c8:a0:2c:4b:
db:19:bc:3b:59:ad:16:d8:dd:ad:15:7a:74:62:3d:
93:cf:63:01:cd:07:82:c1:1f:4b:0f:38:ae:fb:1a:
6d:d4:11:39:ae:d0:f9:75:a5:0c:9f:89:c9:cf:c2:
ca:13:55:10:bc:2d:7c:d6:99:d6:42:d6:bd:59:07:
2d:18:78:94:12:ae:8a:0c:8d:b8:13:67:41:b5:93:
d7:6d:23:cc:a4:92:18:21:c8:dc:45:d2:43:e7:0c:
04:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:67:5E:B7:D0:5E:7C:8A:42:D4:09:3E:C1:FB:B4:6B:30:42:11:63
X509v3 Authority Key Identifier:
keyid:F7:B5:0C:7E:81:D8:CF:26:4D:12:09:B6:AD:5A:3C:CB:82:C1:6F:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/97UMfoHYzyZNEgm2rVo8y4LBb90.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/732a87-4db0-4ef1-bafb-ac4016120cb9/1/QGdet9BefIpC1Ak-wfu0azBCEWM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/732a87-4db0-4ef1-bafb-ac4016120cb9/1/97UMfoHYzyZNEgm2rVo8y4LBb90.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.205.61.0/24
Signature Algorithm: sha256WithRSAEncryption
42:32:30:19:a6:d3:6a:56:08:5d:35:91:9a:b0:46:0e:35:2c:
73:f4:f3:3f:e1:96:eb:71:3f:8c:c5:66:72:a7:64:d6:34:f4:
c9:ef:e9:e0:38:c0:38:db:14:e8:75:ca:e9:e6:eb:78:84:34:
a0:38:56:46:25:c9:f7:2c:5c:36:5c:5c:7b:86:3b:77:fd:de:
a6:2f:c4:fd:e1:2e:5f:fd:85:26:1e:b2:04:3c:b1:80:b3:05:
ab:24:ff:8b:78:91:6f:6f:07:b8:33:e3:a2:b6:9d:db:62:37:
84:be:8e:54:24:26:db:ab:0d:66:5f:9a:08:17:2b:c1:ca:4b:
bd:13:a3:b7:53:02:11:8a:b9:78:c9:27:b8:f2:a5:9c:aa:e7:
69:ae:e5:85:d1:79:05:31:76:19:c8:88:e6:25:aa:af:b5:23:
bb:22:b3:bb:f9:81:a7:7f:e6:48:ff:86:79:ac:6e:f7:1b:bd:
b0:86:5d:0c:6d:64:de:d7:c9:58:07:ea:af:2c:75:fe:af:6c:
19:34:53:30:19:9a:cb:48:a3:97:15:dd:ae:29:b2:e2:f1:e8:
68:35:f2:1d:2d:8a:2f:b7:4d:4d:fb:4f:bd:74:b8:dd:8e:02:
c3:2d:2e:38:45:1b:4d:57:b1:25:40:d5:18:9c:f6:23:36:dd:
1a:d4:da:c3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYULufB6PfUmL+iIdckf+2V+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3YjUwYzdlODFkOGNmMjY0ZDEyMDliNmFkNWEzY2NiODJj
MTZmZGQwHhcNMjIxMjEzMTM0MzMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDY3NWViN2QwNWU3YzhhNDJkNDA5M2VjMWZiYjQ2YjMwNDIxMTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZyg0PfoWydk9frFHTLsVNOVItlH
CMLVKL8BohCFQZbElplJj4+6EcaLJFfu0JcFpzmeU/h1CpJVyjnoW/4Dhxl5Xx+S
o0j044UaBCPvQdOwjFkdDHLXagY4PtYvzRJQTj1Wh3Fr9GV57o2kLwGt73zco1/3
vxCZJakfKm+vkNCB9pGcUHXbskgyCWEy3/HVxM70lyPOeFOLiD4RB9PvmcigLEvb
Gbw7Wa0W2N2tFXp0Yj2Tz2MBzQeCwR9LDziu+xpt1BE5rtD5daUMn4nJz8LKE1UQ
vC181pnWQta9WQctGHiUEq6KDI24E2dBtZPXbSPMpJIYIcjcRdJD5wwE7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEBnXrfQXnyKQtQJPsH7tGswQhFjMB8GA1UdIwQY
MBaAFPe1DH6B2M8mTRIJtq1aPMuCwW/dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTdVTWZvSFl6eVpORWdtMnJWbzh5NExCYjkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi83MzJhODctNGRiMC00ZWYxLWJhZmIt
YWM0MDE2MTIwY2I5LzEvUUdkZXQ5QmVmSXBDMUFrLXdmdTBhekJDRVdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi83MzJhODctNGRiMC00ZWYxLWJhZmItYWM0MDE2MTIwY2I5
LzEvOTdVTWZvSFl6eVpORWdtMnJWbzh5NExCYjkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbc09MA0G
CSqGSIb3DQEBCwUAA4IBAQBCMjAZptNqVghdNZGasEYONSxz9PM/4ZbrcT+MxWZy
p2TWNPTJ7+ngOMA42xTodcrp5ut4hDSgOFZGJcn3LFw2XFx7hjt3/d6mL8T94S5f
/YUmHrIEPLGAswWrJP+LeJFvbwe4M+Oitp3bYjeEvo5UJCbbqw1mX5oIFyvByku9
E6O3UwIRirl4ySe48qWcqudpruWF0XkFMXYZyIjmJaqvtSO7IrO7+YGnf+ZI/4Z5
rG73G72whl0MbWTe18lYB+qvLHX+r2wZNFMwGZrLSKOXFd2uKbLi8ehoNfIdLYov
t01N+0+9dLjdjgLDLS44RRtNV7ElQNUYnPYjNt0a1NrD
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:58 2025 by rpki-client