Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/bfdba0-2c60-4027-af0d-6645dd3d624b/1/QHcypPU5_eXL1AIicF4Yxgg3NNo.roa
File: QHcypPU5_eXL1AIicF4Yxgg3NNo.roa (raw, json)
Hash identifier: 4ms4aOJNDdxCpsgBmHuk2xPLQ575KA0tH3osGLeiU5E=
Subject key identifier: 40:77:32:A4:F5:39:FD:E5:CB:D4:02:22:70:5E:18:C6:08:37:34:DA
Certificate issuer: /CN=8c6eadb8659bc734dccb29f638421036bb922e36
Certificate serial: 01856C7835DA212BD8E2E91A4302C7CB6BD8
Authority key identifier: 8C:6E:AD:B8:65:9B:C7:34:DC:CB:29:F6:38:42:10:36:BB:92:2E:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jG6tuGWbxzTcyyn2OEIQNruSLjY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/bfdba0-2c60-4027-af0d-6645dd3d624b/1/QHcypPU5_eXL1AIicF4Yxgg3NNo.roa
Signing time: Sun 01 Jan 2023 08:34:55 +0000
ROA not before: Sun 01 Jan 2023 08:34:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1299
IP address blocks: 45.13.124.0/22 maxlen: 24
185.96.40.0/22 maxlen: 24
2a03:fd80::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:78:35:da:21:2b:d8:e2:e9:1a:43:02:c7:cb:6b:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c6eadb8659bc734dccb29f638421036bb922e36
Validity
Not Before: Jan 1 08:34:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=407732a4f539fde5cbd40222705e18c6083734da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:80:dd:d6:a6:7e:23:21:5b:44:45:1a:9b:10:
8a:e5:4e:d2:d3:ef:7f:e5:5f:2d:9f:c8:4c:01:a6:
6f:c6:3a:90:02:26:98:72:64:56:5e:cb:f6:95:ba:
d6:ab:c4:12:4a:fd:d9:81:dd:8e:dd:72:9a:e8:3a:
0d:af:78:7b:c8:80:ca:b1:46:f3:77:eb:a7:47:fc:
4d:d8:d9:d7:90:e0:7d:3d:51:e1:a9:9e:9c:76:76:
bd:57:e1:1b:92:66:d8:5c:16:c4:99:43:72:a7:e8:
2e:b1:97:36:cb:03:9d:39:d0:c8:dd:a9:21:b9:01:
30:86:75:3a:b0:23:de:1e:ff:2a:29:99:f2:ad:96:
da:7e:ac:17:35:7b:78:cf:ce:70:20:94:ea:db:fd:
f2:99:db:0c:89:64:1f:cf:12:0f:40:7e:38:70:0b:
3e:03:86:0b:01:41:74:c3:97:3e:ce:35:3a:57:fb:
a8:01:4d:d2:63:8b:e8:cf:46:db:99:08:21:75:0f:
6e:55:97:73:6d:50:22:c8:7d:b2:f1:e3:f9:21:49:
9c:44:ef:c8:37:9e:51:9e:4f:50:73:a9:81:fb:5d:
04:70:c1:08:ae:fe:1c:17:bc:90:c9:cf:ad:f5:6d:
5b:39:7f:f5:87:a5:45:68:13:5c:e2:87:ee:12:81:
fe:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:77:32:A4:F5:39:FD:E5:CB:D4:02:22:70:5E:18:C6:08:37:34:DA
X509v3 Authority Key Identifier:
keyid:8C:6E:AD:B8:65:9B:C7:34:DC:CB:29:F6:38:42:10:36:BB:92:2E:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jG6tuGWbxzTcyyn2OEIQNruSLjY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/bfdba0-2c60-4027-af0d-6645dd3d624b/1/QHcypPU5_eXL1AIicF4Yxgg3NNo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/bfdba0-2c60-4027-af0d-6645dd3d624b/1/jG6tuGWbxzTcyyn2OEIQNruSLjY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.124.0/22
185.96.40.0/22
IPv6:
2a03:fd80::/29
Signature Algorithm: sha256WithRSAEncryption
a2:4d:89:53:51:e6:06:4d:c2:38:93:2c:b2:93:8b:80:63:6c:
c3:cd:e2:46:67:a1:0b:bb:f5:b1:82:3e:6f:1b:a6:21:f6:46:
ce:63:29:34:ca:bf:ce:92:25:0e:67:b8:d3:db:00:fa:81:47:
68:46:f9:a3:47:e5:15:01:c1:ee:80:75:25:d2:59:2d:2b:81:
8d:56:34:7c:39:f3:cd:1f:0d:a6:dd:45:88:1d:b6:e3:32:1e:
f7:1d:54:53:6f:13:c1:74:a1:a8:f2:da:a4:e2:52:ee:ce:8a:
4f:bf:63:a1:dc:ac:c8:4b:81:26:1f:e4:be:af:9a:c6:3c:e9:
56:ba:bd:f2:79:5d:e6:f5:a6:c4:ef:6f:6f:d8:25:7c:04:21:
a4:5e:8e:78:01:2d:fc:18:1a:8c:b6:d9:63:c9:38:cf:30:f7:
56:38:85:c4:e9:07:eb:78:ad:6e:87:6b:0f:2d:7d:e3:3a:43:
32:19:11:ac:34:19:df:b2:65:f4:9f:a0:4d:de:fd:ac:75:2f:
3c:76:15:26:fe:ce:c0:1d:01:27:21:2e:67:73:73:25:4b:76:
e4:c2:ed:e3:f6:1c:76:fd:ce:cd:38:51:75:1f:b0:21:2b:d3:
be:87:f4:24:54:cc:a4:bd:46:82:61:fe:62:4c:2e:37:35:f9:
f1:15:6b:ad
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVseDXaISvY4ukaQwLHy2vYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjNmVhZGI4NjU5YmM3MzRkY2NiMjlmNjM4NDIxMDM2YmI5
MjJlMzYwHhcNMjMwMTAxMDgzNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDc3MzJhNGY1MzlmZGU1Y2JkNDAyMjI3MDVlMThjNjA4MzczNGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA14Dd1qZ+IyFbREUamxCK5U7S0+9/
5V8tn8hMAaZvxjqQAiaYcmRWXsv2lbrWq8QSSv3Zgd2O3XKa6DoNr3h7yIDKsUbz
d+unR/xN2NnXkOB9PVHhqZ6cdna9V+EbkmbYXBbEmUNyp+gusZc2ywOdOdDI3akh
uQEwhnU6sCPeHv8qKZnyrZbafqwXNXt4z85wIJTq2/3ymdsMiWQfzxIPQH44cAs+
A4YLAUF0w5c+zjU6V/uoAU3SY4voz0bbmQghdQ9uVZdzbVAiyH2y8eP5IUmcRO/I
N55Rnk9Qc6mB+10EcMEIrv4cF7yQyc+t9W1bOX/1h6VFaBNc4ofuEoH+IwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEB3MqT1Of3ly9QCInBeGMYINzTaMB8GA1UdIwQY
MBaAFIxurbhlm8c03Msp9jhCEDa7ki42MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakc2dHVHV2J4elRjeXluMk9FSVFOcnVTTGpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iZmRiYTAtMmM2MC00MDI3LWFmMGQt
NjY0NWRkM2Q2MjRiLzEvUUhjeXBQVTVfZVhMMUFJaWNGNFl4Z2czTk5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iZmRiYTAtMmM2MC00MDI3LWFmMGQtNjY0NWRkM2Q2MjRi
LzEvakc2dHVHV2J4elRjeXluMk9FSVFOcnVTTGpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLQ18AwQC
uWAoMA0EAgACMAcDBQMqA/2AMA0GCSqGSIb3DQEBCwUAA4IBAQCiTYlTUeYGTcI4
kyyyk4uAY2zDzeJGZ6ELu/Wxgj5vG6Yh9kbOYyk0yr/OkiUOZ7jT2wD6gUdoRvmj
R+UVAcHugHUl0lktK4GNVjR8OfPNHw2m3UWIHbbjMh73HVRTbxPBdKGo8tqk4lLu
zopPv2Oh3KzIS4EmH+S+r5rGPOlWur3yeV3m9abE729v2CV8BCGkXo54AS38GBqM
ttljyTjPMPdWOIXE6QfreK1uh2sPLX3jOkMyGRGsNBnfsmX0n6BN3v2sdS88dhUm
/s7AHQEnIS5nc3MlS3bkwu3j9hx2/c7NOFF1H7AhK9O+h/QkVMykvUaCYf5iTC43
NfnxFWut
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:17:54 2025 by rpki-client