Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/f116d7-8519-4924-8d1d-4c77d605afec/1/jQutiZseEID44HgaegTd_MpG0pw.roa
File: jQutiZseEID44HgaegTd_MpG0pw.roa (raw, json)
Hash identifier: QP3M5enjYT4j0pMghPVY6wukHsaO/bmSRjSEShmqFGk=
Subject key identifier: 8D:0B:AD:89:9B:1E:10:80:F8:E0:78:1A:7A:04:DD:FC:CA:46:D2:9C
Certificate issuer: /CN=5f99fde0d63b11b5c2dd816c0f93c2ea58350336
Certificate serial: 018570829993E212FF434B0121EA67AFDFD0
Authority key identifier: 5F:99:FD:E0:D6:3B:11:B5:C2:DD:81:6C:0F:93:C2:EA:58:35:03:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X5n94NY7EbXC3YFsD5PC6lg1AzY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/f116d7-8519-4924-8d1d-4c77d605afec/1/jQutiZseEID44HgaegTd_MpG0pw.roa
Signing time: Mon 02 Jan 2023 03:24:45 +0000
ROA not before: Mon 02 Jan 2023 03:24:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49409
IP address blocks: 185.81.14.0/23 maxlen: 23
178.22.96.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:99:93:e2:12:ff:43:4b:01:21:ea:67:af:df:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f99fde0d63b11b5c2dd816c0f93c2ea58350336
Validity
Not Before: Jan 2 03:24:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8d0bad899b1e1080f8e0781a7a04ddfcca46d29c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:4c:af:26:a5:fb:87:68:1f:26:b3:36:b7:6f:
77:96:e8:b1:ba:82:ba:be:d3:13:d8:03:7c:8b:e9:
17:5c:34:cf:68:b9:d7:98:bf:d8:8f:08:83:15:42:
35:65:b0:cf:43:a9:e6:ab:d5:af:95:72:ca:72:ac:
74:aa:d0:c3:44:e3:30:69:61:de:04:b0:fb:b4:6e:
f1:10:f4:6b:ec:a4:9b:94:b8:31:3a:20:d2:6c:56:
7a:5e:77:22:29:24:19:3d:55:a1:58:2e:5b:95:60:
6c:01:ee:4e:93:3a:0e:b6:15:58:aa:1e:26:8d:62:
88:e1:af:a8:2d:ac:92:e5:dc:c9:d8:33:92:a5:98:
a9:d7:83:1e:7d:28:a7:11:81:f3:d5:f1:88:b2:5c:
56:83:2a:26:df:af:d8:95:02:c7:1f:fd:1c:83:a6:
e9:d6:ae:51:de:87:6a:d6:fb:3d:fe:df:e0:cd:ae:
dd:b2:d1:c2:b1:29:17:4b:99:bd:77:c2:52:3d:05:
57:c4:b6:02:97:a9:ee:30:a2:76:0a:9f:74:b1:cd:
ad:35:d1:b2:a3:c5:73:5a:72:57:95:2e:d8:a9:3f:
11:b3:ba:e8:75:8d:5f:ed:25:8f:2b:b6:49:54:fb:
34:8e:36:25:44:e6:75:fd:26:0c:db:8b:5c:62:ef:
06:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:0B:AD:89:9B:1E:10:80:F8:E0:78:1A:7A:04:DD:FC:CA:46:D2:9C
X509v3 Authority Key Identifier:
keyid:5F:99:FD:E0:D6:3B:11:B5:C2:DD:81:6C:0F:93:C2:EA:58:35:03:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X5n94NY7EbXC3YFsD5PC6lg1AzY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/f116d7-8519-4924-8d1d-4c77d605afec/1/jQutiZseEID44HgaegTd_MpG0pw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/f116d7-8519-4924-8d1d-4c77d605afec/1/X5n94NY7EbXC3YFsD5PC6lg1AzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.22.96.0/21
185.81.14.0/23
Signature Algorithm: sha256WithRSAEncryption
9d:a1:e7:61:6f:eb:49:86:1a:c9:e3:b4:ee:dd:49:1d:94:dd:
15:09:0d:84:49:cd:e2:e3:dc:ae:1f:43:3d:36:45:8e:c6:4a:
99:51:cc:41:ca:3d:ae:13:53:d6:89:2d:55:f3:d9:8a:ea:54:
db:63:87:4e:9c:5b:c6:2f:1c:44:78:32:c6:bf:5d:b6:57:f1:
13:e9:c3:bd:af:67:5d:80:39:35:5c:ef:76:46:44:3e:06:3a:
23:a9:d5:46:8b:16:4c:86:82:d5:85:6a:97:c3:a5:e8:da:b9:
a2:08:42:86:04:6e:04:58:aa:8a:f2:94:f0:d3:d9:67:cc:47:
76:8e:12:57:f0:ad:51:ce:fb:76:24:11:1e:c1:7f:d9:95:d6:
e4:08:a1:3e:bf:f6:a3:fb:32:9c:50:18:d1:ed:ef:04:86:31:
a3:a7:12:0e:b9:95:f5:44:b6:71:ff:7d:25:85:3d:a2:05:93:
5e:9e:e8:1c:37:26:22:11:ce:b7:01:3c:1a:15:85:97:c2:d7:
43:6e:04:c1:d7:1c:81:58:9e:0a:bd:d7:28:72:23:82:bf:18:
52:3f:ef:25:c1:2a:73:ed:5c:af:f6:9d:77:88:a3:ca:1a:fa:
5b:bc:c3:0d:7f:06:82:66:a6:96:7f:4e:30:91:da:69:40:cc:
ce:33:31:c9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwgpmT4hL/Q0sBIepnr9/QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmOTlmZGUwZDYzYjExYjVjMmRkODE2YzBmOTNjMmVhNTgz
NTAzMzYwHhcNMjMwMTAyMDMyNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDBiYWQ4OTliMWUxMDgwZjhlMDc4MWE3YTA0ZGRmY2NhNDZkMjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnkyvJqX7h2gfJrM2t293luixuoK6
vtMT2AN8i+kXXDTPaLnXmL/YjwiDFUI1ZbDPQ6nmq9WvlXLKcqx0qtDDROMwaWHe
BLD7tG7xEPRr7KSblLgxOiDSbFZ6XnciKSQZPVWhWC5blWBsAe5OkzoOthVYqh4m
jWKI4a+oLayS5dzJ2DOSpZip14MefSinEYHz1fGIslxWgyom36/YlQLHH/0cg6bp
1q5R3odq1vs9/t/gza7dstHCsSkXS5m9d8JSPQVXxLYCl6nuMKJ2Cp90sc2tNdGy
o8VzWnJXlS7YqT8Rs7rodY1f7SWPK7ZJVPs0jjYlROZ1/SYM24tcYu8GlwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI0LrYmbHhCA+OB4GnoE3fzKRtKcMB8GA1UdIwQY
MBaAFF+Z/eDWOxG1wt2BbA+TwupYNQM2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDVuOTROWTdFYlhDM1lGc0Q1UEM2bGcxQXpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9mMTE2ZDctODUxOS00OTI0LThkMWQt
NGM3N2Q2MDVhZmVjLzEvalF1dGlac2VFSUQ0NEhnYWVnVGRfTXBHMHB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9mMTE2ZDctODUxOS00OTI0LThkMWQtNGM3N2Q2MDVhZmVj
LzEvWDVuOTROWTdFYlhDM1lGc0Q1UEM2bGcxQXpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDshZgAwQB
uVEOMA0GCSqGSIb3DQEBCwUAA4IBAQCdoedhb+tJhhrJ47Tu3UkdlN0VCQ2ESc3i
49yuH0M9NkWOxkqZUcxByj2uE1PWiS1V89mK6lTbY4dOnFvGLxxEeDLGv122V/ET
6cO9r2ddgDk1XO92RkQ+BjojqdVGixZMhoLVhWqXw6Xo2rmiCEKGBG4EWKqK8pTw
09lnzEd2jhJX8K1Rzvt2JBEewX/ZldbkCKE+v/aj+zKcUBjR7e8EhjGjpxIOuZX1
RLZx/30lhT2iBZNenugcNyYiEc63ATwaFYWXwtdDbgTB1xyBWJ4KvdcociOCvxhS
P+8lwSpz7Vyv9p13iKPKGvpbvMMNfwaCZqaWf04wkdppQMzOMzHJ
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:30:51 2025 by rpki-client