Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/80b481-6535-40a3-81a8-313a4c163b10/1/q-3ittCKdvND6ITZt6famWrTka8.roa
File: q-3ittCKdvND6ITZt6famWrTka8.roa (raw, json)
Hash identifier: ts+WJ+4Xzbkbn6/pboP9vcNmilzUdPxRaOTjhtHghi0=
Subject key identifier: AB:ED:E2:B6:D0:8A:76:F3:43:E8:84:D9:B7:A7:DA:99:6A:D3:91:AF
Certificate issuer: /CN=c4ddfe0f4bfb6982f1960ab2a3fae7a2fb457a93
Certificate serial: 018A4621F28518462D67E30BA6457C402FFE
Authority key identifier: C4:DD:FE:0F:4B:FB:69:82:F1:96:0A:B2:A3:FA:E7:A2:FB:45:7A:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xN3-D0v7aYLxlgqyo_rnovtFepM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/80b481-6535-40a3-81a8-313a4c163b10/1/q-3ittCKdvND6ITZt6famWrTka8.roa
Signing time: Wed 30 Aug 2023 11:09:04 +0000
ROA not before: Wed 30 Aug 2023 11:09:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60134
IP address blocks: 2.57.2.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:46:21:f2:85:18:46:2d:67:e3:0b:a6:45:7c:40:2f:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ddfe0f4bfb6982f1960ab2a3fae7a2fb457a93
Validity
Not Before: Aug 30 11:09:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=abede2b6d08a76f343e884d9b7a7da996ad391af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:0b:6b:03:a0:e9:8d:90:af:39:a9:16:02:36:
45:32:2a:99:d5:73:63:da:20:88:55:ee:66:3c:1f:
e7:98:32:3f:f9:bc:25:8f:e2:56:b7:6f:e1:61:69:
95:2e:10:d9:34:ce:23:0a:bf:4d:ef:21:97:72:c8:
e9:f8:40:b3:08:ba:17:21:4b:ba:ea:5c:5c:d8:79:
a4:50:fa:aa:e9:eb:8f:eb:2f:0e:1e:65:24:95:fe:
04:b4:17:85:42:de:c4:9e:6c:a7:f1:dc:da:84:15:
88:1f:9f:d0:aa:59:af:c9:c3:2b:31:89:53:b8:da:
2e:cb:75:1a:72:68:98:5a:5f:fd:ba:e9:1a:7d:b3:
8e:0c:55:13:2a:78:07:08:1e:33:2f:ba:c4:f3:9c:
69:8f:b0:a6:29:ff:56:53:5f:3c:dd:6d:21:5e:96:
93:0d:2e:29:58:a3:64:af:5d:7f:34:af:f8:b1:eb:
2d:63:19:55:a9:20:7a:d9:ae:53:d0:4d:08:7b:5b:
96:6f:fc:74:33:de:a4:1e:db:2a:d3:8d:35:58:c5:
1c:76:a9:37:ba:82:68:4b:95:59:61:2e:14:b3:a4:
74:bd:f5:ba:ad:e7:85:5d:2f:bd:83:51:a0:9e:fb:
2e:9e:6b:9c:42:d0:21:bf:9f:17:5a:2d:8e:f3:21:
1d:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:ED:E2:B6:D0:8A:76:F3:43:E8:84:D9:B7:A7:DA:99:6A:D3:91:AF
X509v3 Authority Key Identifier:
keyid:C4:DD:FE:0F:4B:FB:69:82:F1:96:0A:B2:A3:FA:E7:A2:FB:45:7A:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xN3-D0v7aYLxlgqyo_rnovtFepM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/80b481-6535-40a3-81a8-313a4c163b10/1/q-3ittCKdvND6ITZt6famWrTka8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/80b481-6535-40a3-81a8-313a4c163b10/1/xN3-D0v7aYLxlgqyo_rnovtFepM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.2.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:49:8c:a0:cc:e5:55:b4:5a:db:ed:b0:72:72:01:f9:2b:f8:
86:36:85:fb:6b:a0:88:30:e4:b9:fe:fe:4e:c5:ac:05:f5:74:
92:97:4d:0a:3e:35:f9:05:3c:5a:20:26:71:e3:27:00:e1:c1:
6c:39:93:85:82:b3:47:49:ac:bd:4f:6e:18:c8:3d:56:73:f0:
ed:11:43:d4:c1:c2:aa:11:76:ea:f2:be:77:ba:75:fa:a6:3d:
79:8a:a5:3e:96:b7:98:0f:48:4b:b1:01:3a:58:6f:5c:ed:9d:
f4:40:fb:6f:75:78:d8:e2:17:65:1a:fc:78:e7:89:40:df:9f:
21:19:ee:f8:a0:2c:a4:6c:40:b2:14:1b:81:02:b3:ea:f1:c3:
18:85:11:45:37:4f:79:95:65:27:f4:93:e7:07:b4:aa:96:b1:
5d:24:60:fe:58:88:a8:ca:32:2a:9a:da:c6:1e:b2:81:e3:16:
2f:ca:37:8b:9c:f0:54:93:65:7f:41:4d:01:bb:10:49:ff:b2:
ba:50:76:df:7a:3c:5b:dc:9d:17:31:81:f3:45:3a:84:f3:90:
52:54:32:72:fd:96:98:0e:8e:39:f9:bc:42:6c:c1:92:da:a4:
51:68:f9:f1:f7:74:22:23:13:58:62:1b:1c:94:1a:3a:d8:4f:
20:3b:94:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYpGIfKFGEYtZ+MLpkV8QC/+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0ZGRmZTBmNGJmYjY5ODJmMTk2MGFiMmEzZmFlN2EyZmI0
NTdhOTMwHhcNMjMwODMwMTEwOTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmVkZTJiNmQwOGE3NmYzNDNlODg0ZDliN2E3ZGE5OTZhZDM5MWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxwtrA6DpjZCvOakWAjZFMiqZ1XNj
2iCIVe5mPB/nmDI/+bwlj+JWt2/hYWmVLhDZNM4jCr9N7yGXcsjp+ECzCLoXIUu6
6lxc2HmkUPqq6euP6y8OHmUklf4EtBeFQt7Enmyn8dzahBWIH5/QqlmvycMrMYlT
uNouy3UacmiYWl/9uukafbOODFUTKngHCB4zL7rE85xpj7CmKf9WU1883W0hXpaT
DS4pWKNkr11/NK/4sestYxlVqSB62a5T0E0Ie1uWb/x0M96kHtsq0401WMUcdqk3
uoJoS5VZYS4Us6R0vfW6reeFXS+9g1GgnvsunmucQtAhv58XWi2O8yEdPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKvt4rbQinbzQ+iE2ben2plq05GvMB8GA1UdIwQY
MBaAFMTd/g9L+2mC8ZYKsqP656L7RXqTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveE4zLUQwdjdhWUx4bGdxeW9fcm5vdnRGZXBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84MGI0ODEtNjUzNS00MGEzLTgxYTgt
MzEzYTRjMTYzYjEwLzEvcS0zaXR0Q0tkdk5ENklUWnQ2ZmFtV3JUa2E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84MGI0ODEtNjUzNS00MGEzLTgxYTgtMzEzYTRjMTYzYjEw
LzEveE4zLUQwdjdhWUx4bGdxeW9fcm5vdnRGZXBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjkCMA0G
CSqGSIb3DQEBCwUAA4IBAQB8SYygzOVVtFrb7bBycgH5K/iGNoX7a6CIMOS5/v5O
xawF9XSSl00KPjX5BTxaICZx4ycA4cFsOZOFgrNHSay9T24YyD1Wc/DtEUPUwcKq
EXbq8r53unX6pj15iqU+lreYD0hLsQE6WG9c7Z30QPtvdXjY4hdlGvx454lA358h
Ge74oCykbECyFBuBArPq8cMYhRFFN095lWUn9JPnB7SqlrFdJGD+WIioyjIqmtrG
HrKB4xYvyjeLnPBUk2V/QU0BuxBJ/7K6UHbfejxb3J0XMYHzRTqE85BSVDJy/ZaY
Do45+bxCbMGS2qRRaPnx93QiIxNYYhsclBo62E8gO5TF
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:40:12 2025 by rpki-client