Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/98c860-5298-4846-beaa-356c096bc6f9/1/QjF5kJX6A9ANVKLbAxLeoM2VFTA.roa
File: QjF5kJX6A9ANVKLbAxLeoM2VFTA.roa (raw, json)
Hash identifier: pcqkcAnsK65uFUSoP6/b7IKiPWO+S6MQToLgT8F8NBM=
Subject key identifier: 42:31:79:90:95:FA:03:D0:0D:54:A2:DB:03:12:DE:A0:CD:95:15:30
Certificate issuer: /CN=6401adedbc9c8f1c6cf2389fc7f741edf4f19f2c
Certificate serial: 018A830A1B868755C0CD55058D004C8FE869
Authority key identifier: 64:01:AD:ED:BC:9C:8F:1C:6C:F2:38:9F:C7:F7:41:ED:F4:F1:9F:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZAGt7bycjxxs8jifx_dB7fTxnyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/98c860-5298-4846-beaa-356c096bc6f9/1/QjF5kJX6A9ANVKLbAxLeoM2VFTA.roa
Signing time: Mon 11 Sep 2023 06:59:52 +0000
ROA not before: Mon 11 Sep 2023 06:59:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208666
IP address blocks: 83.229.2.0/24 maxlen: 24
31.193.185.0/24 maxlen: 24
213.255.192.0/24 maxlen: 24
2a09:b300::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:83:0a:1b:86:87:55:c0:cd:55:05:8d:00:4c:8f:e8:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6401adedbc9c8f1c6cf2389fc7f741edf4f19f2c
Validity
Not Before: Sep 11 06:59:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4231799095fa03d00d54a2db0312dea0cd951530
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:22:fd:e5:dc:03:68:47:1a:16:08:c6:d2:24:
61:01:04:4b:4f:e1:8d:90:64:74:cb:0e:9f:1e:69:
fe:5f:a0:7b:66:bd:25:ad:fd:fb:b3:05:d2:6d:5a:
be:a4:d0:fd:c5:2a:e7:db:c0:27:42:b4:a7:57:62:
5c:07:63:cb:5f:46:8b:9e:50:4c:00:6e:2d:c2:58:
33:ae:33:3b:01:ce:dd:af:12:a9:eb:eb:f5:43:93:
46:ab:9a:57:a7:6e:8c:9e:5d:93:0c:14:fc:4d:38:
d4:9d:fe:9c:20:0e:63:bc:c2:a2:07:31:6c:f4:78:
cd:53:d5:1b:2a:31:fe:0d:c4:25:36:dd:ab:01:47:
23:dc:9e:d7:e9:55:33:43:91:ed:bb:a1:d7:03:18:
88:27:ac:bc:a7:c3:da:bb:3b:75:1c:5e:93:b0:22:
e5:d1:d9:ba:bd:69:80:6d:6b:e2:f4:67:ed:c9:85:
59:d2:d9:e4:cf:5e:af:f4:f1:2b:6a:7a:23:d8:83:
98:74:c7:28:af:39:e8:52:6a:76:7b:dd:a6:b8:5a:
b4:1f:bf:5f:e9:09:88:9c:23:49:ba:0a:82:28:ca:
fe:45:ee:1b:9a:ed:a6:00:73:6c:3a:8b:ca:db:0a:
67:20:79:26:4a:75:24:9f:a7:19:b5:25:34:92:ba:
a1:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:31:79:90:95:FA:03:D0:0D:54:A2:DB:03:12:DE:A0:CD:95:15:30
X509v3 Authority Key Identifier:
keyid:64:01:AD:ED:BC:9C:8F:1C:6C:F2:38:9F:C7:F7:41:ED:F4:F1:9F:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZAGt7bycjxxs8jifx_dB7fTxnyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/98c860-5298-4846-beaa-356c096bc6f9/1/QjF5kJX6A9ANVKLbAxLeoM2VFTA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/98c860-5298-4846-beaa-356c096bc6f9/1/ZAGt7bycjxxs8jifx_dB7fTxnyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.185.0/24
83.229.2.0/24
213.255.192.0/24
IPv6:
2a09:b300::/29
Signature Algorithm: sha256WithRSAEncryption
8e:11:b1:7a:d0:3f:00:ea:16:c2:2b:9f:c8:30:3b:5f:72:45:
80:92:9b:1b:82:2f:9c:65:24:0b:7a:15:c0:2c:79:47:ee:a3:
22:eb:a8:9c:d7:3f:5d:fb:55:81:8b:83:c4:bc:7c:ad:c8:52:
5a:a3:25:74:c2:86:23:29:c3:70:52:65:78:81:47:c8:83:b7:
c2:38:cb:a4:d2:9a:57:37:4b:2e:ee:42:cb:8d:87:80:e5:67:
82:a8:92:8a:37:40:75:d5:24:32:a7:5d:52:63:41:64:b6:bc:
0f:cc:68:9e:56:5a:d2:ba:13:6d:23:81:ae:eb:33:28:a4:03:
f9:48:f7:d8:7c:a5:05:82:bc:dd:38:6b:ae:85:fc:38:18:2f:
49:48:92:0f:ae:d0:1f:01:67:b7:14:fb:31:14:8b:68:f5:1f:
3b:1c:86:6f:fc:87:64:e1:e6:24:0f:a4:f9:c4:ed:18:75:43:
97:b0:53:df:19:eb:5e:11:72:f1:06:6b:eb:0c:ad:71:25:e8:
c1:da:c8:e4:e9:8a:1d:5d:9d:4c:ea:3f:dd:d6:b7:f8:00:39:
f4:ae:c9:8c:da:0f:b6:c4:bb:06:7d:13:d5:66:e7:22:f7:2c:
eb:7a:b2:5f:44:17:60:f2:86:1c:a8:74:22:85:33:24:fa:97:
88:22:c8:f9
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYqDChuGh1XAzVUFjQBMj+hpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MDFhZGVkYmM5YzhmMWM2Y2YyMzg5ZmM3Zjc0MWVkZjRm
MTlmMmMwHhcNMjMwOTExMDY1OTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjMxNzk5MDk1ZmEwM2QwMGQ1NGEyZGIwMzEyZGVhMGNkOTUxNTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhiL95dwDaEcaFgjG0iRhAQRLT+GN
kGR0yw6fHmn+X6B7Zr0lrf37swXSbVq+pND9xSrn28AnQrSnV2JcB2PLX0aLnlBM
AG4twlgzrjM7Ac7drxKp6+v1Q5NGq5pXp26Mnl2TDBT8TTjUnf6cIA5jvMKiBzFs
9HjNU9UbKjH+DcQlNt2rAUcj3J7X6VUzQ5Htu6HXAxiIJ6y8p8Pauzt1HF6TsCLl
0dm6vWmAbWvi9GftyYVZ0tnkz16v9PEranoj2IOYdMcorznoUmp2e92muFq0H79f
6QmInCNJugqCKMr+Re4bmu2mAHNsOovK2wpnIHkmSnUkn6cZtSU0krqhIwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFEIxeZCV+gPQDVSi2wMS3qDNlRUwMB8GA1UdIwQY
MBaAFGQBre28nI8cbPI4n8f3Qe308Z8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkFHdDdieWNqeHhzOGppZnhfZEI3ZlR4bnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS85OGM4NjAtNTI5OC00ODQ2LWJlYWEt
MzU2YzA5NmJjNmY5LzEvUWpGNWtKWDZBOUFOVktMYkF4TGVvTTJWRlRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS85OGM4NjAtNTI5OC00ODQ2LWJlYWEtMzU2YzA5NmJjNmY5
LzEvWkFHdDdieWNqeHhzOGppZnhfZEI3ZlR4bnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAH8G5AwQA
U+UCAwQA1f/AMA0EAgACMAcDBQMqCbMAMA0GCSqGSIb3DQEBCwUAA4IBAQCOEbF6
0D8A6hbCK5/IMDtfckWAkpsbgi+cZSQLehXALHlH7qMi66ic1z9d+1WBi4PEvHyt
yFJaoyV0woYjKcNwUmV4gUfIg7fCOMuk0ppXN0su7kLLjYeA5WeCqJKKN0B11SQy
p11SY0FktrwPzGieVlrSuhNtI4Gu6zMopAP5SPfYfKUFgrzdOGuuhfw4GC9JSJIP
rtAfAWe3FPsxFIto9R87HIZv/Idk4eYkD6T5xO0YdUOXsFPfGeteEXLxBmvrDK1x
JejB2sjk6YodXZ1M6j/d1rf4ADn0rsmM2g+2xLsGfRPVZuci9yzrerJfRBdg8oYc
qHQihTMk+peIIsj5
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:12 2025 by rpki-client