Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/qKs-gBxNy7BXEzdj1n2lo2aV9N8.roa
File: qKs-gBxNy7BXEzdj1n2lo2aV9N8.roa (raw, json)
Hash identifier: ZmkTEGuCVMyfM8xamo3b1LTBs8PiiDYfK116LGqcu0M=
Subject key identifier: A8:AB:3E:80:1C:4D:CB:B0:57:13:37:63:D6:7D:A5:A3:66:95:F4:DF
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 01891B6C9D29ABF0D773789D808EC1BEEF21
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/qKs-gBxNy7BXEzdj1n2lo2aV9N8.roa
Signing time: Mon 03 Jul 2023 11:04:10 +0000
ROA not before: Mon 03 Jul 2023 11:04:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 23470
IP address blocks: 107.161.166.0/24 maxlen: 24
107.161.165.0/24 maxlen: 24
107.161.164.0/24 maxlen: 24
107.161.163.0/24 maxlen: 24
107.161.167.0/24 maxlen: 24
107.161.172.0/24 maxlen: 24
107.161.173.0/24 maxlen: 24
2a07:9944:40::/48 maxlen: 48
2a07:9945:45::/48 maxlen: 48
2a07:9942:39d6::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:1b:6c:9d:29:ab:f0:d7:73:78:9d:80:8e:c1:be:ef:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Jul 3 11:04:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a8ab3e801c4dcbb057133763d67da5a36695f4df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:51:bd:44:e5:67:e5:2d:1b:4e:00:fc:f9:b7:
79:9d:fe:cd:be:b8:92:cd:9f:0e:1c:07:b5:f5:28:
6c:ab:42:85:d3:b1:9c:ed:82:96:4f:e0:69:0d:5c:
58:d7:ea:43:41:c2:d6:28:0a:23:92:63:04:10:1f:
e5:93:d7:40:99:fa:66:c3:92:12:62:4b:5b:d1:a7:
52:4c:5e:79:cb:7d:fe:34:14:c2:3c:3e:97:52:a1:
5a:25:28:15:ba:0f:2b:76:ca:7d:8b:62:9c:6c:a9:
ec:a0:20:bd:35:95:f5:20:88:23:c2:a0:ba:37:c4:
1f:ed:e5:27:cd:81:b6:ae:65:8a:72:a2:60:26:13:
e8:33:9b:27:0c:ce:af:ff:1d:4a:0c:d1:f1:44:66:
07:fb:4c:49:a7:3c:c2:ba:d7:d6:de:ac:9e:0d:dc:
11:1f:bd:34:ad:0e:93:0c:93:a6:4a:1e:6e:03:8f:
cd:11:d9:0c:95:92:7c:86:e2:a5:2c:7c:86:da:1d:
0d:14:9d:98:56:95:0b:33:55:0a:24:5e:f3:eb:25:
11:14:b5:b9:b9:3b:f2:25:a0:b1:8c:4f:d5:0b:2e:
d5:e2:e0:36:41:fa:ec:d3:10:d6:f2:7d:57:de:98:
7c:62:d2:1f:c9:f6:e2:31:0b:f5:19:e3:15:c9:89:
50:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:AB:3E:80:1C:4D:CB:B0:57:13:37:63:D6:7D:A5:A3:66:95:F4:DF
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/qKs-gBxNy7BXEzdj1n2lo2aV9N8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
107.161.163.0-107.161.167.255
107.161.172.0/23
IPv6:
2a07:9942:39d6::/48
2a07:9944:40::/48
2a07:9945:45::/48
Signature Algorithm: sha256WithRSAEncryption
21:34:bb:15:ff:c2:74:d9:13:36:43:05:00:6e:54:38:8e:20:
17:25:5e:4b:16:f5:34:00:60:c8:9f:4b:95:40:b0:ac:89:2c:
a3:76:8b:b6:9c:6f:a4:97:ff:a2:71:7f:77:bd:8a:f7:1c:00:
5a:03:0e:f2:79:fb:c3:0a:f1:90:57:00:15:7e:5c:3b:0d:8d:
0c:bb:33:a4:29:5e:ca:a0:46:57:48:19:94:d5:5d:90:74:69:
29:84:0b:72:7a:b3:68:6d:e8:54:91:90:f0:38:6c:b0:1d:ae:
95:4e:19:b8:2e:92:61:68:86:61:bb:f0:90:00:5d:08:b4:c6:
4a:42:30:f9:04:64:6b:4b:27:dd:1b:35:0e:2c:d5:f1:1c:b7:
01:d8:4c:59:b9:9f:df:61:3a:ff:62:ed:a8:44:a2:e9:d7:1a:
37:9a:a8:60:f1:20:7b:25:18:6a:22:6d:ec:bd:c7:5e:6f:0f:
27:55:fa:a3:30:97:12:b5:3f:ca:fa:23:82:7b:c6:b4:fb:8c:
93:95:63:e3:25:5b:9c:d8:8e:f4:d6:4e:5e:e5:da:e5:8d:25:
74:ac:10:e7:83:92:a4:1b:ab:5a:78:30:ed:17:f6:c6:47:9c:
0f:c0:7c:be:a1:d4:66:71:52:65:6b:d4:db:11:f6:f5:9f:72:
93:86:7e:3d
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYkbbJ0pq/DXc3idgI7Bvu8hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjMwNzAzMTEwNDEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGFiM2U4MDFjNGRjYmIwNTcxMzM3NjNkNjdkYTVhMzY2OTVmNGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1G9ROVn5S0bTgD8+bd5nf7NvriS
zZ8OHAe19Shsq0KF07Gc7YKWT+BpDVxY1+pDQcLWKAojkmMEEB/lk9dAmfpmw5IS
Yktb0adSTF55y33+NBTCPD6XUqFaJSgVug8rdsp9i2KcbKnsoCC9NZX1IIgjwqC6
N8Qf7eUnzYG2rmWKcqJgJhPoM5snDM6v/x1KDNHxRGYH+0xJpzzCutfW3qyeDdwR
H700rQ6TDJOmSh5uA4/NEdkMlZJ8huKlLHyG2h0NFJ2YVpULM1UKJF7z6yURFLW5
uTvyJaCxjE/VCy7V4uA2Qfrs0xDW8n1X3ph8YtIfyfbiMQv1GeMVyYlQVQIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFKirPoAcTcuwVxM3Y9Z9paNmlfTfMB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEvcUtzLWdCeE55N0JYRXpkajFuMmxvMmFWOU44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAaBAIAATAUMAwDBABroaMD
BANroaADBAFroawwIQQCAAIwGwMHACoHmUI51gMHACoHmUQAQAMHACoHmUUARTAN
BgkqhkiG9w0BAQsFAAOCAQEAITS7Ff/CdNkTNkMFAG5UOI4gFyVeSxb1NABgyJ9L
lUCwrIkso3aLtpxvpJf/onF/d72K9xwAWgMO8nn7wwrxkFcAFX5cOw2NDLszpCle
yqBGV0gZlNVdkHRpKYQLcnqzaG3oVJGQ8DhssB2ulU4ZuC6SYWiGYbvwkABdCLTG
SkIw+QRka0sn3Rs1DizV8Ry3AdhMWbmf32E6/2LtqESi6dcaN5qoYPEgeyUYaiJt
7L3HXm8PJ1X6ozCXErU/yvojgnvGtPuMk5Vj4yVbnNiO9NZOXuXa5Y0ldKwQ54OS
pBurWngw7Rf2xkecD8B8vqHUZnFSZWvU2xH29Z9yk4Z+PQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:24 2025 by rpki-client