Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/Qk84GaeTZosgeX8cNndNBQb6muM.roa
File: Qk84GaeTZosgeX8cNndNBQb6muM.roa (raw, json)
Hash identifier: BocgdizExjBKvDsLWwdBy4qa2E15Dyu8kaIwK4Chjrc=
Subject key identifier: 42:4F:38:19:A7:93:66:8B:20:79:7F:1C:36:77:4D:05:06:FA:9A:E3
Certificate issuer: /CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Certificate serial: 018721F74975ADF7211E3C077ECBAEB09FA5
Authority key identifier: 30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/Qk84GaeTZosgeX8cNndNBQb6muM.roa
Signing time: Mon 27 Mar 2023 07:27:46 +0000
ROA not before: Mon 27 Mar 2023 07:27:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2134
IP address blocks: 195.76.19.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:21:f7:49:75:ad:f7:21:1e:3c:07:7e:cb:ae:b0:9f:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Validity
Not Before: Mar 27 07:27:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=424f3819a793668b20797f1c36774d0506fa9ae3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:7a:7a:c7:f5:e9:44:55:81:82:34:9b:ca:e6:
4a:fd:71:8e:d9:19:a1:0d:62:d2:89:7a:0d:b4:a4:
e5:0b:ac:c1:f1:43:04:b6:47:fe:0a:14:d6:97:3e:
fb:b3:82:2d:04:23:8e:b1:0b:df:dc:97:f4:7f:38:
cb:51:88:e3:c3:10:16:c9:71:91:0b:c3:51:c7:dd:
c1:3a:26:67:2f:61:51:4d:77:12:db:3a:b8:b4:a8:
9e:53:c3:8f:36:5f:d3:c8:93:2d:82:e5:98:b0:ce:
0d:31:07:ac:e7:0c:dd:ae:00:71:f4:7d:26:b5:be:
f5:3a:1b:04:9e:81:d6:53:f9:a5:e7:71:9c:18:ae:
de:57:10:72:13:1a:d9:24:fa:e5:c0:5f:aa:9a:b2:
45:c0:c9:d5:7a:59:94:65:a9:98:39:ef:02:5f:16:
c7:8b:aa:1f:b0:21:1d:00:b9:58:78:49:2c:03:10:
87:d7:da:92:41:f7:41:04:ea:a8:02:e2:ea:c4:3d:
db:61:00:c3:d7:33:71:d6:70:80:98:6e:e8:1e:26:
3c:96:f5:92:78:ab:f4:6c:bc:56:b5:f2:a5:a0:78:
fe:d4:3e:04:4d:d0:59:c8:f5:1a:88:8e:9d:24:a6:
ac:f3:39:47:e1:db:6e:a3:be:c4:11:1b:e4:02:ca:
6c:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:4F:38:19:A7:93:66:8B:20:79:7F:1C:36:77:4D:05:06:FA:9A:E3
X509v3 Authority Key Identifier:
keyid:30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/Qk84GaeTZosgeX8cNndNBQb6muM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.76.19.0/24
Signature Algorithm: sha256WithRSAEncryption
59:17:9c:dc:94:98:5b:d6:9d:39:c2:f8:58:75:ad:86:43:eb:
ee:da:85:55:91:a7:b0:6c:41:29:fe:8e:07:cc:cc:ef:7a:52:
7e:c4:e8:0e:bb:c7:f1:37:ac:af:87:9d:4b:de:f0:6c:16:a6:
17:78:a0:33:40:2d:24:00:ad:ad:60:18:23:41:d6:33:83:86:
2b:bf:03:13:71:a8:ce:8b:b9:00:f8:27:d1:ea:4e:cb:ae:83:
cd:30:20:e6:84:aa:b2:41:5b:5b:28:2c:1c:57:b5:da:62:51:
48:4a:7d:5e:2e:25:34:ea:6d:f5:ec:55:dc:94:32:93:02:1c:
9a:5c:d6:b5:34:3d:3a:19:f5:af:39:34:6e:6d:8d:6b:b6:1b:
5e:35:7a:f0:50:43:e9:9a:2a:94:a1:7e:d0:4b:ab:ff:3f:97:
51:8a:86:47:c4:32:6f:22:12:6b:c7:ec:7c:c9:a0:77:fb:d6:
89:97:3e:ef:5c:f6:78:2d:b0:0d:8f:ba:90:4b:dd:e8:01:b9:
0d:3d:04:69:fc:66:d7:4a:f8:49:c5:fb:e7:0a:3c:a7:e3:34:
41:51:e9:90:c5:3a:59:5e:26:ec:cc:bd:58:5d:d2:72:b8:7a:
59:c7:2b:8b:36:c7:a7:de:2e:1d:1c:bf:c1:c8:e7:41:a1:ea:
37:fd:6c:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYch90l1rfchHjwHfsuusJ+lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Y1ZmUyNzQwYTJiNmRlNGMzNzA5ZDI5NjQxMTViM2M5
NjdkYTEwHhcNMjMwMzI3MDcyNzQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjRmMzgxOWE3OTM2NjhiMjA3OTdmMWMzNjc3NGQwNTA2ZmE5YWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHp6x/XpRFWBgjSbyuZK/XGO2Rmh
DWLSiXoNtKTlC6zB8UMEtkf+ChTWlz77s4ItBCOOsQvf3Jf0fzjLUYjjwxAWyXGR
C8NRx93BOiZnL2FRTXcS2zq4tKieU8OPNl/TyJMtguWYsM4NMQes5wzdrgBx9H0m
tb71OhsEnoHWU/ml53GcGK7eVxByExrZJPrlwF+qmrJFwMnVelmUZamYOe8CXxbH
i6ofsCEdALlYeEksAxCH19qSQfdBBOqoAuLqxD3bYQDD1zNx1nCAmG7oHiY8lvWS
eKv0bLxWtfKloHj+1D4ETdBZyPUaiI6dJKas8zlH4dtuo77EERvkAspsFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEJPOBmnk2aLIHl/HDZ3TQUG+prjMB8GA1UdIwQY
MBaAFDB/X+J0Citt5MNwnSlkEVs8ln2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQt
NGJhMmY4ZjFmODNiLzEvUWs4NEdhZVRab3NnZVg4Y05uZE5CUWI2bXVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQtNGJhMmY4ZjFmODNi
LzEvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw0wTMA0G
CSqGSIb3DQEBCwUAA4IBAQBZF5zclJhb1p05wvhYda2GQ+vu2oVVkaewbEEp/o4H
zMzvelJ+xOgOu8fxN6yvh51L3vBsFqYXeKAzQC0kAK2tYBgjQdYzg4YrvwMTcajO
i7kA+CfR6k7LroPNMCDmhKqyQVtbKCwcV7XaYlFISn1eLiU06m317FXclDKTAhya
XNa1ND06GfWvOTRubY1rthteNXrwUEPpmiqUoX7QS6v/P5dRioZHxDJvIhJrx+x8
yaB3+9aJlz7vXPZ4LbANj7qQS93oAbkNPQRp/GbXSvhJxfvnCjyn4zRBUemQxTpZ
XibszL1YXdJyuHpZxyuLNsen3i4dHL/ByOdBoeo3/WzP
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:12 2025 by rpki-client