Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/cceaf2-7561-42a7-8d12-8e060ca96fac/1/QgAJrAJNncwD1ray12UcAjKc-Vk.roa
File: QgAJrAJNncwD1ray12UcAjKc-Vk.roa (raw, json)
Hash identifier: 6PpYfzSt8JyTWOxrpleZuSm7xH6UAhE0VVY0xX5Rb1s=
Subject key identifier: 42:00:09:AC:02:4D:9D:CC:03:D6:B6:B2:D7:65:1C:02:32:9C:F9:59
Certificate issuer: /CN=1d861782973c382cc1ce670f5ad50df8fb53c82e
Certificate serial: 0185708CAFCC8C08AA64CE401D2B2B26CA09
Authority key identifier: 1D:86:17:82:97:3C:38:2C:C1:CE:67:0F:5A:D5:0D:F8:FB:53:C8:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HYYXgpc8OCzBzmcPWtUN-PtTyC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/cceaf2-7561-42a7-8d12-8e060ca96fac/1/QgAJrAJNncwD1ray12UcAjKc-Vk.roa
Signing time: Mon 02 Jan 2023 03:35:46 +0000
ROA not before: Mon 02 Jan 2023 03:35:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44704
IP address blocks: 195.42.96.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:af:cc:8c:08:aa:64:ce:40:1d:2b:2b:26:ca:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d861782973c382cc1ce670f5ad50df8fb53c82e
Validity
Not Before: Jan 2 03:35:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=420009ac024d9dcc03d6b6b2d7651c02329cf959
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:7d:d2:6c:f0:56:a3:30:48:68:36:2c:d1:57:
9f:0f:af:6a:91:13:51:c2:bc:5c:80:22:9a:97:f5:
0a:6e:cd:cf:e3:47:8a:d6:da:cb:68:e7:2b:6b:38:
ad:ab:55:3c:cc:6e:e4:fd:49:6b:78:93:9a:11:58:
8e:d6:a2:72:46:f2:d5:0e:65:c8:30:c1:70:4f:12:
23:ac:c2:31:2b:ae:0e:83:77:84:38:2d:28:9b:b7:
fe:65:5f:73:1a:f9:f1:fb:48:ed:68:a9:30:ca:56:
d2:67:fe:33:a0:59:13:65:1b:93:df:a9:6a:a8:4c:
00:af:67:5f:f3:5a:fa:14:c5:1f:7a:1c:ac:fa:d5:
f1:79:8e:95:59:69:c0:8a:c9:ed:a8:fe:d5:27:e4:
61:28:ce:bb:fa:0e:2c:c0:94:c0:a2:3e:06:e6:6a:
c8:f2:d0:3b:26:bf:e2:77:72:5d:b0:76:00:33:82:
2b:94:c2:f4:86:5d:72:7e:0b:ea:0c:91:7e:2a:ef:
ac:38:45:b8:38:21:df:9f:49:44:61:0d:47:31:c8:
a3:81:28:1d:f4:46:8e:b9:20:da:ee:31:fd:17:95:
6d:e5:00:e9:fc:ef:e4:68:bf:29:ea:41:1e:86:1a:
f8:70:fb:a0:dd:47:82:ac:13:af:d7:49:f8:0d:83:
e2:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:00:09:AC:02:4D:9D:CC:03:D6:B6:B2:D7:65:1C:02:32:9C:F9:59
X509v3 Authority Key Identifier:
keyid:1D:86:17:82:97:3C:38:2C:C1:CE:67:0F:5A:D5:0D:F8:FB:53:C8:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HYYXgpc8OCzBzmcPWtUN-PtTyC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/cceaf2-7561-42a7-8d12-8e060ca96fac/1/QgAJrAJNncwD1ray12UcAjKc-Vk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/cceaf2-7561-42a7-8d12-8e060ca96fac/1/HYYXgpc8OCzBzmcPWtUN-PtTyC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.42.96.0/23
Signature Algorithm: sha256WithRSAEncryption
14:58:13:56:c3:1f:f2:2c:9a:b1:59:15:17:f0:97:e7:4f:b7:
5b:b1:b6:5d:9f:34:23:0b:56:1f:e3:cb:d4:f6:40:db:f3:99:
96:9c:34:2c:a2:b1:08:4b:e2:5d:5a:91:ab:05:34:ff:2c:ed:
36:4c:bd:32:3e:d9:e4:11:5f:09:46:f6:81:90:d1:7a:25:f5:
65:c2:97:46:fa:2a:05:2f:98:33:3c:94:53:08:af:03:eb:62:
ae:9b:b5:b1:01:ae:e9:f7:54:c4:d9:7e:0e:27:29:64:55:a7:
08:e4:0b:5e:eb:79:ab:91:48:f5:5d:9a:01:0d:0c:6e:b2:30:
7d:18:ba:8c:6a:c9:6d:b4:2a:27:51:ea:4d:78:fc:f7:6e:dc:
34:7e:db:cf:29:9f:c6:27:a7:3a:f0:d0:72:ea:4e:58:7a:1b:
1f:51:e3:d3:13:c0:21:1c:60:0e:cf:00:1e:6f:b6:89:77:8e:
81:91:92:69:48:ba:84:50:de:b6:e1:06:31:68:df:b9:c0:3d:
36:a4:a3:d8:03:8b:1a:f2:94:6f:7b:a0:3f:7d:f9:7e:48:41:
54:5c:a1:d9:d8:24:4f:3d:ab:d4:40:23:2d:47:b5:73:a2:7b:
5f:a6:b7:9b:9a:f6:ee:d0:71:19:37:7c:f0:2a:e3:e4:46:f1:
f8:8c:ce:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwjK/MjAiqZM5AHSsrJsoJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkODYxNzgyOTczYzM4MmNjMWNlNjcwZjVhZDUwZGY4ZmI1
M2M4MmUwHhcNMjMwMTAyMDMzNTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjAwMDlhYzAyNGQ5ZGNjMDNkNmI2YjJkNzY1MWMwMjMyOWNmOTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx33SbPBWozBIaDYs0VefD69qkRNR
wrxcgCKal/UKbs3P40eK1trLaOcrazitq1U8zG7k/UlreJOaEViO1qJyRvLVDmXI
MMFwTxIjrMIxK64Og3eEOC0om7f+ZV9zGvnx+0jtaKkwylbSZ/4zoFkTZRuT36lq
qEwAr2df81r6FMUfehys+tXxeY6VWWnAisntqP7VJ+RhKM67+g4swJTAoj4G5mrI
8tA7Jr/id3JdsHYAM4IrlML0hl1yfgvqDJF+Ku+sOEW4OCHfn0lEYQ1HMcijgSgd
9EaOuSDa7jH9F5Vt5QDp/O/kaL8p6kEehhr4cPug3UeCrBOv10n4DYPiWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEIACawCTZ3MA9a2stdlHAIynPlZMB8GA1UdIwQY
MBaAFB2GF4KXPDgswc5nD1rVDfj7U8guMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFlZWGdwYzhPQ3pCem1jUFd0VU4tUHRUeUM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9jY2VhZjItNzU2MS00MmE3LThkMTIt
OGUwNjBjYTk2ZmFjLzEvUWdBSnJBSk5uY3dEMXJheTEyVWNBaktjLVZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9jY2VhZjItNzU2MS00MmE3LThkMTItOGUwNjBjYTk2ZmFj
LzEvSFlZWGdwYzhPQ3pCem1jUFd0VU4tUHRUeUM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwypgMA0G
CSqGSIb3DQEBCwUAA4IBAQAUWBNWwx/yLJqxWRUX8JfnT7dbsbZdnzQjC1Yf48vU
9kDb85mWnDQsorEIS+JdWpGrBTT/LO02TL0yPtnkEV8JRvaBkNF6JfVlwpdG+ioF
L5gzPJRTCK8D62Kum7WxAa7p91TE2X4OJylkVacI5Ate63mrkUj1XZoBDQxusjB9
GLqMaslttConUepNePz3btw0ftvPKZ/GJ6c68NBy6k5YehsfUePTE8AhHGAOzwAe
b7aJd46BkZJpSLqEUN624QYxaN+5wD02pKPYA4sa8pRve6A/ffl+SEFUXKHZ2CRP
PavUQCMtR7Vzontfprebmvbu0HEZN3zwKuPkRvH4jM4X
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:48:35 2025 by rpki-client