Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/4bcb1b-ff41-48e0-8db8-6212ac49ca3b/1/qxiR52iH7mPWhTs-8ejBGRnK7PA.roa
File: qxiR52iH7mPWhTs-8ejBGRnK7PA.roa (raw, json)
Hash identifier: vp7oIk3zeakEgKByzQmyQzIamDiAovMMnLq6E2wfBA8=
Subject key identifier: AB:18:91:E7:68:87:EE:63:D6:85:3B:3E:F1:E8:C1:19:19:CA:EC:F0
Certificate issuer: /CN=ddb71471373bb0603c356eeded4b918292b5beee
Certificate serial: 018570F0AD193B6625E92B0C461CDF843496
Authority key identifier: DD:B7:14:71:37:3B:B0:60:3C:35:6E:ED:ED:4B:91:82:92:B5:BE:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3bcUcTc7sGA8NW7t7UuRgpK1vu4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/4bcb1b-ff41-48e0-8db8-6212ac49ca3b/1/qxiR52iH7mPWhTs-8ejBGRnK7PA.roa
Signing time: Mon 02 Jan 2023 05:24:59 +0000
ROA not before: Mon 02 Jan 2023 05:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3257
IP address blocks: 145.8.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:f0:ad:19:3b:66:25:e9:2b:0c:46:1c:df:84:34:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddb71471373bb0603c356eeded4b918292b5beee
Validity
Not Before: Jan 2 05:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ab1891e76887ee63d6853b3ef1e8c11919caecf0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:52:cc:9a:f9:59:ee:97:63:a8:fd:41:83:54:
79:b2:30:16:9c:bd:82:da:0d:f7:30:e0:84:2a:a4:
21:59:fc:4c:d5:f4:3a:00:65:aa:5e:a1:56:cf:01:
38:54:81:5b:11:e6:c3:a5:7a:7e:5b:fa:e9:dd:d7:
a9:b4:5c:e4:7a:21:b2:8c:e5:80:54:f8:96:b4:e1:
d3:06:52:0c:d3:a9:cd:cb:a6:f2:92:44:3a:1a:ea:
16:75:fb:03:44:25:e4:db:b2:d9:e2:b3:63:0e:01:
60:41:68:12:49:c0:93:a7:f9:ed:fd:1b:bc:1d:94:
b0:68:f3:7e:26:9c:d4:54:55:c0:4d:96:11:4b:ba:
41:3d:23:73:aa:a7:38:a7:ff:9e:5f:0a:b8:c4:e6:
e0:2e:94:b5:9e:84:a7:19:0d:2f:5f:50:ba:ef:be:
56:b1:9a:e6:b4:3b:74:a3:10:f2:14:46:94:8e:94:
bd:4a:9c:97:79:e1:2d:cf:86:88:c6:83:8e:ed:82:
20:57:f4:b5:1a:c7:f7:a4:ea:37:c7:87:74:4d:a5:
aa:81:07:6f:9b:33:9d:be:df:af:c2:42:b0:6b:fd:
b9:fe:d8:be:2a:aa:d0:77:66:1f:5f:f1:57:ef:1a:
1a:99:2b:50:5a:78:a7:0f:7a:40:fc:30:08:43:74:
06:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:18:91:E7:68:87:EE:63:D6:85:3B:3E:F1:E8:C1:19:19:CA:EC:F0
X509v3 Authority Key Identifier:
keyid:DD:B7:14:71:37:3B:B0:60:3C:35:6E:ED:ED:4B:91:82:92:B5:BE:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3bcUcTc7sGA8NW7t7UuRgpK1vu4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/4bcb1b-ff41-48e0-8db8-6212ac49ca3b/1/qxiR52iH7mPWhTs-8ejBGRnK7PA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/4bcb1b-ff41-48e0-8db8-6212ac49ca3b/1/3bcUcTc7sGA8NW7t7UuRgpK1vu4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.8.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c6:47:5a:05:d0:43:f8:91:89:bd:ac:6c:0b:a4:d8:11:c9:87:
2e:9b:e7:01:69:55:e3:e6:d7:a2:95:12:72:56:b6:05:0e:71:
76:eb:53:59:75:0e:9e:a2:2b:d7:c4:b3:cd:16:be:16:c7:1a:
9d:79:4a:b4:f5:a1:08:8e:ce:4d:dc:9f:f1:83:05:cb:a7:f9:
23:a0:c7:3d:53:9e:55:f4:0e:69:f4:2f:d4:7e:e1:d2:69:1d:
a5:38:9d:29:09:dd:0b:c1:e0:aa:f2:1c:3b:a9:d9:59:8a:b5:
28:0e:9b:87:e9:af:7d:c4:ea:9c:42:cc:bb:46:04:05:41:fb:
44:36:65:b4:84:3e:bb:e8:97:9b:8c:9b:36:05:13:c9:39:6b:
b3:16:74:6d:18:b6:5e:30:4c:a4:1e:37:58:4c:31:93:ef:92:
7e:84:e7:0f:e1:36:11:7d:ae:6c:98:4d:2a:a4:4c:2a:c7:cf:
b6:86:f2:51:1f:c3:35:38:3e:8e:2a:0e:bb:ca:c7:21:83:8d:
3b:0f:bb:da:5a:87:84:65:ac:e3:b0:dd:37:b0:17:e3:67:a7:
af:e8:58:a5:60:2f:c4:9c:ed:62:6e:69:ba:36:ce:8b:f7:b6:
5d:dd:df:45:3c:55:fb:dd:b0:e1:42:72:f3:69:e0:5f:d6:3c:
e9:8b:2b:7a
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVw8K0ZO2Yl6SsMRhzfhDSWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkYjcxNDcxMzczYmIwNjAzYzM1NmVlZGVkNGI5MTgyOTJi
NWJlZWUwHhcNMjMwMTAyMDUyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjE4OTFlNzY4ODdlZTYzZDY4NTNiM2VmMWU4YzExOTE5Y2FlY2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1LMmvlZ7pdjqP1Bg1R5sjAWnL2C
2g33MOCEKqQhWfxM1fQ6AGWqXqFWzwE4VIFbEebDpXp+W/rp3deptFzkeiGyjOWA
VPiWtOHTBlIM06nNy6bykkQ6GuoWdfsDRCXk27LZ4rNjDgFgQWgSScCTp/nt/Ru8
HZSwaPN+JpzUVFXATZYRS7pBPSNzqqc4p/+eXwq4xObgLpS1noSnGQ0vX1C6775W
sZrmtDt0oxDyFEaUjpS9SpyXeeEtz4aIxoOO7YIgV/S1Gsf3pOo3x4d0TaWqgQdv
mzOdvt+vwkKwa/25/ti+KqrQd2YfX/FX7xoamStQWninD3pA/DAIQ3QGmwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFKsYkedoh+5j1oU7PvHowRkZyuzwMB8GA1UdIwQY
MBaAFN23FHE3O7BgPDVu7e1LkYKStb7uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2JjVWNUYzdzR0E4Tlc3dDdVdVJncEsxdnU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy80YmNiMWItZmY0MS00OGUwLThkYjgt
NjIxMmFjNDljYTNiLzEvcXhpUjUyaUg3bVBXaFRzLThlakJHUm5LN1BBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy80YmNiMWItZmY0MS00OGUwLThkYjgtNjIxMmFjNDljYTNi
LzEvM2JjVWNUYzdzR0E4Tlc3dDdVdVJncEsxdnU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAkQgwDQYJ
KoZIhvcNAQELBQADggEBAMZHWgXQQ/iRib2sbAuk2BHJhy6b5wFpVePm16KVEnJW
tgUOcXbrU1l1Dp6iK9fEs80WvhbHGp15SrT1oQiOzk3cn/GDBcun+SOgxz1TnlX0
Dmn0L9R+4dJpHaU4nSkJ3QvB4KryHDup2VmKtSgOm4fpr33E6pxCzLtGBAVB+0Q2
ZbSEPrvol5uMmzYFE8k5a7MWdG0Ytl4wTKQeN1hMMZPvkn6E5w/hNhF9rmyYTSqk
TCrHz7aG8lEfwzU4Po4qDrvKxyGDjTsPu9pah4RlrOOw3TewF+Nnp6/oWKVgL8Sc
7WJuabo2zov3tl3d30U8VfvdsOFCcvNp4F/WPOmLK3o=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:24:49 2025 by rpki-client