Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/cb0d26-893b-4804-b5d2-0c584926d821/1/7qI_IMy-rVXGJ9MWZsLO8_EO1IM.roa
File: 7qI_IMy-rVXGJ9MWZsLO8_EO1IM.roa (raw, json)
Hash identifier: pL9jN2QAb/8jjr80EWefxbgHcFlixy4tO+XuF/CHmD8=
Subject key identifier: EE:A2:3F:20:CC:BE:AD:55:C6:27:D3:16:66:C2:CE:F3:F1:0E:D4:83
Certificate issuer: /CN=abe5e2eb170e0c2ab861db308dbbcb2a5fd5f18d
Certificate serial: 0A1065BC
Authority key identifier: AB:E5:E2:EB:17:0E:0C:2A:B8:61:DB:30:8D:BB:CB:2A:5F:D5:F1:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q-Xi6xcODCq4YdswjbvLKl_V8Y0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/cb0d26-893b-4804-b5d2-0c584926d821/1/7qI_IMy-rVXGJ9MWZsLO8_EO1IM.roa
Signing time: Sat 01 Jan 2022 12:57:40 +0000
ROA not before: Sat 01 Jan 2022 12:57:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35236
IP address blocks: 109.205.72.0/21 maxlen: 24
185.124.80.0/22 maxlen: 24
188.92.96.0/21 maxlen: 24
31.170.176.0/21 maxlen: 24
2a00:1238::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 168846780 (0xa1065bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abe5e2eb170e0c2ab861db308dbbcb2a5fd5f18d
Validity
Not Before: Jan 1 12:57:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=eea23f20ccbead55c627d31666c2cef3f10ed483
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:42:d7:e5:e5:d9:5b:b1:b9:f2:04:de:89:32:
62:75:39:dc:84:79:f7:99:df:8b:c2:43:be:3a:3d:
f7:57:df:c2:38:fb:dd:cf:2e:07:45:11:a8:03:92:
9a:ee:f0:02:b3:92:68:39:53:93:13:ad:ba:ee:b0:
28:81:b6:e1:bc:03:88:22:cc:1d:d4:5a:da:3d:4d:
50:dc:5e:21:d2:0e:04:de:55:6e:ae:10:ff:dc:5f:
a2:ff:d6:a8:01:d9:43:ab:65:40:99:4f:c4:3e:1e:
ae:70:2d:4a:af:fe:10:25:c4:d1:91:40:0a:a1:9b:
a3:5a:8e:ed:ca:f0:17:10:7d:f4:be:dc:81:b3:f5:
d7:61:a1:ba:c8:fa:4f:4e:6f:a3:aa:81:d2:19:15:
6e:5f:93:2d:24:f0:1b:07:39:ca:54:89:d7:90:2d:
d1:5e:ce:23:a1:f2:6f:25:ef:b0:20:14:82:44:0a:
e9:52:6e:0a:f4:63:f6:77:8e:7f:eb:a6:83:b1:7e:
f0:62:76:ee:39:e3:0b:5f:96:7c:be:a1:21:07:21:
46:81:9d:e5:e4:f8:a5:33:bf:2c:09:59:f2:a6:1c:
39:4f:37:3b:14:89:c9:57:04:44:80:04:a9:fd:44:
78:42:0a:13:71:1b:ef:c1:37:fd:d3:d0:c2:14:e0:
f5:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:A2:3F:20:CC:BE:AD:55:C6:27:D3:16:66:C2:CE:F3:F1:0E:D4:83
X509v3 Authority Key Identifier:
keyid:AB:E5:E2:EB:17:0E:0C:2A:B8:61:DB:30:8D:BB:CB:2A:5F:D5:F1:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q-Xi6xcODCq4YdswjbvLKl_V8Y0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/cb0d26-893b-4804-b5d2-0c584926d821/1/7qI_IMy-rVXGJ9MWZsLO8_EO1IM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/cb0d26-893b-4804-b5d2-0c584926d821/1/q-Xi6xcODCq4YdswjbvLKl_V8Y0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.176.0/21
109.205.72.0/21
185.124.80.0/22
188.92.96.0/21
IPv6:
2a00:1238::/32
Signature Algorithm: sha256WithRSAEncryption
63:3c:8a:d9:b3:66:88:48:be:77:e9:b9:06:c5:93:bf:bc:77:
07:b1:6e:df:5a:cd:86:36:ed:45:54:cc:01:e2:82:4e:dd:09:
27:81:c9:66:8a:b3:a7:f2:2d:bb:b7:5b:ae:ab:d6:47:dc:f2:
f1:c0:cc:b9:03:fb:fd:d4:b3:8d:ad:ee:64:f7:f7:97:01:9f:
fb:a8:43:3e:b5:8d:8c:08:aa:31:e1:97:04:ec:39:bf:3a:9c:
59:5a:86:91:fb:d2:04:16:84:41:ed:89:3c:16:8e:6c:bc:ed:
fa:c7:f7:98:7a:15:7a:8e:13:c4:27:c9:27:75:dd:1a:27:0e:
57:08:bf:52:78:59:a4:18:99:02:fb:1c:52:9c:dc:a9:ee:dd:
54:f2:d2:f6:b7:91:ca:bd:46:01:87:4e:06:95:c3:c4:37:14:
33:99:6c:be:44:4f:14:bc:7d:db:ca:1b:c3:4d:ad:34:2e:14:
23:59:d3:f5:69:81:8a:07:ac:eb:26:b6:eb:10:12:0f:98:e5:
a0:c3:fc:5c:93:ae:57:c6:41:da:3d:cc:7f:f5:14:43:8e:28:
45:15:70:0b:91:58:dd:3b:a8:b1:55:fc:08:f8:cc:03:21:77:
6c:0b:6e:7d:ae:1b:0b:ae:2d:8c:91:cc:7b:c1:14:b4:54:d9:
95:67:88:b7
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEChBlvDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YmU1ZTJlYjE3MGUwYzJhYjg2MWRiMzA4ZGJiY2IyYTVmZDVmMThkMB4XDTIyMDEw
MTEyNTc0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWVhMjNmMjBjY2Jl
YWQ1NWM2MjdkMzE2NjZjMmNlZjNmMTBlZDQ4MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKBC1+Xl2VuxufIE3okyYnU53IR595nfi8JDvjo991ffwjj7
3c8uB0URqAOSmu7wArOSaDlTkxOtuu6wKIG24bwDiCLMHdRa2j1NUNxeIdIOBN5V
bq4Q/9xfov/WqAHZQ6tlQJlPxD4ernAtSq/+ECXE0ZFACqGbo1qO7crwFxB99L7c
gbP112Ghusj6T05vo6qB0hkVbl+TLSTwGwc5ylSJ15At0V7OI6HybyXvsCAUgkQK
6VJuCvRj9neOf+umg7F+8GJ27jnjC1+WfL6hIQchRoGd5eT4pTO/LAlZ8qYcOU83
OxSJyVcERIAEqf1EeEIKE3Eb78E3/dPQwhTg9QkCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBTuoj8gzL6tVcYn0xZmws7z8Q7UgzAfBgNVHSMEGDAWgBSr5eLrFw4MKrhh
2zCNu8sqX9XxjTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3EtWGk2eGNPRENxNFlkc3dqYnZMS2xfVjhZMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2UvY2IwZDI2LTg5M2ItNDgwNC1iNWQyLTBjNTg0OTI2ZDgyMS8x
LzdxSV9JTXktclZYR0o5TVdac0xPOF9FTzFJTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Uv
Y2IwZDI2LTg5M2ItNDgwNC1iNWQyLTBjNTg0OTI2ZDgyMS8xL3EtWGk2eGNPRENx
NFlkc3dqYnZMS2xfVjhZMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAx+qsAMEA23NSAMEArl8UAMEA7xc
YDANBAIAAjAHAwUAKgASODANBgkqhkiG9w0BAQsFAAOCAQEAYzyK2bNmiEi+d+m5
BsWTv7x3B7Fu31rNhjbtRVTMAeKCTt0JJ4HJZoqzp/Itu7dbrqvWR9zy8cDMuQP7
/dSzja3uZPf3lwGf+6hDPrWNjAiqMeGXBOw5vzqcWVqGkfvSBBaEQe2JPBaObLzt
+sf3mHoVeo4TxCfJJ3XdGicOVwi/UnhZpBiZAvscUpzcqe7dVPLS9reRyr1GAYdO
BpXDxDcUM5lsvkRPFLx928obw02tNC4UI1nT9WmBiges6ya26xASD5jloMP8XJOu
V8ZB2j3Mf/UUQ44oRRVwC5FY3TuosVX8CPjMAyF3bAtufa4bC64tjJHMe8EUtFTZ
lWeItw==
-----END CERTIFICATE-----
Generated at Sun Apr 20 21:38:20 2025 by rpki-client