Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/4cae10-37a5-40ef-89d5-5701d01c1e87/1/q1da3a2IxGOgW15PY0Qo2SR2DFQ.roa
File: q1da3a2IxGOgW15PY0Qo2SR2DFQ.roa (raw, json)
Hash identifier: /qLBTIzMxE1zLl7/834pykelH9xJOHQqAG5vQv/O1qM=
Subject key identifier: AB:57:5A:DD:AD:88:C4:63:A0:5B:5E:4F:63:44:28:D9:24:76:0C:54
Certificate issuer: /CN=9f5ff3de10a31bbf5701c0bdb26c6508017da2ca
Certificate serial: 01821BA095114F0AB6E124426416398D7E3D
Authority key identifier: 9F:5F:F3:DE:10:A3:1B:BF:57:01:C0:BD:B2:6C:65:08:01:7D:A2:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n1_z3hCjG79XAcC9smxlCAF9oso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/4cae10-37a5-40ef-89d5-5701d01c1e87/1/q1da3a2IxGOgW15PY0Qo2SR2DFQ.roa
Signing time: Wed 20 Jul 2022 12:41:24 +0000
ROA not before: Wed 20 Jul 2022 12:41:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39431
IP address blocks: 176.108.109.0/24 maxlen: 24
176.108.119.0/24 maxlen: 24
193.93.17.0/24 maxlen: 24
193.93.16.0/24 maxlen: 24
193.93.16.0/23 maxlen: 24
193.93.19.0/24 maxlen: 24
193.93.18.0/24 maxlen: 24
193.93.18.0/23 maxlen: 24
2001:678:468::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:1b:a0:95:11:4f:0a:b6:e1:24:42:64:16:39:8d:7e:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f5ff3de10a31bbf5701c0bdb26c6508017da2ca
Validity
Not Before: Jul 20 12:41:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ab575addad88c463a05b5e4f634428d924760c54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:6c:d6:bf:d9:33:27:f5:63:11:fe:bb:95:cb:
28:97:d1:25:88:57:94:68:ea:b1:54:23:42:43:f8:
e3:2e:9e:8a:f4:b7:0c:42:41:d7:89:61:c3:53:27:
64:1d:58:1e:70:f3:29:8f:86:e8:67:72:01:a6:81:
bf:eb:9d:18:82:88:6c:88:d7:d0:5e:a3:1c:53:b1:
8e:36:74:6c:1e:2b:45:05:b5:8e:4a:cc:48:07:e7:
bb:1a:5b:71:80:e1:f3:56:12:40:67:de:b9:8b:21:
6e:b1:75:39:60:3f:a4:d2:bc:e7:be:f8:4d:a8:64:
3c:44:94:7d:27:0a:91:93:0e:3f:3c:c4:18:79:85:
f2:bd:29:85:be:5b:92:f0:69:33:5b:37:b8:43:76:
5a:01:df:f0:dc:8b:8e:51:04:51:db:6e:97:f9:fc:
9f:73:8d:1f:82:fb:36:92:da:37:cc:73:77:31:60:
97:3f:8f:ea:cd:27:07:76:ff:b6:3f:b4:da:ef:10:
67:8c:b5:18:fe:ca:ae:d3:27:a3:34:fb:99:46:42:
d7:e1:59:6c:89:d4:af:54:f2:a3:16:44:ac:b5:4d:
c4:7b:0d:b3:08:69:6c:5b:9b:87:10:74:ad:3d:8c:
01:91:4a:24:1a:9e:a3:1e:2d:ef:49:c3:e5:2c:25:
5c:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:57:5A:DD:AD:88:C4:63:A0:5B:5E:4F:63:44:28:D9:24:76:0C:54
X509v3 Authority Key Identifier:
keyid:9F:5F:F3:DE:10:A3:1B:BF:57:01:C0:BD:B2:6C:65:08:01:7D:A2:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n1_z3hCjG79XAcC9smxlCAF9oso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/4cae10-37a5-40ef-89d5-5701d01c1e87/1/q1da3a2IxGOgW15PY0Qo2SR2DFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/4cae10-37a5-40ef-89d5-5701d01c1e87/1/n1_z3hCjG79XAcC9smxlCAF9oso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.108.109.0/24
176.108.119.0/24
193.93.16.0/22
IPv6:
2001:678:468::/48
Signature Algorithm: sha256WithRSAEncryption
94:86:19:c6:c2:63:6e:b3:24:40:7b:8b:15:63:ed:41:20:a4:
81:21:70:5a:95:6d:09:f1:41:59:ee:b5:db:7e:fe:df:98:13:
65:11:fd:91:c1:4e:73:8e:83:89:9d:d9:c5:a3:49:d8:7a:e8:
bd:f4:4a:8b:50:d7:f0:c4:12:cb:1d:7b:4d:01:1e:80:e9:fe:
20:67:0e:b2:84:6e:29:c4:c7:8c:24:65:8e:96:5f:91:ff:53:
ba:9f:2d:19:52:93:c4:d3:06:12:70:f4:34:fe:b1:3e:68:10:
96:40:2e:3e:b6:03:ad:3a:b0:1e:17:88:56:35:a5:3b:27:04:
93:7d:b1:e0:15:3e:41:aa:de:2e:94:cc:c9:02:42:4c:cf:ab:
d3:f9:2d:2d:f7:d5:b1:8c:c7:2f:6b:7a:a0:3c:2f:b0:5e:24:
38:13:31:ae:d5:45:e9:67:10:14:6f:02:49:cb:1b:8b:cd:c5:
1b:dd:ee:62:b2:d7:ad:10:71:6b:4b:5e:a6:00:e7:01:5d:9d:
ca:2d:e9:35:ec:57:1a:0b:81:9f:fa:6d:10:a3:64:1f:c7:e0:
93:96:b3:29:75:bb:9e:f1:f6:f3:00:7b:64:31:45:b7:c7:f4:
30:74:35:f8:8d:6e:47:b6:9f:d3:66:de:5c:91:13:35:ff:99:
3e:32:e5:84
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYIboJURTwq24SRCZBY5jX49MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmNWZmM2RlMTBhMzFiYmY1NzAxYzBiZGIyNmM2NTA4MDE3
ZGEyY2EwHhcNMjIwNzIwMTI0MTI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjU3NWFkZGFkODhjNDYzYTA1YjVlNGY2MzQ0MjhkOTI0NzYwYzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGzWv9kzJ/VjEf67lcsol9EliFeU
aOqxVCNCQ/jjLp6K9LcMQkHXiWHDUydkHVgecPMpj4boZ3IBpoG/650YgohsiNfQ
XqMcU7GONnRsHitFBbWOSsxIB+e7GltxgOHzVhJAZ965iyFusXU5YD+k0rznvvhN
qGQ8RJR9JwqRkw4/PMQYeYXyvSmFvluS8GkzWze4Q3ZaAd/w3IuOUQRR226X+fyf
c40fgvs2kto3zHN3MWCXP4/qzScHdv+2P7Ta7xBnjLUY/squ0yejNPuZRkLX4Vls
idSvVPKjFkSstU3Eew2zCGlsW5uHEHStPYwBkUokGp6jHi3vScPlLCVc0wIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFKtXWt2tiMRjoFteT2NEKNkkdgxUMB8GA1UdIwQY
MBaAFJ9f894Qoxu/VwHAvbJsZQgBfaLKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjFfejNoQ2pHNzlYQWNDOXNteGxDQUY5b3NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi80Y2FlMTAtMzdhNS00MGVmLTg5ZDUt
NTcwMWQwMWMxZTg3LzEvcTFkYTNhMkl4R09nVzE1UFkwUW8yU1IyREZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi80Y2FlMTAtMzdhNS00MGVmLTg5ZDUtNTcwMWQwMWMxZTg3
LzEvbjFfejNoQ2pHNzlYQWNDOXNteGxDQUY5b3NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAsGxtAwQA
sGx3AwQCwV0QMA8EAgACMAkDBwAgAQZ4BGgwDQYJKoZIhvcNAQELBQADggEBAJSG
GcbCY26zJEB7ixVj7UEgpIEhcFqVbQnxQVnutdt+/t+YE2UR/ZHBTnOOg4md2cWj
Sdh66L30SotQ1/DEEssde00BHoDp/iBnDrKEbinEx4wkZY6WX5H/U7qfLRlSk8TT
BhJw9DT+sT5oEJZALj62A606sB4XiFY1pTsnBJN9seAVPkGq3i6UzMkCQkzPq9P5
LS331bGMxy9reqA8L7BeJDgTMa7VRelnEBRvAknLG4vNxRvd7mKy160QcWtLXqYA
5wFdncot6TXsVxoLgZ/6bRCjZB/H4JOWsyl1u57x9vMAe2QxRbfH9DB0NfiNbke2
n9Nm3lyREzX/mT4y5YQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:00 2024 by rpki-client on console-fra.rpki-client.org