Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/500150-1551-47de-b504-d64683cee16f/1/qIJsnzfLOux3CWaqVpjcVXLlxDA.roa
File: qIJsnzfLOux3CWaqVpjcVXLlxDA.roa (raw, json)
Hash identifier: 4pdDqSBRyRGAS+nyKPjv5ullTPbNsOQsnB0NtuOfk6w=
Subject key identifier: A8:82:6C:9F:37:CB:3A:EC:77:09:66:AA:56:98:DC:55:72:E5:C4:30
Certificate issuer: /CN=a608db43964b6986ec740f0b5e33f627589ac560
Certificate serial: 01856E81F9E6528BA840BF0A0B9C411A30D4
Authority key identifier: A6:08:DB:43:96:4B:69:86:EC:74:0F:0B:5E:33:F6:27:58:9A:C5:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pgjbQ5ZLaYbsdA8LXjP2J1iaxWA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/500150-1551-47de-b504-d64683cee16f/1/qIJsnzfLOux3CWaqVpjcVXLlxDA.roa
Signing time: Sun 01 Jan 2023 18:04:49 +0000
ROA not before: Sun 01 Jan 2023 18:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209517
IP address blocks: 176.96.224.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:81:f9:e6:52:8b:a8:40:bf:0a:0b:9c:41:1a:30:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a608db43964b6986ec740f0b5e33f627589ac560
Validity
Not Before: Jan 1 18:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a8826c9f37cb3aec770966aa5698dc5572e5c430
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:02:7c:e7:f4:cc:d8:ad:a1:18:ce:17:91:d7:
f0:c1:bf:d0:dd:ea:24:f0:09:76:f1:7c:78:b0:5f:
ce:7e:ec:1d:d9:bf:15:2c:2f:01:04:65:3c:c3:67:
c5:63:05:fd:d8:2e:41:16:7b:d2:ab:c8:0d:99:f2:
bf:56:d9:8e:82:61:be:a3:1f:12:44:55:d3:0d:d4:
6d:1b:5f:b4:33:a4:6e:5c:75:8b:5c:0f:40:4b:dd:
aa:4f:3a:59:c4:62:03:4e:f5:6e:29:b6:ae:d6:d6:
19:9d:74:aa:0f:6f:93:fb:25:dc:f8:dc:2e:56:27:
8a:9d:3f:af:b6:77:d5:6f:a4:a6:90:5c:11:80:95:
9e:73:c4:03:37:a6:4e:22:a9:c7:db:51:dc:10:22:
34:ce:07:9e:e0:82:6a:25:59:66:68:71:d4:d3:a1:
02:56:e4:04:0a:63:a1:b9:fc:b8:11:61:9a:aa:f8:
2a:6b:97:c4:fe:1f:41:6a:f0:9b:ad:3c:9b:20:32:
03:fc:09:37:6b:ec:66:3f:d9:39:ba:2e:51:4a:7b:
be:16:94:a1:33:33:b5:09:a1:48:aa:51:59:c4:ab:
fe:bb:fc:98:44:c5:6a:1b:13:a6:f5:90:ae:21:c3:
0d:a6:54:bc:02:99:b1:03:6a:5c:36:48:90:ac:3d:
03:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:82:6C:9F:37:CB:3A:EC:77:09:66:AA:56:98:DC:55:72:E5:C4:30
X509v3 Authority Key Identifier:
keyid:A6:08:DB:43:96:4B:69:86:EC:74:0F:0B:5E:33:F6:27:58:9A:C5:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pgjbQ5ZLaYbsdA8LXjP2J1iaxWA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/500150-1551-47de-b504-d64683cee16f/1/qIJsnzfLOux3CWaqVpjcVXLlxDA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/500150-1551-47de-b504-d64683cee16f/1/pgjbQ5ZLaYbsdA8LXjP2J1iaxWA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.96.224.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:d0:c6:85:e5:28:97:32:da:db:ae:db:c3:0c:5a:0e:0f:eb:
a2:7c:28:de:94:48:ad:a5:1a:40:72:e8:c2:90:a4:d4:38:ed:
16:de:55:22:c9:23:cb:21:0f:f7:df:77:f6:41:d0:5d:c2:d5:
f9:cc:96:2c:97:20:6c:b8:5e:b3:1a:9d:dc:c0:73:77:4d:7f:
00:f3:de:59:85:1b:50:db:fe:fe:a3:12:04:ea:6b:1f:a5:85:
64:30:d1:2d:2b:28:15:77:30:0f:08:3a:0d:52:aa:85:29:ce:
ca:1a:5a:06:0c:05:24:76:71:36:ad:da:41:44:f6:2c:62:55:
ee:8d:4b:79:c5:f6:90:78:fa:24:ba:8d:14:b6:7f:88:74:eb:
08:9c:7f:73:7b:6b:02:e3:10:3a:ad:39:2d:7c:3c:53:f0:c2:
f7:d9:d9:1f:f2:a4:66:08:fb:af:0d:12:c5:9b:f6:87:09:16:
86:6f:b6:87:22:b8:59:0b:01:e7:6b:94:9c:23:e5:e4:d2:a2:
b5:3b:8b:4c:12:1a:79:ec:63:8c:7f:78:b1:6a:1a:d7:87:7e:
f9:85:3e:32:de:66:bc:23:3a:ac:65:73:88:c1:be:03:0f:27:
da:e5:fd:25:e8:5b:a2:41:0c:83:81:08:dc:b2:9d:18:10:4b:
ac:26:7c:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVugfnmUouoQL8KC5xBGjDUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MDhkYjQzOTY0YjY5ODZlYzc0MGYwYjVlMzNmNjI3NTg5
YWM1NjAwHhcNMjMwMTAxMTgwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODgyNmM5ZjM3Y2IzYWVjNzcwOTY2YWE1Njk4ZGM1NTcyZTVjNDMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgJ85/TM2K2hGM4Xkdfwwb/Q3eok
8Al28Xx4sF/Ofuwd2b8VLC8BBGU8w2fFYwX92C5BFnvSq8gNmfK/VtmOgmG+ox8S
RFXTDdRtG1+0M6RuXHWLXA9AS92qTzpZxGIDTvVuKbau1tYZnXSqD2+T+yXc+Nwu
VieKnT+vtnfVb6SmkFwRgJWec8QDN6ZOIqnH21HcECI0zgee4IJqJVlmaHHU06EC
VuQECmOhufy4EWGaqvgqa5fE/h9BavCbrTybIDID/Ak3a+xmP9k5ui5RSnu+FpSh
MzO1CaFIqlFZxKv+u/yYRMVqGxOm9ZCuIcMNplS8ApmxA2pcNkiQrD0DgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKiCbJ83yzrsdwlmqlaY3FVy5cQwMB8GA1UdIwQY
MBaAFKYI20OWS2mG7HQPC14z9idYmsVgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGdqYlE1WkxhWWJzZEE4TFhqUDJKMWlheFdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi81MDAxNTAtMTU1MS00N2RlLWI1MDQt
ZDY0NjgzY2VlMTZmLzEvcUlKc256ZkxPdXgzQ1dhcVZwamNWWExseERBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi81MDAxNTAtMTU1MS00N2RlLWI1MDQtZDY0NjgzY2VlMTZm
LzEvcGdqYlE1WkxhWWJzZEE4TFhqUDJKMWlheFdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsGDgMA0G
CSqGSIb3DQEBCwUAA4IBAQCt0MaF5SiXMtrbrtvDDFoOD+uifCjelEitpRpAcujC
kKTUOO0W3lUiySPLIQ/333f2QdBdwtX5zJYslyBsuF6zGp3cwHN3TX8A895ZhRtQ
2/7+oxIE6msfpYVkMNEtKygVdzAPCDoNUqqFKc7KGloGDAUkdnE2rdpBRPYsYlXu
jUt5xfaQePokuo0Utn+IdOsInH9ze2sC4xA6rTktfDxT8ML32dkf8qRmCPuvDRLF
m/aHCRaGb7aHIrhZCwHna5ScI+Xk0qK1O4tMEhp57GOMf3ixahrXh375hT4y3ma8
IzqsZXOIwb4DDyfa5f0l6FuiQQyDgQjcsp0YEEusJnwg
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:37 2025 by rpki-client