Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Q_57o1RFCa5_U0hE876Qe2I2NmI.roa
File: Q_57o1RFCa5_U0hE876Qe2I2NmI.roa (raw, json)
Hash identifier: C9ZOc2iRYthmFfzpCvHrIbf8e1natDs7H9leZPKxEJc=
Subject key identifier: 43:FE:7B:A3:54:45:09:AE:7F:53:48:44:F3:BE:90:7B:62:36:36:62
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 42829C4F
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Q_57o1RFCa5_U0hE876Qe2I2NmI.roa
Signing time: Sat 01 Jan 2022 14:03:24 +0000
ROA not before: Sat 01 Jan 2022 14:03:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199150
IP address blocks: 193.180.242.0/24 maxlen: 24
194.71.236.0/22 maxlen: 22
2a01:280:108::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1115855951 (0x42829c4f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 14:03:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=43fe7ba3544509ae7f534844f3be907b62363662
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:be:d6:58:83:f5:cc:f8:97:52:42:18:7e:da:
4d:bb:43:e9:f3:b7:7a:3f:01:54:ea:24:f9:cf:b9:
f2:f2:a5:ce:21:c3:db:41:4c:07:98:7c:76:85:44:
67:6e:c7:26:c7:fe:78:e4:b7:63:94:ed:df:f8:7c:
04:76:d3:89:d1:84:27:b1:39:80:c6:c5:fb:9a:8c:
80:30:b4:e0:8d:21:05:46:a5:b8:5f:6e:dc:3f:16:
13:2f:95:15:c0:84:20:c7:fa:cf:5c:0c:63:9d:25:
17:8a:42:d5:fe:be:08:3e:f5:a1:bf:e8:c1:3c:71:
75:9b:33:a8:fa:87:89:f1:4f:b2:94:d4:c1:49:7f:
c0:b6:1b:f0:56:94:8c:40:f5:c1:23:94:c3:f5:24:
94:2c:f0:fa:85:da:c2:0d:aa:b5:2a:18:b9:58:ed:
04:b3:5b:73:fa:be:8e:1f:de:35:b8:7d:22:d8:44:
be:29:b4:a8:44:03:9a:b7:e0:42:e4:9d:62:3b:1a:
5c:58:7f:00:e7:ec:48:b1:b6:67:e0:bc:18:02:dc:
ea:f6:61:12:11:80:d8:2b:73:21:f3:b5:d4:6b:98:
6a:51:e0:b2:b7:c2:5e:b6:fe:c5:78:22:98:38:88:
6e:03:f0:2d:16:75:6a:28:2f:36:34:ec:c4:16:d4:
05:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:FE:7B:A3:54:45:09:AE:7F:53:48:44:F3:BE:90:7B:62:36:36:62
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Q_57o1RFCa5_U0hE876Qe2I2NmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.180.242.0/24
194.71.236.0/22
IPv6:
2a01:280:108::/48
Signature Algorithm: sha256WithRSAEncryption
92:6f:f2:f2:ed:d5:1a:0a:8f:55:20:c6:3e:a8:b6:1c:8c:9f:
ba:2a:7d:31:95:62:3f:7f:92:ac:40:66:9a:2a:d8:b0:3c:05:
76:c0:19:51:a9:8b:60:69:c7:25:af:76:1b:44:4f:b5:d4:e7:
7a:3e:3d:eb:65:0b:13:62:0e:86:5f:10:2c:37:9e:db:ef:2d:
0d:f8:92:32:65:a4:f6:42:b2:c1:46:ca:9b:17:00:ff:21:ed:
f9:e2:b0:d2:db:aa:d1:e3:1b:e1:a7:c9:13:1e:32:7d:61:dd:
51:01:61:3a:0c:d4:2a:bc:26:a6:2f:91:71:11:f1:22:90:e1:
29:dc:69:d7:68:b8:fc:20:ec:23:a2:a0:03:ef:89:16:39:6f:
ef:5f:10:11:6f:0d:1e:b3:e2:de:6c:76:e9:b5:61:27:d2:67:
e3:4c:23:1c:26:b3:a2:a0:2c:1c:1b:1b:80:33:98:2f:ec:fd:
00:1e:26:41:e5:6c:29:29:08:b8:b7:11:27:d0:46:ee:c3:77:
44:67:87:b6:49:f0:b9:db:ee:66:04:9b:be:f4:28:55:b4:16:
e5:cd:f6:92:d1:bd:3b:ae:ec:f3:79:c2:2f:f2:60:e4:54:96:
c7:e9:82:16:3b:48:fa:27:bc:57:45:ba:1b:d9:6e:cf:51:fc:
7a:6a:94:39
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIEQoKcTzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MTM1YzdmNTcxZWVmZWI2NzQwNGFiNmM0NWZkNDc1NTUxYWRhZjFiMB4XDTIyMDEw
MTE0MDMyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDNmZTdiYTM1NDQ1
MDlhZTdmNTM0ODQ0ZjNiZTkwN2I2MjM2MzY2MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOO+1liD9cz4l1JCGH7aTbtD6fO3ej8BVOok+c+58vKlziHD
20FMB5h8doVEZ27HJsf+eOS3Y5Tt3/h8BHbTidGEJ7E5gMbF+5qMgDC04I0hBUal
uF9u3D8WEy+VFcCEIMf6z1wMY50lF4pC1f6+CD71ob/owTxxdZszqPqHifFPspTU
wUl/wLYb8FaUjED1wSOUw/UklCzw+oXawg2qtSoYuVjtBLNbc/q+jh/eNbh9IthE
vim0qEQDmrfgQuSdYjsaXFh/AOfsSLG2Z+C8GALc6vZhEhGA2CtzIfO11GuYalHg
srfCXrb+xXgimDiIbgPwLRZ1aigvNjTsxBbUBZkCAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBRD/nujVEUJrn9TSETzvpB7YjY2YjAfBgNVHSMEGDAWgBQhNcf1ce7+tnQE
q2xF/UdVUa2vGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lUWEg5WEh1X3JaMEJLdHNSZjFIVlZHdHJ4cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDkvNjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8x
L1FfNTdvMVJGQ2E1X1UwaEU4NzZRZTJJMk5tSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkv
NjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8xL0lUWEg5WEh1X3Ja
MEJLdHNSZjFIVlZHdHJ4cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2
BggrBgEFBQcBBwEB/wQnMCUwEgQCAAEwDAMEAMG08gMEAsJH7DAPBAIAAjAJAwcA
KgECgAEIMA0GCSqGSIb3DQEBCwUAA4IBAQCSb/Ly7dUaCo9VIMY+qLYcjJ+6Kn0x
lWI/f5KsQGaaKtiwPAV2wBlRqYtgacclr3YbRE+11Od6Pj3rZQsTYg6GXxAsN57b
7y0N+JIyZaT2QrLBRsqbFwD/Ie354rDS26rR4xvhp8kTHjJ9Yd1RAWE6DNQqvCam
L5FxEfEikOEp3GnXaLj8IOwjoqAD74kWOW/vXxARbw0es+LebHbptWEn0mfjTCMc
JrOioCwcGxuAM5gv7P0AHiZB5WwpKQi4txEn0Ebuw3dEZ4e2SfC52+5mBJu+9ChV
tBblzfaS0b07ruzzecIv8mDkVJbH6YIWO0j6J7xXRbob2W7PUfx6apQ5
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:09:24 2025 by rpki-client