Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/59d555-20bd-4c42-84ba-72ce95ba9afa/1/QO3eTED3mAnBz6V1DS7TDrB2oXs.roa
File: QO3eTED3mAnBz6V1DS7TDrB2oXs.roa (raw, json)
Hash identifier: wIpJ3mRLDBFt+9bygw7DnODTi2+GnEa9fAZBb+fdRrg=
Subject key identifier: 40:ED:DE:4C:40:F7:98:09:C1:CF:A5:75:0D:2E:D3:0E:B0:76:A1:7B
Certificate issuer: /CN=1ad61a52f1082ecf4c97b5122b4611225073451b
Certificate serial: 01856BA5737ED8D7D753EFED77D54160A355
Authority key identifier: 1A:D6:1A:52:F1:08:2E:CF:4C:97:B5:12:2B:46:11:22:50:73:45:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GtYaUvEILs9Ml7USK0YRIlBzRRs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/59d555-20bd-4c42-84ba-72ce95ba9afa/1/QO3eTED3mAnBz6V1DS7TDrB2oXs.roa
Signing time: Sun 01 Jan 2023 04:44:43 +0000
ROA not before: Sun 01 Jan 2023 04:44:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25540
IP address blocks: 141.98.172.0/24 maxlen: 24
2a09:28c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:a5:73:7e:d8:d7:d7:53:ef:ed:77:d5:41:60:a3:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ad61a52f1082ecf4c97b5122b4611225073451b
Validity
Not Before: Jan 1 04:44:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40edde4c40f79809c1cfa5750d2ed30eb076a17b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:66:40:9e:82:28:66:fa:40:3b:3b:2d:19:a7:
22:b1:02:9e:82:84:10:34:0f:41:17:b5:38:90:f0:
1f:3f:08:eb:fc:c0:11:41:c3:69:17:b1:bd:4f:ae:
ab:1a:a6:c9:22:6a:c5:16:ed:5c:b8:7d:11:d7:ce:
ee:22:aa:68:ef:a0:ec:e0:f8:d9:68:48:56:dd:f4:
75:56:a3:91:aa:93:cf:e1:25:65:9a:d7:96:32:d7:
49:0b:00:e1:d1:86:37:aa:ec:16:2b:f5:ca:e2:01:
cd:79:69:eb:1e:ac:ad:1f:a2:85:46:04:4e:58:76:
4d:4a:2e:c3:6f:a6:22:f4:24:53:16:5a:e5:59:98:
a0:30:93:94:6d:37:b7:fd:e7:c5:8c:a7:cf:2c:ca:
ca:19:d5:3a:ac:39:d8:6b:98:5c:f7:15:a9:e7:23:
36:ab:2a:f2:47:04:84:b3:e0:06:11:cc:d3:4b:1e:
e8:a3:ca:98:68:91:46:41:a8:fd:63:42:c1:b7:14:
92:1a:f3:d3:d5:78:5b:40:a5:8f:7d:65:e2:75:8f:
37:e1:fa:7f:95:cc:54:8b:70:01:e9:a4:fd:57:10:
25:67:72:19:45:8d:59:47:2a:01:6b:94:3d:72:2a:
50:06:7e:d5:3c:67:f5:13:25:01:f3:20:ad:0b:67:
b5:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:ED:DE:4C:40:F7:98:09:C1:CF:A5:75:0D:2E:D3:0E:B0:76:A1:7B
X509v3 Authority Key Identifier:
keyid:1A:D6:1A:52:F1:08:2E:CF:4C:97:B5:12:2B:46:11:22:50:73:45:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GtYaUvEILs9Ml7USK0YRIlBzRRs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/59d555-20bd-4c42-84ba-72ce95ba9afa/1/QO3eTED3mAnBz6V1DS7TDrB2oXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/59d555-20bd-4c42-84ba-72ce95ba9afa/1/GtYaUvEILs9Ml7USK0YRIlBzRRs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.98.172.0/24
IPv6:
2a09:28c0::/48
Signature Algorithm: sha256WithRSAEncryption
99:05:bf:53:39:13:0f:0a:67:d0:03:23:d6:28:f4:b4:e5:6f:
e1:b7:45:00:d6:65:62:bc:0f:30:76:86:09:a5:ec:7e:a8:42:
2b:ab:fb:5e:c2:00:5e:5e:18:c9:a0:73:4c:3f:f1:b6:22:73:
5a:09:bd:f0:a6:c2:d4:ed:db:0b:3b:0a:7e:f8:22:17:8a:e2:
86:0c:b4:52:b7:f2:7d:81:26:a7:58:7c:82:0d:1b:d8:40:f4:
8e:91:36:38:6a:2e:6a:b7:e0:e0:db:29:44:3a:71:14:9d:17:
08:bd:6c:64:4f:15:a3:f6:e6:c5:7b:d1:ae:d8:43:a3:be:db:
42:58:30:6a:c6:05:3f:9a:ad:7a:3e:40:db:e9:b3:b7:1d:64:
69:8d:0c:fc:fb:47:24:04:7d:a2:0d:4c:d1:1c:c1:da:01:0b:
ba:61:07:c1:0a:a3:a9:3d:e9:a5:7f:e9:c0:25:13:e9:12:8b:
93:2c:4e:0e:a4:af:46:e9:f8:3e:c2:4a:f2:0a:9d:6e:c9:f5:
7c:b1:a4:c2:94:a6:ab:7a:3a:8a:8d:aa:58:57:78:cb:30:5d:
5b:94:c0:6d:74:90:4b:ee:c3:7a:30:8b:62:e8:18:79:ab:14:
8e:92:5e:e0:8d:d8:14:2a:b0:bb:74:6e:6b:34:74:7f:d5:58:
36:d8:b4:4b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVrpXN+2NfXU+/td9VBYKNVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhZDYxYTUyZjEwODJlY2Y0Yzk3YjUxMjJiNDYxMTIyNTA3
MzQ1MWIwHhcNMjMwMTAxMDQ0NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGVkZGU0YzQwZjc5ODA5YzFjZmE1NzUwZDJlZDMwZWIwNzZhMTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWZAnoIoZvpAOzstGacisQKegoQQ
NA9BF7U4kPAfPwjr/MARQcNpF7G9T66rGqbJImrFFu1cuH0R187uIqpo76Ds4PjZ
aEhW3fR1VqORqpPP4SVlmteWMtdJCwDh0YY3quwWK/XK4gHNeWnrHqytH6KFRgRO
WHZNSi7Db6Yi9CRTFlrlWZigMJOUbTe3/efFjKfPLMrKGdU6rDnYa5hc9xWp5yM2
qyryRwSEs+AGEczTSx7oo8qYaJFGQaj9Y0LBtxSSGvPT1XhbQKWPfWXidY834fp/
lcxUi3AB6aT9VxAlZ3IZRY1ZRyoBa5Q9cipQBn7VPGf1EyUB8yCtC2e1yQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEDt3kxA95gJwc+ldQ0u0w6wdqF7MB8GA1UdIwQY
MBaAFBrWGlLxCC7PTJe1EitGESJQc0UbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3RZYVV2RUlMczlNbDdVU0swWVJJbEJ6UlJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81OWQ1NTUtMjBiZC00YzQyLTg0YmEt
NzJjZTk1YmE5YWZhLzEvUU8zZVRFRDNtQW5CejZWMURTN1REckIyb1hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81OWQ1NTUtMjBiZC00YzQyLTg0YmEtNzJjZTk1YmE5YWZh
LzEvR3RZYVV2RUlMczlNbDdVU0swWVJJbEJ6UlJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAjWKsMA8E
AgACMAkDBwAqCSjAAAAwDQYJKoZIhvcNAQELBQADggEBAJkFv1M5Ew8KZ9ADI9Yo
9LTlb+G3RQDWZWK8DzB2hgml7H6oQiur+17CAF5eGMmgc0w/8bYic1oJvfCmwtTt
2ws7Cn74IheK4oYMtFK38n2BJqdYfIING9hA9I6RNjhqLmq34ODbKUQ6cRSdFwi9
bGRPFaP25sV70a7YQ6O+20JYMGrGBT+arXo+QNvps7cdZGmNDPz7RyQEfaINTNEc
wdoBC7phB8EKo6k96aV/6cAlE+kSi5MsTg6kr0bp+D7CSvIKnW7J9XyxpMKUpqt6
OoqNqlhXeMswXVuUwG10kEvuw3owi2LoGHmrFI6SXuCN2BQqsLt0bms0dH/VWDbY
tEs=
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:20:21 2025 by rpki-client