Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/e100b5-6f0a-4fe9-befb-c4acb8969c49/1/qhhBiXwuLNh5adt30V_-6QMvBVg.roa
File: qhhBiXwuLNh5adt30V_-6QMvBVg.roa (raw, json)
Hash identifier: Z2M6HQQq0TvoubFUxuCV/PpgWyXWLjDbrMLp6CZeMyQ=
Subject key identifier: AA:18:41:89:7C:2E:2C:D8:79:69:DB:77:D1:5F:FE:E9:03:2F:05:58
Certificate issuer: /CN=788f5b210f3c3eb42065960e85d061e9d9d63ab8
Certificate serial: 0187094BF9884D417956272BBC0EB7A42D9B
Authority key identifier: 78:8F:5B:21:0F:3C:3E:B4:20:65:96:0E:85:D0:61:E9:D9:D6:3A:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eI9bIQ88PrQgZZYOhdBh6dnWOrg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/e100b5-6f0a-4fe9-befb-c4acb8969c49/1/qhhBiXwuLNh5adt30V_-6QMvBVg.roa
Signing time: Wed 22 Mar 2023 12:29:46 +0000
ROA not before: Wed 22 Mar 2023 12:29:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209516
IP address blocks: 45.86.33.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:09:4b:f9:88:4d:41:79:56:27:2b:bc:0e:b7:a4:2d:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=788f5b210f3c3eb42065960e85d061e9d9d63ab8
Validity
Not Before: Mar 22 12:29:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa1841897c2e2cd87969db77d15ffee9032f0558
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:51:1a:ca:20:af:9e:e2:96:17:16:d5:2c:f3:
1c:d2:d8:6c:ca:c3:c6:16:9d:45:e8:8c:21:0e:2f:
03:80:37:77:9a:39:11:e7:75:db:e0:74:d3:e2:92:
41:f8:0d:58:96:d1:a6:98:39:de:b1:11:61:46:6f:
10:fc:7e:b3:4b:d9:1f:fc:b6:6a:dc:1b:bc:d9:ce:
bd:fb:cf:3b:b0:40:d8:96:8f:15:6b:f8:2f:ad:51:
57:18:e5:17:d8:0c:a5:14:77:51:e3:ff:30:20:bc:
04:63:34:54:57:97:e3:1f:d8:4b:48:95:7f:14:c3:
5b:e8:b2:be:4d:44:ce:4f:7d:3c:bc:d4:92:6d:34:
4b:92:f6:0f:d1:f4:f2:1a:d8:0e:66:97:b2:71:7d:
47:af:5d:63:3c:c5:ed:fe:16:07:3c:39:c7:36:f7:
3c:ec:e3:6d:65:85:97:65:12:b6:ed:55:85:a1:c6:
6b:eb:3f:22:d3:b2:92:da:ce:83:26:64:58:0e:29:
43:43:3b:0f:58:a5:3e:ab:df:4c:43:c8:13:00:f9:
75:58:93:ff:f1:79:a7:80:03:af:0d:e2:7a:1a:c1:
2e:ad:c0:64:8a:ab:e7:2d:10:a5:07:a6:e2:e2:1f:
02:8f:18:eb:10:57:df:5e:6c:cf:06:cf:1d:8b:a0:
0a:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:18:41:89:7C:2E:2C:D8:79:69:DB:77:D1:5F:FE:E9:03:2F:05:58
X509v3 Authority Key Identifier:
keyid:78:8F:5B:21:0F:3C:3E:B4:20:65:96:0E:85:D0:61:E9:D9:D6:3A:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eI9bIQ88PrQgZZYOhdBh6dnWOrg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/e100b5-6f0a-4fe9-befb-c4acb8969c49/1/qhhBiXwuLNh5adt30V_-6QMvBVg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/e100b5-6f0a-4fe9-befb-c4acb8969c49/1/eI9bIQ88PrQgZZYOhdBh6dnWOrg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.33.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:05:0a:2d:67:e4:6f:84:85:82:cf:6b:aa:c0:48:c8:83:98:
bc:95:b2:27:0e:0e:cb:01:a6:2e:5e:8e:bb:f5:e9:4b:a1:71:
c7:b1:bf:7f:60:3f:c7:43:10:a8:8d:88:a8:a9:af:b3:47:34:
45:3f:a1:fc:e3:42:83:39:85:ff:0e:47:7d:a0:7e:67:da:a5:
19:a9:88:94:25:dc:75:15:a6:c2:de:2f:b6:ce:a6:03:d3:30:
70:e7:3d:ca:fd:6a:a8:58:a6:fb:8e:ef:9f:5b:d9:b7:80:91:
25:6b:43:0e:75:2a:0f:a0:73:23:c7:6d:28:af:31:11:02:ec:
45:ca:e7:c6:f8:7a:96:82:2c:d2:00:e0:59:db:b0:41:f4:07:
5f:e2:78:75:b1:db:d4:95:b1:69:25:c2:af:fe:ed:08:89:64:
36:8e:66:04:67:4f:41:9f:2d:de:02:a3:de:4c:8c:41:63:86:
be:e0:fc:69:7a:9c:2c:11:90:1b:da:0f:b0:14:f6:95:7d:67:
70:29:14:ea:b1:81:0a:e5:d8:de:a8:69:f9:37:41:56:ac:1f:
57:f5:4a:c9:5c:82:a9:1f:48:7e:f4:79:03:7f:47:8b:e8:ba:
c0:0d:a9:91:9f:f0:63:a1:a6:16:42:51:20:69:75:fd:cf:27:
96:f7:30:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcJS/mITUF5VicrvA63pC2bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4OGY1YjIxMGYzYzNlYjQyMDY1OTYwZTg1ZDA2MWU5ZDlk
NjNhYjgwHhcNMjMwMzIyMTIyOTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTE4NDE4OTdjMmUyY2Q4Nzk2OWRiNzdkMTVmZmVlOTAzMmYwNTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlEayiCvnuKWFxbVLPMc0thsysPG
Fp1F6IwhDi8DgDd3mjkR53Xb4HTT4pJB+A1YltGmmDnesRFhRm8Q/H6zS9kf/LZq
3Bu82c69+887sEDYlo8Va/gvrVFXGOUX2AylFHdR4/8wILwEYzRUV5fjH9hLSJV/
FMNb6LK+TUTOT308vNSSbTRLkvYP0fTyGtgOZpeycX1Hr11jPMXt/hYHPDnHNvc8
7ONtZYWXZRK27VWFocZr6z8i07KS2s6DJmRYDilDQzsPWKU+q99MQ8gTAPl1WJP/
8XmngAOvDeJ6GsEurcBkiqvnLRClB6bi4h8CjxjrEFffXmzPBs8di6AKCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKoYQYl8LizYeWnbd9Ff/ukDLwVYMB8GA1UdIwQY
MBaAFHiPWyEPPD60IGWWDoXQYenZ1jq4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUk5YklRODhQclFnWlpZT2hkQmg2ZG5XT3JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9lMTAwYjUtNmYwYS00ZmU5LWJlZmIt
YzRhY2I4OTY5YzQ5LzEvcWhoQmlYd3VMTmg1YWR0MzBWXy02UU12QlZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9lMTAwYjUtNmYwYS00ZmU5LWJlZmItYzRhY2I4OTY5YzQ5
LzEvZUk5YklRODhQclFnWlpZT2hkQmg2ZG5XT3JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVYhMA0G
CSqGSIb3DQEBCwUAA4IBAQC8BQotZ+RvhIWCz2uqwEjIg5i8lbInDg7LAaYuXo67
9elLoXHHsb9/YD/HQxCojYioqa+zRzRFP6H840KDOYX/Dkd9oH5n2qUZqYiUJdx1
FabC3i+2zqYD0zBw5z3K/WqoWKb7ju+fW9m3gJEla0MOdSoPoHMjx20orzERAuxF
yufG+HqWgizSAOBZ27BB9Adf4nh1sdvUlbFpJcKv/u0IiWQ2jmYEZ09Bny3eAqPe
TIxBY4a+4PxpepwsEZAb2g+wFPaVfWdwKRTqsYEK5djeqGn5N0FWrB9X9UrJXIKp
H0h+9HkDf0eL6LrADamRn/BjoaYWQlEgaXX9zyeW9zDt
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:03 2025 by rpki-client