Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/5b4e13-b3dd-4d8a-8e71-cae6c725d92f/1/qdcGImC2oHByqv6yjTQ1zeI94wk.roa
File: qdcGImC2oHByqv6yjTQ1zeI94wk.roa (raw, json)
Hash identifier: M71JpDY7+kNyjQjf4aDjAUggCavOVrhh/0SFz20jqIU=
Subject key identifier: A9:D7:06:22:60:B6:A0:70:72:AA:FE:B2:8D:34:35:CD:E2:3D:E3:09
Certificate issuer: /CN=bde6ac28f954e13dcb7db69bc222b785b4d75f2c
Certificate serial: 01850FD4F734002B3442CBF4817D3D603595
Authority key identifier: BD:E6:AC:28:F9:54:E1:3D:CB:7D:B6:9B:C2:22:B7:85:B4:D7:5F:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/veasKPlU4T3LfbabwiK3hbTXXyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/5b4e13-b3dd-4d8a-8e71-cae6c725d92f/1/qdcGImC2oHByqv6yjTQ1zeI94wk.roa
Signing time: Wed 14 Dec 2022 08:51:33 +0000
ROA not before: Wed 14 Dec 2022 08:51:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25275
IP address blocks: 195.234.224.0/22 maxlen: 24
2001:67c:2ccc::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:0f:d4:f7:34:00:2b:34:42:cb:f4:81:7d:3d:60:35:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bde6ac28f954e13dcb7db69bc222b785b4d75f2c
Validity
Not Before: Dec 14 08:51:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a9d7062260b6a07072aafeb28d3435cde23de309
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:83:1f:46:38:9a:b0:f6:fc:f7:5c:7d:40:09:
12:b1:29:8f:b2:13:dc:a0:03:b3:71:b9:25:26:90:
7c:9e:17:4b:d9:99:1f:1c:8f:dd:d1:d4:41:15:10:
7e:8d:74:3e:72:30:26:c3:4b:20:ac:41:84:69:f1:
7c:52:1c:2b:b4:ce:5a:76:e5:ae:14:7f:61:f1:bf:
0e:e2:bd:ce:ed:1b:52:2a:9d:63:b5:cf:f3:b7:a8:
85:57:bd:fe:3b:37:00:65:37:86:b8:66:36:a1:32:
73:49:e6:72:99:08:55:b5:da:b4:86:db:13:2f:a2:
2b:32:4d:a4:56:eb:50:ab:df:50:1c:02:c6:fd:ed:
6f:2c:14:ba:0a:c7:89:58:cd:c4:52:78:a6:38:d0:
04:58:e0:36:90:44:f9:6b:a3:03:9e:96:84:26:8e:
55:4b:6d:f2:5f:5a:6e:dc:35:1f:ab:3a:00:24:6a:
02:e9:2e:2f:b0:a4:52:31:77:3d:b8:47:a6:41:b2:
5d:23:47:35:78:9c:aa:c7:7f:fc:0d:0e:71:b7:d9:
37:64:33:bf:99:32:e1:97:6e:86:55:2d:68:9f:b7:
ac:ef:17:01:61:67:f5:25:37:91:ef:4e:d2:c0:f9:
53:84:29:5e:c1:5f:55:59:bb:a8:bb:77:8a:b9:79:
19:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:D7:06:22:60:B6:A0:70:72:AA:FE:B2:8D:34:35:CD:E2:3D:E3:09
X509v3 Authority Key Identifier:
keyid:BD:E6:AC:28:F9:54:E1:3D:CB:7D:B6:9B:C2:22:B7:85:B4:D7:5F:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/veasKPlU4T3LfbabwiK3hbTXXyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/5b4e13-b3dd-4d8a-8e71-cae6c725d92f/1/qdcGImC2oHByqv6yjTQ1zeI94wk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/5b4e13-b3dd-4d8a-8e71-cae6c725d92f/1/veasKPlU4T3LfbabwiK3hbTXXyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.234.224.0/22
IPv6:
2001:67c:2ccc::/48
Signature Algorithm: sha256WithRSAEncryption
b7:d5:5e:33:55:0e:37:ca:ee:26:95:90:25:8b:19:f6:09:0d:
74:76:30:43:2e:35:fb:82:47:53:5a:c3:de:3d:ea:67:66:e5:
62:38:47:fd:d8:9f:97:48:aa:9f:5e:d5:69:ab:7f:aa:3b:9a:
e1:df:0c:7f:9a:aa:9a:e3:dd:0d:49:c6:63:8e:03:2f:e4:3f:
94:8f:69:70:dd:46:d0:10:28:2b:ce:d4:5b:f5:ab:3c:6c:e1:
b8:d7:c5:7f:8a:97:cb:d3:3f:61:01:0e:5b:03:b9:d6:bc:dd:
f1:ec:c7:90:3b:5e:42:4d:c7:09:75:9c:cd:7a:b2:e5:e9:eb:
6a:18:99:54:5d:5e:2d:d7:a0:3d:81:30:ce:0d:1b:0e:24:27:
26:9c:ff:32:de:ae:78:6b:f3:4d:58:3d:d1:44:8e:60:63:4d:
1c:9c:cc:a6:6c:95:2b:66:e4:f7:6e:8d:2d:3e:06:24:a2:6b:
40:3c:eb:83:61:93:44:11:8c:37:52:ba:01:03:2b:c0:dc:5e:
ba:60:5f:6a:4e:ae:0c:80:6d:fb:92:11:2d:f2:45:5e:2f:b6:
4a:68:a7:af:7c:47:84:80:ea:46:6f:bd:45:90:d3:d9:d2:e3:
02:b6:59:49:40:76:1d:63:6c:c4:19:36:de:2a:6a:fe:d5:1a:
64:9b:f4:b2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUP1Pc0ACs0Qsv0gX09YDWVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZTZhYzI4Zjk1NGUxM2RjYjdkYjY5YmMyMjJiNzg1YjRk
NzVmMmMwHhcNMjIxMjE0MDg1MTMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWQ3MDYyMjYwYjZhMDcwNzJhYWZlYjI4ZDM0MzVjZGUyM2RlMzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoYMfRjiasPb891x9QAkSsSmPshPc
oAOzcbklJpB8nhdL2ZkfHI/d0dRBFRB+jXQ+cjAmw0sgrEGEafF8UhwrtM5aduWu
FH9h8b8O4r3O7RtSKp1jtc/zt6iFV73+OzcAZTeGuGY2oTJzSeZymQhVtdq0htsT
L6IrMk2kVutQq99QHALG/e1vLBS6CseJWM3EUnimONAEWOA2kET5a6MDnpaEJo5V
S23yX1pu3DUfqzoAJGoC6S4vsKRSMXc9uEemQbJdI0c1eJyqx3/8DQ5xt9k3ZDO/
mTLhl26GVS1on7es7xcBYWf1JTeR707SwPlThClewV9VWbuou3eKuXkZ4QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKnXBiJgtqBwcqr+so00Nc3iPeMJMB8GA1UdIwQY
MBaAFL3mrCj5VOE9y322m8Iit4W0118sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmVhc0tQbFU0VDNMZmJhYndpSzNoYlRYWHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy81YjRlMTMtYjNkZC00ZDhhLThlNzEt
Y2FlNmM3MjVkOTJmLzEvcWRjR0ltQzJvSEJ5cXY2eWpUUTF6ZUk5NHdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy81YjRlMTMtYjNkZC00ZDhhLThlNzEtY2FlNmM3MjVkOTJm
LzEvdmVhc0tQbFU0VDNMZmJhYndpSzNoYlRYWHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCw+rgMA8E
AgACMAkDBwAgAQZ8LMwwDQYJKoZIhvcNAQELBQADggEBALfVXjNVDjfK7iaVkCWL
GfYJDXR2MEMuNfuCR1Naw9496mdm5WI4R/3Yn5dIqp9e1Wmrf6o7muHfDH+aqprj
3Q1JxmOOAy/kP5SPaXDdRtAQKCvO1Fv1qzxs4bjXxX+Kl8vTP2EBDlsDuda83fHs
x5A7XkJNxwl1nM16suXp62oYmVRdXi3XoD2BMM4NGw4kJyac/zLernhr801YPdFE
jmBjTRyczKZslStm5PdujS0+BiSia0A864Nhk0QRjDdSugEDK8DcXrpgX2pOrgyA
bfuSES3yRV4vtkpop698R4SA6kZvvUWQ09nS4wK2WUlAdh1jbMQZNt4qav7VGmSb
9LI=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:15:40 2025 by rpki-client