Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/397c1e-51a7-416f-a45c-2a0213179c07/1/qbChB57Hfpy4ZAP5QMcO5OqWLzI.roa
File: qbChB57Hfpy4ZAP5QMcO5OqWLzI.roa (raw, json)
Hash identifier: lTXaGMYS8Dpab6c04VeFDOOm6xtzEswaU+aZcyb5mWw=
Subject key identifier: A9:B0:A1:07:9E:C7:7E:9C:B8:64:03:F9:40:C7:0E:E4:EA:96:2F:32
Certificate issuer: /CN=ef8669e70cea94973afd34fb08eb59e9d86b57fc
Certificate serial: 01856E5D68FA97CFDD1D0930432C57EA2ED4
Authority key identifier: EF:86:69:E7:0C:EA:94:97:3A:FD:34:FB:08:EB:59:E9:D8:6B:57:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/74Zp5wzqlJc6_TT7COtZ6dhrV_w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/397c1e-51a7-416f-a45c-2a0213179c07/1/qbChB57Hfpy4ZAP5QMcO5OqWLzI.roa
Signing time: Sun 01 Jan 2023 17:24:53 +0000
ROA not before: Sun 01 Jan 2023 17:24:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31463
IP address blocks: 185.128.222.0/24 maxlen: 24
2a03:9ba0:100::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:5d:68:fa:97:cf:dd:1d:09:30:43:2c:57:ea:2e:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef8669e70cea94973afd34fb08eb59e9d86b57fc
Validity
Not Before: Jan 1 17:24:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9b0a1079ec77e9cb86403f940c70ee4ea962f32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:09:f1:c1:43:b5:31:3b:f2:42:d5:b4:af:8f:
d0:f6:16:aa:1d:49:df:2a:34:13:2d:68:c8:2e:43:
2b:3f:47:18:98:cb:d8:46:d4:a8:d1:b6:66:82:31:
0a:39:77:e4:96:fd:48:6c:29:4d:cb:79:55:1f:2e:
44:65:78:04:54:57:86:67:64:7e:74:ab:2d:46:d1:
d2:7c:fd:69:ef:4f:87:d5:50:b9:ed:3b:61:58:e0:
31:05:0b:f6:ca:70:a0:bc:dd:82:a2:a1:8d:fd:c7:
f8:d5:bd:96:a1:72:33:59:e9:28:17:74:af:17:4a:
86:09:a0:46:ef:0b:09:82:dc:11:67:89:4b:62:42:
e0:a4:ec:ee:f6:7c:f6:9a:21:88:f4:2e:08:7e:01:
78:ff:fa:91:4a:4b:a4:40:3f:7f:63:23:71:cf:86:
31:81:aa:c4:59:24:21:6e:c1:99:34:0a:5d:55:48:
12:2c:51:c4:66:b8:e1:ac:b2:26:03:19:11:ba:83:
cb:2a:4b:ac:f6:e6:6f:2f:79:1c:84:5f:06:75:38:
1b:20:49:10:ba:87:82:9e:d0:b2:14:57:66:b3:7d:
e8:a8:d3:9f:00:0e:97:4a:0c:c0:63:83:c6:15:ab:
86:eb:ae:25:79:c3:35:b1:dc:86:fb:53:82:5d:4c:
ed:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:B0:A1:07:9E:C7:7E:9C:B8:64:03:F9:40:C7:0E:E4:EA:96:2F:32
X509v3 Authority Key Identifier:
keyid:EF:86:69:E7:0C:EA:94:97:3A:FD:34:FB:08:EB:59:E9:D8:6B:57:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/74Zp5wzqlJc6_TT7COtZ6dhrV_w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/397c1e-51a7-416f-a45c-2a0213179c07/1/qbChB57Hfpy4ZAP5QMcO5OqWLzI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/397c1e-51a7-416f-a45c-2a0213179c07/1/74Zp5wzqlJc6_TT7COtZ6dhrV_w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.128.222.0/24
IPv6:
2a03:9ba0:100::/40
Signature Algorithm: sha256WithRSAEncryption
7e:c2:3d:a5:4b:f4:69:48:b7:8a:84:fd:8d:a9:7d:85:b5:86:
e8:6f:ee:67:80:c3:70:ee:e2:51:6e:86:79:0f:11:0b:97:ec:
09:3f:1f:e8:fb:ba:22:ef:77:2f:15:db:0f:61:e3:34:fd:3f:
14:ca:b4:de:8b:ff:31:fb:22:8a:f9:3e:17:96:6c:53:af:dd:
d8:4d:00:00:e3:cf:c8:10:f3:62:e2:40:61:1e:f2:6f:c2:9b:
0b:37:af:60:e3:64:4b:af:31:72:cf:77:4f:67:c3:b7:c8:c9:
d6:77:f6:11:0e:ae:a2:12:dd:52:8a:5b:91:58:64:4f:bc:ac:
4c:1a:b7:16:9c:e5:4e:c4:0d:7a:75:1d:eb:dc:d5:f5:31:21:
7a:30:15:07:97:80:92:06:5e:83:e7:18:f1:fe:ef:11:7b:15:
5e:cd:21:59:3c:93:cd:41:cb:ed:80:ef:33:23:49:84:74:c9:
d4:53:d4:6c:03:c5:79:2e:b6:4c:76:73:1a:30:aa:5e:9f:54:
3e:66:23:fc:0f:c0:96:ef:2f:05:f5:74:5c:8a:32:f7:7e:6c:
a7:66:9f:05:b7:71:bd:be:47:0a:23:d5:43:22:64:b2:34:c9:
ed:b6:32:5c:4f:46:2f:5d:17:72:06:d6:08:79:d9:3e:a4:28:
cc:ec:af:be
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVuXWj6l8/dHQkwQyxX6i7UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmODY2OWU3MGNlYTk0OTczYWZkMzRmYjA4ZWI1OWU5ZDg2
YjU3ZmMwHhcNMjMwMTAxMTcyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWIwYTEwNzllYzc3ZTljYjg2NDAzZjk0MGM3MGVlNGVhOTYyZjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjAnxwUO1MTvyQtW0r4/Q9haqHUnf
KjQTLWjILkMrP0cYmMvYRtSo0bZmgjEKOXfklv1IbClNy3lVHy5EZXgEVFeGZ2R+
dKstRtHSfP1p70+H1VC57TthWOAxBQv2ynCgvN2CoqGN/cf41b2WoXIzWekoF3Sv
F0qGCaBG7wsJgtwRZ4lLYkLgpOzu9nz2miGI9C4IfgF4//qRSkukQD9/YyNxz4Yx
garEWSQhbsGZNApdVUgSLFHEZrjhrLImAxkRuoPLKkus9uZvL3kchF8GdTgbIEkQ
uoeCntCyFFdms33oqNOfAA6XSgzAY4PGFauG664lecM1sdyG+1OCXUztgQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFKmwoQeex36cuGQD+UDHDuTqli8yMB8GA1UdIwQY
MBaAFO+GaecM6pSXOv00+wjrWenYa1f8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzRacDV3enFsSmM2X1RUN0NPdFo2ZGhyVl93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8zOTdjMWUtNTFhNy00MTZmLWE0NWMt
MmEwMjEzMTc5YzA3LzEvcWJDaEI1N0hmcHk0WkFQNVFNY081T3FXTHpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8zOTdjMWUtNTFhNy00MTZmLWE0NWMtMmEwMjEzMTc5YzA3
LzEvNzRacDV3enFsSmM2X1RUN0NPdFo2ZGhyVl93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAuYDeMA4E
AgACMAgDBgAqA5ugATANBgkqhkiG9w0BAQsFAAOCAQEAfsI9pUv0aUi3ioT9jal9
hbWG6G/uZ4DDcO7iUW6GeQ8RC5fsCT8f6Pu6Iu93LxXbD2HjNP0/FMq03ov/Mfsi
ivk+F5ZsU6/d2E0AAOPPyBDzYuJAYR7yb8KbCzevYONkS68xcs93T2fDt8jJ1nf2
EQ6uohLdUopbkVhkT7ysTBq3FpzlTsQNenUd69zV9TEhejAVB5eAkgZeg+cY8f7v
EXsVXs0hWTyTzUHL7YDvMyNJhHTJ1FPUbAPFeS62THZzGjCqXp9UPmYj/A/Alu8v
BfV0XIoy935sp2afBbdxvb5HCiPVQyJksjTJ7bYyXE9GL10XcgbWCHnZPqQozOyv
vg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:34 2025 by rpki-client