Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Qa7sKer_tqYyOEO1uL3pPjK6iS0.roa
File: Qa7sKer_tqYyOEO1uL3pPjK6iS0.roa (raw, json)
Hash identifier: JuwSZlU+toVJJK/1N0b26m4fwLvZ6+ZNJbNERN49O1o=
Subject key identifier: 41:AE:EC:29:EA:FF:B6:A6:32:38:43:B5:B8:BD:E9:3E:32:BA:89:2D
Certificate issuer: /CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
Certificate serial: 01877FEF99C5684675DA00CD68A5E7A13153
Authority key identifier: 1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Qa7sKer_tqYyOEO1uL3pPjK6iS0.roa
Signing time: Fri 14 Apr 2023 13:23:41 +0000
ROA not before: Fri 14 Apr 2023 13:23:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207633
IP address blocks: 2.59.181.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:7f:ef:99:c5:68:46:75:da:00:cd:68:a5:e7:a1:31:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
Validity
Not Before: Apr 14 13:23:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41aeec29eaffb6a6323843b5b8bde93e32ba892d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:3c:14:18:71:7e:12:4f:af:cf:f0:55:c3:c1:
b0:05:96:14:8c:4b:5f:e0:4b:0a:2d:a3:f7:e7:c3:
88:ae:59:28:61:e0:d7:de:7b:42:6a:cd:dd:90:d2:
c2:73:bc:33:f4:4d:f9:95:2b:e2:ff:fe:89:35:4d:
df:ca:04:e8:95:d9:d7:f4:05:dc:f1:83:21:c2:93:
89:44:a3:8f:66:97:47:30:c8:21:3b:07:e9:d4:ed:
83:08:fb:9c:55:fb:c7:af:06:43:52:55:b0:d7:e5:
7a:21:94:cf:51:89:ad:d2:7c:cf:f2:aa:53:5c:44:
6d:08:c5:b6:b7:26:b7:14:39:d1:96:7d:83:0c:c6:
90:08:2a:b1:aa:b6:e2:dd:63:56:44:18:94:4b:aa:
90:99:2d:f3:1e:21:ca:76:5d:a2:11:a9:99:46:48:
f4:e6:4d:f4:d1:19:57:77:fd:11:cc:17:15:26:bb:
4f:90:8d:f1:a7:5c:46:89:bb:45:cc:16:d5:3e:9e:
a5:5b:bf:64:00:e0:7b:88:d7:4c:fa:b9:db:62:55:
bd:0b:73:5a:59:64:cc:fb:0a:ca:6a:a7:20:3c:b5:
b2:29:8b:c0:92:c1:82:6a:ee:fa:e4:48:6e:af:da:
c7:e7:38:d7:52:3b:4b:c3:e8:a2:39:7d:e6:78:33:
53:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:AE:EC:29:EA:FF:B6:A6:32:38:43:B5:B8:BD:E9:3E:32:BA:89:2D
X509v3 Authority Key Identifier:
keyid:1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Qa7sKer_tqYyOEO1uL3pPjK6iS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.181.0/24
Signature Algorithm: sha256WithRSAEncryption
14:93:a3:74:c4:0d:2e:84:46:53:f0:6d:c4:87:f4:f8:5f:dd:
02:04:ec:56:28:2a:8f:1d:92:78:0a:a5:f2:66:7a:e7:5f:8d:
c5:96:b2:78:db:31:82:1b:53:f8:3b:db:be:f7:e9:e3:99:32:
20:87:5e:76:50:7e:53:b7:29:ec:3f:3a:65:47:a8:e6:fc:7b:
64:d1:c6:72:d9:ac:69:70:42:81:34:8c:1f:62:db:32:ad:6b:
ac:80:d9:27:9b:a9:71:a7:71:26:57:ff:23:f3:b2:ba:73:6b:
49:3e:13:d4:a5:0d:d8:a0:74:e7:cd:8f:dc:0d:53:44:cb:d3:
2e:72:27:f5:4c:61:8f:6a:e6:d7:71:9f:2b:94:81:f8:de:8d:
82:f2:fe:f6:9a:9b:67:8a:a4:18:f8:9b:89:7c:f5:e8:1c:70:
f1:9f:51:67:99:6c:10:23:d1:fd:7b:fa:56:f1:73:3e:e8:71:
2b:bf:39:3b:f4:1e:4a:6a:c5:26:2d:db:62:f5:46:d1:b6:df:
4b:5c:79:80:16:34:f0:fa:53:8e:41:71:e8:ae:88:a3:ae:11:
59:ee:7e:c2:7a:40:1d:44:d6:a1:1e:6f:71:f4:22:4a:b0:35:
f9:f3:bf:d6:0d:f6:0d:7b:41:ae:a1:3a:8e:35:21:7c:91:5d:
6e:a8:0e:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYd/75nFaEZ12gDNaKXnoTFTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhN2YwMzZlMjU5MjM5MWZiNDVhM2RkMzNjYWYwYjA3OTU2
OTczY2YwHhcNMjMwNDE0MTMyMzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWFlZWMyOWVhZmZiNmE2MzIzODQzYjViOGJkZTkzZTMyYmE4OTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDwUGHF+Ek+vz/BVw8GwBZYUjEtf
4EsKLaP358OIrlkoYeDX3ntCas3dkNLCc7wz9E35lSvi//6JNU3fygToldnX9AXc
8YMhwpOJRKOPZpdHMMghOwfp1O2DCPucVfvHrwZDUlWw1+V6IZTPUYmt0nzP8qpT
XERtCMW2tya3FDnRln2DDMaQCCqxqrbi3WNWRBiUS6qQmS3zHiHKdl2iEamZRkj0
5k300RlXd/0RzBcVJrtPkI3xp1xGibtFzBbVPp6lW79kAOB7iNdM+rnbYlW9C3Na
WWTM+wrKaqcgPLWyKYvAksGCau765Ehur9rH5zjXUjtLw+iiOX3meDNT2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEGu7Cnq/7amMjhDtbi96T4yuoktMB8GA1UdIwQY
MBaAFBp/A24lkjkftFo90zyvCweVaXPPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR244RGJpV1NPUi0wV2ozVFBLOExCNVZwYzg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8yNGJlMWEtMTZkYS00ODFjLThiY2It
MzQwZDYyNWM2ZGJhLzEvUWE3c0tlcl90cVl5T0VPMXVMM3BQaks2aVMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8yNGJlMWEtMTZkYS00ODFjLThiY2ItMzQwZDYyNWM2ZGJh
LzEvR244RGJpV1NPUi0wV2ozVFBLOExCNVZwYzg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAju1MA0G
CSqGSIb3DQEBCwUAA4IBAQAUk6N0xA0uhEZT8G3Eh/T4X90CBOxWKCqPHZJ4CqXy
ZnrnX43FlrJ42zGCG1P4O9u+9+njmTIgh152UH5TtynsPzplR6jm/Htk0cZy2axp
cEKBNIwfYtsyrWusgNknm6lxp3EmV/8j87K6c2tJPhPUpQ3YoHTnzY/cDVNEy9Mu
cif1TGGPaubXcZ8rlIH43o2C8v72mptniqQY+JuJfPXoHHDxn1FnmWwQI9H9e/pW
8XM+6HErvzk79B5KasUmLdti9UbRtt9LXHmAFjTw+lOOQXHoroijrhFZ7n7CekAd
RNahHm9x9CJKsDX587/WDfYNe0GuoTqONSF8kV1uqA6z
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:04:29 2025 by rpki-client