Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/c1f90a-2bad-41b4-b1a6-46b3028a03b0/1/QqW3nLPuqq3uhyB6xzXGCruNxcE.roa
File: QqW3nLPuqq3uhyB6xzXGCruNxcE.roa (raw, json)
Hash identifier: /A1PfHDO2GjkRllhZLSDrPXUmwVoEOUA2d28xCbWSFo=
Subject key identifier: 42:A5:B7:9C:B3:EE:AA:AD:EE:87:20:7A:C7:35:C6:0A:BB:8D:C5:C1
Certificate issuer: /CN=bbd351b274fc23a42728303638a0d62b606401b4
Certificate serial: 01856DC1C997702885C2EFF6939D738FA10B
Authority key identifier: BB:D3:51:B2:74:FC:23:A4:27:28:30:36:38:A0:D6:2B:60:64:01:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u9NRsnT8I6QnKDA2OKDWK2BkAbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/c1f90a-2bad-41b4-b1a6-46b3028a03b0/1/QqW3nLPuqq3uhyB6xzXGCruNxcE.roa
Signing time: Sun 01 Jan 2023 14:34:54 +0000
ROA not before: Sun 01 Jan 2023 14:34:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29317
IP address blocks: 91.194.118.0/23 maxlen: 23
91.194.124.0/23 maxlen: 23
2001:1578::/32 maxlen: 40
2001:1578:100::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:c1:c9:97:70:28:85:c2:ef:f6:93:9d:73:8f:a1:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbd351b274fc23a42728303638a0d62b606401b4
Validity
Not Before: Jan 1 14:34:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=42a5b79cb3eeaaadee87207ac735c60abb8dc5c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:03:4f:fb:45:c0:06:0e:e5:d8:9f:d4:29:52:
d2:5c:31:44:58:6f:56:76:f3:9d:c7:2f:ec:ad:6f:
5b:14:7c:a0:16:66:17:2c:11:24:82:7d:33:4f:fc:
e9:e0:87:bf:1e:c1:40:1a:1d:bb:6b:2c:54:5c:1a:
f5:7a:30:e6:50:be:af:12:71:3b:1a:6c:0a:8a:41:
4a:f4:cf:5c:b5:c0:fd:1d:fb:a7:69:14:62:53:fd:
2d:6c:9a:6f:4f:84:9e:5c:6b:bf:22:24:0a:4b:7f:
8a:6a:a2:de:2c:2d:19:6e:28:fc:d2:e1:2e:83:c1:
f9:77:70:e5:89:0b:a7:d1:1a:9a:9d:b3:e3:e1:a1:
5e:47:63:29:11:2d:1d:55:a7:fc:c2:ed:de:87:bf:
d8:ab:f7:30:e0:b2:5e:d1:6c:a4:fd:f3:f0:fc:6e:
1a:ac:c0:d6:a3:56:81:1b:04:05:26:92:7e:d6:fd:
13:fe:51:7e:a0:2b:27:f1:4c:43:68:a9:7a:55:4a:
5e:37:37:29:88:0e:0d:0d:81:45:f0:6a:81:67:b4:
31:e0:d4:26:4b:96:41:a5:8b:82:2a:36:dc:95:db:
e5:e9:36:09:f0:73:17:ee:c1:78:62:de:f2:a5:18:
09:3c:92:f8:40:47:e9:1c:35:ce:9b:7f:1a:9e:ab:
f8:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:A5:B7:9C:B3:EE:AA:AD:EE:87:20:7A:C7:35:C6:0A:BB:8D:C5:C1
X509v3 Authority Key Identifier:
keyid:BB:D3:51:B2:74:FC:23:A4:27:28:30:36:38:A0:D6:2B:60:64:01:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u9NRsnT8I6QnKDA2OKDWK2BkAbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/c1f90a-2bad-41b4-b1a6-46b3028a03b0/1/QqW3nLPuqq3uhyB6xzXGCruNxcE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/c1f90a-2bad-41b4-b1a6-46b3028a03b0/1/u9NRsnT8I6QnKDA2OKDWK2BkAbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.118.0/23
91.194.124.0/23
IPv6:
2001:1578::/32
Signature Algorithm: sha256WithRSAEncryption
0b:89:70:ab:3f:8e:d3:07:b0:48:ce:1e:24:bd:66:0e:68:4c:
fb:6e:f2:15:81:46:3e:ba:d5:3d:b3:97:9b:44:22:a4:e3:74:
3e:59:a7:44:85:0b:3d:c1:67:56:66:9e:70:6e:66:17:c1:5d:
ba:59:3d:46:09:41:72:27:d8:78:c5:29:80:3c:8e:c4:46:95:
9d:2f:6f:88:2f:c9:92:6e:08:e8:93:21:89:9b:0d:16:14:16:
c6:dc:8f:57:81:4f:dd:65:d3:e8:27:77:36:5c:7e:a5:5d:13:
71:bf:1b:82:4e:e3:0b:0f:d0:ba:47:7b:7b:72:bd:6f:bf:23:
b3:24:23:50:ce:bd:77:fb:5f:d4:47:d3:ea:b6:08:d1:60:ca:
0a:2d:c0:b3:3a:24:6a:07:fe:ae:4b:4c:2d:1f:ca:bf:1f:99:
40:74:37:09:17:d6:79:5d:2f:25:cf:fe:09:e2:4d:f7:25:46:
7b:e2:32:91:fb:c7:b4:83:cd:e2:4d:84:db:27:9c:a4:f8:da:
ff:5b:43:12:a1:ab:43:95:b5:cb:f7:1a:5b:71:cb:dc:65:d9:
2f:eb:c9:48:70:9d:0b:b2:66:f5:ba:dd:e3:77:c4:10:61:8d:
05:eb:64:ca:0b:a4:b0:85:38:33:8a:49:55:7e:48:36:9f:b2:
3f:c0:06:7b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVtwcmXcCiFwu/2k51zj6ELMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiZDM1MWIyNzRmYzIzYTQyNzI4MzAzNjM4YTBkNjJiNjA2
NDAxYjQwHhcNMjMwMTAxMTQzNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmE1Yjc5Y2IzZWVhYWFkZWU4NzIwN2FjNzM1YzYwYWJiOGRjNWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkgNP+0XABg7l2J/UKVLSXDFEWG9W
dvOdxy/srW9bFHygFmYXLBEkgn0zT/zp4Ie/HsFAGh27ayxUXBr1ejDmUL6vEnE7
GmwKikFK9M9ctcD9HfunaRRiU/0tbJpvT4SeXGu/IiQKS3+KaqLeLC0Zbij80uEu
g8H5d3DliQun0RqanbPj4aFeR2MpES0dVaf8wu3eh7/Yq/cw4LJe0Wyk/fPw/G4a
rMDWo1aBGwQFJpJ+1v0T/lF+oCsn8UxDaKl6VUpeNzcpiA4NDYFF8GqBZ7Qx4NQm
S5ZBpYuCKjbcldvl6TYJ8HMX7sF4Yt7ypRgJPJL4QEfpHDXOm38anqv4NwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEKlt5yz7qqt7ocgesc1xgq7jcXBMB8GA1UdIwQY
MBaAFLvTUbJ0/COkJygwNjig1itgZAG0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTlOUnNuVDhJNlFuS0RBMk9LRFdLMkJrQWJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC9jMWY5MGEtMmJhZC00MWI0LWIxYTYt
NDZiMzAyOGEwM2IwLzEvUXFXM25MUHVxcTN1aHlCNnh6WEdDcnVOeGNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC9jMWY5MGEtMmJhZC00MWI0LWIxYTYtNDZiMzAyOGEwM2Iw
LzEvdTlOUnNuVDhJNlFuS0RBMk9LRFdLMkJrQWJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBW8J2AwQB
W8J8MA0EAgACMAcDBQAgARV4MA0GCSqGSIb3DQEBCwUAA4IBAQALiXCrP47TB7BI
zh4kvWYOaEz7bvIVgUY+utU9s5ebRCKk43Q+WadEhQs9wWdWZp5wbmYXwV26WT1G
CUFyJ9h4xSmAPI7ERpWdL2+IL8mSbgjokyGJmw0WFBbG3I9XgU/dZdPoJ3c2XH6l
XRNxvxuCTuMLD9C6R3t7cr1vvyOzJCNQzr13+1/UR9PqtgjRYMoKLcCzOiRqB/6u
S0wtH8q/H5lAdDcJF9Z5XS8lz/4J4k33JUZ74jKR+8e0g83iTYTbJ5yk+Nr/W0MS
oatDlbXL9xpbccvcZdkv68lIcJ0Lsmb1ut3jd8QQYY0F62TKC6SwhTgziklVfkg2
n7I/wAZ7
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:43:48 2025 by rpki-client