Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/6107e4-4393-4cbe-a6c2-27c1a35976de/1/RPQqRr9-unhF264QXCgN_MO86Vs.roa
File: RPQqRr9-unhF264QXCgN_MO86Vs.roa (raw, json)
Hash identifier: 9x4Qd7ZLFJFGrwU3/xpaWEBcPMZ//R/phQL1WQu4iaU=
Subject key identifier: 44:F4:2A:46:BF:7E:BA:78:45:DB:AE:10:5C:28:0D:FC:C3:BC:E9:5B
Certificate issuer: /CN=2940b694bba095344e4bdb99f51e1f1023be57ce
Certificate serial: 032B24D1
Authority key identifier: 29:40:B6:94:BB:A0:95:34:4E:4B:DB:99:F5:1E:1F:10:23:BE:57:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KUC2lLuglTROS9uZ9R4fECO-V84.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/6107e4-4393-4cbe-a6c2-27c1a35976de/1/RPQqRr9-unhF264QXCgN_MO86Vs.roa
Signing time: Sat 01 Jan 2022 13:07:47 +0000
ROA not before: Sat 01 Jan 2022 13:07:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31138
IP address blocks: 83.217.0.0/21 maxlen: 32
2a00:d8c0::/48 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53159121 (0x32b24d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2940b694bba095344e4bdb99f51e1f1023be57ce
Validity
Not Before: Jan 1 13:07:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=44f42a46bf7eba7845dbae105c280dfcc3bce95b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:8a:3d:d9:a1:12:18:a9:54:43:a1:fd:c1:3c:
b7:1c:14:e5:55:bf:59:91:ff:06:0b:0e:45:c6:40:
6c:64:7b:a9:f6:d4:08:9f:85:f8:99:0b:72:19:9d:
d2:4e:fe:ab:f2:3d:fa:87:54:e3:7c:c1:47:29:1a:
85:26:de:c2:8e:cc:bc:4d:5c:9c:51:69:9a:77:00:
7e:6a:39:a4:1d:3a:80:09:48:08:9e:72:b1:32:a9:
a9:b3:e2:79:c0:39:f3:58:b9:c6:02:42:0d:93:60:
f0:a7:c1:43:56:72:9b:6a:3e:51:16:58:79:a4:70:
17:e9:b5:94:20:25:23:8c:76:90:eb:e7:68:84:21:
e9:2f:61:4d:9d:ac:28:b2:5f:ab:ba:2a:c4:ab:5c:
cb:28:fb:52:5e:2b:9c:cc:d0:e5:ec:68:8d:a2:31:
44:67:74:fe:ac:a8:d4:8d:22:39:bc:f4:19:60:3b:
bc:07:cf:8f:11:a6:55:90:a0:80:08:71:0d:ac:62:
fa:f6:15:a3:68:91:6e:5b:9c:63:93:d7:83:5a:f4:
3b:b5:14:91:7b:ce:c0:8f:22:7b:c8:af:12:93:93:
07:f0:c5:85:53:dc:4c:22:3f:7e:fe:0f:02:bb:b5:
d3:ad:b4:d0:d8:52:4c:5b:54:2a:6b:79:b5:e3:20:
e6:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:F4:2A:46:BF:7E:BA:78:45:DB:AE:10:5C:28:0D:FC:C3:BC:E9:5B
X509v3 Authority Key Identifier:
keyid:29:40:B6:94:BB:A0:95:34:4E:4B:DB:99:F5:1E:1F:10:23:BE:57:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KUC2lLuglTROS9uZ9R4fECO-V84.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/6107e4-4393-4cbe-a6c2-27c1a35976de/1/RPQqRr9-unhF264QXCgN_MO86Vs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/6107e4-4393-4cbe-a6c2-27c1a35976de/1/KUC2lLuglTROS9uZ9R4fECO-V84.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.217.0.0/21
IPv6:
2a00:d8c0::/48
Signature Algorithm: sha256WithRSAEncryption
a0:3f:49:6b:9e:8a:80:5b:13:49:18:d6:f7:df:28:57:58:b4:
3f:08:34:5b:e0:de:d2:68:a0:72:f0:39:9f:32:da:fd:8a:32:
b6:21:75:ca:62:4c:33:53:fb:6e:57:bd:1c:fd:8c:79:dd:e3:
aa:b9:6f:17:e8:75:0f:e4:85:54:33:ec:77:8f:e1:72:ad:d8:
45:f7:87:70:8f:a9:e0:98:7e:1e:1a:2a:94:9a:d7:fe:eb:e5:
98:cd:76:77:5b:73:55:44:ca:cc:0e:6e:07:9e:64:15:83:bb:
58:57:4b:91:6f:7d:d4:71:1f:0d:a5:78:00:2a:9c:c5:ae:6e:
46:73:39:a0:65:f8:44:ae:d8:0d:55:98:24:bb:4e:d0:39:68:
e5:5e:5e:3f:44:63:08:82:37:83:93:b9:81:cb:2d:2d:ef:3a:
5d:0b:2d:f7:49:c7:05:b3:9a:ed:64:6a:f4:79:cc:75:6b:2a:
7a:14:c7:76:d6:dd:39:bf:c0:e5:69:c9:80:1f:4d:b7:b6:27:
25:42:cd:4e:f9:8f:cf:cc:91:a6:a7:e9:57:15:97:f2:20:51:
70:3d:e8:3b:aa:85:30:52:29:e2:ff:13:cb:57:d0:8e:23:2b:
6b:80:82:a5:c3:45:eb:44:ff:b0:45:e5:9f:60:a8:2d:7f:9c:
22:45:cc:f3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEAysk0TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OTQwYjY5NGJiYTA5NTM0NGU0YmRiOTlmNTFlMWYxMDIzYmU1N2NlMB4XDTIyMDEw
MTEzMDc0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDRmNDJhNDZiZjdl
YmE3ODQ1ZGJhZTEwNWMyODBkZmNjM2JjZTk1YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMGKPdmhEhipVEOh/cE8txwU5VW/WZH/BgsORcZAbGR7qfbU
CJ+F+JkLchmd0k7+q/I9+odU43zBRykahSbewo7MvE1cnFFpmncAfmo5pB06gAlI
CJ5ysTKpqbPiecA581i5xgJCDZNg8KfBQ1Zym2o+URZYeaRwF+m1lCAlI4x2kOvn
aIQh6S9hTZ2sKLJfq7oqxKtcyyj7Ul4rnMzQ5exojaIxRGd0/qyo1I0iObz0GWA7
vAfPjxGmVZCggAhxDaxi+vYVo2iRblucY5PXg1r0O7UUkXvOwI8ie8ivEpOTB/DF
hVPcTCI/fv4PAru106200NhSTFtUKmt5teMg5kECAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBRE9CpGv366eEXbrhBcKA38w7zpWzAfBgNVHSMEGDAWgBQpQLaUu6CVNE5L
25n1Hh8QI75XzjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tVQzJsTHVnbFRST1M5dVo5UjRmRUNPLVY4NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWYvNjEwN2U0LTQzOTMtNGNiZS1hNmMyLTI3YzFhMzU5NzZkZS8x
L1JQUXFScjktdW5oRjI2NFFYQ2dOX01PODZWcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWYv
NjEwN2U0LTQzOTMtNGNiZS1hNmMyLTI3YzFhMzU5NzZkZS8xL0tVQzJsTHVnbFRS
T1M5dVo5UjRmRUNPLVY4NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA1PZADAPBAIAAjAJAwcAKgDYwAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQCgP0lrnoqAWxNJGNb33yhXWLQ/CDRb4N7SaKBy
8DmfMtr9ijK2IXXKYkwzU/tuV70c/Yx53eOquW8X6HUP5IVUM+x3j+FyrdhF94dw
j6ngmH4eGiqUmtf+6+WYzXZ3W3NVRMrMDm4HnmQVg7tYV0uRb33UcR8NpXgAKpzF
rm5GczmgZfhErtgNVZgku07QOWjlXl4/RGMIgjeDk7mByy0t7zpdCy33SccFs5rt
ZGr0ecx1ayp6FMd21t05v8DlacmAH023ticlQs1O+Y/PzJGmp+lXFZfyIFFwPeg7
qoUwUini/xPLV9COIytrgIKlw0XrRP+wReWfYKgtf5wiRczz
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:50 2025 by rpki-client