Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/7e3c7f-2184-403d-80cf-6e4b3c92a827/1/PlMxKUJwCrCwYIHsaa8C0Kg02D0.roa
File: PlMxKUJwCrCwYIHsaa8C0Kg02D0.roa (raw, json)
Hash identifier: gM1HlXOffyUhfDlWsVDJ5qhxJz14Cw9kz9aCvIjia3w=
Subject key identifier: 3E:53:31:29:42:70:0A:B0:B0:60:81:EC:69:AF:02:D0:A8:34:D8:3D
Certificate issuer: /CN=40c3d37be435a9c33f1c63e50d0d6464ed161004
Certificate serial: 0564584D
Authority key identifier: 40:C3:D3:7B:E4:35:A9:C3:3F:1C:63:E5:0D:0D:64:64:ED:16:10:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QMPTe-Q1qcM_HGPlDQ1kZO0WEAQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/7e3c7f-2184-403d-80cf-6e4b3c92a827/1/PlMxKUJwCrCwYIHsaa8C0Kg02D0.roa
Signing time: Sat 01 Jan 2022 00:56:30 +0000
ROA not before: Sat 01 Jan 2022 00:56:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20712
IP address blocks: 193.239.174.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90462285 (0x564584d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40c3d37be435a9c33f1c63e50d0d6464ed161004
Validity
Not Before: Jan 1 00:56:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3e53312942700ab0b06081ec69af02d0a834d83d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:21:89:01:3a:57:95:0b:3b:a1:a4:1a:67:78:
c7:4c:20:f7:7d:f1:c5:bd:2a:18:03:77:f7:68:51:
6c:de:d3:cc:b2:07:b3:02:f8:f8:53:e8:33:d9:5f:
4e:a9:c4:45:d0:a8:de:38:fd:5f:8a:5d:a5:f6:2a:
83:e1:63:67:09:62:43:dd:0d:d5:82:dd:b3:57:8b:
d3:f0:70:dd:e5:85:13:51:3d:da:ea:0c:e2:ea:50:
2d:ef:c0:33:81:86:71:26:59:bf:d9:9a:7a:df:9a:
a8:65:78:8a:7a:bc:f4:77:32:1c:76:42:03:97:8d:
f6:d8:ad:ae:a1:ea:7f:04:3b:13:18:e0:47:de:58:
17:47:ad:9d:cc:b6:10:a3:3e:da:81:1d:ce:30:b4:
cd:94:8b:44:cb:16:95:45:76:81:f9:3b:0b:4c:85:
22:ad:6f:1b:37:bd:8d:de:c0:5d:48:b3:ce:7b:6c:
c5:24:44:f3:11:30:ee:5e:1f:18:6a:97:7f:9f:d5:
f8:10:18:ca:f2:bf:3c:ea:b2:cf:5b:8b:7d:e2:13:
81:a3:7b:3c:68:d7:19:ec:74:7e:58:d5:0a:f6:87:
01:f8:c7:ed:65:80:48:f2:ed:85:ee:d6:d1:9c:86:
a5:29:bd:ce:a3:95:93:03:1b:d9:08:e6:33:28:57:
cf:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:53:31:29:42:70:0A:B0:B0:60:81:EC:69:AF:02:D0:A8:34:D8:3D
X509v3 Authority Key Identifier:
keyid:40:C3:D3:7B:E4:35:A9:C3:3F:1C:63:E5:0D:0D:64:64:ED:16:10:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QMPTe-Q1qcM_HGPlDQ1kZO0WEAQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/7e3c7f-2184-403d-80cf-6e4b3c92a827/1/PlMxKUJwCrCwYIHsaa8C0Kg02D0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/7e3c7f-2184-403d-80cf-6e4b3c92a827/1/QMPTe-Q1qcM_HGPlDQ1kZO0WEAQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.239.174.0/23
Signature Algorithm: sha256WithRSAEncryption
87:60:5b:cb:b6:3e:ba:f2:73:32:70:b3:06:30:51:47:9b:3c:
34:9b:69:ee:1c:01:02:30:b8:de:13:9b:02:d1:4d:b3:f1:f6:
df:93:8c:c8:8f:01:8d:89:ce:81:fd:ef:6c:70:5a:ce:58:36:
99:de:75:0f:a1:b8:e5:e3:3c:97:34:b2:03:f6:db:65:ae:c6:
33:e1:fa:cf:81:35:f3:d6:c0:fb:36:27:db:2d:d6:82:c9:83:
b3:c6:e4:7a:04:e9:33:d1:a4:e1:78:f1:b7:70:33:86:25:67:
eb:d8:dd:15:84:10:56:22:34:fa:6b:c9:0e:6e:e7:05:a6:c5:
78:41:ba:5a:e6:69:67:38:2d:33:c2:44:bd:08:8c:68:83:d3:
c9:73:55:13:6a:b6:5d:a7:d3:2c:bd:ef:61:43:ec:66:bd:39:
0a:b0:37:cd:fb:0a:22:ae:ac:f8:fa:d5:b8:89:3e:89:89:3f:
cb:cc:8c:d6:10:13:7c:40:99:bf:3d:d9:3e:9e:87:e9:cd:d7:
ef:ad:62:e9:67:40:48:13:37:24:af:71:82:bc:38:e1:c4:e6:
6a:f7:e1:e0:df:fa:0e:30:9e:e6:9f:d4:df:1a:6e:17:38:f7:
c6:0a:69:a0:38:7c:8c:f9:27:c4:2b:e3:7a:4c:42:60:3c:92:
6a:43:b8:0f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBWRYTTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MGMzZDM3YmU0MzVhOWMzM2YxYzYzZTUwZDBkNjQ2NGVkMTYxMDA0MB4XDTIyMDEw
MTAwNTYzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2U1MzMxMjk0Mjcw
MGFiMGIwNjA4MWVjNjlhZjAyZDBhODM0ZDgzZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMIhiQE6V5ULO6GkGmd4x0wg933xxb0qGAN392hRbN7TzLIH
swL4+FPoM9lfTqnERdCo3jj9X4pdpfYqg+FjZwliQ90N1YLds1eL0/Bw3eWFE1E9
2uoM4upQLe/AM4GGcSZZv9maet+aqGV4inq89HcyHHZCA5eN9titrqHqfwQ7Exjg
R95YF0etncy2EKM+2oEdzjC0zZSLRMsWlUV2gfk7C0yFIq1vGze9jd7AXUizznts
xSRE8xEw7l4fGGqXf5/V+BAYyvK/POqyz1uLfeITgaN7PGjXGex0fljVCvaHAfjH
7WWASPLthe7W0ZyGpSm9zqOVkwMb2QjmMyhXz2sCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ+UzEpQnAKsLBggexprwLQqDTYPTAfBgNVHSMEGDAWgBRAw9N75DWpwz8c
Y+UNDWRk7RYQBDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FNUFRlLVExcWNNX0hHUGxEUTFrWk8wV0VBUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjIvN2UzYzdmLTIxODQtNDAzZC04MGNmLTZlNGIzYzkyYTgyNy8x
L1BsTXhLVUp3Q3JDd1lJSHNhYThDMEtnMDJEMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjIv
N2UzYzdmLTIxODQtNDAzZC04MGNmLTZlNGIzYzkyYTgyNy8xL1FNUFRlLVExcWNN
X0hHUGxEUTFrWk8wV0VBUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcHvrjANBgkqhkiG9w0BAQsFAAOC
AQEAh2Bby7Y+uvJzMnCzBjBRR5s8NJtp7hwBAjC43hObAtFNs/H235OMyI8BjYnO
gf3vbHBazlg2md51D6G45eM8lzSyA/bbZa7GM+H6z4E189bA+zYn2y3WgsmDs8bk
egTpM9Gk4Xjxt3AzhiVn69jdFYQQViI0+mvJDm7nBabFeEG6WuZpZzgtM8JEvQiM
aIPTyXNVE2q2XafTLL3vYUPsZr05CrA3zfsKIq6s+PrVuIk+iYk/y8yM1hATfECZ
vz3ZPp6H6c3X761i6WdASBM3JK9xgrw44cTmavfh4N/6DjCe5p/U3xpuFzj3xgpp
oDh8jPknxCvjekxCYDySakO4Dw==
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:15:09 2025 by rpki-client