Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/qJDEfexHscHWDZIrqFZOkAOD68k.roa
File: qJDEfexHscHWDZIrqFZOkAOD68k.roa (raw, json)
Hash identifier: z4/Aa/jrvchbfVMCNr50eIobUhGr1xUtRIfw9nL3oeY=
Subject key identifier: A8:90:C4:7D:EC:47:B1:C1:D6:0D:92:2B:A8:56:4E:90:03:83:EB:C9
Certificate issuer: /CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Certificate serial: 018ADC88616A2A0B779EEF76F0155A49DA06
Authority key identifier: 41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/qJDEfexHscHWDZIrqFZOkAOD68k.roa
Signing time: Thu 28 Sep 2023 16:03:59 +0000
ROA not before: Thu 28 Sep 2023 16:03:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208485
IP address blocks: 192.109.200.0/24 maxlen: 24
192.109.139.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:dc:88:61:6a:2a:0b:77:9e:ef:76:f0:15:5a:49:da:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Validity
Not Before: Sep 28 16:03:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a890c47dec47b1c1d60d922ba8564e900383ebc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:92:84:ad:70:34:b8:13:94:c1:37:d2:94:ad:
66:f3:ed:09:a4:76:93:f5:3c:02:b6:77:fb:2a:f7:
ca:3a:12:fa:75:5c:2f:ef:9a:ec:a5:f9:52:b2:48:
de:a0:12:ea:b4:64:22:50:16:fd:87:1b:5a:ea:fa:
14:4a:5b:9e:4e:3d:7b:89:74:52:a7:63:de:b7:46:
f1:70:6a:f0:fb:f8:6a:3b:ef:56:ae:de:9c:19:bd:
d0:ee:a0:88:c1:6d:8a:f9:e6:43:f1:50:11:b6:b8:
4e:01:a7:8c:92:b6:96:ab:33:e0:37:aa:d7:34:56:
4a:44:50:5e:8a:55:ab:a9:9f:17:99:5e:82:ce:f5:
67:51:07:ea:b1:63:0a:5b:51:f7:e3:64:c4:1c:23:
5c:ee:ed:bf:3d:c4:f2:98:20:91:7d:f8:ce:f8:b7:
44:ec:10:45:b6:7b:bf:92:aa:e9:0c:0f:c9:48:b2:
aa:09:b8:00:b5:b5:9a:cd:9e:4c:ae:70:87:48:56:
f8:17:ef:32:7f:42:28:ce:ca:76:9d:b1:3b:41:d2:
f9:6f:40:82:29:31:82:8e:1b:2f:84:78:64:01:bd:
0b:82:d1:e7:63:0a:4b:ee:c5:ef:9f:5f:30:d1:46:
88:01:f0:98:75:f4:68:44:0f:68:02:55:da:07:3e:
87:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:90:C4:7D:EC:47:B1:C1:D6:0D:92:2B:A8:56:4E:90:03:83:EB:C9
X509v3 Authority Key Identifier:
keyid:41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/qJDEfexHscHWDZIrqFZOkAOD68k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.139.0/24
192.109.200.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:1f:3d:fd:1d:ac:c9:a5:12:0f:40:fe:30:b7:5f:40:34:49:
9b:be:75:06:5b:40:f0:f2:28:4d:5b:17:83:1e:1d:84:a3:b2:
2f:6a:47:a8:ec:ca:98:24:3e:26:d2:f8:9d:5d:fd:46:99:ea:
e8:2e:b4:84:a9:24:1a:c2:9e:a5:5f:63:fc:7c:23:6f:60:e8:
9a:46:89:0c:81:f5:39:3c:6b:4c:e4:3c:88:06:16:a8:41:0e:
d2:e0:63:d8:b0:03:65:3e:61:a2:b3:2b:c6:52:28:35:7a:a6:
ab:97:cc:5a:f5:46:a1:4a:8e:b1:3d:76:9a:fb:75:55:31:78:
d8:cb:42:a8:52:05:72:9d:53:12:ca:eb:62:3a:99:ee:06:f6:
71:fb:2b:54:02:2a:b1:ba:33:65:82:62:31:8f:03:92:72:f5:
90:87:15:9b:96:76:62:1f:6e:25:1d:1f:ef:e7:97:ce:70:c5:
fd:23:a8:29:3a:32:6d:71:02:21:f1:0c:86:12:25:69:dd:9d:
5d:14:ca:b0:9b:9f:84:99:26:9e:fb:4a:6e:da:dd:39:78:30:
dd:44:9d:e8:3e:49:8c:80:e9:e7:df:4d:de:f0:b6:b3:11:14:
30:32:70:6e:75:99:c8:b6:88:57:13:be:8b:ce:ae:7b:93:12:
e3:01:3f:17
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYrciGFqKgt3nu928BVaSdoGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZjVhMTBlNGZkMjY1NWFkYmJiNDBlZGUxOGIyNjE1YWM1
NThlYTkwHhcNMjMwOTI4MTYwMzU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODkwYzQ3ZGVjNDdiMWMxZDYwZDkyMmJhODU2NGU5MDAzODNlYmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZKErXA0uBOUwTfSlK1m8+0JpHaT
9TwCtnf7KvfKOhL6dVwv75rspflSskjeoBLqtGQiUBb9hxta6voUSlueTj17iXRS
p2Pet0bxcGrw+/hqO+9Wrt6cGb3Q7qCIwW2K+eZD8VARtrhOAaeMkraWqzPgN6rX
NFZKRFBeilWrqZ8XmV6CzvVnUQfqsWMKW1H342TEHCNc7u2/PcTymCCRffjO+LdE
7BBFtnu/kqrpDA/JSLKqCbgAtbWazZ5MrnCHSFb4F+8yf0Iozsp2nbE7QdL5b0CC
KTGCjhsvhHhkAb0LgtHnYwpL7sXvn18w0UaIAfCYdfRoRA9oAlXaBz6HxQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKiQxH3sR7HB1g2SK6hWTpADg+vJMB8GA1UdIwQY
MBaAFEH1oQ5P0mVa27tA7eGLJhWsVY6pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWZXaERrX1NaVnJidTBEdDRZc21GYXhWanFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84ZDNjODItZTQwMy00ZGE2LWIzMTUt
ODc5MDIwNmYwZDc0LzEvcUpERWZleEhzY0hXRFpJcnFGWk9rQU9ENjhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84ZDNjODItZTQwMy00ZGE2LWIzMTUtODc5MDIwNmYwZDc0
LzEvUWZXaERrX1NaVnJidTBEdDRZc21GYXhWanFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwG2LAwQA
wG3IMA0GCSqGSIb3DQEBCwUAA4IBAQCOHz39HazJpRIPQP4wt19ANEmbvnUGW0Dw
8ihNWxeDHh2Eo7Ivakeo7MqYJD4m0vidXf1GmeroLrSEqSQawp6lX2P8fCNvYOia
RokMgfU5PGtM5DyIBhaoQQ7S4GPYsANlPmGisyvGUig1eqarl8xa9UahSo6xPXaa
+3VVMXjYy0KoUgVynVMSyutiOpnuBvZx+ytUAiqxujNlgmIxjwOScvWQhxWblnZi
H24lHR/v55fOcMX9I6gpOjJtcQIh8QyGEiVp3Z1dFMqwm5+EmSae+0pu2t05eDDd
RJ3oPkmMgOnn303e8LazERQwMnBudZnItohXE76Lzq57kxLjAT8X
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:48:33 2025 by rpki-client