Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/2f5dc5-65eb-4c08-ac4d-f46b5d57a685/1/Q78VcjI7HHpXjdmF2q9atLDaoJA.roa
File: Q78VcjI7HHpXjdmF2q9atLDaoJA.roa (raw, json)
Hash identifier: 6jUGv1LzhaPdpoufCocYLSEW4Za6K+PpAA/r0hMDd1E=
Subject key identifier: 43:BF:15:72:32:3B:1C:7A:57:8D:D9:85:DA:AF:5A:B4:B0:DA:A0:90
Certificate issuer: /CN=7cb3a34e3dd0a71d4d9eaf358eb43d8b68e5e0e8
Certificate serial: 05B58D7D
Authority key identifier: 7C:B3:A3:4E:3D:D0:A7:1D:4D:9E:AF:35:8E:B4:3D:8B:68:E5:E0:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fLOjTj3Qpx1Nnq81jrQ9i2jl4Og.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/2f5dc5-65eb-4c08-ac4d-f46b5d57a685/1/Q78VcjI7HHpXjdmF2q9atLDaoJA.roa
Signing time: Sat 01 Jan 2022 15:00:34 +0000
ROA not before: Sat 01 Jan 2022 15:00:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43623
IP address blocks: 194.127.132.0/23 maxlen: 23
194.127.132.0/24 maxlen: 24
194.127.133.0/24 maxlen: 24
194.59.34.0/23 maxlen: 23
194.59.35.0/24 maxlen: 24
217.66.33.0/24 maxlen: 24
217.66.32.0/24 maxlen: 24
217.66.32.0/20 maxlen: 20
217.66.36.0/24 maxlen: 24
217.66.35.0/24 maxlen: 24
217.66.38.0/24 maxlen: 24
217.66.37.0/24 maxlen: 24
217.66.39.0/24 maxlen: 24
217.66.43.0/24 maxlen: 24
217.66.42.0/24 maxlen: 24
217.66.44.0/24 maxlen: 24
217.66.47.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95784317 (0x5b58d7d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7cb3a34e3dd0a71d4d9eaf358eb43d8b68e5e0e8
Validity
Not Before: Jan 1 15:00:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=43bf1572323b1c7a578dd985daaf5ab4b0daa090
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:71:c6:09:e2:21:ab:c6:67:af:c0:8f:d0:0d:
fa:4e:01:9d:fe:37:ac:b5:fd:6d:85:2f:08:27:5a:
8d:7b:49:84:e8:05:78:43:27:43:a4:6c:1c:d2:3e:
98:9b:cd:b9:9f:56:27:37:42:e2:e3:a7:6c:22:bd:
7c:dd:60:54:4c:1c:01:a1:bb:9d:1a:23:db:8e:2f:
c1:63:7b:41:d2:71:62:ad:47:6d:56:f6:ee:a5:8b:
78:60:a4:ff:ad:ed:7f:37:1a:ce:6a:e7:d8:a0:87:
70:d2:e8:5d:c1:ee:67:38:43:17:0c:cc:3c:30:55:
2a:08:0e:2b:4c:5f:a3:fa:95:9a:05:63:ff:50:cb:
e8:84:d9:a6:e4:c6:3f:84:7c:0a:ae:90:bd:9a:bf:
fa:b4:1b:6f:11:c7:89:59:31:5d:9b:da:aa:9e:61:
ef:ff:6d:e0:c2:74:41:39:f1:07:5d:cc:fa:bb:74:
d1:0f:a3:34:52:58:79:d9:3e:b2:52:de:cd:5b:51:
34:57:e2:61:96:c2:07:f8:59:05:48:22:2d:f2:79:
e8:51:b5:4f:74:80:ae:93:12:1f:09:79:98:a1:4a:
4d:72:68:7a:16:a1:05:ce:5b:1d:7c:88:16:72:e7:
42:d6:25:a9:ad:c8:2a:ca:21:24:53:39:96:0c:5d:
41:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:BF:15:72:32:3B:1C:7A:57:8D:D9:85:DA:AF:5A:B4:B0:DA:A0:90
X509v3 Authority Key Identifier:
keyid:7C:B3:A3:4E:3D:D0:A7:1D:4D:9E:AF:35:8E:B4:3D:8B:68:E5:E0:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fLOjTj3Qpx1Nnq81jrQ9i2jl4Og.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/2f5dc5-65eb-4c08-ac4d-f46b5d57a685/1/Q78VcjI7HHpXjdmF2q9atLDaoJA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/2f5dc5-65eb-4c08-ac4d-f46b5d57a685/1/fLOjTj3Qpx1Nnq81jrQ9i2jl4Og.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.59.34.0/23
194.127.132.0/23
217.66.32.0/20
Signature Algorithm: sha256WithRSAEncryption
7d:8a:b1:29:74:33:18:d9:59:2d:8e:e3:68:69:a2:51:34:20:
e6:8c:c9:0c:a5:2c:54:84:49:3b:11:cf:81:e8:40:52:aa:84:
30:0b:33:e9:23:14:50:91:80:16:d6:d8:e3:e8:6c:f8:aa:37:
dc:46:b4:05:b2:87:7b:e6:37:e6:a1:73:54:76:5b:01:e6:4c:
1a:8c:fb:e7:40:1c:b5:f7:6d:a5:67:cc:64:b7:4d:e9:5b:19:
b8:5e:af:3f:3d:67:b4:17:d9:56:75:da:b0:61:ed:ee:e4:47:
21:69:23:75:10:da:8a:42:aa:53:a4:4e:f2:5c:e2:12:b2:d0:
91:69:40:d5:4c:1b:23:c3:85:5e:f1:b4:38:28:12:12:7d:fd:
71:fe:2b:03:a6:0d:16:1d:c0:a2:96:b0:db:58:db:65:c9:7d:
b0:27:46:ce:ec:f0:45:03:80:af:50:0b:ba:ba:66:0e:12:e1:
97:28:d1:50:93:0f:95:5d:c2:98:fe:fb:ea:a4:11:8e:a8:00:
f2:86:03:6e:93:87:f2:2f:e4:e1:b4:06:b7:0c:a4:47:52:01:
76:e3:56:cc:2a:22:1b:54:da:1c:34:75:c8:78:ff:5d:cb:9e:
df:30:c9:65:40:6c:36:fd:37:6f:b6:d6:fc:dd:51:18:b8:27:
65:a5:b4:01
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEBbWNfTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
Y2IzYTM0ZTNkZDBhNzFkNGQ5ZWFmMzU4ZWI0M2Q4YjY4ZTVlMGU4MB4XDTIyMDEw
MTE1MDAzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDNiZjE1NzIzMjNi
MWM3YTU3OGRkOTg1ZGFhZjVhYjRiMGRhYTA5MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMVxxgniIavGZ6/Aj9AN+k4Bnf43rLX9bYUvCCdajXtJhOgF
eEMnQ6RsHNI+mJvNuZ9WJzdC4uOnbCK9fN1gVEwcAaG7nRoj244vwWN7QdJxYq1H
bVb27qWLeGCk/63tfzcazmrn2KCHcNLoXcHuZzhDFwzMPDBVKggOK0xfo/qVmgVj
/1DL6ITZpuTGP4R8Cq6QvZq/+rQbbxHHiVkxXZvaqp5h7/9t4MJ0QTnxB13M+rt0
0Q+jNFJYedk+slLezVtRNFfiYZbCB/hZBUgiLfJ56FG1T3SArpMSHwl5mKFKTXJo
ehahBc5bHXyIFnLnQtYlqa3IKsohJFM5lgxdQb0CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBRDvxVyMjsceleN2YXar1q0sNqgkDAfBgNVHSMEGDAWgBR8s6NOPdCnHU2e
rzWOtD2LaOXg6DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZMT2pUajNRcHgxTm5xODFqclE5aTJqbDRPZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmEvMmY1ZGM1LTY1ZWItNGMwOC1hYzRkLWY0NmI1ZDU3YTY4NS8x
L1E3OFZjakk3SEhwWGpkbUYycTlhdExEYW9KQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmEv
MmY1ZGM1LTY1ZWItNGMwOC1hYzRkLWY0NmI1ZDU3YTY4NS8xL2ZMT2pUajNRcHgx
Tm5xODFqclE5aTJqbDRPZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAcI7IgMEAcJ/hAMEBNlCIDANBgkq
hkiG9w0BAQsFAAOCAQEAfYqxKXQzGNlZLY7jaGmiUTQg5ozJDKUsVIRJOxHPgehA
UqqEMAsz6SMUUJGAFtbY4+hs+Ko33Ea0BbKHe+Y35qFzVHZbAeZMGoz750Actfdt
pWfMZLdN6VsZuF6vPz1ntBfZVnXasGHt7uRHIWkjdRDaikKqU6RO8lziErLQkWlA
1UwbI8OFXvG0OCgSEn39cf4rA6YNFh3Aopaw21jbZcl9sCdGzuzwRQOAr1ALurpm
DhLhlyjRUJMPlV3CmP776qQRjqgA8oYDbpOH8i/k4bQGtwykR1IBduNWzCoiG1Ta
HDR1yHj/Xcue3zDJZUBsNv03b7bW/N1RGLgnZaW0AQ==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:54:23 2025 by rpki-client