Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/qbj8AlJzrFzKOvsuC-pdaitDALA.roa
File: qbj8AlJzrFzKOvsuC-pdaitDALA.roa (raw, json)
Hash identifier: dLmEp2sRbWpcgd1lY7PAh3GdT4/rYd92x28b8rhmlOk=
Subject key identifier: A9:B8:FC:02:52:73:AC:5C:CA:3A:FB:2E:0B:EA:5D:6A:2B:43:00:B0
Certificate issuer: /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial: 01857002754326CB0BCD3761542B6AE6F870
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/qbj8AlJzrFzKOvsuC-pdaitDALA.roa
Signing time: Mon 02 Jan 2023 01:04:47 +0000
ROA not before: Mon 02 Jan 2023 01:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15640
IP address blocks: 213.87.42.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:02:75:43:26:cb:0b:cd:37:61:54:2b:6a:e6:f8:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Validity
Not Before: Jan 2 01:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9b8fc025273ac5cca3afb2e0bea5d6a2b4300b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:da:06:a1:9f:03:fd:e4:1c:5a:7e:c0:70:73:
68:d3:4a:4a:88:df:f4:3a:18:bd:97:2a:95:09:fd:
d1:8c:73:e4:2a:e5:c5:dc:e1:f0:5a:90:16:b8:c8:
5d:50:20:c7:ea:b7:60:61:d5:21:9c:3b:3b:12:4b:
74:f5:b2:0c:90:91:30:f7:78:54:da:ec:c1:6f:a9:
31:ac:3b:bf:86:27:3d:8c:61:fd:67:23:a4:6d:31:
5c:f8:07:89:80:1b:dd:2d:85:87:e1:6d:82:22:25:
ce:5f:17:1d:94:97:ae:91:24:bf:ea:6b:f4:b8:8e:
e6:8c:da:f9:1e:f6:f3:39:7b:fe:6b:7c:77:35:98:
ce:b8:77:73:f6:bf:17:63:7c:33:43:4d:d9:5b:32:
64:74:c2:29:e9:25:ab:0f:37:17:20:78:2b:e6:02:
0a:4c:cf:b4:80:c9:7f:76:b2:a0:63:76:8d:3c:f4:
93:a1:5d:bf:48:af:5c:de:1f:bd:7f:a1:99:93:e1:
f5:da:f7:00:45:b1:c6:73:b6:c7:a9:98:9b:07:02:
e0:43:a1:33:a6:a8:e0:03:ae:0e:dc:ca:e9:47:c3:
f8:1f:ec:db:68:28:b6:b4:59:1a:6f:26:01:47:45:
45:c7:6d:f2:3e:ac:95:66:87:1e:b7:b1:78:2a:cf:
ab:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:B8:FC:02:52:73:AC:5C:CA:3A:FB:2E:0B:EA:5D:6A:2B:43:00:B0
X509v3 Authority Key Identifier:
keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/qbj8AlJzrFzKOvsuC-pdaitDALA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.87.42.0/23
Signature Algorithm: sha256WithRSAEncryption
31:fa:8c:9f:fa:0b:ad:74:f0:56:89:ac:9c:59:6a:3f:78:48:
4f:cb:31:10:8d:29:b1:98:2f:40:1d:35:d5:6d:2b:24:61:32:
9f:af:72:86:61:31:d7:04:c9:90:ab:8c:a6:6f:34:44:87:ca:
e1:e1:3d:77:43:e8:0e:09:f7:31:14:dc:31:34:19:4b:42:d8:
1f:e0:1f:f1:dd:c9:4c:db:59:cf:ba:6e:c8:11:6d:9f:0c:82:
1f:78:63:46:e3:dd:31:2f:fe:21:8a:ae:f2:9d:e9:41:54:87:
97:a2:4f:65:3d:c0:76:df:40:cd:e1:50:64:ab:47:05:2b:a2:
2d:80:2a:b7:c6:4e:f4:81:29:ad:5c:4c:73:dc:d6:b7:00:de:
e0:95:59:94:55:94:ee:77:84:84:6d:6c:c0:e5:87:8f:ef:74:
b4:97:9b:f5:07:06:7e:9d:27:de:62:a4:d5:2f:02:a3:c6:9e:
b6:de:93:9d:08:2a:68:c6:dc:00:f7:6d:e8:47:ba:4b:13:81:
07:1d:6e:23:97:2a:84:47:23:ba:b0:54:0d:cb:21:25:b4:e4:
60:d3:e2:8d:db:27:bc:1f:c3:8d:2e:df:32:0d:06:06:ea:3f:
34:c0:00:78:58:50:97:35:24:20:a3:dd:8e:d9:10:fa:a4:fa:
77:5c:3a:90
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwAnVDJssLzTdhVCtq5vhwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjMwMTAyMDEwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWI4ZmMwMjUyNzNhYzVjY2EzYWZiMmUwYmVhNWQ2YTJiNDMwMGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNoGoZ8D/eQcWn7AcHNo00pKiN/0
Ohi9lyqVCf3RjHPkKuXF3OHwWpAWuMhdUCDH6rdgYdUhnDs7Ekt09bIMkJEw93hU
2uzBb6kxrDu/hic9jGH9ZyOkbTFc+AeJgBvdLYWH4W2CIiXOXxcdlJeukSS/6mv0
uI7mjNr5HvbzOXv+a3x3NZjOuHdz9r8XY3wzQ03ZWzJkdMIp6SWrDzcXIHgr5gIK
TM+0gMl/drKgY3aNPPSToV2/SK9c3h+9f6GZk+H12vcARbHGc7bHqZibBwLgQ6Ez
pqjgA64O3MrpR8P4H+zbaCi2tFkabyYBR0VFx23yPqyVZocet7F4Ks+rkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKm4/AJSc6xcyjr7LgvqXWorQwCwMB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEvcWJqOEFsSnpyRnpLT3ZzdUMtcGRhaXREQUxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1VcqMA0G
CSqGSIb3DQEBCwUAA4IBAQAx+oyf+gutdPBWiaycWWo/eEhPyzEQjSmxmC9AHTXV
bSskYTKfr3KGYTHXBMmQq4ymbzREh8rh4T13Q+gOCfcxFNwxNBlLQtgf4B/x3clM
21nPum7IEW2fDIIfeGNG490xL/4hiq7ynelBVIeXok9lPcB230DN4VBkq0cFK6It
gCq3xk70gSmtXExz3Na3AN7glVmUVZTud4SEbWzA5YeP73S0l5v1BwZ+nSfeYqTV
LwKjxp623pOdCCpoxtwA923oR7pLE4EHHW4jlyqERyO6sFQNyyEltORg0+KN2ye8
H8ONLt8yDQYG6j80wAB4WFCXNSQgo92O2RD6pPp3XDqQ
-----END CERTIFICATE-----
Generated at Fri May 2 00:43:59 2025 by rpki-client