Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/af3e51-79d6-4078-a569-d0003a6b5224/1/QoXeWMEV5IDZ43AVtBDGosX4Sg4.roa
File: QoXeWMEV5IDZ43AVtBDGosX4Sg4.roa (raw, json)
Hash identifier: 9suhNzOJSMIjBgz/ntmVHP27pqo3jmV8mMF1tBW+vFg=
Subject key identifier: 42:85:DE:58:C1:15:E4:80:D9:E3:70:15:B4:10:C6:A2:C5:F8:4A:0E
Certificate issuer: /CN=b0ef19bcb23a2f04c586ac1311a91bc7ca2a9765
Certificate serial: 018B23AA2835175DD29929E7725E2F517605
Authority key identifier: B0:EF:19:BC:B2:3A:2F:04:C5:86:AC:13:11:A9:1B:C7:CA:2A:97:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sO8ZvLI6LwTFhqwTEakbx8oql2U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/af3e51-79d6-4078-a569-d0003a6b5224/1/QoXeWMEV5IDZ43AVtBDGosX4Sg4.roa
Signing time: Thu 12 Oct 2023 11:33:55 +0000
ROA not before: Thu 12 Oct 2023 11:33:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6730
IP address blocks: 91.213.4.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:23:aa:28:35:17:5d:d2:99:29:e7:72:5e:2f:51:76:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0ef19bcb23a2f04c586ac1311a91bc7ca2a9765
Validity
Not Before: Oct 12 11:33:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4285de58c115e480d9e37015b410c6a2c5f84a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:5a:1d:18:b4:cb:9e:02:cf:28:49:df:80:33:
19:59:91:52:29:4c:8d:25:fc:ec:65:76:77:e0:78:
f1:c3:db:8a:cc:e0:b8:f1:8d:ff:82:5b:94:85:d0:
2e:cb:00:07:c4:dc:e9:fa:d0:63:73:d9:bb:22:05:
ea:a4:7e:79:73:bb:4f:00:bf:40:5e:3f:c8:f9:67:
d1:8c:89:ca:54:70:bc:6f:e0:0a:c6:f7:93:43:5b:
62:43:38:27:7d:4b:50:1f:6a:6b:66:07:99:2c:31:
d9:51:41:50:d4:0b:c1:01:04:02:4c:44:c4:e7:95:
0e:26:15:37:a1:1c:e0:b8:b2:ea:b8:34:67:13:37:
56:5b:36:c4:2b:6e:51:8e:25:e9:bc:5b:83:91:06:
fb:4f:f1:25:3b:f1:25:78:69:42:f2:57:bc:f1:6a:
e4:c0:d8:b8:1f:5a:c8:dc:01:a6:7d:e6:f5:11:3f:
46:c3:43:86:88:61:b3:1d:ce:47:0d:f3:f3:43:36:
f3:cc:7c:bb:bf:b1:d8:12:d4:4e:bc:07:89:9a:41:
3a:0d:92:b2:de:8f:cb:a5:fc:65:6d:0e:a6:2e:ea:
a4:b3:b6:7d:ba:f0:ba:4c:65:ae:8c:8c:73:ad:e0:
45:9a:24:65:01:27:bc:dc:f1:49:31:d7:08:20:fc:
bd:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:85:DE:58:C1:15:E4:80:D9:E3:70:15:B4:10:C6:A2:C5:F8:4A:0E
X509v3 Authority Key Identifier:
keyid:B0:EF:19:BC:B2:3A:2F:04:C5:86:AC:13:11:A9:1B:C7:CA:2A:97:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sO8ZvLI6LwTFhqwTEakbx8oql2U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/af3e51-79d6-4078-a569-d0003a6b5224/1/QoXeWMEV5IDZ43AVtBDGosX4Sg4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/af3e51-79d6-4078-a569-d0003a6b5224/1/sO8ZvLI6LwTFhqwTEakbx8oql2U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.4.0/24
Signature Algorithm: sha256WithRSAEncryption
87:75:46:5c:2f:7e:1f:0f:e2:1e:3b:fe:d8:a7:03:28:8a:0f:
cd:2c:eb:be:cc:5b:7e:ef:29:1b:30:1f:85:81:32:9d:32:d4:
9c:a5:75:4c:20:83:45:c9:ca:2a:6e:f0:25:88:6e:25:58:eb:
3b:94:c8:23:21:93:43:4b:2f:cc:dc:53:37:9c:b6:3d:90:a2:
52:68:29:04:96:0a:6d:51:cc:9b:b8:86:34:37:99:27:38:90:
71:d5:22:26:e4:a3:c6:94:5b:e7:29:08:83:bf:b0:f4:66:e2:
33:7e:cf:e9:86:5a:dd:1e:96:3a:46:88:46:7d:10:73:51:a2:
a1:55:7a:e5:6a:36:da:af:be:98:a6:56:99:90:e4:10:8d:44:
e4:18:fc:06:90:3e:b3:41:79:6b:96:8e:75:5e:75:5d:90:90:
40:08:24:11:2f:8e:76:c4:95:89:54:58:ef:68:49:46:1d:51:
b8:a0:cd:cd:2d:be:f8:52:bf:99:d3:3a:85:5b:3d:9d:3e:b2:
20:29:f8:63:92:62:a4:8e:ea:a4:a7:5c:46:5d:54:b9:14:36:
c0:9c:eb:dc:65:92:f4:a1:48:94:9b:df:21:1a:15:04:4f:26:
3a:7f:bd:53:d9:82:a0:55:1e:d5:ba:88:20:ef:96:7f:17:cb:
92:3f:94:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsjqig1F13SmSnncl4vUXYFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZWYxOWJjYjIzYTJmMDRjNTg2YWMxMzExYTkxYmM3Y2Ey
YTk3NjUwHhcNMjMxMDEyMTEzMzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Mjg1ZGU1OGMxMTVlNDgwZDllMzcwMTViNDEwYzZhMmM1Zjg0YTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlodGLTLngLPKEnfgDMZWZFSKUyN
JfzsZXZ34Hjxw9uKzOC48Y3/gluUhdAuywAHxNzp+tBjc9m7IgXqpH55c7tPAL9A
Xj/I+WfRjInKVHC8b+AKxveTQ1tiQzgnfUtQH2prZgeZLDHZUUFQ1AvBAQQCTETE
55UOJhU3oRzguLLquDRnEzdWWzbEK25RjiXpvFuDkQb7T/ElO/EleGlC8le88Wrk
wNi4H1rI3AGmfeb1ET9Gw0OGiGGzHc5HDfPzQzbzzHy7v7HYEtROvAeJmkE6DZKy
3o/LpfxlbQ6mLuqks7Z9uvC6TGWujIxzreBFmiRlASe83PFJMdcIIPy9YQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEKF3ljBFeSA2eNwFbQQxqLF+EoOMB8GA1UdIwQY
MBaAFLDvGbyyOi8ExYasExGpG8fKKpdlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc084WnZMSTZMd1RGaHF3VEVha2J4OG9xbDJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9hZjNlNTEtNzlkNi00MDc4LWE1Njkt
ZDAwMDNhNmI1MjI0LzEvUW9YZVdNRVY1SURaNDNBVnRCREdvc1g0U2c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9hZjNlNTEtNzlkNi00MDc4LWE1NjktZDAwMDNhNmI1MjI0
LzEvc084WnZMSTZMd1RGaHF3VEVha2J4OG9xbDJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9UEMA0G
CSqGSIb3DQEBCwUAA4IBAQCHdUZcL34fD+IeO/7YpwMoig/NLOu+zFt+7ykbMB+F
gTKdMtScpXVMIINFycoqbvAliG4lWOs7lMgjIZNDSy/M3FM3nLY9kKJSaCkElgpt
UcybuIY0N5knOJBx1SIm5KPGlFvnKQiDv7D0ZuIzfs/phlrdHpY6RohGfRBzUaKh
VXrlajbar76YplaZkOQQjUTkGPwGkD6zQXlrlo51XnVdkJBACCQRL452xJWJVFjv
aElGHVG4oM3NLb74Ur+Z0zqFWz2dPrIgKfhjkmKkjuqkp1xGXVS5FDbAnOvcZZL0
oUiUm98hGhUETyY6f71T2YKgVR7Vuogg75Z/F8uSP5T4
-----END CERTIFICATE-----
Generated at Sun Jun 15 13:17:30 2025 by rpki-client