Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/qIFI258Pk3fpR2SvliQdxl0NOi0.roa
File: qIFI258Pk3fpR2SvliQdxl0NOi0.roa (raw, json)
Hash identifier: dLX6lBJxmFRSq2+HCpYRfUtc8LPg7JZcV409Eb/XNv8=
Subject key identifier: A8:81:48:DB:9F:0F:93:77:E9:47:64:AF:96:24:1D:C6:5D:0D:3A:2D
Certificate issuer: /CN=e7f881401abacc88c941fdf740f1ab1536f05dba
Certificate serial: 01865063F3924C98CB3E4E6EDAF5D4BB1C41
Authority key identifier: E7:F8:81:40:1A:BA:CC:88:C9:41:FD:F7:40:F1:AB:15:36:F0:5D:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/qIFI258Pk3fpR2SvliQdxl0NOi0.roa
Signing time: Tue 14 Feb 2023 14:46:12 +0000
ROA not before: Tue 14 Feb 2023 14:46:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200055
IP address blocks: 85.248.249.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:50:63:f3:92:4c:98:cb:3e:4e:6e:da:f5:d4:bb:1c:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7f881401abacc88c941fdf740f1ab1536f05dba
Validity
Not Before: Feb 14 14:46:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a88148db9f0f9377e94764af96241dc65d0d3a2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:f5:3b:f9:08:08:07:75:76:9c:a4:21:31:ff:
b1:af:bf:30:31:61:a6:2f:e3:28:4b:66:5e:16:74:
cc:04:34:c0:76:29:b0:86:03:bd:2f:ab:c7:69:37:
70:73:06:ab:d6:28:f8:a2:03:d1:58:ea:60:7c:c3:
53:2a:d2:0f:fb:54:5e:80:33:03:c1:0f:1f:3a:82:
4f:34:8f:f9:c8:90:fb:da:cb:0d:0d:62:95:ae:cd:
57:31:e2:d3:b5:e0:ad:7e:89:d8:aa:fa:4d:36:8b:
60:c4:5a:9a:e7:bf:6a:b5:6d:5c:7e:1c:13:dc:be:
14:14:c2:a9:3b:7e:fe:d2:00:d6:e2:ab:25:63:ac:
6a:a0:e4:19:bd:f6:86:c2:a4:72:0d:df:d2:b9:48:
de:37:f2:9e:2c:e6:a3:88:3c:ae:61:25:77:84:c8:
11:66:57:ce:00:88:b1:2b:7a:73:8b:f6:47:84:47:
9e:76:ec:87:a5:af:e2:56:e6:bc:58:b2:c0:a1:6f:
b1:a0:1a:b8:6d:81:cc:ba:97:02:ed:08:60:33:98:
a9:5f:c5:e4:c4:0c:d2:85:5a:ae:54:bd:ca:b5:a0:
d6:91:31:51:f6:6c:79:06:57:e3:86:46:09:10:0c:
b9:40:08:48:25:01:19:e0:dc:39:ba:98:06:0b:20:
4b:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:81:48:DB:9F:0F:93:77:E9:47:64:AF:96:24:1D:C6:5D:0D:3A:2D
X509v3 Authority Key Identifier:
keyid:E7:F8:81:40:1A:BA:CC:88:C9:41:FD:F7:40:F1:AB:15:36:F0:5D:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/qIFI258Pk3fpR2SvliQdxl0NOi0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/5_iBQBq6zIjJQf33QPGrFTbwXbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.248.249.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:81:5a:e2:a9:fc:0e:be:6a:57:b6:d7:e5:35:4c:2d:52:63:
0a:b5:4b:f3:1d:8f:3b:b9:60:06:44:77:e9:1f:0f:d9:cd:ea:
cb:a5:14:5b:d6:51:57:bf:cd:ae:e0:9d:13:74:1c:35:75:91:
94:3d:18:84:d2:cf:90:f8:c8:0f:35:11:44:1c:e1:a3:e2:2d:
cf:d1:45:d2:90:eb:3d:9f:41:56:4a:5c:c2:8a:31:61:36:4d:
92:3f:bc:f7:10:89:19:ff:e5:a6:20:98:e7:0b:c9:4c:3c:a8:
2d:8e:75:6b:cf:2e:7a:49:0b:c4:53:b1:ba:d5:59:55:d6:53:
7c:f0:7e:aa:b3:ff:38:8d:01:d4:23:10:65:63:62:f8:6c:97:
7c:5f:85:57:a6:e9:d1:3f:89:b0:9a:53:63:a1:03:34:a9:b8:
dd:64:f6:a1:36:b1:61:f4:0c:73:b5:39:38:66:aa:91:7e:d3:
3c:36:8b:6b:e5:7f:9d:65:17:84:ea:71:b4:48:f7:de:c4:17:
77:cf:aa:64:76:14:e7:d0:d2:e4:9d:2f:46:ca:0a:b1:f9:53:
4b:2d:63:51:22:a3:fa:11:17:a5:fd:a1:09:42:23:05:66:ed:
31:fa:d4:8b:a5:56:2c:5f:ea:e4:31:27:d9:87:55:53:44:76:
7a:26:aa:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZQY/OSTJjLPk5u2vXUuxxBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Zjg4MTQwMWFiYWNjODhjOTQxZmRmNzQwZjFhYjE1MzZm
MDVkYmEwHhcNMjMwMjE0MTQ0NjEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODgxNDhkYjlmMGY5Mzc3ZTk0NzY0YWY5NjI0MWRjNjVkMGQzYTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfU7+QgIB3V2nKQhMf+xr78wMWGm
L+MoS2ZeFnTMBDTAdimwhgO9L6vHaTdwcwar1ij4ogPRWOpgfMNTKtIP+1RegDMD
wQ8fOoJPNI/5yJD72ssNDWKVrs1XMeLTteCtfonYqvpNNotgxFqa579qtW1cfhwT
3L4UFMKpO37+0gDW4qslY6xqoOQZvfaGwqRyDd/SuUjeN/KeLOajiDyuYSV3hMgR
ZlfOAIixK3pzi/ZHhEeeduyHpa/iVua8WLLAoW+xoBq4bYHMupcC7QhgM5ipX8Xk
xAzShVquVL3KtaDWkTFR9mx5BlfjhkYJEAy5QAhIJQEZ4Nw5upgGCyBLdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKiBSNufD5N36Udkr5YkHcZdDTotMB8GA1UdIwQY
MBaAFOf4gUAausyIyUH990DxqxU28F26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNV9pQlFCcTZ6SWpKUWYzM1FQR3JGVGJ3WGJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9mNTUzNGEtYTYxMy00N2JlLWI0MmIt
ZTJmYmMzYTY4ODAwLzEvcUlGSTI1OFBrM2ZwUjJTdmxpUWR4bDBOT2kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9mNTUzNGEtYTYxMy00N2JlLWI0MmItZTJmYmMzYTY4ODAw
LzEvNV9pQlFCcTZ6SWpKUWYzM1FQR3JGVGJ3WGJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVfj5MA0G
CSqGSIb3DQEBCwUAA4IBAQCpgVriqfwOvmpXttflNUwtUmMKtUvzHY87uWAGRHfp
Hw/ZzerLpRRb1lFXv82u4J0TdBw1dZGUPRiE0s+Q+MgPNRFEHOGj4i3P0UXSkOs9
n0FWSlzCijFhNk2SP7z3EIkZ/+WmIJjnC8lMPKgtjnVrzy56SQvEU7G61VlV1lN8
8H6qs/84jQHUIxBlY2L4bJd8X4VXpunRP4mwmlNjoQM0qbjdZPahNrFh9AxztTk4
ZqqRftM8Notr5X+dZReE6nG0SPfexBd3z6pkdhTn0NLknS9Gygqx+VNLLWNRIqP6
ERel/aEJQiMFZu0x+tSLpVYsX+rkMSfZh1VTRHZ6Jqo5
-----END CERTIFICATE-----
Generated at Tue Apr 29 17:45:30 2025 by rpki-client