Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/82cc5d-d6a8-4667-b049-967c57d5a361/1/Q6TNYhKEK1bjmxRS14F4q5jrp5M.roa
File: Q6TNYhKEK1bjmxRS14F4q5jrp5M.roa (raw, json)
Hash identifier: KFnRpt5qBaRyBRX2q8OUVi1rRz/6yUOE8FtnkikcchU=
Subject key identifier: 43:A4:CD:62:12:84:2B:56:E3:9B:14:52:D7:81:78:AB:98:EB:A7:93
Certificate issuer: /CN=0b62cf8cd90b69f936e82b57801cd779d72e3f3e
Certificate serial: 0186792388FE88C90EBDB833451DBAD40331
Authority key identifier: 0B:62:CF:8C:D9:0B:69:F9:36:E8:2B:57:80:1C:D7:79:D7:2E:3F:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C2LPjNkLafk26CtXgBzXedcuPz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/82cc5d-d6a8-4667-b049-967c57d5a361/1/Q6TNYhKEK1bjmxRS14F4q5jrp5M.roa
Signing time: Wed 22 Feb 2023 12:40:17 +0000
ROA not before: Wed 22 Feb 2023 12:40:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35467
IP address blocks: 194.53.216.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:79:23:88:fe:88:c9:0e:bd:b8:33:45:1d:ba:d4:03:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b62cf8cd90b69f936e82b57801cd779d72e3f3e
Validity
Not Before: Feb 22 12:40:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=43a4cd6212842b56e39b1452d78178ab98eba793
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:46:ba:d6:46:27:f9:e6:6e:ca:c9:9e:50:c2:
9c:e9:54:6b:78:98:4c:d2:7d:b7:57:90:84:68:cf:
8a:d7:71:24:04:5d:9e:56:ad:81:0b:f0:63:9d:92:
f3:cf:d7:71:b8:68:43:5e:f3:ff:e9:15:ca:fc:cf:
30:5d:26:ae:82:10:05:4c:f0:7a:76:66:50:a2:db:
24:62:ea:ac:45:48:ba:81:64:f0:c1:b1:6c:11:4e:
51:ca:c2:f4:40:05:fd:a0:e2:e8:ea:ac:f6:a8:37:
8c:94:0b:a9:46:ab:2a:22:2c:84:62:cb:a5:59:e2:
88:f2:4b:2c:3e:df:91:15:9b:c7:5a:c9:0d:5c:4d:
91:4f:41:3b:d5:61:19:54:e6:da:35:71:b8:ca:d2:
5a:fd:58:96:05:f1:8b:e8:46:f3:57:04:11:08:6f:
1c:1a:56:48:3a:e4:07:46:cd:46:65:96:dc:d6:de:
1f:dd:06:cb:f7:1e:27:39:fe:15:a5:d0:50:57:56:
fb:4a:97:b4:75:65:43:60:81:0e:25:59:80:18:e4:
e8:83:2c:be:2b:8e:c7:42:fc:f7:e6:58:98:28:fe:
f0:8e:7b:af:06:57:98:a1:4c:4a:3e:df:08:c8:28:
bb:9c:07:2e:81:af:ee:cd:19:23:6a:3c:b6:2a:63:
15:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:A4:CD:62:12:84:2B:56:E3:9B:14:52:D7:81:78:AB:98:EB:A7:93
X509v3 Authority Key Identifier:
keyid:0B:62:CF:8C:D9:0B:69:F9:36:E8:2B:57:80:1C:D7:79:D7:2E:3F:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C2LPjNkLafk26CtXgBzXedcuPz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/82cc5d-d6a8-4667-b049-967c57d5a361/1/Q6TNYhKEK1bjmxRS14F4q5jrp5M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/82cc5d-d6a8-4667-b049-967c57d5a361/1/C2LPjNkLafk26CtXgBzXedcuPz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.53.216.0/21
Signature Algorithm: sha256WithRSAEncryption
3d:d2:8a:e5:b5:17:ca:47:2e:5a:60:9c:9c:a4:14:f4:47:12:
57:f8:42:12:d5:ae:a8:55:da:25:26:1f:83:14:16:3a:6a:a5:
ec:d6:8f:7d:e8:ad:3a:18:ea:e3:d9:50:37:5f:07:db:f0:09:
11:7e:37:06:0a:46:b1:3e:65:30:6b:b3:fb:47:46:3e:ad:6a:
7a:75:25:3e:26:47:73:d4:3d:2b:27:58:a2:e4:e0:d4:34:26:
bc:2d:5a:58:b3:77:5d:37:c7:b2:e6:ec:a5:cd:69:2e:b8:c1:
4a:b7:7d:98:cc:14:4a:c7:85:58:6b:41:64:f1:d4:66:00:64:
15:6c:11:3d:77:e8:e0:8d:4d:78:60:ef:7c:b1:d3:30:00:de:
ba:22:64:e0:f6:d8:dd:93:9d:a6:04:c8:57:37:b8:a2:53:91:
b0:2d:24:0b:f3:eb:dd:d6:15:b3:23:8c:fa:88:de:86:33:db:
5a:37:87:e4:64:b5:aa:93:e2:32:df:20:5e:fb:59:c9:44:b1:
53:1c:6b:aa:99:25:56:c2:6b:d5:d1:c5:2d:55:2f:cd:d0:11:
02:67:d4:d6:fa:0a:56:47:31:a9:0d:f0:57:54:a4:73:ac:98:
31:73:a8:35:33:53:05:33:fd:17:e5:7e:e8:8d:d5:47:9b:b9:
c5:ac:88:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZ5I4j+iMkOvbgzRR261AMxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNjJjZjhjZDkwYjY5ZjkzNmU4MmI1NzgwMWNkNzc5ZDcy
ZTNmM2UwHhcNMjMwMjIyMTI0MDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2E0Y2Q2MjEyODQyYjU2ZTM5YjE0NTJkNzgxNzhhYjk4ZWJhNzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw0a61kYn+eZuysmeUMKc6VRreJhM
0n23V5CEaM+K13EkBF2eVq2BC/BjnZLzz9dxuGhDXvP/6RXK/M8wXSaughAFTPB6
dmZQotskYuqsRUi6gWTwwbFsEU5RysL0QAX9oOLo6qz2qDeMlAupRqsqIiyEYsul
WeKI8kssPt+RFZvHWskNXE2RT0E71WEZVObaNXG4ytJa/ViWBfGL6EbzVwQRCG8c
GlZIOuQHRs1GZZbc1t4f3QbL9x4nOf4VpdBQV1b7Spe0dWVDYIEOJVmAGOTogyy+
K47HQvz35liYKP7wjnuvBleYoUxKPt8IyCi7nAcuga/uzRkjajy2KmMVZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEOkzWIShCtW45sUUteBeKuY66eTMB8GA1UdIwQY
MBaAFAtiz4zZC2n5NugrV4Ac13nXLj8+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzJMUGpOa0xhZmsyNkN0WGdCelhlZGN1UHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC84MmNjNWQtZDZhOC00NjY3LWIwNDkt
OTY3YzU3ZDVhMzYxLzEvUTZUTlloS0VLMWJqbXhSUzE0RjRxNWpycDVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC84MmNjNWQtZDZhOC00NjY3LWIwNDktOTY3YzU3ZDVhMzYx
LzEvQzJMUGpOa0xhZmsyNkN0WGdCelhlZGN1UHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDwjXYMA0G
CSqGSIb3DQEBCwUAA4IBAQA90orltRfKRy5aYJycpBT0RxJX+EIS1a6oVdolJh+D
FBY6aqXs1o996K06GOrj2VA3Xwfb8AkRfjcGCkaxPmUwa7P7R0Y+rWp6dSU+Jkdz
1D0rJ1ii5ODUNCa8LVpYs3ddN8ey5uylzWkuuMFKt32YzBRKx4VYa0Fk8dRmAGQV
bBE9d+jgjU14YO98sdMwAN66ImTg9tjdk52mBMhXN7iiU5GwLSQL8+vd1hWzI4z6
iN6GM9taN4fkZLWqk+Iy3yBe+1nJRLFTHGuqmSVWwmvV0cUtVS/N0BECZ9TW+gpW
RzGpDfBXVKRzrJgxc6g1M1MFM/0X5X7ojdVHm7nFrIge
-----END CERTIFICATE-----
Generated at Fri May 16 14:51:48 2025 by rpki-client