Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/qTaGhpa6oxjHhe1SKe1OE2wrh7E.roa
File: qTaGhpa6oxjHhe1SKe1OE2wrh7E.roa (raw, json)
Hash identifier: 2/2uQkb68HOgMzUtWsS1e9p8mWovmF6TQWo3STisc30=
Subject key identifier: A9:36:86:86:96:BA:A3:18:C7:85:ED:52:29:ED:4E:13:6C:2B:87:B1
Certificate issuer: /CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Certificate serial: 0187BD3AD671EF15996CEE1BC77BFA9A3F07
Authority key identifier: E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/qTaGhpa6oxjHhe1SKe1OE2wrh7E.roa
Signing time: Wed 26 Apr 2023 11:02:42 +0000
ROA not before: Wed 26 Apr 2023 11:02:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13186
IP address blocks: 212.80.160.0/19 maxlen: 24
213.170.32.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:bd:3a:d6:71:ef:15:99:6c:ee:1b:c7:7b:fa:9a:3f:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Validity
Not Before: Apr 26 11:02:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a936868696baa318c785ed5229ed4e136c2b87b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:72:21:88:7e:ea:1a:09:b2:2e:07:13:23:69:
bd:a1:b0:0f:db:20:f4:43:eb:ba:0f:88:a9:65:2e:
b0:58:bc:54:06:9f:20:41:b2:b7:6d:d9:e3:85:e2:
50:ed:55:15:e4:d0:ca:b0:14:29:43:ac:35:03:b3:
4f:b0:15:65:8b:89:a2:5c:67:b1:4e:11:18:5b:55:
19:a6:6d:ca:33:03:e5:34:83:8b:d2:2d:9f:4b:16:
59:54:12:a0:46:93:8a:9f:9c:92:d1:33:00:16:c8:
57:0e:92:60:53:a2:30:0e:ba:58:43:40:fa:62:56:
04:82:6a:10:57:47:8e:e7:7a:b6:ad:a8:4a:c5:93:
dc:28:c2:a8:0b:14:a9:aa:ee:bc:bd:3e:23:77:3c:
0f:3d:55:44:df:82:ef:95:5a:22:ae:ac:a7:45:57:
5b:0f:3b:6f:82:d6:82:a3:af:e8:d7:75:16:95:d0:
1b:be:a0:7b:6c:4e:09:2b:3e:ed:09:f5:89:83:9f:
9a:22:47:8e:59:98:9a:24:c9:a6:ad:ad:eb:bb:7a:
d6:d8:fe:6f:81:bb:40:e9:15:e2:45:f9:f0:52:4b:
e7:9e:a4:a0:c5:33:e4:f1:aa:af:a6:4f:aa:ff:8c:
8b:28:92:0e:e5:dd:e6:9b:0a:67:93:20:49:74:6b:
3d:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:36:86:86:96:BA:A3:18:C7:85:ED:52:29:ED:4E:13:6C:2B:87:B1
X509v3 Authority Key Identifier:
keyid:E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/qTaGhpa6oxjHhe1SKe1OE2wrh7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/6EA7XkXNWL5fbF0z-lZatJIj49s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.80.160.0/19
213.170.32.0/19
Signature Algorithm: sha256WithRSAEncryption
39:2d:80:7c:2c:c1:a1:d1:cf:03:8a:4b:d7:e6:c4:17:e0:28:
87:c5:1b:2f:bd:58:7d:fa:46:2b:07:66:d6:1d:49:e3:0d:25:
15:6b:d7:ea:55:a9:f4:99:3c:25:25:c0:a7:6f:e1:ff:20:07:
a5:41:5a:15:79:40:fc:1a:69:46:17:e3:46:e0:12:d3:f9:11:
cd:20:d8:cb:f5:2f:2d:74:fd:35:76:54:fc:ff:e1:a3:6f:0d:
f4:46:35:6d:58:40:eb:ed:9d:e5:ef:85:94:9e:9f:e4:c1:e1:
d6:a2:44:1a:e3:0f:fd:8d:c0:6e:2b:57:df:2c:82:eb:a7:99:
b1:d3:db:79:2e:d6:0d:aa:17:e0:d2:ab:56:41:5d:50:bb:05:
1e:14:a3:bf:83:d6:00:56:8f:df:f2:e4:86:25:e1:b9:9f:2f:
39:61:ca:f7:51:b3:38:c3:68:19:73:8b:24:f7:94:ba:90:fd:
92:f8:a8:2c:3d:cc:ee:e8:12:9a:0b:09:f1:0a:ca:0a:d2:6d:
9f:78:31:a3:8a:78:d4:28:d8:22:f9:59:37:3b:f8:41:48:08:
4d:22:b4:1d:11:c1:7f:f9:1e:8f:1d:2f:9c:8c:5d:29:fe:5b:
aa:60:50:c7:f9:bc:d0:2a:79:48:17:20:5d:be:97:c1:c2:05:
c8:92:e4:9e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYe9OtZx7xWZbO4bx3v6mj8HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NDAzYjVlNDVjZDU4YmU1ZjZjNWQzM2ZhNTY1YWI0OTIy
M2UzZGIwHhcNMjMwNDI2MTEwMjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTM2ODY4Njk2YmFhMzE4Yzc4NWVkNTIyOWVkNGUxMzZjMmI4N2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp3IhiH7qGgmyLgcTI2m9obAP2yD0
Q+u6D4ipZS6wWLxUBp8gQbK3bdnjheJQ7VUV5NDKsBQpQ6w1A7NPsBVli4miXGex
ThEYW1UZpm3KMwPlNIOL0i2fSxZZVBKgRpOKn5yS0TMAFshXDpJgU6IwDrpYQ0D6
YlYEgmoQV0eO53q2rahKxZPcKMKoCxSpqu68vT4jdzwPPVVE34LvlVoirqynRVdb
DztvgtaCo6/o13UWldAbvqB7bE4JKz7tCfWJg5+aIkeOWZiaJMmmra3ru3rW2P5v
gbtA6RXiRfnwUkvnnqSgxTPk8aqvpk+q/4yLKJIO5d3mmwpnkyBJdGs94wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKk2hoaWuqMYx4XtUintThNsK4exMB8GA1UdIwQY
MBaAFOhAO15FzVi+X2xdM/pWWrSSI+PbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkVBN1hrWE5XTDVmYkYwei1sWmF0SklqNDlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy84OTc2ZWQtZGEwYS00OWE1LWE3NTEt
YTg3MWVjYzIxMmE2LzEvcVRhR2hwYTZveGpIaGUxU0tlMU9FMndyaDdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy84OTc2ZWQtZGEwYS00OWE1LWE3NTEtYTg3MWVjYzIxMmE2
LzEvNkVBN1hrWE5XTDVmYkYwei1sWmF0SklqNDlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQF1FCgAwQF
1aogMA0GCSqGSIb3DQEBCwUAA4IBAQA5LYB8LMGh0c8DikvX5sQX4CiHxRsvvVh9
+kYrB2bWHUnjDSUVa9fqVan0mTwlJcCnb+H/IAelQVoVeUD8GmlGF+NG4BLT+RHN
INjL9S8tdP01dlT8/+Gjbw30RjVtWEDr7Z3l74WUnp/kweHWokQa4w/9jcBuK1ff
LILrp5mx09t5LtYNqhfg0qtWQV1QuwUeFKO/g9YAVo/f8uSGJeG5ny85Ycr3UbM4
w2gZc4sk95S6kP2S+KgsPczu6BKaCwnxCsoK0m2feDGjinjUKNgi+Vk3O/hBSAhN
IrQdEcF/+R6PHS+cjF0p/luqYFDH+bzQKnlIFyBdvpfBwgXIkuSe
-----END CERTIFICATE-----
Generated at Tue May 13 23:02:26 2025 by rpki-client