Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/aa95e3-5082-4fa7-a7ab-94cf3a35bf8c/1/pqH9EiP-MHTY-KFbquuqAYMvRBw.roa
File: pqH9EiP-MHTY-KFbquuqAYMvRBw.roa (raw, json)
Hash identifier: CuGv72FzK4tT8xvczJcuuxNSfr8+Bxdo9UFShPj8stU=
Subject key identifier: A6:A1:FD:12:23:FE:30:74:D8:F8:A1:5B:AA:EB:AA:01:83:2F:44:1C
Certificate issuer: /CN=08092d27478143c6ae3905c47f5847df9c02f413
Certificate serial: 03D1CA8E
Authority key identifier: 08:09:2D:27:47:81:43:C6:AE:39:05:C4:7F:58:47:DF:9C:02:F4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAktJ0eBQ8auOQXEf1hH35wC9BM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/aa95e3-5082-4fa7-a7ab-94cf3a35bf8c/1/pqH9EiP-MHTY-KFbquuqAYMvRBw.roa
Signing time: Sat 01 Jan 2022 10:58:57 +0000
ROA not before: Sat 01 Jan 2022 10:58:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199235
IP address blocks: 185.83.224.0/22 maxlen: 22
89.147.124.0/22 maxlen: 22
37.143.72.0/22 maxlen: 22
2a02:6f40::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64080526 (0x3d1ca8e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08092d27478143c6ae3905c47f5847df9c02f413
Validity
Not Before: Jan 1 10:58:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a6a1fd1223fe3074d8f8a15baaebaa01832f441c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:da:6d:36:b6:fa:d3:6e:69:9e:ed:f8:e7:6a:
d7:56:f0:9a:3b:b5:56:83:b7:37:f0:48:4d:09:35:
b9:a5:77:1c:d8:59:3c:36:10:83:5d:df:3a:7a:ae:
2f:cc:a2:9e:bb:41:3e:23:8e:dc:c9:19:8a:68:b2:
1b:a1:6d:9a:57:1f:17:a2:48:18:63:64:06:a0:da:
07:e6:38:9c:3d:3d:03:3f:7d:8e:86:7c:14:8c:0a:
ad:57:ee:a9:83:18:05:3f:3a:5e:f8:85:ff:74:73:
cc:00:a3:1a:db:ce:ae:1d:06:eb:51:6e:50:67:18:
e5:c3:24:ba:bd:cc:dd:11:8b:5a:68:d6:fb:f2:8b:
eb:64:ae:b5:f5:4c:82:a5:1f:26:1c:06:a6:a2:a6:
6e:d6:ae:09:c3:ac:08:2c:b0:1b:2e:be:25:5b:31:
46:3c:90:35:0a:9e:2c:7e:50:2d:68:95:7b:98:81:
0c:bf:d5:4c:d5:d6:a7:53:bd:58:1e:31:8b:37:e5:
95:ce:6a:22:f9:9d:e9:86:e0:78:34:4a:6e:40:ef:
93:71:84:a7:95:59:34:bd:69:f8:a8:db:5b:e4:63:
c0:9d:b9:c8:78:92:0b:ff:48:cb:54:93:37:6c:96:
d2:35:a1:e7:67:5b:7a:1f:75:25:f5:81:6f:9f:39:
7b:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:A1:FD:12:23:FE:30:74:D8:F8:A1:5B:AA:EB:AA:01:83:2F:44:1C
X509v3 Authority Key Identifier:
keyid:08:09:2D:27:47:81:43:C6:AE:39:05:C4:7F:58:47:DF:9C:02:F4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAktJ0eBQ8auOQXEf1hH35wC9BM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/aa95e3-5082-4fa7-a7ab-94cf3a35bf8c/1/pqH9EiP-MHTY-KFbquuqAYMvRBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/aa95e3-5082-4fa7-a7ab-94cf3a35bf8c/1/CAktJ0eBQ8auOQXEf1hH35wC9BM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.143.72.0/22
89.147.124.0/22
185.83.224.0/22
IPv6:
2a02:6f40::/32
Signature Algorithm: sha256WithRSAEncryption
3a:98:6d:7e:e8:81:26:df:6f:b7:2b:1e:a9:58:dd:6b:ab:b9:
84:78:8a:d7:30:5d:33:d6:3f:f2:4a:45:4e:7f:a4:b2:da:b6:
ac:9b:80:d9:56:d1:a2:2b:5d:b6:16:ee:3c:e9:54:8d:01:9f:
29:13:4b:0b:d6:06:11:40:80:77:da:e9:c0:9f:dc:88:8d:0f:
df:45:db:3a:6c:82:c4:2d:ac:49:cd:ab:f8:ee:82:aa:4d:7b:
65:2c:0b:0c:2f:d6:18:e5:d3:3b:4b:c7:87:95:01:fa:a3:50:
4e:44:73:ed:49:86:8a:e7:d6:53:22:9d:b7:63:b0:7c:11:97:
fe:44:5b:cb:88:ed:f5:ec:bf:9a:60:94:55:d6:0d:92:6a:7b:
c1:2a:3c:b0:e5:cb:65:db:92:c6:2c:1a:b1:48:e8:b8:2c:e7:
fe:f5:34:a7:07:69:e7:de:2b:e9:f6:8b:0c:73:74:48:de:a8:
6f:ed:b6:c3:64:2f:dc:b0:64:ed:4f:0f:ca:cc:ef:a7:2e:69:
c9:cd:45:ba:60:ab:66:d0:6e:92:15:2f:50:03:b3:81:ba:cf:
c5:9a:39:66:14:9e:64:a6:ee:d1:b2:83:eb:4b:df:eb:58:0f:
a5:9a:0d:7b:7e:04:9b:bb:ec:64:59:e1:11:9d:3f:c6:6f:24:
79:35:5c:76
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEA9HKjjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ODA5MmQyNzQ3ODE0M2M2YWUzOTA1YzQ3ZjU4NDdkZjljMDJmNDEzMB4XDTIyMDEw
MTEwNTg1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTZhMWZkMTIyM2Zl
MzA3NGQ4ZjhhMTViYWFlYmFhMDE4MzJmNDQxYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANTabTa2+tNuaZ7t+Odq11bwmju1VoO3N/BITQk1uaV3HNhZ
PDYQg13fOnquL8yinrtBPiOO3MkZimiyG6FtmlcfF6JIGGNkBqDaB+Y4nD09Az99
joZ8FIwKrVfuqYMYBT86XviF/3RzzACjGtvOrh0G61FuUGcY5cMkur3M3RGLWmjW
+/KL62SutfVMgqUfJhwGpqKmbtauCcOsCCywGy6+JVsxRjyQNQqeLH5QLWiVe5iB
DL/VTNXWp1O9WB4xizfllc5qIvmd6YbgeDRKbkDvk3GEp5VZNL1p+KjbW+RjwJ25
yHiSC/9Iy1STN2yW0jWh52dbeh91JfWBb585e4ECAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBSmof0SI/4wdNj4oVuq66oBgy9EHDAfBgNVHSMEGDAWgBQICS0nR4FDxq45
BcR/WEffnAL0EzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NBa3RKMGVCUThhdU9RWEVmMWhIMzV3QzlCTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWIvYWE5NWUzLTUwODItNGZhNy1hN2FiLTk0Y2YzYTM1YmY4Yy8x
L3BxSDlFaVAtTUhUWS1LRmJxdXVxQVlNdlJCdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWIv
YWE5NWUzLTUwODItNGZhNy1hN2FiLTk0Y2YzYTM1YmY4Yy8xL0NBa3RKMGVCUThh
dU9RWEVmMWhIMzV3QzlCTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAiWPSAMEAlmTfAMEArlT4DANBAIA
AjAHAwUAKgJvQDANBgkqhkiG9w0BAQsFAAOCAQEAOphtfuiBJt9vtyseqVjda6u5
hHiK1zBdM9Y/8kpFTn+kstq2rJuA2VbRoitdthbuPOlUjQGfKRNLC9YGEUCAd9rp
wJ/ciI0P30XbOmyCxC2sSc2r+O6Cqk17ZSwLDC/WGOXTO0vHh5UB+qNQTkRz7UmG
iufWUyKdt2OwfBGX/kRby4jt9ey/mmCUVdYNkmp7wSo8sOXLZduSxiwasUjouCzn
/vU0pwdp594r6faLDHN0SN6ob+22w2Qv3LBk7U8Pyszvpy5pyc1FumCrZtBukhUv
UAOzgbrPxZo5ZhSeZKbu0bKD60vf61gPpZoNe34Em7vsZFnhEZ0/xm8keTVcdg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:59 2025 by rpki-client