Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/433edf-aaf8-4669-877c-e3781d8fe74c/1/qLQoJsZ2cnjeQGkszht8mFGfznU.roa
File: qLQoJsZ2cnjeQGkszht8mFGfznU.roa (raw, json)
Hash identifier: dbXMqGK8zMxBjjWBEcECZ3TtvRIUT6CEsjaQe5kg6dI=
Subject key identifier: A8:B4:28:26:C6:76:72:78:DE:40:69:2C:CE:1B:7C:98:51:9F:CE:75
Certificate issuer: /CN=6135c1f7b7140c872e7f3ff3462b4edc631d7674
Certificate serial: 02BF84B6
Authority key identifier: 61:35:C1:F7:B7:14:0C:87:2E:7F:3F:F3:46:2B:4E:DC:63:1D:76:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YTXB97cUDIcufz_zRitO3GMddnQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/433edf-aaf8-4669-877c-e3781d8fe74c/1/qLQoJsZ2cnjeQGkszht8mFGfznU.roa
Signing time: Sat 01 Jan 2022 11:01:11 +0000
ROA not before: Sat 01 Jan 2022 11:01:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 52000
IP address blocks: 194.147.148.0/24 maxlen: 24
194.147.149.0/24 maxlen: 24
194.147.115.0/24 maxlen: 24
2a0f:4240::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46105782 (0x2bf84b6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6135c1f7b7140c872e7f3ff3462b4edc631d7674
Validity
Not Before: Jan 1 11:01:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a8b42826c6767278de40692cce1b7c98519fce75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:8f:08:71:9b:6e:48:5a:87:66:1d:c2:66:62:
b7:87:38:d6:71:56:5c:41:a0:39:a4:db:13:4e:40:
f9:d4:42:14:97:92:cf:6a:d4:8b:70:19:c7:87:ed:
53:14:c9:85:0e:0e:19:07:90:91:37:2d:02:84:d5:
0e:7c:3e:5f:96:bd:2b:82:18:b3:24:89:c9:ce:3d:
22:74:ac:9b:17:b5:29:ed:d5:a4:c3:f8:89:b5:df:
a1:7a:2e:03:5a:52:d2:bb:fb:97:a3:aa:e9:79:14:
06:a8:c7:59:e1:30:c4:75:ce:fc:97:95:c0:36:39:
3c:77:f9:42:41:75:80:fd:fc:c1:8c:3f:3e:8f:b5:
04:8a:9b:0b:c3:0d:42:20:39:e2:2c:17:30:23:61:
0d:d3:a8:58:9b:02:b8:8a:75:aa:60:08:f5:63:2c:
f2:90:6d:e8:b2:77:7f:fa:ba:99:1d:76:10:77:d6:
ae:75:a4:6c:2e:db:dd:c4:c8:82:48:c5:50:bd:c1:
65:70:93:63:b7:a6:70:4b:d8:c9:37:c2:18:d0:fa:
91:f1:c3:d8:b3:c2:6d:ba:ed:4d:3b:66:cb:e4:56:
52:bd:d3:9a:91:7f:ef:50:67:0c:ec:18:26:84:ae:
10:c6:94:45:80:5d:3c:18:20:fe:22:d1:09:c4:37:
90:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:B4:28:26:C6:76:72:78:DE:40:69:2C:CE:1B:7C:98:51:9F:CE:75
X509v3 Authority Key Identifier:
keyid:61:35:C1:F7:B7:14:0C:87:2E:7F:3F:F3:46:2B:4E:DC:63:1D:76:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YTXB97cUDIcufz_zRitO3GMddnQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/433edf-aaf8-4669-877c-e3781d8fe74c/1/qLQoJsZ2cnjeQGkszht8mFGfznU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/433edf-aaf8-4669-877c-e3781d8fe74c/1/YTXB97cUDIcufz_zRitO3GMddnQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.147.115.0/24
194.147.148.0/23
IPv6:
2a0f:4240::/29
Signature Algorithm: sha256WithRSAEncryption
42:97:fe:75:f0:21:79:a5:e0:7a:2f:f4:5b:8b:b8:90:30:0d:
54:21:5e:df:48:ab:f3:e1:b8:97:1d:ae:65:59:05:78:3a:48:
ae:79:1a:6e:5f:e4:8e:1f:77:16:d6:32:59:02:ee:1b:67:ef:
a1:01:55:34:b6:0e:66:69:7f:19:e6:8f:9f:c4:01:20:ee:49:
fa:1f:58:12:b7:17:1f:b1:2f:5c:df:92:b7:49:e8:00:49:85:
94:4a:bd:04:64:44:35:45:dc:1a:5a:ff:cb:8c:5c:13:63:0a:
32:9c:c1:5e:2f:4e:73:29:b0:98:91:50:83:80:ca:2f:5f:cd:
c1:8e:a3:d9:97:24:0e:74:d3:69:26:79:0a:00:df:97:76:df:
4e:d6:69:fd:e9:92:5f:e8:6d:b7:e8:23:d1:b5:29:b9:e8:09:
8f:74:a2:60:36:79:c9:aa:5e:59:6a:22:cf:ab:08:87:96:c2:
ed:93:3c:cd:69:70:93:83:23:68:5b:8b:67:01:84:55:aa:d9:
96:81:ed:68:26:bb:e4:df:c4:19:33:f3:33:a5:c5:85:7e:db:
38:31:68:c8:57:9f:46:33:26:90:ef:62:6e:c5:aa:39:da:ed:
83:a1:13:af:55:52:cf:a0:c6:49:c7:80:a6:13:76:59:dd:57:
f1:63:f6:1a
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEAr+EtjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MTM1YzFmN2I3MTQwYzg3MmU3ZjNmZjM0NjJiNGVkYzYzMWQ3Njc0MB4XDTIyMDEw
MTExMDExMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYThiNDI4MjZjNjc2
NzI3OGRlNDA2OTJjY2UxYjdjOTg1MTlmY2U3NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOGPCHGbbkhah2YdwmZit4c41nFWXEGgOaTbE05A+dRCFJeS
z2rUi3AZx4ftUxTJhQ4OGQeQkTctAoTVDnw+X5a9K4IYsySJyc49InSsmxe1Ke3V
pMP4ibXfoXouA1pS0rv7l6Oq6XkUBqjHWeEwxHXO/JeVwDY5PHf5QkF1gP38wYw/
Po+1BIqbC8MNQiA54iwXMCNhDdOoWJsCuIp1qmAI9WMs8pBt6LJ3f/q6mR12EHfW
rnWkbC7b3cTIgkjFUL3BZXCTY7emcEvYyTfCGND6kfHD2LPCbbrtTTtmy+RWUr3T
mpF/71BnDOwYJoSuEMaURYBdPBgg/iLRCcQ3kN8CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSotCgmxnZyeN5AaSzOG3yYUZ/OdTAfBgNVHSMEGDAWgBRhNcH3txQMhy5/
P/NGK07cYx12dDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lUWEI5N2NVREljdWZ6X3pSaXRPM0dNZGRuUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDEvNDMzZWRmLWFhZjgtNDY2OS04NzdjLWUzNzgxZDhmZTc0Yy8x
L3FMUW9Kc1oyY25qZVFHa3N6aHQ4bUZHZnpuVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDEv
NDMzZWRmLWFhZjgtNDY2OS04NzdjLWUzNzgxZDhmZTc0Yy8xL1lUWEI5N2NVRElj
dWZ6X3pSaXRPM0dNZGRuUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAMKTcwMEAcKTlDANBAIAAjAHAwUD
Kg9CQDANBgkqhkiG9w0BAQsFAAOCAQEAQpf+dfAheaXgei/0W4u4kDANVCFe30ir
8+G4lx2uZVkFeDpIrnkabl/kjh93FtYyWQLuG2fvoQFVNLYOZml/GeaPn8QBIO5J
+h9YErcXH7EvXN+St0noAEmFlEq9BGRENUXcGlr/y4xcE2MKMpzBXi9OcymwmJFQ
g4DKL1/NwY6j2ZckDnTTaSZ5CgDfl3bfTtZp/emSX+htt+gj0bUpuegJj3SiYDZ5
yapeWWoiz6sIh5bC7ZM8zWlwk4MjaFuLZwGEVarZloHtaCa75N/EGTPzM6XFhX7b
ODFoyFefRjMmkO9ibsWqOdrtg6ETr1VSz6DGSceAphN2Wd1X8WP2Gg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:45 2025 by rpki-client