Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/q_htlLmDNpsRIVgNcsjpG0zZjC4.roa
File: q_htlLmDNpsRIVgNcsjpG0zZjC4.roa (raw, json)
Hash identifier: NmMkP663XS+wPAvDdt493SLZOD3B5Nrbnh16HLqdOa4=
Subject key identifier: AB:F8:6D:94:B9:83:36:9B:11:21:58:0D:72:C8:E9:1B:4C:D9:8C:2E
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 01857246C157B3E74B10210BEB86C369239A
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/q_htlLmDNpsRIVgNcsjpG0zZjC4.roa
Signing time: Mon 02 Jan 2023 11:38:37 +0000
ROA not before: Mon 02 Jan 2023 11:38:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47498
IP address blocks: 185.1.147.0/24 maxlen: 24
2001:7f8:ca::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:c1:57:b3:e7:4b:10:21:0b:eb:86:c3:69:23:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 2 11:38:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=abf86d94b983369b1121580d72c8e91b4cd98c2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:39:b7:2a:3b:d4:54:12:15:11:5b:7e:c0:4f:
6d:c0:ea:e8:53:a7:dd:67:b4:b5:9e:d6:1b:09:f4:
2a:5e:17:b5:d9:dd:a1:27:d5:db:ca:82:d1:2c:bc:
67:d3:ac:9b:bf:3d:2a:d0:a6:04:4f:a4:28:79:fb:
b1:79:ed:32:76:5f:47:87:ae:e9:c5:a8:d8:c3:f5:
1a:5c:8e:1e:f6:7f:06:1a:ba:be:3a:86:df:bf:db:
aa:af:37:c3:cf:65:d9:59:c1:d8:8e:0d:59:22:87:
24:ee:6e:6c:7d:c4:6a:8f:f2:a2:ab:62:ca:5c:ab:
a5:45:d9:c4:1d:cd:2c:72:fc:af:30:86:dd:07:ef:
b2:19:80:73:0c:0f:2c:c0:29:9b:5a:ab:47:ff:c8:
4b:ee:fc:41:6f:4c:d1:e0:7d:87:56:16:9f:56:48:
e0:83:45:b9:63:64:89:54:6f:b7:da:7c:05:66:fa:
4b:e8:68:88:de:e8:5c:00:6f:74:a9:da:cd:e3:61:
8a:4a:8c:d5:71:de:35:2a:40:59:f4:c6:a2:a2:dc:
78:fd:97:ba:08:7a:03:41:80:03:e6:ba:e1:18:56:
96:93:24:c0:4b:45:81:78:29:bf:60:03:46:ea:9c:
8b:72:9e:df:84:cc:f5:c9:97:3e:3c:ba:0b:bc:97:
f3:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:F8:6D:94:B9:83:36:9B:11:21:58:0D:72:C8:E9:1B:4C:D9:8C:2E
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/q_htlLmDNpsRIVgNcsjpG0zZjC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.147.0/24
IPv6:
2001:7f8:ca::/48
Signature Algorithm: sha256WithRSAEncryption
59:34:bf:87:51:f2:8a:ce:60:79:13:6e:60:b5:fc:6d:dc:c2:
d1:a6:33:15:de:46:c8:6a:bf:7f:d4:62:1a:2e:1c:5c:eb:a0:
01:55:85:01:d4:27:e6:61:31:4e:ba:33:90:ee:31:33:ac:79:
4e:22:33:7e:e4:17:17:4b:3d:76:8a:02:b0:ea:f2:3b:67:c9:
74:81:80:65:6e:bb:a4:a8:0d:ce:2a:0b:4c:36:28:d6:a4:e7:
cb:23:e0:3c:83:18:d6:45:d5:08:03:3b:d5:56:3b:ac:75:5b:
89:8c:24:8a:81:a3:a4:ea:3f:5b:8b:0e:3a:d5:3e:55:50:69:
94:0c:b0:08:98:bc:d7:89:f5:c5:23:f4:d0:2d:80:58:4d:b5:
aa:25:2f:0a:53:be:54:98:a3:b4:85:21:54:af:cc:9e:04:64:
bd:eb:30:4f:c1:3d:c2:9d:6c:4f:5b:4d:e1:f2:68:56:4d:be:
0d:54:ee:85:f5:a8:4c:bc:67:99:14:6d:39:f2:84:32:fb:e3:
53:e8:ce:4d:92:76:0b:99:de:5f:c6:bd:a4:8d:5e:c3:b1:68:
b0:f4:0a:01:74:ab:b2:0d:d0:b9:4b:0c:e5:59:4e:ee:5f:60:
e1:bb:87:fb:65:44:7b:30:33:cc:f4:a1:a9:bd:ee:2c:32:41:
e7:7e:84:26
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVyRsFXs+dLECEL64bDaSOaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjMwMTAyMTEzODM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmY4NmQ5NGI5ODMzNjliMTEyMTU4MGQ3MmM4ZTkxYjRjZDk4YzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhTm3KjvUVBIVEVt+wE9twOroU6fd
Z7S1ntYbCfQqXhe12d2hJ9XbyoLRLLxn06ybvz0q0KYET6Qoefuxee0ydl9Hh67p
xajYw/UaXI4e9n8GGrq+Oobfv9uqrzfDz2XZWcHYjg1ZIock7m5sfcRqj/Kiq2LK
XKulRdnEHc0scvyvMIbdB++yGYBzDA8swCmbWqtH/8hL7vxBb0zR4H2HVhafVkjg
g0W5Y2SJVG+32nwFZvpL6GiI3uhcAG90qdrN42GKSozVcd41KkBZ9Maiotx4/Ze6
CHoDQYAD5rrhGFaWkyTAS0WBeCm/YANG6pyLcp7fhMz1yZc+PLoLvJfzxwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKv4bZS5gzabESFYDXLI6RtM2YwuMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvcV9odGxMbUROcHNSSVZnTmNzanBHMHpaakM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuQGTMA8E
AgACMAkDBwAgAQf4AMowDQYJKoZIhvcNAQELBQADggEBAFk0v4dR8orOYHkTbmC1
/G3cwtGmMxXeRshqv3/UYhouHFzroAFVhQHUJ+ZhMU66M5DuMTOseU4iM37kFxdL
PXaKArDq8jtnyXSBgGVuu6SoDc4qC0w2KNak58sj4DyDGNZF1QgDO9VWO6x1W4mM
JIqBo6TqP1uLDjrVPlVQaZQMsAiYvNeJ9cUj9NAtgFhNtaolLwpTvlSYo7SFIVSv
zJ4EZL3rME/BPcKdbE9bTeHyaFZNvg1U7oX1qEy8Z5kUbTnyhDL741Pozk2SdguZ
3l/GvaSNXsOxaLD0CgF0q7IN0LlLDOVZTu5fYOG7h/tlRHswM8z0oam97iwyQed+
hCY=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:40:06 2025 by rpki-client