Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/f98dce-992d-4f64-bc38-b36b8e892c6c/1/qeErVBpXPLJiFgjPf_GPtwH8HnQ.roa
File: qeErVBpXPLJiFgjPf_GPtwH8HnQ.roa (raw, json)
Hash identifier: hP0GBqgcqEnuoFrfFF12YWkwvyD3kt1Vr0SG8Vyo/oM=
Subject key identifier: A9:E1:2B:54:1A:57:3C:B2:62:16:08:CF:7F:F1:8F:B7:01:FC:1E:74
Certificate issuer: /CN=28992ebb83eb8b73a2a21e5b033dbdeb1df4f23d
Certificate serial: 0185B5426FC2AFF75C5768987F3804A3E62C
Authority key identifier: 28:99:2E:BB:83:EB:8B:73:A2:A2:1E:5B:03:3D:BD:EB:1D:F4:F2:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KJkuu4Pri3Oioh5bAz296x308j0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/f98dce-992d-4f64-bc38-b36b8e892c6c/1/qeErVBpXPLJiFgjPf_GPtwH8HnQ.roa
Signing time: Sun 15 Jan 2023 11:48:28 +0000
ROA not before: Sun 15 Jan 2023 11:48:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197645
IP address blocks: 185.146.96.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:b5:42:6f:c2:af:f7:5c:57:68:98:7f:38:04:a3:e6:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28992ebb83eb8b73a2a21e5b033dbdeb1df4f23d
Validity
Not Before: Jan 15 11:48:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9e12b541a573cb2621608cf7ff18fb701fc1e74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:90:5f:2d:35:2e:33:6d:23:a5:26:09:fa:65:
f7:d5:ba:0b:f8:a1:05:fa:a3:40:3a:53:74:f4:43:
14:c1:4a:66:9e:6a:3c:9c:80:22:25:17:e8:6b:07:
f4:3f:8c:c8:a0:96:43:3d:91:a8:14:17:b3:d8:f8:
e8:70:a7:39:3e:6f:3a:ed:bf:ec:3c:1b:20:82:e2:
9a:bd:bd:1c:8b:e9:39:d0:c1:cb:72:8c:4a:c6:36:
b9:d7:65:ff:04:0b:63:99:51:2f:b1:0b:3b:11:bc:
7d:38:b0:65:0f:e0:41:37:4b:0a:3b:22:85:38:04:
e0:ad:2c:36:05:17:a7:cd:38:0b:0b:bd:77:09:13:
3f:7b:23:1d:63:0d:f7:4f:79:02:e4:0d:09:ee:86:
a7:8b:ca:b6:1a:a1:0c:35:a7:f3:2d:64:61:6a:db:
66:72:91:b1:99:3a:0e:72:a7:97:78:a1:23:34:74:
fd:a2:a9:fa:9a:98:e4:ec:0e:b5:11:9c:9a:b7:dd:
44:07:f5:71:6c:a7:9e:2d:7a:38:b4:70:60:cc:2e:
25:cd:5f:86:c8:4e:15:a1:b0:7f:f6:ac:f3:86:07:
d8:f8:50:c7:88:08:b4:1d:7d:69:cb:0e:3a:cb:df:
a0:55:18:f5:95:2d:5e:06:b4:aa:17:8c:93:cc:db:
08:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:E1:2B:54:1A:57:3C:B2:62:16:08:CF:7F:F1:8F:B7:01:FC:1E:74
X509v3 Authority Key Identifier:
keyid:28:99:2E:BB:83:EB:8B:73:A2:A2:1E:5B:03:3D:BD:EB:1D:F4:F2:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KJkuu4Pri3Oioh5bAz296x308j0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/f98dce-992d-4f64-bc38-b36b8e892c6c/1/qeErVBpXPLJiFgjPf_GPtwH8HnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/f98dce-992d-4f64-bc38-b36b8e892c6c/1/KJkuu4Pri3Oioh5bAz296x308j0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.146.96.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:b8:b7:96:eb:a6:09:33:ad:4f:33:01:7a:b3:56:d3:7d:75:
a6:6c:94:e1:20:42:8f:d1:10:ed:20:c1:91:8e:35:d8:87:69:
a1:82:db:97:a6:a1:48:73:01:76:da:09:e2:5f:df:c0:74:b6:
35:47:a9:5f:dd:91:5f:b3:da:d8:a3:e7:61:e9:6f:b5:48:1f:
2d:16:73:51:96:6e:92:d6:45:3e:4a:1d:c4:23:72:e4:1c:19:
e7:a7:8c:83:de:71:1e:87:df:63:79:49:7c:12:f9:54:f7:94:
a7:ea:26:95:d3:f2:ed:f7:f5:f7:52:1e:77:05:0d:c2:79:1b:
9b:02:d0:51:26:9d:4d:fb:0e:3a:cb:06:fd:96:30:01:b6:18:
84:b2:4c:01:be:8e:f7:4b:56:13:69:7f:5a:a8:49:05:84:e6:
76:57:15:f3:5a:a4:8b:ae:83:83:7e:87:16:87:f8:0a:c3:da:
2d:eb:44:7b:77:95:15:f9:30:81:12:67:18:65:7a:f4:7b:39:
cc:95:e7:5c:d5:85:9a:f6:74:7a:92:a6:02:63:a0:2e:1f:4b:
6e:a4:62:dd:c0:cd:04:a5:13:d2:b4:53:fe:ce:e3:12:ed:70:
13:3f:a9:cb:43:ae:ea:3f:e3:b2:89:41:8d:02:22:c1:86:a2:
f1:4b:81:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYW1Qm/Cr/dcV2iYfzgEo+YsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4OTkyZWJiODNlYjhiNzNhMmEyMWU1YjAzM2RiZGViMWRm
NGYyM2QwHhcNMjMwMTE1MTE0ODI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWUxMmI1NDFhNTczY2IyNjIxNjA4Y2Y3ZmYxOGZiNzAxZmMxZTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgpBfLTUuM20jpSYJ+mX31boL+KEF
+qNAOlN09EMUwUpmnmo8nIAiJRfoawf0P4zIoJZDPZGoFBez2PjocKc5Pm867b/s
PBsgguKavb0ci+k50MHLcoxKxja512X/BAtjmVEvsQs7Ebx9OLBlD+BBN0sKOyKF
OATgrSw2BRenzTgLC713CRM/eyMdYw33T3kC5A0J7oani8q2GqEMNafzLWRhattm
cpGxmToOcqeXeKEjNHT9oqn6mpjk7A61EZyat91EB/VxbKeeLXo4tHBgzC4lzV+G
yE4VobB/9qzzhgfY+FDHiAi0HX1pyw46y9+gVRj1lS1eBrSqF4yTzNsIVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKnhK1QaVzyyYhYIz3/xj7cB/B50MB8GA1UdIwQY
MBaAFCiZLruD64tzoqIeWwM9vesd9PI9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0prdXU0UHJpM09pb2g1YkF6Mjk2eDMwOGowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9mOThkY2UtOTkyZC00ZjY0LWJjMzgt
YjM2YjhlODkyYzZjLzEvcWVFclZCcFhQTEppRmdqUGZfR1B0d0g4SG5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9mOThkY2UtOTkyZC00ZjY0LWJjMzgtYjM2YjhlODkyYzZj
LzEvS0prdXU0UHJpM09pb2g1YkF6Mjk2eDMwOGowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZJgMA0G
CSqGSIb3DQEBCwUAA4IBAQAPuLeW66YJM61PMwF6s1bTfXWmbJThIEKP0RDtIMGR
jjXYh2mhgtuXpqFIcwF22gniX9/AdLY1R6lf3ZFfs9rYo+dh6W+1SB8tFnNRlm6S
1kU+Sh3EI3LkHBnnp4yD3nEeh99jeUl8EvlU95Sn6iaV0/Lt9/X3Uh53BQ3CeRub
AtBRJp1N+w46ywb9ljABthiEskwBvo73S1YTaX9aqEkFhOZ2VxXzWqSLroODfocW
h/gKw9ot60R7d5UV+TCBEmcYZXr0eznMledc1YWa9nR6kqYCY6AuH0tupGLdwM0E
pRPStFP+zuMS7XATP6nLQ67qP+OyiUGNAiLBhqLxS4HT
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:10:39 2025 by rpki-client