Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/473924-6f99-473d-a077-f437839095d1/1/QG2lfFuk-uwoYkY_YT0an45oj24.roa
File: QG2lfFuk-uwoYkY_YT0an45oj24.roa (raw, json)
Hash identifier: tPS9hw/cNzhv9zLx2yZd9sX3wKC2N82VxnH5fcvalEk=
Subject key identifier: 40:6D:A5:7C:5B:A4:FA:EC:28:62:46:3F:61:3D:1A:9F:8E:68:8F:6E
Certificate issuer: /CN=c7f04b78b2eedf998edd5cc1e88671c8d10f1865
Certificate serial: 018A63F65CDE5D320DE8218D5B5FC71B5588
Authority key identifier: C7:F0:4B:78:B2:EE:DF:99:8E:DD:5C:C1:E8:86:71:C8:D1:0F:18:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x_BLeLLu35mO3VzB6IZxyNEPGGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/473924-6f99-473d-a077-f437839095d1/1/QG2lfFuk-uwoYkY_YT0an45oj24.roa
Signing time: Tue 05 Sep 2023 06:10:04 +0000
ROA not before: Tue 05 Sep 2023 06:10:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204357
IP address blocks: 194.114.82.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:63:f6:5c:de:5d:32:0d:e8:21:8d:5b:5f:c7:1b:55:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7f04b78b2eedf998edd5cc1e88671c8d10f1865
Validity
Not Before: Sep 5 06:10:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=406da57c5ba4faec2862463f613d1a9f8e688f6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:10:22:7e:02:67:f9:77:fd:9e:1e:43:e3:a8:
42:d1:5b:02:85:ee:2c:0d:d1:f8:b0:a0:c6:ec:02:
f7:7e:b8:6e:4a:9b:8f:26:c5:7d:be:7d:15:2d:9d:
1b:e1:88:07:b0:8d:5d:7d:42:48:76:43:da:c4:51:
20:38:a5:13:34:8b:aa:84:d0:6a:e0:2a:62:88:8b:
db:4a:66:b1:a6:71:43:d3:db:28:37:f9:2a:85:47:
33:a5:b0:36:09:8b:55:5f:b6:85:41:ff:7d:f0:b8:
0b:9d:38:d7:04:d7:97:46:f0:2d:05:3a:06:66:5b:
8a:b9:c9:c3:3f:21:4f:01:3b:44:29:54:6f:14:df:
22:70:a0:87:80:f2:80:87:e9:e1:47:4c:6d:4e:d2:
b1:53:9b:11:47:ca:6a:c0:ae:80:3f:36:b1:c5:b6:
1b:53:91:95:bb:ab:db:0c:86:ea:a2:ef:ea:75:e9:
b4:65:63:8b:e0:da:18:a6:d8:69:b5:1d:01:5f:38:
3f:93:69:1e:f3:4e:68:35:7e:8a:6b:01:87:b3:2c:
b2:63:fd:d8:7f:78:e9:40:e3:f5:8a:a9:5c:75:54:
d4:03:19:9f:42:4c:0a:b8:71:f1:41:ef:39:64:a9:
ca:21:3f:bf:67:25:7d:39:81:66:5f:aa:fb:e9:dd:
68:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:6D:A5:7C:5B:A4:FA:EC:28:62:46:3F:61:3D:1A:9F:8E:68:8F:6E
X509v3 Authority Key Identifier:
keyid:C7:F0:4B:78:B2:EE:DF:99:8E:DD:5C:C1:E8:86:71:C8:D1:0F:18:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x_BLeLLu35mO3VzB6IZxyNEPGGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/473924-6f99-473d-a077-f437839095d1/1/QG2lfFuk-uwoYkY_YT0an45oj24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/473924-6f99-473d-a077-f437839095d1/1/x_BLeLLu35mO3VzB6IZxyNEPGGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.114.82.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:b0:0f:8b:a4:80:a8:b2:1e:2e:b0:0f:64:25:06:c5:6d:0b:
f2:80:16:b3:be:33:8e:4f:18:b2:72:e5:ac:a4:bd:41:55:3e:
13:b0:0e:9d:6f:50:62:16:ff:b7:96:4d:90:50:6b:22:f9:3b:
73:5a:1b:fc:37:ac:73:ea:21:ec:4a:7a:c0:6c:72:fe:23:bf:
1f:b2:cc:55:3d:3d:fb:19:10:bf:eb:61:7f:2e:33:8a:3d:ed:
50:63:36:15:1d:16:fa:c3:21:ff:ec:f5:d2:27:6f:22:5e:2f:
13:41:b9:3f:87:ee:0d:0a:b1:dd:f2:63:d9:dd:6b:bf:95:91:
a9:f5:df:d0:fe:e2:f7:a8:ca:cb:ce:74:77:6b:ba:23:d0:69:
08:9d:20:a1:43:7b:89:6f:f7:33:a2:42:5a:29:37:6b:e5:71:
c9:7b:79:ed:ae:fc:ab:d2:e4:ed:8b:b1:59:3b:2b:79:7a:9c:
49:b7:56:83:e5:75:93:46:c6:dd:9f:a7:10:59:01:9b:0f:71:
c9:57:16:ea:71:52:a3:ba:0c:0c:86:0f:a3:25:a5:90:ef:b0:
5e:09:e6:3b:5c:83:49:8a:60:6d:b6:ba:67:86:4f:86:d2:d0:
e1:46:24:22:41:d7:86:24:f6:b8:9e:b0:9b:e8:d5:7a:ae:b5:
d7:79:d3:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYpj9lzeXTIN6CGNW1/HG1WIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3ZjA0Yjc4YjJlZWRmOTk4ZWRkNWNjMWU4ODY3MWM4ZDEw
ZjE4NjUwHhcNMjMwOTA1MDYxMDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDZkYTU3YzViYTRmYWVjMjg2MjQ2M2Y2MTNkMWE5ZjhlNjg4ZjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkRAifgJn+Xf9nh5D46hC0VsChe4s
DdH4sKDG7AL3frhuSpuPJsV9vn0VLZ0b4YgHsI1dfUJIdkPaxFEgOKUTNIuqhNBq
4CpiiIvbSmaxpnFD09soN/kqhUczpbA2CYtVX7aFQf998LgLnTjXBNeXRvAtBToG
ZluKucnDPyFPATtEKVRvFN8icKCHgPKAh+nhR0xtTtKxU5sRR8pqwK6APzaxxbYb
U5GVu6vbDIbqou/qdem0ZWOL4NoYpthptR0BXzg/k2ke805oNX6KawGHsyyyY/3Y
f3jpQOP1iqlcdVTUAxmfQkwKuHHxQe85ZKnKIT+/ZyV9OYFmX6r76d1o9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEBtpXxbpPrsKGJGP2E9Gp+OaI9uMB8GA1UdIwQY
MBaAFMfwS3iy7t+Zjt1cweiGccjRDxhlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveF9CTGVMTHUzNW1PM1Z6QjZJWnh5TkVQR0dVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy80NzM5MjQtNmY5OS00NzNkLWEwNzct
ZjQzNzgzOTA5NWQxLzEvUUcybGZGdWstdXdvWWtZX1lUMGFuNDVvajI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy80NzM5MjQtNmY5OS00NzNkLWEwNzctZjQzNzgzOTA5NWQx
LzEveF9CTGVMTHUzNW1PM1Z6QjZJWnh5TkVQR0dVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwnJSMA0G
CSqGSIb3DQEBCwUAA4IBAQBKsA+LpICosh4usA9kJQbFbQvygBazvjOOTxiycuWs
pL1BVT4TsA6db1BiFv+3lk2QUGsi+TtzWhv8N6xz6iHsSnrAbHL+I78fssxVPT37
GRC/62F/LjOKPe1QYzYVHRb6wyH/7PXSJ28iXi8TQbk/h+4NCrHd8mPZ3Wu/lZGp
9d/Q/uL3qMrLznR3a7oj0GkInSChQ3uJb/czokJaKTdr5XHJe3ntrvyr0uTti7FZ
Oyt5epxJt1aD5XWTRsbdn6cQWQGbD3HJVxbqcVKjugwMhg+jJaWQ77BeCeY7XINJ
imBttrpnhk+G0tDhRiQiQdeGJPa4nrCb6NV6rrXXedOl
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:50 2025 by rpki-client