Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/qxMx23M1RFqQydek8ahAo6W-8g8.roa
File: qxMx23M1RFqQydek8ahAo6W-8g8.roa (raw, json)
Hash identifier: qay2HMnsqRLoK6M08CImz+pcXPHVtQIJUkykHaNJEwc=
Subject key identifier: AB:13:31:DB:73:35:44:5A:90:C9:D7:A4:F1:A8:40:A3:A5:BE:F2:0F
Certificate issuer: /CN=ba9d30e6035be8b8386061f271481c707e04ce2b
Certificate serial: 0AB148F8
Authority key identifier: BA:9D:30:E6:03:5B:E8:B8:38:60:61:F2:71:48:1C:70:7E:04:CE:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/up0w5gNb6Lg4YGHycUgccH4Ezis.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/qxMx23M1RFqQydek8ahAo6W-8g8.roa
Signing time: Sat 01 Jan 2022 12:00:25 +0000
ROA not before: Sat 01 Jan 2022 12:00:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60027
IP address blocks: 195.214.154.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 179390712 (0xab148f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba9d30e6035be8b8386061f271481c707e04ce2b
Validity
Not Before: Jan 1 12:00:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ab1331db7335445a90c9d7a4f1a840a3a5bef20f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:af:5b:11:1a:fd:0e:5f:0a:14:d5:c9:c8:45:
e8:f3:a7:23:a6:5f:a1:e0:24:4a:7e:ed:9f:cb:3a:
8e:8b:30:95:11:29:91:38:f0:97:0f:ea:6a:19:11:
ea:8b:78:96:5b:21:4a:38:6c:da:b9:33:b7:3a:4e:
04:96:14:9b:9a:e8:95:00:5a:14:3e:a1:6a:c6:0c:
11:ae:8c:df:b3:22:30:f4:6a:9a:d7:b2:cd:24:fc:
34:94:c2:ac:d9:9d:1a:26:39:f6:bf:30:27:f8:5b:
31:ba:77:dd:d8:55:2e:69:bf:ea:bb:b3:6d:dd:14:
cc:3f:3b:15:c9:3a:0b:53:dd:4a:74:18:f2:27:d6:
ca:a9:ad:4f:e2:49:fa:34:31:2e:12:4b:fa:16:15:
1e:9a:a3:e5:bb:80:93:db:a5:01:bd:c7:1f:ba:00:
1e:51:ee:7a:b9:d0:d8:9c:c3:f0:75:5a:76:4d:16:
aa:54:aa:cd:e4:ef:17:0f:46:80:53:4a:cc:8a:92:
f2:96:01:0d:e7:fe:60:41:8e:95:f6:65:d8:77:b9:
24:94:9e:f3:59:13:60:b4:37:ba:5c:b4:22:0b:c3:
8b:79:f9:d0:7e:0e:76:84:2d:ca:22:00:70:ea:16:
3f:82:46:ba:07:a2:bd:aa:68:90:11:1c:f6:d2:ff:
e3:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:13:31:DB:73:35:44:5A:90:C9:D7:A4:F1:A8:40:A3:A5:BE:F2:0F
X509v3 Authority Key Identifier:
keyid:BA:9D:30:E6:03:5B:E8:B8:38:60:61:F2:71:48:1C:70:7E:04:CE:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/up0w5gNb6Lg4YGHycUgccH4Ezis.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/qxMx23M1RFqQydek8ahAo6W-8g8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/up0w5gNb6Lg4YGHycUgccH4Ezis.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.214.154.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:6b:88:27:65:9c:fd:ef:78:96:17:db:1f:f3:aa:66:8a:7d:
b1:ae:22:55:2a:e0:4e:7f:d4:8d:69:fd:b3:40:5d:0a:9e:e7:
6d:fa:a4:93:55:d7:a9:cd:d4:06:8b:ad:14:d4:d3:fe:f6:99:
34:24:e0:5a:6e:fd:c6:a5:52:35:fc:5b:9f:ee:f6:c9:02:80:
a8:a5:98:21:1c:d0:a7:ff:ec:48:a0:d4:d8:e9:0e:76:3b:a4:
47:44:ee:a6:5f:ef:dd:36:5a:69:16:14:05:a0:80:e9:68:62:
ca:e0:e3:07:35:2b:d3:f5:31:60:0e:2b:22:22:96:74:db:fd:
2a:56:a6:b6:c0:49:6f:86:b0:e3:f5:8e:4b:13:99:3f:68:a8:
85:e7:30:f5:f6:a0:a1:68:5b:22:f8:30:f6:0c:c3:c7:36:8f:
ae:64:fa:f7:64:6e:73:f9:af:a1:88:26:10:30:7e:1b:35:53:
a5:84:81:f7:1a:12:62:95:8c:eb:30:9a:f7:59:5b:43:d4:a5:
3a:6a:4b:ac:aa:65:16:ae:d9:43:b6:13:03:7e:be:55:1f:73:
60:9d:d4:e4:df:80:7c:24:1c:e4:df:60:f0:6c:5b:ba:36:90:
39:2e:bb:56:c5:28:35:0d:a7:9a:83:86:83:d5:f4:0a:0f:10:
7b:24:b6:f4
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECrFI+DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YTlkMzBlNjAzNWJlOGI4Mzg2MDYxZjI3MTQ4MWM3MDdlMDRjZTJiMB4XDTIyMDEw
MTEyMDAyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWIxMzMxZGI3MzM1
NDQ1YTkwYzlkN2E0ZjFhODQwYTNhNWJlZjIwZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKqvWxEa/Q5fChTVychF6POnI6ZfoeAkSn7tn8s6joswlREp
kTjwlw/qahkR6ot4llshSjhs2rkztzpOBJYUm5rolQBaFD6hasYMEa6M37MiMPRq
mteyzST8NJTCrNmdGiY59r8wJ/hbMbp33dhVLmm/6ruzbd0UzD87Fck6C1PdSnQY
8ifWyqmtT+JJ+jQxLhJL+hYVHpqj5buAk9ulAb3HH7oAHlHuernQ2JzD8HVadk0W
qlSqzeTvFw9GgFNKzIqS8pYBDef+YEGOlfZl2He5JJSe81kTYLQ3uly0IgvDi3n5
0H4OdoQtyiIAcOoWP4JGugeivapokBEc9tL/450CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSrEzHbczVEWpDJ16TxqECjpb7yDzAfBgNVHSMEGDAWgBS6nTDmA1vouDhg
YfJxSBxwfgTOKzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VwMHc1Z05iNkxnNFlHSHljVWdjY0g0RXppcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzYvYWM5YzMyLTdkYmMtNGQ2Yy1iYzA4LTVkNTg0ZmJjNWQyNy8x
L3F4TXgyM00xUkZxUXlkZWs4YWhBbzZXLThnOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzYv
YWM5YzMyLTdkYmMtNGQ2Yy1iYzA4LTVkNTg0ZmJjNWQyNy8xL3VwMHc1Z05iNkxn
NFlHSHljVWdjY0g0RXppcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMPWmjANBgkqhkiG9w0BAQsFAAOC
AQEAqGuIJ2Wc/e94lhfbH/OqZop9sa4iVSrgTn/UjWn9s0BdCp7nbfqkk1XXqc3U
BoutFNTT/vaZNCTgWm79xqVSNfxbn+72yQKAqKWYIRzQp//sSKDU2OkOdjukR0Tu
pl/v3TZaaRYUBaCA6WhiyuDjBzUr0/UxYA4rIiKWdNv9KlamtsBJb4aw4/WOSxOZ
P2iohecw9fagoWhbIvgw9gzDxzaPrmT692Ruc/mvoYgmEDB+GzVTpYSB9xoSYpWM
6zCa91lbQ9SlOmpLrKplFq7ZQ7YTA36+VR9zYJ3U5N+AfCQc5N9g8GxbujaQOS67
VsUoNQ2nmoOGg9X0Cg8QeyS29A==
-----END CERTIFICATE-----
Generated at Thu Apr 17 18:50:19 2025 by rpki-client