Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/aqf_0qYEmFLKcVSPfqqGXeBjzHY.roa
File: aqf_0qYEmFLKcVSPfqqGXeBjzHY.roa (raw, json)
Hash identifier: QUnm6RL/tLNhHD3ioRTYMQr9gpw2U8alWk2CWPcGNRU=
Subject key identifier: 6A:A7:FF:D2:A6:04:98:52:CA:71:54:8F:7E:AA:86:5D:E0:63:CC:76
Certificate issuer: /CN=d07d7573aacae821c87d6d36431cfe4b2801ab41
Certificate serial: 01856B811359CE6BBE53E72F540BC596FB58
Authority key identifier: D0:7D:75:73:AA:CA:E8:21:C8:7D:6D:36:43:1C:FE:4B:28:01:AB:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0H11c6rK6CHIfW02Qxz-SygBq0E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/aqf_0qYEmFLKcVSPfqqGXeBjzHY.roa
Signing time: Sun 01 Jan 2023 04:04:59 +0000
ROA not before: Sun 01 Jan 2023 04:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8739
IP address blocks: 213.145.98.0/24 maxlen: 24
94.155.37.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:81:13:59:ce:6b:be:53:e7:2f:54:0b:c5:96:fb:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d07d7573aacae821c87d6d36431cfe4b2801ab41
Validity
Not Before: Jan 1 04:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6aa7ffd2a6049852ca71548f7eaa865de063cc76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:73:06:ab:12:09:bb:d4:84:3f:31:3d:ce:ba:
d1:30:10:c4:a3:8a:d3:ab:3f:6e:e4:0a:46:82:6e:
0a:f7:34:90:51:93:39:8f:6f:90:1b:25:c6:74:54:
d0:c3:1d:ee:e8:c8:e3:28:83:bd:02:58:0b:95:34:
75:77:41:f0:8e:fb:a3:90:bd:1f:a9:97:50:24:48:
1d:c6:be:0e:94:23:9c:3c:3e:0b:8a:9e:1d:12:aa:
76:b3:1f:89:9f:3a:80:73:75:92:e8:d3:38:6c:dd:
8c:8f:95:13:85:3c:9a:98:46:72:1f:5a:f7:d0:95:
01:63:da:09:1e:c5:39:39:60:99:8d:8e:5f:f8:4f:
87:65:53:cb:53:f1:52:41:9e:8f:2e:56:d1:41:97:
88:62:b6:83:3e:00:2a:35:c9:42:a4:0e:7a:38:6e:
50:90:e2:2a:e9:25:ba:3c:29:3e:7c:6c:eb:19:fd:
b4:97:a9:e4:53:e0:95:f7:39:d1:b5:c4:5f:aa:9c:
c7:f4:8f:e9:ff:d1:98:02:f5:9a:ef:ab:44:57:e9:
fd:1e:f7:e5:e3:bc:89:e8:6e:be:58:fc:f8:51:e1:
b0:06:f5:ab:96:2b:c8:c7:57:bb:db:80:f1:38:52:
d8:eb:a6:f4:8d:31:e8:9a:5b:d3:09:98:66:3f:7d:
78:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:A7:FF:D2:A6:04:98:52:CA:71:54:8F:7E:AA:86:5D:E0:63:CC:76
X509v3 Authority Key Identifier:
keyid:D0:7D:75:73:AA:CA:E8:21:C8:7D:6D:36:43:1C:FE:4B:28:01:AB:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0H11c6rK6CHIfW02Qxz-SygBq0E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/aqf_0qYEmFLKcVSPfqqGXeBjzHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/0H11c6rK6CHIfW02Qxz-SygBq0E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.155.37.0/24
213.145.98.0/24
Signature Algorithm: sha256WithRSAEncryption
67:79:bb:4e:15:07:17:73:76:80:08:2c:4d:99:84:de:7f:fe:
5f:90:1e:d9:f9:8b:4b:94:2c:9f:b8:15:0c:83:9d:94:3c:77:
ca:27:23:c6:b9:cc:8c:09:74:1c:2f:94:64:dd:31:1e:66:e5:
7a:74:70:fc:3e:ee:85:04:45:d9:63:3d:7c:50:e2:d0:07:35:
59:7d:78:c5:35:93:ec:51:06:44:c3:42:69:7a:b9:33:d2:8b:
af:8a:3a:e6:be:ae:10:c2:76:42:ba:a8:40:53:fe:05:3a:34:
62:fa:f9:88:a3:20:88:1c:ad:ef:36:2a:b8:21:e1:2a:99:78:
98:8b:01:3b:e7:3b:0c:ed:6d:c3:e7:3b:5f:21:88:7a:1a:ed:
9c:15:8c:b2:5e:bc:db:48:23:59:0b:c3:04:de:16:51:6b:25:
b1:e4:e2:fd:12:7f:1a:c0:41:a9:65:43:74:bf:7e:05:f3:3e:
56:f9:42:14:49:66:93:33:9f:61:cb:b2:e7:3a:30:21:95:de:
a4:54:3d:d1:2f:b7:16:2d:6d:df:2d:5c:5e:77:5d:52:9b:55:
e9:db:67:4a:c4:c9:26:b4:7f:45:e5:7d:9f:30:de:33:2e:9a:
f7:06:b0:ca:9b:d9:e7:6a:14:a9:0f:eb:81:6c:95:d0:4e:64:
38:d8:1c:ad
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVrgRNZzmu+U+cvVAvFlvtYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwN2Q3NTczYWFjYWU4MjFjODdkNmQzNjQzMWNmZTRiMjgw
MWFiNDEwHhcNMjMwMTAxMDQwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWE3ZmZkMmE2MDQ5ODUyY2E3MTU0OGY3ZWFhODY1ZGUwNjNjYzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHMGqxIJu9SEPzE9zrrRMBDEo4rT
qz9u5ApGgm4K9zSQUZM5j2+QGyXGdFTQwx3u6MjjKIO9AlgLlTR1d0HwjvujkL0f
qZdQJEgdxr4OlCOcPD4Lip4dEqp2sx+JnzqAc3WS6NM4bN2Mj5UThTyamEZyH1r3
0JUBY9oJHsU5OWCZjY5f+E+HZVPLU/FSQZ6PLlbRQZeIYraDPgAqNclCpA56OG5Q
kOIq6SW6PCk+fGzrGf20l6nkU+CV9znRtcRfqpzH9I/p/9GYAvWa76tEV+n9Hvfl
47yJ6G6+WPz4UeGwBvWrlivIx1e724DxOFLY66b0jTHomlvTCZhmP314BwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGqn/9KmBJhSynFUj36qhl3gY8x2MB8GA1UdIwQY
MBaAFNB9dXOqyughyH1tNkMc/ksoAatBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEgxMWM2cks2Q0hJZlcwMlF4ei1TeWdCcTBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi81NzI1Y2MtYWQ3MC00NmY4LWJiNjIt
Y2Y5ZGM1YmFhYTc5LzEvYXFmXzBxWUVtRkxLY1ZTUGZxcUdYZUJqekhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi81NzI1Y2MtYWQ3MC00NmY4LWJiNjItY2Y5ZGM1YmFhYTc5
LzEvMEgxMWM2cks2Q0hJZlcwMlF4ei1TeWdCcTBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXpslAwQA
1ZFiMA0GCSqGSIb3DQEBCwUAA4IBAQBnebtOFQcXc3aACCxNmYTef/5fkB7Z+YtL
lCyfuBUMg52UPHfKJyPGucyMCXQcL5Rk3TEeZuV6dHD8Pu6FBEXZYz18UOLQBzVZ
fXjFNZPsUQZEw0Jperkz0ouvijrmvq4QwnZCuqhAU/4FOjRi+vmIoyCIHK3vNiq4
IeEqmXiYiwE75zsM7W3D5ztfIYh6Gu2cFYyyXrzbSCNZC8ME3hZRayWx5OL9En8a
wEGpZUN0v34F8z5W+UIUSWaTM59hy7LnOjAhld6kVD3RL7cWLW3fLVxed11Sm1Xp
22dKxMkmtH9F5X2fMN4zLpr3BrDKm9nnahSpD+uBbJXQTmQ42Byt
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:18:52 2025 by rpki-client