Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d3b13-c4a1-41c0-a839-aede3ffa4457/1/qbQuM8b3TdGGL_H6eAa_GB89jR4.roa
File: qbQuM8b3TdGGL_H6eAa_GB89jR4.roa (raw, json)
Hash identifier: cDwySK5zY9eGTsu3oS4++GidIl5UTGf9YDkIQEn+Rds=
Subject key identifier: A9:B4:2E:33:C6:F7:4D:D1:86:2F:F1:FA:78:06:BF:18:1F:3D:8D:1E
Certificate issuer: /CN=658290fe9814fcb062ab71e32ec1f96da9973a33
Certificate serial: 01856D5D26E61A10ADD1E49F6E9530827F71
Authority key identifier: 65:82:90:FE:98:14:FC:B0:62:AB:71:E3:2E:C1:F9:6D:A9:97:3A:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZYKQ_pgU_LBiq3HjLsH5bamXOjM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d3b13-c4a1-41c0-a839-aede3ffa4457/1/qbQuM8b3TdGGL_H6eAa_GB89jR4.roa
Signing time: Sun 01 Jan 2023 12:44:59 +0000
ROA not before: Sun 01 Jan 2023 12:44:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209568
IP address blocks: 194.187.24.0/22 maxlen: 22
2a09:1840::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:5d:26:e6:1a:10:ad:d1:e4:9f:6e:95:30:82:7f:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=658290fe9814fcb062ab71e32ec1f96da9973a33
Validity
Not Before: Jan 1 12:44:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9b42e33c6f74dd1862ff1fa7806bf181f3d8d1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:9a:f3:ea:3a:2f:bc:26:9f:16:7d:91:4f:b7:
e2:54:9f:18:9d:14:03:87:eb:a0:5d:1c:24:f4:84:
b4:b6:e0:90:0c:e2:2d:b4:c8:d0:12:d8:ab:5a:97:
68:d8:11:75:be:39:fd:b4:86:ea:c0:c5:73:05:4d:
b6:d3:18:93:59:82:58:e1:a6:c5:e9:73:97:8d:bc:
2d:ca:8b:23:08:a5:d1:2c:f6:9b:87:d9:fa:ae:84:
9c:34:f7:60:b5:96:ec:e8:5f:74:d9:05:a8:03:72:
e8:bf:99:04:5f:ff:ec:a5:e0:d6:7d:f5:2f:9b:fe:
77:3c:35:58:e7:98:a3:58:a7:52:37:04:e9:cf:b1:
58:ad:63:a8:7b:3b:8d:88:a8:df:84:66:23:41:8f:
c1:4b:54:05:82:d1:bb:7f:a8:0c:d3:44:6c:f4:c6:
7b:19:20:20:8f:5c:f7:5f:0c:0f:e2:c7:ab:78:1d:
ca:16:90:14:64:29:c4:72:35:28:bd:13:0e:e4:d7:
c2:82:06:a8:76:9a:69:03:5a:99:ec:03:5f:a7:a0:
7b:63:de:44:7f:5f:a5:ce:90:f1:36:05:3e:da:e5:
1c:86:8d:15:01:64:d9:c0:0c:35:4b:80:c4:c0:6c:
90:57:bd:b8:08:15:9e:c1:65:bc:bf:52:a0:23:ff:
81:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:B4:2E:33:C6:F7:4D:D1:86:2F:F1:FA:78:06:BF:18:1F:3D:8D:1E
X509v3 Authority Key Identifier:
keyid:65:82:90:FE:98:14:FC:B0:62:AB:71:E3:2E:C1:F9:6D:A9:97:3A:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZYKQ_pgU_LBiq3HjLsH5bamXOjM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d3b13-c4a1-41c0-a839-aede3ffa4457/1/qbQuM8b3TdGGL_H6eAa_GB89jR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d3b13-c4a1-41c0-a839-aede3ffa4457/1/ZYKQ_pgU_LBiq3HjLsH5bamXOjM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.187.24.0/22
IPv6:
2a09:1840::/32
Signature Algorithm: sha256WithRSAEncryption
2f:49:30:21:50:a0:53:b0:07:62:7c:a3:d8:fa:a3:d5:e5:83:
75:2e:f8:35:65:c5:84:ae:e8:31:79:ce:89:ed:62:c3:d3:ee:
ba:7d:4b:ae:76:8f:3f:90:28:9b:f9:49:7a:27:fd:78:87:d7:
85:bf:44:2c:76:71:9c:81:3c:38:4e:2b:6e:0a:8d:e3:3b:33:
4d:ce:3f:19:a8:80:ed:d5:bc:e5:c5:40:4e:ce:08:67:4b:19:
15:37:a2:b5:61:0e:78:e2:9a:da:c7:04:c4:77:11:8f:97:9b:
cd:1b:ac:5b:e4:97:3c:f2:09:87:94:1e:e1:d9:18:d5:3f:db:
ea:db:b2:68:67:bc:1d:37:62:ba:8a:0d:6e:7d:8b:a8:96:f7:
5c:b3:7f:d1:25:6e:1c:eb:e3:47:5f:6b:79:50:21:8d:f9:3a:
d6:ef:1d:14:06:19:05:2d:57:f2:f9:d1:a6:e7:6e:9b:2d:bb:
1f:ae:fa:1b:5f:ff:7a:3f:96:87:6d:58:20:ed:09:d8:6a:3a:
3c:bb:0c:9c:3f:49:a7:a9:0c:b7:db:e7:10:31:4a:f4:74:56:
cc:c2:ee:b9:46:82:25:d1:41:bb:be:55:3e:e2:f7:d5:d4:4b:
c1:61:bb:93:95:9e:4b:8b:58:55:7f:05:2b:d1:51:a7:e9:e9:
ee:de:64:a7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtXSbmGhCt0eSfbpUwgn9xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1ODI5MGZlOTgxNGZjYjA2MmFiNzFlMzJlYzFmOTZkYTk5
NzNhMzMwHhcNMjMwMTAxMTI0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWI0MmUzM2M2Zjc0ZGQxODYyZmYxZmE3ODA2YmYxODFmM2Q4ZDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJrz6jovvCafFn2RT7fiVJ8YnRQD
h+ugXRwk9IS0tuCQDOIttMjQEtirWpdo2BF1vjn9tIbqwMVzBU220xiTWYJY4abF
6XOXjbwtyosjCKXRLPabh9n6roScNPdgtZbs6F902QWoA3Lov5kEX//speDWffUv
m/53PDVY55ijWKdSNwTpz7FYrWOoezuNiKjfhGYjQY/BS1QFgtG7f6gM00Rs9MZ7
GSAgj1z3XwwP4sereB3KFpAUZCnEcjUovRMO5NfCggaodpppA1qZ7ANfp6B7Y95E
f1+lzpDxNgU+2uUcho0VAWTZwAw1S4DEwGyQV724CBWewWW8v1KgI/+BiwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKm0LjPG903Rhi/x+ngGvxgfPY0eMB8GA1UdIwQY
MBaAFGWCkP6YFPywYqtx4y7B+W2plzozMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWllLUV9wZ1VfTEJpcTNIakxzSDViYW1YT2pNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDNiMTMtYzRhMS00MWMwLWE4Mzkt
YWVkZTNmZmE0NDU3LzEvcWJRdU04YjNUZEdHTF9INmVBYV9HQjg5alI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDNiMTMtYzRhMS00MWMwLWE4MzktYWVkZTNmZmE0NDU3
LzEvWllLUV9wZ1VfTEJpcTNIakxzSDViYW1YT2pNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwrsYMA0E
AgACMAcDBQAqCRhAMA0GCSqGSIb3DQEBCwUAA4IBAQAvSTAhUKBTsAdifKPY+qPV
5YN1Lvg1ZcWErugxec6J7WLD0+66fUuudo8/kCib+Ul6J/14h9eFv0QsdnGcgTw4
TituCo3jOzNNzj8ZqIDt1bzlxUBOzghnSxkVN6K1YQ544praxwTEdxGPl5vNG6xb
5Jc88gmHlB7h2RjVP9vq27JoZ7wdN2K6ig1ufYuolvdcs3/RJW4c6+NHX2t5UCGN
+TrW7x0UBhkFLVfy+dGm526bLbsfrvobX/96P5aHbVgg7QnYajo8uwycP0mnqQy3
2+cQMUr0dFbMwu65RoIl0UG7vlU+4vfV1EvBYbuTlZ5Li1hVfwUr0VGn6enu3mSn
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:34:17 2025 by rpki-client