Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/qTu4W_BH0SD-oBc-wWF3f-Ht_Aw.roa
File: qTu4W_BH0SD-oBc-wWF3f-Ht_Aw.roa (raw, json)
Hash identifier: seOWp+aFMB358tWGYNW8q2NY5qdHtVki89vT50PxESY=
Subject key identifier: A9:3B:B8:5B:F0:47:D1:20:FE:A0:17:3E:C1:61:77:7F:E1:ED:FC:0C
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 018570F0B792B7482FD28A4C2CC543844197
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/qTu4W_BH0SD-oBc-wWF3f-Ht_Aw.roa
Signing time: Mon 02 Jan 2023 05:25:01 +0000
ROA not before: Mon 02 Jan 2023 05:25:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199260
IP address blocks: 82.177.30.0/23 maxlen: 23
195.136.78.0/24 maxlen: 24
195.136.12.0/23 maxlen: 23
195.136.158.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:f0:b7:92:b7:48:2f:d2:8a:4c:2c:c5:43:84:41:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Jan 2 05:25:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a93bb85bf047d120fea0173ec161777fe1edfc0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:3c:35:2a:13:b2:0b:70:e6:25:28:39:fc:f2:
19:e9:e7:24:c4:b2:1f:2a:f4:fd:3a:d8:bf:76:ad:
85:f8:b5:d4:42:e0:ce:59:14:82:23:4b:91:07:24:
06:c0:a7:62:1d:8d:f5:35:57:53:d4:af:e8:1d:91:
f4:9b:57:c8:fc:27:f2:63:cf:55:c0:7c:03:9b:18:
da:78:77:96:82:9a:3f:15:71:fd:d9:8d:ea:c1:37:
2f:14:46:1c:04:f7:2e:91:13:8f:fa:53:aa:ac:f3:
91:11:20:5b:85:77:4a:39:10:cc:e2:ff:01:54:27:
1f:dd:14:62:64:ea:6b:c7:2a:b2:c3:11:5f:de:dd:
a2:6e:89:51:5d:d3:66:46:7d:ae:4f:f7:8b:f0:33:
ab:e1:39:2b:ef:48:23:01:fc:77:25:55:52:f1:10:
3a:99:35:22:52:12:b9:60:9f:6b:ee:52:ba:a9:1e:
b5:1d:d6:31:6f:c9:47:ae:c9:44:b5:1e:e8:53:40:
af:de:0e:07:23:f4:4d:e1:b9:5c:02:31:22:8a:ba:
7e:82:d2:98:cc:ff:36:82:ef:52:f4:53:ad:5e:10:
ed:b4:2a:3e:bb:6f:53:f9:18:4c:c2:0e:bd:3e:66:
50:53:97:c6:30:c1:24:9b:00:9a:c1:7c:47:04:e6:
e2:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:3B:B8:5B:F0:47:D1:20:FE:A0:17:3E:C1:61:77:7F:E1:ED:FC:0C
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/qTu4W_BH0SD-oBc-wWF3f-Ht_Aw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.177.30.0/23
195.136.12.0/23
195.136.78.0/24
195.136.158.0/23
Signature Algorithm: sha256WithRSAEncryption
3c:36:06:f1:dc:ca:a0:c3:42:6b:c0:56:3d:1e:ea:7c:c4:be:
be:85:97:81:41:6c:a4:69:0d:f6:62:50:e0:38:f2:17:3f:09:
34:e9:d9:c8:6c:ff:1e:7a:a1:9f:51:0d:71:14:55:c3:8e:46:
5c:1b:90:fc:4f:c3:19:66:dd:88:2a:2b:b0:de:6d:28:67:bd:
c2:45:9b:40:2e:c4:58:d7:da:63:fe:82:24:15:7d:e0:4f:1d:
59:5c:50:92:49:e7:2d:c1:df:60:9d:f9:87:cb:d3:29:1f:d2:
45:63:87:cc:24:b1:15:2a:a2:4c:8e:a9:ee:ef:87:d9:c9:38:
a2:f8:36:64:96:60:8e:b4:b1:45:70:36:18:8b:c2:a2:5d:97:
1b:84:ed:95:56:b8:bf:ed:2c:91:3c:c3:60:89:8c:35:17:30:
d4:c1:3e:0c:93:3d:9b:76:05:92:58:c8:f2:d6:2d:74:93:63:
4e:3f:20:10:1f:3f:3b:63:ba:8d:9d:2b:11:15:cd:ad:1b:97:
07:ca:cc:bc:9d:7e:6e:45:39:6f:c8:81:87:a0:c3:64:d7:ac:
2f:e9:6c:44:45:c6:bc:a1:f3:af:a4:94:6f:21:84:09:3c:65:
03:51:25:d2:9e:57:80:2c:35:37:64:d6:80:20:83:98:fd:b4:
76:f0:c5:95
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVw8LeSt0gv0opMLMVDhEGXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj
MmQ3NmIwHhcNMjMwMTAyMDUyNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTNiYjg1YmYwNDdkMTIwZmVhMDE3M2VjMTYxNzc3ZmUxZWRmYzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmDw1KhOyC3DmJSg5/PIZ6eckxLIf
KvT9Oti/dq2F+LXUQuDOWRSCI0uRByQGwKdiHY31NVdT1K/oHZH0m1fI/CfyY89V
wHwDmxjaeHeWgpo/FXH92Y3qwTcvFEYcBPcukROP+lOqrPORESBbhXdKORDM4v8B
VCcf3RRiZOprxyqywxFf3t2ibolRXdNmRn2uT/eL8DOr4Tkr70gjAfx3JVVS8RA6
mTUiUhK5YJ9r7lK6qR61HdYxb8lHrslEtR7oU0Cv3g4HI/RN4blcAjEiirp+gtKY
zP82gu9S9FOtXhDttCo+u29T+RhMwg69PmZQU5fGMMEkmwCawXxHBObi7wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKk7uFvwR9Eg/qAXPsFhd3/h7fwMMB8GA1UdIwQY
MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt
NTI3NjZiMjRiYWE0LzEvcVR1NFdfQkgwU0Qtb0JjLXdXRjNmLUh0X0F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0
LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBUrEeAwQB
w4gMAwQAw4hOAwQBw4ieMA0GCSqGSIb3DQEBCwUAA4IBAQA8Ngbx3Mqgw0JrwFY9
Hup8xL6+hZeBQWykaQ32YlDgOPIXPwk06dnIbP8eeqGfUQ1xFFXDjkZcG5D8T8MZ
Zt2IKiuw3m0oZ73CRZtALsRY19pj/oIkFX3gTx1ZXFCSSectwd9gnfmHy9MpH9JF
Y4fMJLEVKqJMjqnu74fZyTii+DZklmCOtLFFcDYYi8KiXZcbhO2VVri/7SyRPMNg
iYw1FzDUwT4Mkz2bdgWSWMjy1i10k2NOPyAQHz87Y7qNnSsRFc2tG5cHysy8nX5u
RTlvyIGHoMNk16wv6WxERca8ofOvpJRvIYQJPGUDUSXSnleALDU3ZNaAIIOY/bR2
8MWV
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:54 2025 by rpki-client