Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/qhKUVeSTTqjAulC5tMAMpUKifqM.roa
File: qhKUVeSTTqjAulC5tMAMpUKifqM.roa (raw, json)
Hash identifier: jRnsOs8sRijov/rTP2N0XAyT2oiIKVp9V7cJYMgVeXw=
Subject key identifier: AA:12:94:55:E4:93:4E:A8:C0:BA:50:B9:B4:C0:0C:A5:42:A2:7E:A3
Certificate issuer: /CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Certificate serial: 06F6A84E
Authority key identifier: F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/qhKUVeSTTqjAulC5tMAMpUKifqM.roa
Signing time: Sat 01 Jan 2022 07:01:19 +0000
ROA not before: Sat 01 Jan 2022 07:01:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200995
IP address blocks: 194.147.97.0/24 maxlen: 24
2a03:5840:ffff::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116828238 (0x6f6a84e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Validity
Not Before: Jan 1 07:01:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aa129455e4934ea8c0ba50b9b4c00ca542a27ea3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:74:da:d1:25:b2:c2:be:9c:e8:d3:b8:87:0e:
2b:ca:c2:4d:b6:2c:ca:fa:74:68:a4:b1:47:2f:29:
97:05:6e:de:a6:a4:d2:12:14:f8:40:ad:27:61:c9:
03:4d:a3:c5:d7:5c:a6:5d:d9:db:b1:b0:9e:d8:e8:
35:b4:c5:c0:c0:23:a9:eb:12:ac:3e:c6:5b:ef:5b:
b5:60:66:2f:90:bc:89:fb:48:46:41:32:50:f7:8d:
36:8e:bd:89:e2:ae:f9:02:7e:68:d5:df:f5:23:83:
ea:74:37:10:98:b3:72:f6:85:a6:73:1c:c0:b9:48:
c7:db:7f:0e:d7:2d:00:42:3c:3f:a7:8f:00:67:f0:
10:0d:04:16:f0:3e:68:76:e6:37:2f:d5:89:d5:c6:
6a:6f:77:3e:18:80:5d:cf:0b:ad:dd:b1:50:b2:4f:
fa:8f:37:d4:ea:52:06:61:cc:09:75:7f:d6:77:8b:
37:11:fd:47:8c:20:e3:14:57:66:75:e7:6b:95:4d:
ff:e9:7d:4e:4a:ce:de:53:3e:63:a0:84:f2:7a:5d:
38:40:03:af:0a:c9:8c:94:8b:e9:85:5f:f4:49:ef:
40:6b:19:48:57:cf:e5:63:bc:85:57:da:16:55:9c:
9b:96:35:f3:b8:7e:be:36:5b:2a:32:83:75:02:83:
97:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:12:94:55:E4:93:4E:A8:C0:BA:50:B9:B4:C0:0C:A5:42:A2:7E:A3
X509v3 Authority Key Identifier:
keyid:F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/qhKUVeSTTqjAulC5tMAMpUKifqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.147.97.0/24
IPv6:
2a03:5840:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
4f:44:81:f7:23:bc:65:d6:a4:e6:fb:c7:c9:54:d2:ae:94:d9:
ef:e3:76:bc:84:0e:57:04:a0:02:46:da:00:cb:e4:bc:7c:38:
1f:58:60:f0:81:2d:4f:cb:97:3d:fc:4c:2d:94:eb:1a:f1:1f:
c4:31:d1:3f:50:92:c5:bd:6c:45:00:35:1c:34:11:ec:f4:2b:
31:da:ba:83:08:dd:bf:7a:ac:a6:c4:bc:84:01:31:ff:99:e1:
ad:34:0c:03:88:bc:b2:95:2c:a5:ea:bd:4d:c0:13:c7:38:7c:
8e:c3:6a:eb:57:95:99:8f:44:be:4a:2c:2d:de:2e:0a:55:7b:
2d:5e:bc:5b:04:02:9c:14:bb:8b:7c:a6:a9:4a:8c:3f:7d:3c:
9b:4e:e3:25:7f:45:9e:c5:01:1a:d7:22:83:d1:7b:90:28:74:
3d:2b:f4:00:50:01:22:0e:ae:e3:c5:4c:eb:cd:63:8e:cc:56:
a0:75:ae:d9:0a:19:5e:3f:b6:65:50:57:79:e3:11:c2:e1:f4:
ba:15:36:8f:db:6d:92:d9:46:af:e9:d6:8b:27:f2:12:9b:03:
0b:bd:35:06:77:f6:1e:1b:fe:ee:1a:86:17:c0:53:2a:e7:35:
41:5a:7f:71:d0:20:4c:62:90:dd:3b:89:1d:58:8f:b9:1b:57:
34:b2:08:f4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEBvaoTjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
Nzc3MDVlODliYjY1YjQ3MmU0ZTAxODRkNmZlOWJmYjhjNTg2MzVhMB4XDTIyMDEw
MTA3MDExOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWExMjk0NTVlNDkz
NGVhOGMwYmE1MGI5YjRjMDBjYTU0MmEyN2VhMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIp02tElssK+nOjTuIcOK8rCTbYsyvp0aKSxRy8plwVu3qak
0hIU+ECtJ2HJA02jxddcpl3Z27GwntjoNbTFwMAjqesSrD7GW+9btWBmL5C8iftI
RkEyUPeNNo69ieKu+QJ+aNXf9SOD6nQ3EJizcvaFpnMcwLlIx9t/DtctAEI8P6eP
AGfwEA0EFvA+aHbmNy/VidXGam93PhiAXc8Lrd2xULJP+o831OpSBmHMCXV/1neL
NxH9R4wg4xRXZnXna5VN/+l9TkrO3lM+Y6CE8npdOEADrwrJjJSL6YVf9EnvQGsZ
SFfP5WO8hVfaFlWcm5Y187h+vjZbKjKDdQKDl3MCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBSqEpRV5JNOqMC6ULm0wAylQqJ+ozAfBgNVHSMEGDAWgBT3dwXom7ZbRy5O
AYTW/pv7jFhjWjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzkzY0Y2SnUyVzBjdVRnR0UxdjZiLTR4WVkxby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2MvMDIyODM5LTY5ODQtNDBkNC04NzE2LTZjYjg5NzkxZDdmZC8x
L3FoS1VWZVNUVHFqQXVsQzV0TUFNcFVLaWZxTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Mv
MDIyODM5LTY5ODQtNDBkNC04NzE2LTZjYjg5NzkxZDdmZC8xLzkzY0Y2SnUyVzBj
dVRnR0UxdjZiLTR4WVkxby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAMKTYTAPBAIAAjAJAwcAKgNYQP//
MA0GCSqGSIb3DQEBCwUAA4IBAQBPRIH3I7xl1qTm+8fJVNKulNnv43a8hA5XBKAC
RtoAy+S8fDgfWGDwgS1Py5c9/EwtlOsa8R/EMdE/UJLFvWxFADUcNBHs9Csx2rqD
CN2/eqymxLyEATH/meGtNAwDiLyylSyl6r1NwBPHOHyOw2rrV5WZj0S+Siwt3i4K
VXstXrxbBAKcFLuLfKapSow/fTybTuMlf0WexQEa1yKD0XuQKHQ9K/QAUAEiDq7j
xUzrzWOOzFagda7ZChleP7ZlUFd54xHC4fS6FTaP222S2Uav6daLJ/ISmwMLvTUG
d/YeG/7uGoYXwFMq5zVBWn9x0CBMYpDdO4kdWI+5G1c0sgj0
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:27:41 2025 by rpki-client