Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/dd8098-7fe0-422f-92e9-1fb1e9c86b53/1/QHi2JTqVGa08SFWlmFtGiqWioZw.roa
File: QHi2JTqVGa08SFWlmFtGiqWioZw.roa (raw, json)
Hash identifier: 2aIjt9+wQctAPYFAqgfVnHTTKIxKsDt2RK0a67ycvQg=
Subject key identifier: 40:78:B6:25:3A:95:19:AD:3C:48:55:A5:98:5B:46:8A:A5:A2:A1:9C
Certificate issuer: /CN=b85213df97329556d608b150f03c4ee75fbd98c1
Certificate serial: 01856F8B72F2B629CEF5E74B21C1AA17F3FE
Authority key identifier: B8:52:13:DF:97:32:95:56:D6:08:B1:50:F0:3C:4E:E7:5F:BD:98:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uFIT35cylVbWCLFQ8DxO51-9mME.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/dd8098-7fe0-422f-92e9-1fb1e9c86b53/1/QHi2JTqVGa08SFWlmFtGiqWioZw.roa
Signing time: Sun 01 Jan 2023 22:54:47 +0000
ROA not before: Sun 01 Jan 2023 22:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202614
IP address blocks: 193.238.45.0/24 maxlen: 24
193.238.47.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:8b:72:f2:b6:29:ce:f5:e7:4b:21:c1:aa:17:f3:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b85213df97329556d608b150f03c4ee75fbd98c1
Validity
Not Before: Jan 1 22:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4078b6253a9519ad3c4855a5985b468aa5a2a19c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:fe:89:41:97:65:8c:58:0e:9e:b3:2f:19:d5:
a5:c6:ed:f8:9b:91:6e:fd:cc:c2:52:b9:cc:35:10:
0d:79:01:20:9e:d9:16:e6:25:4c:55:f6:6d:06:4d:
ca:62:3b:2c:73:59:86:35:c9:e0:84:b7:f6:47:85:
c8:1f:e4:ea:ef:fe:68:57:8c:76:ce:f0:dd:ea:7b:
6b:bd:96:26:70:80:f6:d9:7c:97:47:b5:a3:aa:b7:
0f:42:0d:51:1a:70:ea:0c:af:ff:92:42:57:f9:a7:
e1:61:a5:f5:ec:7e:40:4f:7f:1d:35:8f:da:88:ed:
a7:b7:5a:bb:c4:83:67:2c:d8:37:3f:ee:c1:8a:16:
fd:aa:5f:e4:64:e4:5c:c1:7e:94:eb:75:28:fc:3f:
ab:de:b7:41:32:0d:b0:8e:9c:4c:4f:65:29:5c:38:
67:3e:60:18:15:8e:64:d5:bd:f5:cd:e4:ca:91:4a:
7c:b8:20:b2:bc:9b:d9:be:dd:60:57:96:4c:83:c4:
9a:18:a2:b7:4a:ab:46:2e:b1:c8:3c:85:18:15:20:
87:b0:de:72:8a:05:c1:31:f3:8e:24:c7:43:fc:95:
eb:0a:8d:62:7d:8e:1b:23:d3:a2:07:65:65:96:45:
ef:8d:6c:73:4e:4d:17:b3:8c:9f:bd:37:66:54:2a:
ad:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:78:B6:25:3A:95:19:AD:3C:48:55:A5:98:5B:46:8A:A5:A2:A1:9C
X509v3 Authority Key Identifier:
keyid:B8:52:13:DF:97:32:95:56:D6:08:B1:50:F0:3C:4E:E7:5F:BD:98:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uFIT35cylVbWCLFQ8DxO51-9mME.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/dd8098-7fe0-422f-92e9-1fb1e9c86b53/1/QHi2JTqVGa08SFWlmFtGiqWioZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/dd8098-7fe0-422f-92e9-1fb1e9c86b53/1/uFIT35cylVbWCLFQ8DxO51-9mME.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.238.45.0/24
193.238.47.0/24
Signature Algorithm: sha256WithRSAEncryption
70:a1:90:09:44:6d:bc:5c:1f:ea:95:f5:66:e2:f7:b2:e7:c9:
f5:b4:e9:e5:f8:44:8f:fc:ed:62:f8:34:25:30:54:ad:9a:34:
82:10:ef:ae:0e:8e:cd:9d:e9:38:50:d8:fc:56:9a:e4:cf:e3:
d9:87:68:6c:e7:e1:07:db:c0:a2:b0:1c:74:dd:d7:54:9f:cb:
f6:73:4f:c0:13:b6:29:9b:bd:d3:51:d0:f8:00:fb:cc:4f:f2:
79:55:2a:97:76:01:29:9e:a1:1d:f4:1d:09:82:ed:f1:63:28:
26:8b:1a:06:9a:69:c9:49:27:a2:81:d2:e5:3b:86:45:c3:b1:
ce:63:fa:ec:2b:44:13:8c:aa:58:4b:f6:8a:a6:d9:d3:c3:7c:
71:98:2a:20:4f:25:6f:82:8c:7c:68:84:91:c1:eb:81:e5:e1:
b2:17:2a:7e:a2:a1:28:37:92:1b:0c:66:68:6a:3e:4c:e3:23:
8b:16:4f:f1:40:a0:b2:ed:18:a0:06:3c:5e:87:30:3c:74:2d:
83:76:fd:39:4c:6d:0b:40:84:c7:d1:30:ae:81:4f:af:0b:2b:
da:95:58:b0:f0:fa:87:58:04:29:4d:44:4e:3b:50:f9:8f:23:
22:ec:a4:1e:a1:1d:1f:b4:73:5b:4e:a4:6c:75:fd:c0:5e:ef:
f7:86:cf:d3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvi3LytinO9edLIcGqF/P+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4NTIxM2RmOTczMjk1NTZkNjA4YjE1MGYwM2M0ZWU3NWZi
ZDk4YzEwHhcNMjMwMTAxMjI1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDc4YjYyNTNhOTUxOWFkM2M0ODU1YTU5ODViNDY4YWE1YTJhMTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyf6JQZdljFgOnrMvGdWlxu34m5Fu
/czCUrnMNRANeQEgntkW5iVMVfZtBk3KYjssc1mGNcnghLf2R4XIH+Tq7/5oV4x2
zvDd6ntrvZYmcID22XyXR7WjqrcPQg1RGnDqDK//kkJX+afhYaX17H5AT38dNY/a
iO2nt1q7xINnLNg3P+7Bihb9ql/kZORcwX6U63Uo/D+r3rdBMg2wjpxMT2UpXDhn
PmAYFY5k1b31zeTKkUp8uCCyvJvZvt1gV5ZMg8SaGKK3SqtGLrHIPIUYFSCHsN5y
igXBMfOOJMdD/JXrCo1ifY4bI9OiB2VllkXvjWxzTk0Xs4yfvTdmVCqtdQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEB4tiU6lRmtPEhVpZhbRoqloqGcMB8GA1UdIwQY
MBaAFLhSE9+XMpVW1gixUPA8TudfvZjBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUZJVDM1Y3lsVmJXQ0xGUThEeE81MS05bU1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9kZDgwOTgtN2ZlMC00MjJmLTkyZTkt
MWZiMWU5Yzg2YjUzLzEvUUhpMkpUcVZHYTA4U0ZXbG1GdEdpcVdpb1p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9kZDgwOTgtN2ZlMC00MjJmLTkyZTktMWZiMWU5Yzg2YjUz
LzEvdUZJVDM1Y3lsVmJXQ0xGUThEeE81MS05bU1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwe4tAwQA
we4vMA0GCSqGSIb3DQEBCwUAA4IBAQBwoZAJRG28XB/qlfVm4vey58n1tOnl+ESP
/O1i+DQlMFStmjSCEO+uDo7Nnek4UNj8Vprkz+PZh2hs5+EH28CisBx03ddUn8v2
c0/AE7Ypm73TUdD4APvMT/J5VSqXdgEpnqEd9B0Jgu3xYygmixoGmmnJSSeigdLl
O4ZFw7HOY/rsK0QTjKpYS/aKptnTw3xxmCogTyVvgox8aISRweuB5eGyFyp+oqEo
N5IbDGZoaj5M4yOLFk/xQKCy7RigBjxehzA8dC2Ddv05TG0LQITH0TCugU+vCyva
lViw8PqHWAQpTUROO1D5jyMi7KQeoR0ftHNbTqRsdf3AXu/3hs/T
-----END CERTIFICATE-----
Generated at Mon Apr 21 23:03:19 2025 by rpki-client