Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/qHdBkffMaqfBukxmi4l5-qxq50o.roa
File: qHdBkffMaqfBukxmi4l5-qxq50o.roa (raw, json)
Hash identifier: XvVNp9foAumBxKRZswJVmwMY+xNwNJq6LSheSHl64lU=
Subject key identifier: A8:77:41:91:F7:CC:6A:A7:C1:BA:4C:66:8B:89:79:FA:AC:6A:E7:4A
Certificate issuer: /CN=25bbed0bff7ffeab67f302b411a00701854a6c30
Certificate serial: 0189DA97096DF8B39D6379BF76912D3CDF8C
Authority key identifier: 25:BB:ED:0B:FF:7F:FE:AB:67:F3:02:B4:11:A0:07:01:85:4A:6C:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JbvtC_9__qtn8wK0EaAHAYVKbDA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/qHdBkffMaqfBukxmi4l5-qxq50o.roa
Signing time: Wed 09 Aug 2023 13:57:58 +0000
ROA not before: Wed 09 Aug 2023 13:57:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.189.246.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:da:97:09:6d:f8:b3:9d:63:79:bf:76:91:2d:3c:df:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25bbed0bff7ffeab67f302b411a00701854a6c30
Validity
Not Before: Aug 9 13:57:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a8774191f7cc6aa7c1ba4c668b8979faac6ae74a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:87:4d:99:93:22:c3:7d:8c:f6:28:e1:cb:e5:
b4:dd:27:5e:2e:68:f8:5b:17:e7:b2:30:40:aa:dd:
79:5c:e4:5c:b1:30:96:66:1c:fe:5b:33:1f:51:80:
e7:85:82:a8:a1:16:3e:40:5b:9c:e5:c0:a8:a3:b8:
d1:9a:c8:23:81:40:69:f9:9f:35:9e:d3:b4:61:8b:
05:19:49:e4:41:38:f9:7a:0e:63:95:3c:77:b3:0c:
aa:13:25:84:ce:d1:99:2e:bb:cb:f2:c4:50:a1:6b:
bd:f9:44:43:54:90:f7:07:ac:78:39:e6:03:f7:bc:
0e:3d:21:55:fc:21:ce:ca:78:04:06:35:8a:51:33:
ea:53:f7:bc:48:49:14:14:32:41:72:4f:0a:87:02:
e1:34:b5:8e:49:8a:e1:ca:08:f3:1a:7a:79:f1:dd:
4b:c7:70:19:4e:72:00:ff:55:a7:bb:87:ab:ae:96:
fb:63:a9:b0:55:b8:9d:ac:36:c0:0f:f5:dd:6d:16:
ed:88:41:76:c8:f3:39:9f:a3:be:4c:3e:da:34:86:
a0:a6:f2:b4:0f:35:68:6d:fc:56:27:2c:b7:a3:c7:
ca:4b:33:bf:fe:74:b4:66:4d:26:ec:94:0a:15:6b:
e8:8b:26:5f:35:34:f7:47:3d:8d:10:1f:72:d8:ff:
27:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:77:41:91:F7:CC:6A:A7:C1:BA:4C:66:8B:89:79:FA:AC:6A:E7:4A
X509v3 Authority Key Identifier:
keyid:25:BB:ED:0B:FF:7F:FE:AB:67:F3:02:B4:11:A0:07:01:85:4A:6C:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JbvtC_9__qtn8wK0EaAHAYVKbDA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/qHdBkffMaqfBukxmi4l5-qxq50o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/JbvtC_9__qtn8wK0EaAHAYVKbDA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.189.246.0/23
Signature Algorithm: sha256WithRSAEncryption
6a:30:f9:fb:54:96:16:24:21:0e:4b:b7:d3:cb:ce:30:0e:86:
e7:be:6c:c4:fb:3f:1e:f2:4b:66:e2:43:6a:77:33:9f:5a:23:
ab:e5:40:e4:da:ed:e3:7f:1c:5d:38:4d:f7:60:90:38:22:03:
8c:55:6f:e0:c7:e8:60:4d:66:30:fa:c1:c7:5f:6e:dc:71:b7:
6f:69:eb:4a:74:d0:8f:98:18:ce:45:04:e9:01:28:ee:11:da:
8e:0a:be:d9:05:1c:47:17:79:ff:53:e1:61:fa:65:6b:66:a7:
cb:44:20:34:d5:01:91:27:a4:9f:72:18:1a:44:e6:d1:dd:ea:
9c:f4:02:c1:9d:15:8e:8e:c4:62:36:0f:06:b0:58:eb:3d:f7:
df:7e:05:c1:ae:98:ae:d1:a4:9c:45:c5:63:a5:83:3e:4a:dd:
87:1d:1d:f8:ef:3a:a0:4c:e7:53:f2:fb:20:0d:ee:41:be:7f:
6c:fa:17:31:3f:f5:3d:a9:32:f9:2e:53:73:85:15:fd:b4:bb:
0c:56:41:66:a0:f1:31:5f:64:f9:a1:22:06:85:53:35:17:54:
8d:e6:28:cb:07:21:4e:cd:62:f5:df:cf:ea:80:3d:1e:6c:28:
06:dd:4b:ff:3d:3d:74:07:de:fe:3a:90:f2:ac:a9:a6:a1:15:
39:85:91:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnalwlt+LOdY3m/dpEtPN+MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1YmJlZDBiZmY3ZmZlYWI2N2YzMDJiNDExYTAwNzAxODU0
YTZjMzAwHhcNMjMwODA5MTM1NzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODc3NDE5MWY3Y2M2YWE3YzFiYTRjNjY4Yjg5NzlmYWFjNmFlNzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApodNmZMiw32M9ijhy+W03SdeLmj4
WxfnsjBAqt15XORcsTCWZhz+WzMfUYDnhYKooRY+QFuc5cCoo7jRmsgjgUBp+Z81
ntO0YYsFGUnkQTj5eg5jlTx3swyqEyWEztGZLrvL8sRQoWu9+URDVJD3B6x4OeYD
97wOPSFV/CHOyngEBjWKUTPqU/e8SEkUFDJBck8KhwLhNLWOSYrhygjzGnp58d1L
x3AZTnIA/1Wnu4errpb7Y6mwVbidrDbAD/XdbRbtiEF2yPM5n6O+TD7aNIagpvK0
DzVobfxWJyy3o8fKSzO//nS0Zk0m7JQKFWvoiyZfNTT3Rz2NEB9y2P8nOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKh3QZH3zGqnwbpMZouJefqsaudKMB8GA1UdIwQY
MBaAFCW77Qv/f/6rZ/MCtBGgBwGFSmwwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmJ2dENfOV9fcXRuOHdLMEVhQUhBWVZLYkRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8zYjlhZmYtZjAwZC00MTg3LWFmOTQt
NTcxN2I0NTQ0MjM3LzEvcUhkQmtmZk1hcWZCdWt4bWk0bDUtcXhxNTBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8zYjlhZmYtZjAwZC00MTg3LWFmOTQtNTcxN2I0NTQ0MjM3
LzEvSmJ2dENfOV9fcXRuOHdLMEVhQUhBWVZLYkRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBub32MA0G
CSqGSIb3DQEBCwUAA4IBAQBqMPn7VJYWJCEOS7fTy84wDobnvmzE+z8e8ktm4kNq
dzOfWiOr5UDk2u3jfxxdOE33YJA4IgOMVW/gx+hgTWYw+sHHX27ccbdvaetKdNCP
mBjORQTpASjuEdqOCr7ZBRxHF3n/U+Fh+mVrZqfLRCA01QGRJ6SfchgaRObR3eqc
9ALBnRWOjsRiNg8GsFjrPffffgXBrpiu0aScRcVjpYM+St2HHR347zqgTOdT8vsg
De5Bvn9s+hcxP/U9qTL5LlNzhRX9tLsMVkFmoPExX2T5oSIGhVM1F1SN5ijLByFO
zWL138/qgD0ebCgG3Uv/PT10B97+OpDyrKmmoRU5hZEF
-----END CERTIFICATE-----
Generated at Sun Apr 13 10:17:51 2025 by rpki-client