Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/hQFpousAgRUvvL3je5UCgYd6O5o.roa
File: hQFpousAgRUvvL3je5UCgYd6O5o.roa (raw, json)
Hash identifier: ahWMQBJKnrZtFW7XPlDFnsAdN73debqPszq2ekuvOgw=
Subject key identifier: 85:01:69:A2:EB:00:81:15:2F:BC:BD:E3:7B:95:02:81:87:7A:3B:9A
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0871B6E1
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/hQFpousAgRUvvL3je5UCgYd6O5o.roa
Signing time: Sat 01 Jan 2022 04:02:27 +0000
ROA not before: Sat 01 Jan 2022 04:02:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6850
IP address blocks: 212.109.173.0/24 maxlen: 24
212.109.174.0/24 maxlen: 24
212.109.169.0/24 maxlen: 24
212.109.170.0/24 maxlen: 24
212.109.171.0/24 maxlen: 24
212.109.172.0/24 maxlen: 24
212.109.168.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 141670113 (0x871b6e1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Jan 1 04:02:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=850169a2eb0081152fbcbde37b950281877a3b9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:35:04:50:72:9d:eb:f5:09:65:cb:d5:3e:ea:
95:6e:d3:31:2b:5d:a7:72:e4:c4:9d:d4:e8:88:15:
6f:21:cb:ef:c2:72:8b:53:2d:66:35:3a:14:7a:aa:
0f:ee:91:d1:a2:db:46:e3:23:7f:39:ce:b6:23:c7:
43:27:02:ab:a6:25:14:e5:3b:fd:72:02:18:0b:23:
49:98:1f:6c:00:30:9b:29:ef:52:3f:2e:40:77:ab:
bb:78:62:9e:84:f6:4d:46:bb:cb:48:fa:68:ca:7d:
d8:27:2a:22:82:28:e7:ac:ce:3e:2d:20:9b:90:f6:
32:19:72:e3:87:72:23:4a:36:f6:0d:8e:77:38:ad:
94:1b:4d:d7:79:47:09:f5:8c:d1:d3:76:0b:fa:c9:
49:e1:c5:46:73:b1:33:c6:bb:ec:ae:ba:5a:c6:f4:
24:81:8d:51:5b:27:e1:67:fc:8b:9b:35:56:2d:99:
bf:6f:6e:52:0b:dd:3c:16:50:ba:02:8b:dc:ac:8e:
e4:d4:15:04:24:ec:b8:f7:0c:a8:56:89:ac:df:3b:
55:46:6d:b8:94:a9:81:95:f7:39:29:9f:5b:a4:48:
12:60:2e:a4:11:58:fd:6d:a6:c1:01:70:5b:44:6a:
b4:17:54:dd:03:36:11:33:fd:33:88:80:05:cc:a0:
ae:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:01:69:A2:EB:00:81:15:2F:BC:BD:E3:7B:95:02:81:87:7A:3B:9A
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/hQFpousAgRUvvL3je5UCgYd6O5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.109.168.0-212.109.174.255
Signature Algorithm: sha256WithRSAEncryption
99:54:0c:1d:ed:26:e6:e4:71:ca:4a:c7:f7:ca:b1:59:f1:4e:
1e:69:0b:91:9e:fc:b4:0d:fd:95:e5:39:62:b6:95:93:e1:86:
11:c8:36:bc:93:a6:ee:ea:0d:48:96:35:20:1a:0d:55:2d:eb:
94:62:72:2c:34:29:91:9b:45:2c:e9:65:46:c9:4c:26:36:66:
70:35:e2:c2:a2:d2:86:7e:79:26:2d:e3:6f:62:26:3b:7a:06:
60:ee:d7:26:1b:2a:10:6d:bd:fc:d0:bd:2c:c0:79:14:fe:4f:
2a:a8:08:9d:da:d7:06:37:08:47:71:31:a4:13:9b:9d:b9:50:
c0:fb:87:f4:5a:19:60:42:90:91:60:10:c9:38:f3:6b:56:0a:
de:49:94:47:d0:3f:0f:41:9e:a3:a5:d9:d8:57:a7:7d:1d:2f:
c2:a3:b8:e6:f7:5b:1f:c1:c1:83:7a:47:70:af:d9:e1:82:4e:
6c:07:3e:a7:43:e0:06:b1:58:10:d8:b6:64:fa:42:bd:e7:22:
8f:8d:f9:aa:98:e7:44:c5:8c:d2:f2:ee:5f:f4:c1:80:b7:99:
d8:af:d3:7e:e3:94:d8:e9:77:d9:63:b7:9e:1a:ae:d9:7f:43:
0c:d8:97:34:21:a6:a7:bf:f0:90:f0:eb:16:a4:48:9e:08:13:
84:98:07:d2
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIECHG24TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MmQ3YzJhMTA3MmQ3MzUwN2FkYmY2NTA3ZGU2OGFhYWMwMTc4NWMwMB4XDTIyMDEw
MTA0MDIyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODUwMTY5YTJlYjAw
ODExNTJmYmNiZGUzN2I5NTAyODE4NzdhM2I5YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ01BFBynev1CWXL1T7qlW7TMStdp3LkxJ3U6IgVbyHL78Jy
i1MtZjU6FHqqD+6R0aLbRuMjfznOtiPHQycCq6YlFOU7/XICGAsjSZgfbAAwmynv
Uj8uQHeru3hinoT2TUa7y0j6aMp92CcqIoIo56zOPi0gm5D2Mhly44dyI0o29g2O
dzitlBtN13lHCfWM0dN2C/rJSeHFRnOxM8a77K66Wsb0JIGNUVsn4Wf8i5s1Vi2Z
v29uUgvdPBZQugKL3KyO5NQVBCTsuPcMqFaJrN87VUZtuJSpgZX3OSmfW6RIEmAu
pBFY/W2mwQFwW0RqtBdU3QM2ETP9M4iABcygrgsCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBSFAWmi6wCBFS+8veN7lQKBh3o7mjAfBgNVHSMEGDAWgBSS18KhBy1zUHrb
9lB95oqqwBeFwDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2t0ZkNvUWN0YzFCNjJfWlFmZWFLcXNBWGhjQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzcvOWNmZjdjLWYwNWEtNGUwMi1iZWE3LTg5ZTU2YzgwZDFkMC8x
L2hRRnBvdXNBZ1JVdnZMM2plNVVDZ1lkNk81by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzcv
OWNmZjdjLWYwNWEtNGUwMi1iZWE3LTg5ZTU2YzgwZDFkMC8xL2t0ZkNvUWN0YzFC
NjJfWlFmZWFLcXNBWGhjQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQD1G2oAwQA1G2uMA0GCSqGSIb3
DQEBCwUAA4IBAQCZVAwd7Sbm5HHKSsf3yrFZ8U4eaQuRnvy0Df2V5TlitpWT4YYR
yDa8k6bu6g1IljUgGg1VLeuUYnIsNCmRm0Us6WVGyUwmNmZwNeLCotKGfnkmLeNv
YiY7egZg7tcmGyoQbb380L0swHkU/k8qqAid2tcGNwhHcTGkE5uduVDA+4f0Whlg
QpCRYBDJOPNrVgreSZRH0D8PQZ6jpdnYV6d9HS/Co7jm91sfwcGDekdwr9nhgk5s
Bz6nQ+AGsVgQ2LZk+kK95yKPjfmqmOdExYzS8u5f9MGAt5nYr9N+45TY6XfZY7ee
Gq7Zf0MM2Jc0Iaanv/CQ8OsWpEieCBOEmAfS
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:42:06 2025 by rpki-client