Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/qQafKL9OlfVWshO_KcUe9LvctC8.roa
File: qQafKL9OlfVWshO_KcUe9LvctC8.roa (raw, json)
Hash identifier: ur7sFPENRmoiOjw7S2bDqQ69wRSTjGZ5TFyrL2l+Res=
Subject key identifier: A9:06:9F:28:BF:4E:95:F5:56:B2:13:BF:29:C5:1E:F4:BB:DC:B4:2F
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0872EE71
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/qQafKL9OlfVWshO_KcUe9LvctC8.roa
Signing time: Sat 01 Jan 2022 04:02:28 +0000
ROA not before: Sat 01 Jan 2022 04:02:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12396
IP address blocks: 212.109.175.0/24 maxlen: 24
195.191.18.0/23 maxlen: 24
195.49.192.0/21 maxlen: 21
194.247.168.0/23 maxlen: 23
91.219.124.0/22 maxlen: 22
195.8.34.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 141749873 (0x872ee71)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Jan 1 04:02:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a9069f28bf4e95f556b213bf29c51ef4bbdcb42f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:f4:1a:6b:7e:80:3a:c0:b2:34:c9:84:5d:3c:
78:79:d4:24:0b:56:7a:69:fe:84:e9:f5:9a:87:1f:
9e:9c:7d:ec:ad:b8:10:c2:b1:b6:b7:0d:5b:42:5e:
e8:69:43:d3:ec:19:eb:84:89:6e:46:2a:1c:27:35:
02:dc:4d:83:6e:ee:b6:55:a5:c4:12:aa:2c:b2:57:
97:24:ac:50:49:7b:9d:82:f3:12:4f:ff:05:15:77:
80:09:6c:40:15:6f:f3:3e:6a:99:37:cb:8a:ba:90:
40:6e:76:28:b6:ec:97:45:b7:91:25:f6:c0:db:b8:
14:c0:0d:66:26:53:24:7f:35:29:9b:cd:94:05:5b:
e7:7f:07:9d:3e:fa:08:58:3a:77:4b:8b:f9:e8:a4:
b3:8b:a6:b4:b4:f7:ea:e9:59:40:c9:6d:1a:ac:a3:
d6:4f:03:c6:c8:db:d4:db:a7:e5:0d:a5:bf:bd:06:
10:4d:01:9e:ee:76:d7:83:c3:d6:d3:74:63:22:bf:
0f:17:96:5f:48:78:77:42:40:5a:d5:98:b6:8e:a2:
8f:0e:09:f6:09:18:5e:7d:ab:94:a4:83:f0:02:65:
6d:80:80:74:36:f9:27:c0:35:53:98:ec:98:47:f6:
34:29:ef:93:0e:e4:37:b4:3b:cc:23:4f:4c:5f:95:
ab:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:06:9F:28:BF:4E:95:F5:56:B2:13:BF:29:C5:1E:F4:BB:DC:B4:2F
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/qQafKL9OlfVWshO_KcUe9LvctC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.219.124.0/22
194.247.168.0/23
195.8.34.0/23
195.49.192.0/21
195.191.18.0/23
212.109.175.0/24
Signature Algorithm: sha256WithRSAEncryption
68:6e:fb:97:f2:46:2d:67:73:63:c4:00:0a:30:15:d9:d3:0f:
f5:a1:66:9b:e5:2e:e1:fc:67:ad:25:3c:6c:49:01:b4:39:12:
29:de:72:13:49:77:11:2b:aa:31:96:6c:56:40:24:b0:05:69:
3a:cd:f6:67:39:66:32:92:31:53:88:6b:f5:d6:ff:41:0a:a9:
c5:13:dc:61:8e:7d:03:2d:5f:e6:02:fd:06:3d:72:6a:30:c3:
21:e6:bc:ef:72:ef:ec:4a:b4:f2:07:d9:51:a7:57:dd:f7:75:
cc:22:f4:59:0a:21:9f:9f:96:5d:41:51:4b:96:0c:02:4f:6c:
2f:d7:00:4b:25:51:5e:5e:a7:5a:1a:46:00:01:9f:bc:df:1d:
c0:b3:03:2d:1a:46:57:69:82:2c:cf:7e:71:6f:9a:ea:78:9f:
49:26:5e:05:9b:3b:20:7e:66:be:7d:8a:c3:d0:f4:b8:a3:de:
9d:9f:0e:bf:ae:ba:71:ab:9c:75:84:11:7d:dd:32:56:58:59:
6d:f0:37:e3:d0:a4:56:e7:70:3b:5b:91:33:3d:f0:d6:dd:50:
eb:92:24:ec:53:17:19:6a:fd:97:6d:b7:90:9a:b4:51:e5:5c:
fc:fb:e7:02:d0:53:a9:3b:e9:53:74:f2:b3:be:c4:0d:0d:59:
a1:60:85:40
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIECHLucTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MmQ3YzJhMTA3MmQ3MzUwN2FkYmY2NTA3ZGU2OGFhYWMwMTc4NWMwMB4XDTIyMDEw
MTA0MDIyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTkwNjlmMjhiZjRl
OTVmNTU2YjIxM2JmMjljNTFlZjRiYmRjYjQyZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ30Gmt+gDrAsjTJhF08eHnUJAtWemn+hOn1mocfnpx97K24
EMKxtrcNW0Je6GlD0+wZ64SJbkYqHCc1AtxNg27utlWlxBKqLLJXlySsUEl7nYLz
Ek//BRV3gAlsQBVv8z5qmTfLirqQQG52KLbsl0W3kSX2wNu4FMANZiZTJH81KZvN
lAVb538HnT76CFg6d0uL+eiks4umtLT36ulZQMltGqyj1k8Dxsjb1Nun5Q2lv70G
EE0Bnu5214PD1tN0YyK/DxeWX0h4d0JAWtWYto6ijw4J9gkYXn2rlKSD8AJlbYCA
dDb5J8A1U5jsmEf2NCnvkw7kN7Q7zCNPTF+Vq6sCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBSpBp8ov06V9VayE78pxR70u9y0LzAfBgNVHSMEGDAWgBSS18KhBy1zUHrb
9lB95oqqwBeFwDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2t0ZkNvUWN0YzFCNjJfWlFmZWFLcXNBWGhjQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzcvOWNmZjdjLWYwNWEtNGUwMi1iZWE3LTg5ZTU2YzgwZDFkMC8x
L3FRYWZLTDlPbGZWV3NoT19LY1VlOUx2Y3RDOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzcv
OWNmZjdjLWYwNWEtNGUwMi1iZWE3LTg5ZTU2YzgwZDFkMC8xL2t0ZkNvUWN0YzFC
NjJfWlFmZWFLcXNBWGhjQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAlvbfAMEAcL3qAMEAcMIIgMEA8Mx
wAMEAcO/EgMEANRtrzANBgkqhkiG9w0BAQsFAAOCAQEAaG77l/JGLWdzY8QACjAV
2dMP9aFmm+Uu4fxnrSU8bEkBtDkSKd5yE0l3ESuqMZZsVkAksAVpOs32ZzlmMpIx
U4hr9db/QQqpxRPcYY59Ay1f5gL9Bj1yajDDIea873Lv7Eq08gfZUadX3fd1zCL0
WQohn5+WXUFRS5YMAk9sL9cASyVRXl6nWhpGAAGfvN8dwLMDLRpGV2mCLM9+cW+a
6nifSSZeBZs7IH5mvn2Kw9D0uKPenZ8Ov666caucdYQRfd0yVlhZbfA349CkVudw
O1uRMz3w1t1Q65Ik7FMXGWr9l223kJq0UeVc/PvnAtBTqTvpU3Tys77EDQ1ZoWCF
QA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:29:38 2025 by rpki-client