Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/qkGfyPl6W-iyq9j-odx0iv93_po.roa
File: qkGfyPl6W-iyq9j-odx0iv93_po.roa (raw, json)
Hash identifier: jSyru3icY1UsawMTwCVCJhAcdDCkhWoVjp5qxE5dM5o=
Subject key identifier: AA:41:9F:C8:F9:7A:5B:E8:B2:AB:D8:FE:A1:DC:74:8A:FF:77:FE:9A
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018505AE400E423F61C25FE069B91C8319E4
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/qkGfyPl6W-iyq9j-odx0iv93_po.roa
Signing time: Mon 12 Dec 2022 09:33:03 +0000
ROA not before: Mon 12 Dec 2022 09:33:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42891
IP address blocks: 193.201.228.0/22 maxlen: 24
188.162.0.0/16 maxlen: 24
195.16.96.0/19 maxlen: 24
195.5.128.0/19 maxlen: 24
91.193.212.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:05:ae:40:0e:42:3f:61:c2:5f:e0:69:b9:1c:83:19:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 12 09:33:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aa419fc8f97a5be8b2abd8fea1dc748aff77fe9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:f6:6a:0a:d7:8e:9e:95:f3:59:15:b6:4f:bf:
a4:50:09:13:e4:cb:00:e7:81:2b:3b:44:ae:a4:fd:
66:4f:cb:c6:7c:10:80:f8:f9:6d:dd:b0:5d:72:c0:
e8:e3:11:9d:4c:78:2e:4d:eb:14:d4:df:06:88:6f:
91:a1:01:e2:7e:44:70:47:c7:8d:c0:e6:dc:8b:11:
0e:2f:43:41:ef:0c:b9:04:1c:77:d4:62:32:08:f0:
51:8c:c1:b4:14:25:c0:16:b4:02:78:f0:29:49:0c:
a0:e2:b9:45:4b:23:9c:5f:01:e9:ca:82:41:e2:f8:
68:c8:11:32:3c:e4:81:16:95:e3:4a:2e:1d:ae:24:
bd:26:15:5a:a9:3e:dc:87:39:93:d2:73:2d:36:9f:
6d:9f:7b:fa:9f:96:72:de:60:86:2b:54:0d:37:37:
ff:c4:90:ad:43:af:1d:ce:a8:3b:fa:b9:b4:28:6e:
be:71:ff:c5:49:85:b6:4d:73:f9:64:71:d9:71:73:
c1:49:ae:17:7a:7a:af:8b:f0:60:ab:0c:de:6f:cc:
75:b7:25:b5:dd:41:31:9a:4b:13:c7:86:b7:2c:54:
51:ff:84:ed:dc:a3:b9:49:fb:e9:03:df:de:d8:49:
0a:14:42:cf:13:e2:e8:95:db:20:ca:1d:d5:19:08:
1d:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:41:9F:C8:F9:7A:5B:E8:B2:AB:D8:FE:A1:DC:74:8A:FF:77:FE:9A
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/qkGfyPl6W-iyq9j-odx0iv93_po.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.212.0/22
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
Signature Algorithm: sha256WithRSAEncryption
52:e7:81:b8:8d:41:71:c6:c9:da:1b:c9:2a:fc:b7:8a:6b:09:
9b:ae:09:35:c5:3e:f2:dc:43:b1:02:13:54:50:3c:42:7a:12:
d0:34:29:d9:7b:e3:7c:86:8e:08:d3:b5:7b:1d:3a:72:9f:4e:
6a:fa:12:d0:7b:bd:66:59:bc:34:cd:26:e3:0a:da:55:55:69:
6b:6a:e5:fb:8e:31:5c:97:c1:63:a4:6b:64:71:c5:07:50:2a:
23:08:3b:48:ff:c0:f4:53:83:91:58:b1:64:9f:16:dd:3e:67:
8b:3b:3f:78:2b:77:7a:5c:6d:53:cb:9e:da:66:d1:67:f8:1e:
f3:86:3f:ab:f5:1c:ad:99:c0:a9:ac:38:e5:1f:9a:f0:ee:a7:
2a:52:80:9a:ed:1f:e2:6d:65:e0:88:66:0c:2e:8f:50:f3:6b:
85:44:aa:eb:4f:21:88:af:18:c9:ac:88:1d:97:ba:39:15:92:
f2:59:df:df:54:5d:c3:a1:8d:2b:0f:96:ff:a3:8c:c5:0e:47:
d0:99:80:6a:05:b6:4d:c3:ca:b9:95:77:f9:4e:50:66:5a:a6:
2f:44:23:08:0a:e2:f0:c7:8f:28:66:de:2f:4c:75:40:93:5a:
81:9c:43:47:35:e9:d6:69:da:d7:e7:fd:0f:36:80:8c:ce:7a:
74:fb:00:95
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYUFrkAOQj9hwl/gabkcgxnkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjEyMDkzMzAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTQxOWZjOGY5N2E1YmU4YjJhYmQ4ZmVhMWRjNzQ4YWZmNzdmZTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkPZqCteOnpXzWRW2T7+kUAkT5MsA
54ErO0SupP1mT8vGfBCA+Plt3bBdcsDo4xGdTHguTesU1N8GiG+RoQHifkRwR8eN
wObcixEOL0NB7wy5BBx31GIyCPBRjMG0FCXAFrQCePApSQyg4rlFSyOcXwHpyoJB
4vhoyBEyPOSBFpXjSi4driS9JhVaqT7chzmT0nMtNp9tn3v6n5Zy3mCGK1QNNzf/
xJCtQ68dzqg7+rm0KG6+cf/FSYW2TXP5ZHHZcXPBSa4Xenqvi/Bgqwzeb8x1tyW1
3UExmksTx4a3LFRR/4Tt3KO5SfvpA9/e2EkKFELPE+Loldsgyh3VGQgdpwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFKpBn8j5elvosqvY/qHcdIr/d/6aMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvcWtHZnlQbDZXLWl5cTlqLW9keDBpdjkzX3BvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAATAdAwQCW8HUAwMA
vKIDBALByeQDBAXDBYADBAXDEGAwDQYJKoZIhvcNAQELBQADggEBAFLngbiNQXHG
ydobySr8t4prCZuuCTXFPvLcQ7ECE1RQPEJ6EtA0Kdl743yGjgjTtXsdOnKfTmr6
EtB7vWZZvDTNJuMK2lVVaWtq5fuOMVyXwWOka2RxxQdQKiMIO0j/wPRTg5FYsWSf
Ft0+Z4s7P3grd3pcbVPLntpm0Wf4HvOGP6v1HK2ZwKmsOOUfmvDupypSgJrtH+Jt
ZeCIZgwuj1Dza4VEqutPIYivGMmsiB2XujkVkvJZ399UXcOhjSsPlv+jjMUOR9CZ
gGoFtk3DyrmVd/lOUGZapi9EIwgK4vDHjyhm3i9MdUCTWoGcQ0c16dZp2tfn/Q82
gIzOenT7AJU=
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:53:45 2025 by rpki-client