Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/Ede5-QqVSun71QVwGMxHuGNWdl8.roa
File: Ede5-QqVSun71QVwGMxHuGNWdl8.roa (raw, json)
Hash identifier: o6asWOrtXH4gm5dcbDE4t56ZLQauFF1rL0MgDbZC2aY=
Subject key identifier: 11:D7:B9:F9:0A:95:4A:E9:FB:D5:05:70:18:CC:47:B8:63:56:76:5F
Certificate issuer: /CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Certificate serial: 01855E08EE83C1C40CA0F46E058B79A1E2E9
Authority key identifier: 41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/Ede5-QqVSun71QVwGMxHuGNWdl8.roa
Signing time: Thu 29 Dec 2022 13:18:41 +0000
ROA not before: Thu 29 Dec 2022 13:18:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57237
IP address blocks: 194.12.235.0/24 maxlen: 24
194.12.236.0/24 maxlen: 24
194.12.243.0/24 maxlen: 24
194.12.252.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:5e:08:ee:83:c1:c4:0c:a0:f4:6e:05:8b:79:a1:e2:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Validity
Not Before: Dec 29 13:18:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=11d7b9f90a954ae9fbd5057018cc47b86356765f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c1:58:b8:f5:10:e6:c5:63:e0:61:1d:d0:44:
1a:c8:19:d2:b7:fa:77:0a:d3:6b:41:13:af:54:b7:
64:a3:33:9e:e1:5e:63:ef:18:23:27:45:97:74:c0:
07:84:be:cf:44:73:63:0e:2d:2a:98:90:42:9a:98:
d5:7e:32:f4:29:b9:8a:d6:8b:bc:89:04:30:6e:7b:
d5:59:70:1b:da:b0:da:83:34:45:91:ad:41:d1:ec:
5f:ee:f4:3d:66:bf:2c:34:41:47:ea:23:fc:3d:bc:
69:d2:c4:30:13:cd:6d:b7:8a:fb:96:dc:0d:a9:a3:
73:3d:54:00:56:68:c8:cd:f0:0b:be:d6:bb:1e:da:
89:f2:af:03:03:78:f0:1f:07:4f:ea:ae:65:a6:f0:
9b:84:1f:f2:16:66:df:fa:00:21:06:1f:cd:d5:38:
79:a6:87:31:4e:bd:16:ae:68:6d:ad:45:b0:83:09:
c2:75:4f:e9:83:ce:36:1f:d9:49:d5:0e:01:b9:88:
42:27:6f:3a:9e:16:bf:85:88:3e:17:05:bd:bb:3d:
d3:91:0c:00:a5:a7:c9:4e:c8:e0:c3:2d:37:fe:e3:
3b:b3:ad:44:1b:e7:58:c5:2b:83:a3:2b:1c:3c:44:
89:70:e1:16:f6:f0:a1:4d:af:9c:94:b2:d5:59:33:
14:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:D7:B9:F9:0A:95:4A:E9:FB:D5:05:70:18:CC:47:B8:63:56:76:5F
X509v3 Authority Key Identifier:
keyid:41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/Ede5-QqVSun71QVwGMxHuGNWdl8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.12.235.0-194.12.236.255
194.12.243.0/24
194.12.252.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:f9:6d:8e:e1:f6:dd:53:9a:41:dd:5b:65:8a:36:b6:ba:8a:
c5:0a:f3:e3:5b:f9:9a:16:84:db:bf:bb:78:7b:59:dd:70:47:
3b:37:10:cb:c3:99:32:89:4a:03:07:a6:32:4b:06:c5:8f:3b:
d6:cf:19:0a:9e:09:2a:56:eb:25:ec:48:40:52:55:b4:b7:87:
68:ac:1e:fa:16:dc:d6:c0:75:34:39:5b:1f:c0:9e:26:2e:89:
9d:f6:02:87:97:75:ac:e8:cd:d6:0a:cb:dd:15:cd:ce:5a:a7:
16:00:01:0a:5c:fe:8f:41:fd:d2:07:b7:c3:f7:61:12:b5:20:
f8:65:09:aa:52:aa:fe:2f:a7:c4:6e:9a:4a:33:fc:59:d5:cc:
35:38:d6:40:24:62:51:00:0e:11:7c:31:05:8e:e8:ed:95:93:
2a:f2:18:a6:01:76:bf:2b:6b:0c:ec:6f:03:a3:1e:ac:fa:85:
52:e4:0f:fd:cf:e7:9a:db:9f:9d:e6:31:3b:3b:3f:ba:d1:57:
60:f8:f8:39:d9:3f:50:b2:71:aa:ed:e1:ac:34:58:6e:32:ef:
c4:b9:84:47:bb:32:8c:49:c5:a3:dd:3c:0e:f3:c0:b1:3c:0c:
96:a6:8f:06:ef:3d:1c:8f:95:fc:35:bd:39:a6:3e:87:8b:50:
d8:f4:b7:1c
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVeCO6DwcQMoPRuBYt5oeLpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMDRhNDA4MjFjNDE3NmNjNDJlMjU1ZWY2YzE3Mjc0NzNj
M2YwMGEwHhcNMjIxMjI5MTMxODQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWQ3YjlmOTBhOTU0YWU5ZmJkNTA1NzAxOGNjNDdiODYzNTY3NjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8FYuPUQ5sVj4GEd0EQayBnSt/p3
CtNrQROvVLdkozOe4V5j7xgjJ0WXdMAHhL7PRHNjDi0qmJBCmpjVfjL0KbmK1ou8
iQQwbnvVWXAb2rDagzRFka1B0exf7vQ9Zr8sNEFH6iP8Pbxp0sQwE81tt4r7ltwN
qaNzPVQAVmjIzfALvta7HtqJ8q8DA3jwHwdP6q5lpvCbhB/yFmbf+gAhBh/N1Th5
pocxTr0WrmhtrUWwgwnCdU/pg842H9lJ1Q4BuYhCJ286nha/hYg+FwW9uz3TkQwA
pafJTsjgwy03/uM7s61EG+dYxSuDoyscPESJcOEW9vChTa+clLLVWTMU8wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFBHXufkKlUrp+9UFcBjMR7hjVnZfMB8GA1UdIwQY
MBaAFEEEpAghxBdsxC4lXvbBcnRzw/AKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMt
YjI3ZDZlMjc4ZTE4LzEvRWRlNS1RcVZTdW43MVFWd0dNeEh1R05XZGw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMtYjI3ZDZlMjc4ZTE4
LzEvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBADCDOsD
BADCDOwDBADCDPMDBADCDPwwDQYJKoZIhvcNAQELBQADggEBAC75bY7h9t1TmkHd
W2WKNra6isUK8+Nb+ZoWhNu/u3h7Wd1wRzs3EMvDmTKJSgMHpjJLBsWPO9bPGQqe
CSpW6yXsSEBSVbS3h2isHvoW3NbAdTQ5Wx/AniYuiZ32AoeXdazozdYKy90Vzc5a
pxYAAQpc/o9B/dIHt8P3YRK1IPhlCapSqv4vp8Rumkoz/FnVzDU41kAkYlEADhF8
MQWO6O2VkyryGKYBdr8rawzsbwOjHqz6hVLkD/3P55rbn53mMTs7P7rRV2D4+DnZ
P1Cycart4aw0WG4y78S5hEe7MoxJxaPdPA7zwLE8DJamjwbvPRyPlfw1vTmmPoeL
UNj0txw=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:41 2025 by rpki-client