Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/cd9b7f-7e57-4f95-ab39-f4d1bcb5c901/1/HQMeR_DTdov1FJSqifAoFk33hFs.roa
File: HQMeR_DTdov1FJSqifAoFk33hFs.roa (raw, json)
Hash identifier: Qen0Yal0lmNnsIm91hOw5EjJzK1dSpHjowfSeOjaNZ4=
Subject key identifier: 1D:03:1E:47:F0:D3:76:8B:F5:14:94:AA:89:F0:28:16:4D:F7:84:5B
Certificate issuer: /CN=7a30a5a2e3324d5e412667f9f296f52af297bb4d
Certificate serial: 018B0101999FC3BC9286351A551BADF0C966
Authority key identifier: 7A:30:A5:A2:E3:32:4D:5E:41:26:67:F9:F2:96:F5:2A:F2:97:BB:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ejClouMyTV5BJmf58pb1KvKXu00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/cd9b7f-7e57-4f95-ab39-f4d1bcb5c901/1/HQMeR_DTdov1FJSqifAoFk33hFs.roa
Signing time: Thu 05 Oct 2023 18:02:43 +0000
ROA not before: Thu 05 Oct 2023 18:02:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201042
IP address blocks: 194.13.142.0/24 maxlen: 24
2a13:4840::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:01:01:99:9f:c3:bc:92:86:35:1a:55:1b:ad:f0:c9:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a30a5a2e3324d5e412667f9f296f52af297bb4d
Validity
Not Before: Oct 5 18:02:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d031e47f0d3768bf51494aa89f028164df7845b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:3e:17:33:76:ce:e4:b8:b9:c3:78:c8:18:4a:
2b:3b:06:e3:e6:ba:43:e9:73:e5:51:ad:b9:18:89:
bd:13:95:5f:a7:25:2e:5a:d4:d7:c0:8b:21:46:ef:
94:69:9f:f6:cf:d2:b5:bb:cb:7a:c4:a8:d5:81:2a:
59:49:a1:49:1c:21:76:16:5e:5c:e7:70:99:d0:21:
01:13:0c:2c:df:f8:d3:89:c0:5c:9d:b3:fa:35:94:
12:8f:50:7f:94:b0:c3:f2:f8:42:91:1c:cb:92:52:
f9:63:5d:f8:6e:e5:09:e2:35:4b:ca:d3:b4:ce:65:
ec:4b:b1:23:16:94:62:01:2f:94:04:fb:63:26:42:
32:04:c1:4c:53:42:15:78:20:4d:5e:46:4d:98:2b:
71:cb:e4:2a:60:1f:34:3b:84:6b:5b:64:f5:1c:42:
2b:02:2b:cd:e8:77:64:cf:35:4a:36:81:bc:91:b5:
6c:38:02:ca:77:96:36:2a:e0:47:75:a8:b3:b4:61:
82:c1:ac:db:7c:d3:6f:d2:9a:52:75:67:d4:7e:00:
7e:22:58:3e:e9:6a:12:78:c2:e4:62:18:68:7d:99:
77:6c:10:75:63:f6:dd:8f:3e:42:0c:a9:d4:0d:e9:
3d:30:dd:66:b2:26:e0:77:25:74:54:e5:1f:40:8a:
32:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:03:1E:47:F0:D3:76:8B:F5:14:94:AA:89:F0:28:16:4D:F7:84:5B
X509v3 Authority Key Identifier:
keyid:7A:30:A5:A2:E3:32:4D:5E:41:26:67:F9:F2:96:F5:2A:F2:97:BB:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ejClouMyTV5BJmf58pb1KvKXu00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/cd9b7f-7e57-4f95-ab39-f4d1bcb5c901/1/HQMeR_DTdov1FJSqifAoFk33hFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/cd9b7f-7e57-4f95-ab39-f4d1bcb5c901/1/ejClouMyTV5BJmf58pb1KvKXu00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.13.142.0/24
IPv6:
2a13:4840::/29
Signature Algorithm: sha256WithRSAEncryption
72:1c:a3:4e:76:b7:3f:2b:f3:0b:c6:b0:d0:72:f9:d7:89:b6:
28:72:fb:66:63:25:4c:3f:b7:1f:64:74:fb:93:b3:03:06:38:
30:5d:2a:f3:b5:fc:60:9f:ba:68:6e:17:70:1c:13:86:29:9c:
b1:5c:b0:aa:b9:02:52:51:f3:8d:eb:bc:49:46:ef:52:1b:52:
a8:26:57:55:d6:c4:30:e3:44:27:40:4d:30:62:e7:a8:40:b1:
60:5b:3a:97:6d:e3:5f:25:2f:d6:10:44:d9:89:a0:82:74:c0:
bb:22:30:9c:8e:b2:fd:12:36:6c:05:9c:98:cf:37:59:36:72:
0c:17:77:07:1c:7a:8f:73:92:a3:7c:76:77:8b:3f:21:63:be:
5a:9f:34:53:94:0a:74:7d:e8:80:e3:72:2d:1e:f5:f1:f7:2b:
ce:01:55:6d:3c:27:11:ce:01:6e:8b:62:d0:8b:4f:3a:af:6e:
b6:fa:2f:7f:38:ec:e6:d6:f3:8e:0b:23:4d:b3:ab:6c:67:ce:
92:95:00:59:25:29:cc:b5:bf:8b:be:7c:74:39:7f:45:6b:21:
18:ae:54:49:8b:7c:23:39:41:a6:70:c5:c5:78:fd:99:de:a7:
1c:cf:c7:6e:5c:bc:cc:af:95:fc:32:59:f9:96:ff:81:27:a4:
da:f8:58:96
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYsBAZmfw7yShjUaVRut8MlmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhMzBhNWEyZTMzMjRkNWU0MTI2NjdmOWYyOTZmNTJhZjI5
N2JiNGQwHhcNMjMxMDA1MTgwMjQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDAzMWU0N2YwZDM3NjhiZjUxNDk0YWE4OWYwMjgxNjRkZjc4NDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmj4XM3bO5Li5w3jIGEorOwbj5rpD
6XPlUa25GIm9E5VfpyUuWtTXwIshRu+UaZ/2z9K1u8t6xKjVgSpZSaFJHCF2Fl5c
53CZ0CEBEwws3/jTicBcnbP6NZQSj1B/lLDD8vhCkRzLklL5Y134buUJ4jVLytO0
zmXsS7EjFpRiAS+UBPtjJkIyBMFMU0IVeCBNXkZNmCtxy+QqYB80O4RrW2T1HEIr
AivN6HdkzzVKNoG8kbVsOALKd5Y2KuBHdaiztGGCwazbfNNv0ppSdWfUfgB+Ilg+
6WoSeMLkYhhofZl3bBB1Y/bdjz5CDKnUDek9MN1msibgdyV0VOUfQIoyhwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFB0DHkfw03aL9RSUqonwKBZN94RbMB8GA1UdIwQY
MBaAFHowpaLjMk1eQSZn+fKW9Sryl7tNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWpDbG91TXlUVjVCSm1mNThwYjFLdktYdTAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9jZDliN2YtN2U1Ny00Zjk1LWFiMzkt
ZjRkMWJjYjVjOTAxLzEvSFFNZVJfRFRkb3YxRkpTcWlmQW9GazMzaEZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9jZDliN2YtN2U1Ny00Zjk1LWFiMzktZjRkMWJjYjVjOTAx
LzEvZWpDbG91TXlUVjVCSm1mNThwYjFLdktYdTAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwg2OMA0E
AgACMAcDBQMqE0hAMA0GCSqGSIb3DQEBCwUAA4IBAQByHKNOdrc/K/MLxrDQcvnX
ibYocvtmYyVMP7cfZHT7k7MDBjgwXSrztfxgn7pobhdwHBOGKZyxXLCquQJSUfON
67xJRu9SG1KoJldV1sQw40QnQE0wYueoQLFgWzqXbeNfJS/WEETZiaCCdMC7IjCc
jrL9EjZsBZyYzzdZNnIMF3cHHHqPc5KjfHZ3iz8hY75anzRTlAp0feiA43ItHvXx
9yvOAVVtPCcRzgFui2LQi086r262+i9/OOzm1vOOCyNNs6tsZ86SlQBZJSnMtb+L
vnx0OX9FayEYrlRJi3wjOUGmcMXFeP2Z3qccz8duXLzMr5X8Mln5lv+BJ6Ta+FiW
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:09:45 2025 by rpki-client