Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/qhU0PHGyHoqsDwloG75CLr63D-8.roa
File: qhU0PHGyHoqsDwloG75CLr63D-8.roa (raw, json)
Hash identifier: cMCJRbXp3rFDXZFwUB0cjBUMlkZ2u16AwdIb59j8k8Q=
Subject key identifier: AA:15:34:3C:71:B2:1E:8A:AC:0F:09:68:1B:BE:42:2E:BE:B7:0F:EF
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 4260409A
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/qhU0PHGyHoqsDwloG75CLr63D-8.roa
Signing time: Sat 01 Jan 2022 14:03:04 +0000
ROA not before: Sat 01 Jan 2022 14:03:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25252
IP address blocks: 193.183.230.0/23 maxlen: 23
193.183.228.0/23 maxlen: 23
193.183.236.0/23 maxlen: 23
192.165.12.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1113604250 (0x4260409a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 14:03:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aa15343c71b21e8aac0f09681bbe422ebeb70fef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:06:16:79:7e:40:ec:a2:bb:30:63:e6:cf:99:
fb:2b:82:73:44:25:e6:eb:5a:0d:68:9c:09:fa:55:
44:40:10:1b:93:3b:5d:b0:db:ff:53:4d:10:ea:01:
bd:49:c1:59:08:52:f3:f4:a3:5f:de:87:ab:d7:05:
53:61:c3:d4:1a:4f:42:00:d6:4e:f3:40:e0:a5:2e:
0e:0f:6f:50:23:25:92:89:78:3e:c7:6e:a3:92:50:
5e:94:e3:7a:32:94:b7:b6:f9:f5:60:51:02:10:56:
fc:cf:29:44:cc:ad:d5:1d:6c:0d:01:6b:48:6b:37:
64:22:d1:0c:fc:bd:00:e4:9f:40:63:9c:22:7c:f1:
60:19:ed:ce:20:b6:2c:7d:cb:f8:f9:2b:65:a8:ee:
c2:11:d0:5d:44:ce:d7:56:b3:85:7e:57:83:f7:4a:
48:ae:92:8c:ce:10:33:d0:a2:e9:4c:71:3f:ff:65:
29:63:92:7c:22:b9:51:da:5b:1e:7d:cd:1d:1e:c0:
46:5e:ae:bb:0f:3d:ef:67:fd:7f:f8:81:ea:43:69:
34:66:19:c6:19:b4:4b:34:be:9b:0e:be:8a:0b:bc:
88:c5:d3:b7:0d:e2:5b:48:d1:67:e6:62:ee:4f:bb:
83:6a:a8:22:8f:74:38:bc:ee:22:7e:d5:3d:4b:5e:
07:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:15:34:3C:71:B2:1E:8A:AC:0F:09:68:1B:BE:42:2E:BE:B7:0F:EF
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/qhU0PHGyHoqsDwloG75CLr63D-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.165.12.0/24
193.183.228.0/22
193.183.236.0/23
Signature Algorithm: sha256WithRSAEncryption
c3:7a:fe:1a:2f:46:a0:ef:e5:c4:a2:63:a5:cd:81:34:5c:db:
42:95:d0:6f:b0:30:82:f7:4e:a0:4c:9f:32:5a:80:89:db:8e:
55:34:33:44:ca:f2:7f:10:be:64:1e:87:fb:ad:8e:86:8d:b6:
87:e8:e1:6c:92:81:70:78:a1:2b:b5:53:30:02:4c:6a:c9:ca:
0c:7c:aa:b3:17:06:b3:3d:79:c7:27:bd:79:34:1c:f9:49:b7:
59:a5:14:16:e4:46:b2:b6:64:6e:d7:3d:e9:cd:11:2c:1d:55:
38:f6:15:9c:cc:38:39:cf:77:ab:82:d8:62:36:f3:11:55:d8:
5b:6b:6e:61:7b:25:84:99:79:40:fc:91:65:0f:bd:57:5d:d5:
62:e4:1f:f6:2f:8e:f6:5e:62:36:e7:7b:17:f2:f9:95:18:72:
aa:b1:2a:53:d5:ab:35:33:c8:af:95:dc:dc:23:7f:df:68:75:
fa:b6:0e:7f:85:86:48:62:ff:30:3a:cf:5e:8a:8f:53:39:eb:
4e:22:93:fe:fd:14:c5:52:32:3f:f5:dd:07:51:80:8c:ed:53:
b6:18:78:32:9b:bb:f7:7e:71:18:28:87:a0:fe:fd:21:d7:55:
ff:9b:99:89:aa:08:18:58:db:36:ea:8f:0f:11:a2:0c:78:24:
b6:14:de:5e
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEQmBAmjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MTM1YzdmNTcxZWVmZWI2NzQwNGFiNmM0NWZkNDc1NTUxYWRhZjFiMB4XDTIyMDEw
MTE0MDMwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWExNTM0M2M3MWIy
MWU4YWFjMGYwOTY4MWJiZTQyMmViZWI3MGZlZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALgGFnl+QOyiuzBj5s+Z+yuCc0Ql5utaDWicCfpVREAQG5M7
XbDb/1NNEOoBvUnBWQhS8/SjX96Hq9cFU2HD1BpPQgDWTvNA4KUuDg9vUCMlkol4
Psduo5JQXpTjejKUt7b59WBRAhBW/M8pRMyt1R1sDQFrSGs3ZCLRDPy9AOSfQGOc
InzxYBntziC2LH3L+PkrZajuwhHQXUTO11azhX5Xg/dKSK6SjM4QM9Ci6UxxP/9l
KWOSfCK5UdpbHn3NHR7ARl6uuw8972f9f/iB6kNpNGYZxhm0SzS+mw6+igu8iMXT
tw3iW0jRZ+Zi7k+7g2qoIo90OLzuIn7VPUteB0sCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBSqFTQ8cbIeiqwPCWgbvkIuvrcP7zAfBgNVHSMEGDAWgBQhNcf1ce7+tnQE
q2xF/UdVUa2vGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lUWEg5WEh1X3JaMEJLdHNSZjFIVlZHdHJ4cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDkvNjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8x
L3FoVTBQSEd5SG9xc0R3bG9HNzVDTHI2M0QtOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkv
NjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8xL0lUWEg5WEh1X3Ja
MEJLdHNSZjFIVlZHdHJ4cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAMClDAMEAsG35AMEAcG37DANBgkq
hkiG9w0BAQsFAAOCAQEAw3r+Gi9GoO/lxKJjpc2BNFzbQpXQb7AwgvdOoEyfMlqA
iduOVTQzRMryfxC+ZB6H+62Oho22h+jhbJKBcHihK7VTMAJMasnKDHyqsxcGsz15
xye9eTQc+Um3WaUUFuRGsrZkbtc96c0RLB1VOPYVnMw4Oc93q4LYYjbzEVXYW2tu
YXslhJl5QPyRZQ+9V13VYuQf9i+O9l5iNud7F/L5lRhyqrEqU9WrNTPIr5Xc3CN/
32h1+rYOf4WGSGL/MDrPXoqPUznrTiKT/v0UxVIyP/XdB1GAjO1Tthh4Mpu7935x
GCiHoP79IddV/5uZiaoIGFjbNuqPDxGiDHgkthTeXg==
-----END CERTIFICATE-----
Generated at Mon Apr 21 06:14:33 2025 by rpki-client