Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/9453a0-e655-480e-b6a9-e39524e7a6ed/1/qrER684s72oiTfTeqJKgNjG-V7c.roa
File: qrER684s72oiTfTeqJKgNjG-V7c.roa (raw, json)
Hash identifier: gB1l5CXcOOYM+9duHWZbQy/9ojAsNdl7Dl817iX1ccU=
Subject key identifier: AA:B1:11:EB:CE:2C:EF:6A:22:4D:F4:DE:A8:92:A0:36:31:BE:57:B7
Certificate issuer: /CN=9955c5a7137eb5d47ea24e17d27fa92d0b42fbd8
Certificate serial: 0521259C
Authority key identifier: 99:55:C5:A7:13:7E:B5:D4:7E:A2:4E:17:D2:7F:A9:2D:0B:42:FB:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mVXFpxN-tdR-ok4X0n-pLQtC-9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/9453a0-e655-480e-b6a9-e39524e7a6ed/1/qrER684s72oiTfTeqJKgNjG-V7c.roa
Signing time: Sat 01 Jan 2022 12:03:53 +0000
ROA not before: Sat 01 Jan 2022 12:03:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29241
IP address blocks: 194.30.224.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86058396 (0x521259c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9955c5a7137eb5d47ea24e17d27fa92d0b42fbd8
Validity
Not Before: Jan 1 12:03:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aab111ebce2cef6a224df4dea892a03631be57b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:e0:c1:c0:99:41:e4:64:3b:06:c9:76:c9:f7:
07:16:96:4d:94:07:54:f2:02:1f:56:d5:88:98:0e:
03:28:1c:4e:69:51:95:15:54:6b:93:31:91:94:e4:
22:64:67:b9:15:dc:5f:e1:a4:f5:4f:09:be:94:99:
80:95:47:38:f7:1c:e0:de:96:1a:dc:5b:6d:67:3b:
11:b4:dc:42:84:c6:11:bd:21:37:7e:68:41:9c:0b:
c8:44:2a:a3:0a:0b:ff:e2:fb:45:14:50:24:d7:8e:
83:a1:63:82:f9:9e:e3:ee:e5:d9:31:46:7b:95:08:
72:ba:13:a9:fa:74:be:74:47:78:5b:a4:11:c9:fe:
29:f5:a0:db:29:e6:4a:37:6f:c6:6e:69:2a:50:fe:
f2:3b:d2:25:2e:56:74:a5:81:24:81:0e:42:22:67:
89:04:7c:1e:35:a4:2f:1e:eb:69:9c:d7:cc:32:a8:
c4:e0:90:49:02:0a:0b:08:8c:2b:d3:5a:0c:c9:33:
5c:71:32:37:c4:c8:3e:31:f3:5f:ae:40:56:05:34:
65:ea:27:be:e7:a4:4d:28:fa:df:b9:e3:39:9e:6e:
ee:b4:9f:46:27:54:c3:72:05:cf:a3:8a:45:08:3e:
09:4d:a2:a4:81:53:8a:b4:8a:32:fc:d4:25:08:19:
69:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:B1:11:EB:CE:2C:EF:6A:22:4D:F4:DE:A8:92:A0:36:31:BE:57:B7
X509v3 Authority Key Identifier:
keyid:99:55:C5:A7:13:7E:B5:D4:7E:A2:4E:17:D2:7F:A9:2D:0B:42:FB:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mVXFpxN-tdR-ok4X0n-pLQtC-9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/9453a0-e655-480e-b6a9-e39524e7a6ed/1/qrER684s72oiTfTeqJKgNjG-V7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/9453a0-e655-480e-b6a9-e39524e7a6ed/1/mVXFpxN-tdR-ok4X0n-pLQtC-9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.30.224.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:91:16:eb:95:6a:8d:c1:5d:4d:f4:1b:5a:62:85:53:0b:aa:
84:e1:1c:9e:55:0a:12:9c:e5:f9:ea:44:07:cb:1a:61:b0:0e:
eb:f1:c6:56:d1:36:1e:11:bd:f4:05:9c:3b:0e:f0:d8:38:49:
c2:93:30:81:01:a1:bc:c2:e1:79:b9:a0:9f:68:e0:69:59:4f:
d5:75:e7:d1:17:f9:29:bf:0c:b1:4e:fc:ae:a6:cd:6c:fe:14:
4b:cd:30:92:1c:91:bd:2f:83:8f:e9:f3:28:2c:68:00:d1:06:
fa:4f:52:b6:10:db:3d:f1:6b:05:2c:fa:b6:0a:9e:94:22:4e:
af:2d:16:69:cf:0b:0a:f7:95:ca:a8:37:df:a1:25:f1:bd:68:
13:eb:e3:b5:8a:56:aa:1e:5f:b3:89:3b:96:5d:2d:f5:1d:31:
09:37:aa:57:b8:68:c0:f5:49:66:62:63:12:99:34:cd:95:d8:
24:73:42:87:56:fb:f7:82:a7:e9:f3:9c:75:f5:5a:73:13:e1:
44:5c:c6:43:f9:ee:6b:b8:8e:62:3d:02:d7:4e:59:9e:c4:d8:
ea:35:d0:86:49:e3:bb:c2:c5:13:5a:63:f7:03:0b:6b:e7:8b:
d8:02:cf:86:8f:32:a3:73:d1:ed:82:31:45:94:c3:10:52:3b:
ff:62:76:96
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBSElnDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
OTU1YzVhNzEzN2ViNWQ0N2VhMjRlMTdkMjdmYTkyZDBiNDJmYmQ4MB4XDTIyMDEw
MTEyMDM1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWFiMTExZWJjZTJj
ZWY2YTIyNGRmNGRlYTg5MmEwMzYzMWJlNTdiNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKbgwcCZQeRkOwbJdsn3BxaWTZQHVPICH1bViJgOAygcTmlR
lRVUa5MxkZTkImRnuRXcX+Gk9U8JvpSZgJVHOPcc4N6WGtxbbWc7EbTcQoTGEb0h
N35oQZwLyEQqowoL/+L7RRRQJNeOg6Fjgvme4+7l2TFGe5UIcroTqfp0vnRHeFuk
Ecn+KfWg2ynmSjdvxm5pKlD+8jvSJS5WdKWBJIEOQiJniQR8HjWkLx7raZzXzDKo
xOCQSQIKCwiMK9NaDMkzXHEyN8TIPjHzX65AVgU0ZeonvuekTSj637njOZ5u7rSf
RidUw3IFz6OKRQg+CU2ipIFTirSKMvzUJQgZaTkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSqsRHrzizvaiJN9N6okqA2Mb5XtzAfBgNVHSMEGDAWgBSZVcWnE3611H6i
ThfSf6ktC0L72DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21WWEZweE4tdGRSLW9rNFgwbi1wTFF0Qy05Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjMvOTQ1M2EwLWU2NTUtNDgwZS1iNmE5LWUzOTUyNGU3YTZlZC8x
L3FyRVI2ODRzNzJvaVRmVGVxSktnTmpHLVY3Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjMv
OTQ1M2EwLWU2NTUtNDgwZS1iNmE5LWUzOTUyNGU3YTZlZC8xL21WWEZweE4tdGRS
LW9rNFgwbi1wTFF0Qy05Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMIe4DANBgkqhkiG9w0BAQsFAAOC
AQEAe5EW65VqjcFdTfQbWmKFUwuqhOEcnlUKEpzl+epEB8saYbAO6/HGVtE2HhG9
9AWcOw7w2DhJwpMwgQGhvMLhebmgn2jgaVlP1XXn0Rf5Kb8MsU78rqbNbP4US80w
khyRvS+Dj+nzKCxoANEG+k9SthDbPfFrBSz6tgqelCJOry0Wac8LCveVyqg336El
8b1oE+vjtYpWqh5fs4k7ll0t9R0xCTeqV7howPVJZmJjEpk0zZXYJHNCh1b794Kn
6fOcdfVacxPhRFzGQ/nua7iOYj0C105ZnsTY6jXQhknju8LFE1pj9wMLa+eL2ALP
ho8yo3PR7YIxRZTDEFI7/2J2lg==
-----END CERTIFICATE-----
Generated at Sun Jun 8 06:29:12 2025 by rpki-client