Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/9d6ca2-0dac-4597-80f5-7bd3ab73e172/1/_QjYTrcyHecB7LKXwQFmjNBGVCQ.roa
File: _QjYTrcyHecB7LKXwQFmjNBGVCQ.roa (raw, json)
Hash identifier: /5Rlcx4O34hEkefW454o2T4JiDZRT/ozl8CHa/hEbxo=
Subject key identifier: FD:08:D8:4E:B7:32:1D:E7:01:EC:B2:97:C1:01:66:8C:D0:46:54:24
Certificate issuer: /CN=a02bb11d019557e12f5fb6eb903837421160d009
Certificate serial: 0185708CB4467D101305454100EF11775642
Authority key identifier: A0:2B:B1:1D:01:95:57:E1:2F:5F:B6:EB:90:38:37:42:11:60:D0:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oCuxHQGVV-EvX7brkDg3QhFg0Ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/9d6ca2-0dac-4597-80f5-7bd3ab73e172/1/_QjYTrcyHecB7LKXwQFmjNBGVCQ.roa
Signing time: Mon 02 Jan 2023 03:35:47 +0000
ROA not before: Mon 02 Jan 2023 03:35:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202332
IP address blocks: 194.147.40.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:b4:46:7d:10:13:05:45:41:00:ef:11:77:56:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a02bb11d019557e12f5fb6eb903837421160d009
Validity
Not Before: Jan 2 03:35:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd08d84eb7321de701ecb297c101668cd0465424
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:2f:83:74:c9:6f:ee:3b:7f:47:25:67:30:3c:
ad:54:10:e6:a2:62:9f:69:25:c1:0e:94:fd:de:f0:
d1:44:65:d3:3e:9f:94:4f:60:3a:ee:a8:02:cf:d3:
bc:69:d6:e1:71:35:95:c0:aa:fd:10:88:ec:be:d8:
d0:7f:ca:c1:65:15:c7:fc:97:cb:b7:b8:74:5b:1e:
f2:62:74:4e:49:53:e2:29:d8:52:1a:44:51:7a:bb:
40:9f:3f:cf:c2:14:ce:09:d1:3e:b8:f0:89:a6:7f:
24:99:11:8c:50:92:e9:ca:ec:80:43:00:0d:f9:51:
8a:79:b0:10:09:a2:9a:5b:72:d6:a2:22:de:09:8f:
ed:b5:cd:50:1b:a9:0c:f6:fc:0a:15:cf:45:78:26:
d1:d7:d5:6f:21:46:09:3d:2f:4b:ec:b1:94:ff:0e:
c6:07:be:aa:87:b5:3d:72:a9:f2:94:8e:4d:02:6b:
d2:98:1e:28:c4:8d:1b:30:8d:25:fd:f4:56:76:64:
42:bd:de:43:79:35:5d:c0:f4:c8:74:90:c7:5d:db:
bc:72:6f:41:d9:ef:66:60:f2:16:57:d3:ac:27:ce:
5d:e4:f9:eb:7d:79:6c:ed:25:9b:ba:26:ed:33:71:
d1:6d:6a:ce:5c:0e:af:88:14:1a:c3:ec:f1:2d:57:
f6:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:08:D8:4E:B7:32:1D:E7:01:EC:B2:97:C1:01:66:8C:D0:46:54:24
X509v3 Authority Key Identifier:
keyid:A0:2B:B1:1D:01:95:57:E1:2F:5F:B6:EB:90:38:37:42:11:60:D0:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oCuxHQGVV-EvX7brkDg3QhFg0Ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/9d6ca2-0dac-4597-80f5-7bd3ab73e172/1/_QjYTrcyHecB7LKXwQFmjNBGVCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/9d6ca2-0dac-4597-80f5-7bd3ab73e172/1/oCuxHQGVV-EvX7brkDg3QhFg0Ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.147.40.0/22
Signature Algorithm: sha256WithRSAEncryption
25:76:e7:c9:fd:8f:93:59:44:33:b3:d6:41:a0:ab:83:59:09:
71:50:ab:a7:01:02:f8:84:a3:e4:0f:8e:ae:0e:f5:e0:3c:df:
73:e0:93:b9:d7:f7:01:a4:cf:83:c5:f6:85:dc:1b:78:88:47:
ea:b8:95:4c:5a:c7:34:aa:16:18:1a:77:65:f9:c6:c2:56:fe:
a7:a7:ec:4f:42:7d:a8:7d:9b:5c:f4:bd:ef:0b:90:81:a8:5e:
2a:fb:e5:20:d7:ff:a6:0c:05:a9:80:1d:d7:e5:1d:2e:ba:2f:
d3:f2:60:b9:13:f8:ae:6d:e9:41:94:5d:96:e9:a3:ba:66:cc:
66:0a:d4:0f:85:ed:e7:8f:32:4a:f1:5b:3f:50:38:3f:36:a5:
8e:f5:72:55:bf:22:d3:30:43:f8:ff:a1:de:c8:77:b8:2e:6a:
9f:53:36:fc:92:ad:16:46:ed:ad:cc:76:d8:64:62:df:d1:bc:
63:ed:b2:48:6b:54:96:98:33:a2:5b:64:1c:e6:36:e6:81:88:
5e:c7:51:d2:c3:93:20:bd:c4:21:d8:cf:50:4b:32:4a:b1:be:
e7:a1:ac:7c:e9:5c:0d:94:a0:8c:a5:82:46:f5:ef:03:81:16:
7e:32:95:5d:4c:e9:84:79:97:c7:54:a4:a2:4b:a9:d1:c4:a2:
f6:a8:0f:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwjLRGfRATBUVBAO8Rd1ZCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwMmJiMTFkMDE5NTU3ZTEyZjVmYjZlYjkwMzgzNzQyMTE2
MGQwMDkwHhcNMjMwMTAyMDMzNTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDA4ZDg0ZWI3MzIxZGU3MDFlY2IyOTdjMTAxNjY4Y2QwNDY1NDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAky+DdMlv7jt/RyVnMDytVBDmomKf
aSXBDpT93vDRRGXTPp+UT2A67qgCz9O8adbhcTWVwKr9EIjsvtjQf8rBZRXH/JfL
t7h0Wx7yYnROSVPiKdhSGkRRertAnz/PwhTOCdE+uPCJpn8kmRGMUJLpyuyAQwAN
+VGKebAQCaKaW3LWoiLeCY/ttc1QG6kM9vwKFc9FeCbR19VvIUYJPS9L7LGU/w7G
B76qh7U9cqnylI5NAmvSmB4oxI0bMI0l/fRWdmRCvd5DeTVdwPTIdJDHXdu8cm9B
2e9mYPIWV9OsJ85d5PnrfXls7SWbuibtM3HRbWrOXA6viBQaw+zxLVf2fQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP0I2E63Mh3nAeyyl8EBZozQRlQkMB8GA1UdIwQY
MBaAFKArsR0BlVfhL1+265A4N0IRYNAJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0N1eEhRR1ZWLUV2WDdicmtEZzNRaEZnMEFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi85ZDZjYTItMGRhYy00NTk3LTgwZjUt
N2JkM2FiNzNlMTcyLzEvX1FqWVRyY3lIZWNCN0xLWHdRRm1qTkJHVkNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi85ZDZjYTItMGRhYy00NTk3LTgwZjUtN2JkM2FiNzNlMTcy
LzEvb0N1eEhRR1ZWLUV2WDdicmtEZzNRaEZnMEFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwpMoMA0G
CSqGSIb3DQEBCwUAA4IBAQAldufJ/Y+TWUQzs9ZBoKuDWQlxUKunAQL4hKPkD46u
DvXgPN9z4JO51/cBpM+DxfaF3Bt4iEfquJVMWsc0qhYYGndl+cbCVv6np+xPQn2o
fZtc9L3vC5CBqF4q++Ug1/+mDAWpgB3X5R0uui/T8mC5E/iubelBlF2W6aO6Zsxm
CtQPhe3njzJK8Vs/UDg/NqWO9XJVvyLTMEP4/6HeyHe4LmqfUzb8kq0WRu2tzHbY
ZGLf0bxj7bJIa1SWmDOiW2Qc5jbmgYhex1HSw5MgvcQh2M9QSzJKsb7noax86VwN
lKCMpYJG9e8DgRZ+MpVdTOmEeZfHVKSiS6nRxKL2qA/5
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:49 2025 by rpki-client