Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/e49bc5-68c5-4ce2-a9b9-03c6feaf1d9f/1/q1_AKlGqn60jiamLOMb8fVdKSSM.roa
File: q1_AKlGqn60jiamLOMb8fVdKSSM.roa (raw, json)
Hash identifier: MNEZ5B5ekOFKQaUzS75O0ytUV24y+E3iZ4dLj6YPkvA=
Subject key identifier: AB:5F:C0:2A:51:AA:9F:AD:23:89:A9:8B:38:C6:FC:7D:57:4A:49:23
Certificate issuer: /CN=64ef98adbf42d5bacd24cadb0adf092c4576daf3
Certificate serial: 06D7D490
Authority key identifier: 64:EF:98:AD:BF:42:D5:BA:CD:24:CA:DB:0A:DF:09:2C:45:76:DA:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZO-Yrb9C1brNJMrbCt8JLEV22vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/e49bc5-68c5-4ce2-a9b9-03c6feaf1d9f/1/q1_AKlGqn60jiamLOMb8fVdKSSM.roa
Signing time: Sat 01 Jan 2022 07:58:17 +0000
ROA not before: Sat 01 Jan 2022 07:58:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12693
IP address blocks: 185.178.24.0/22 maxlen: 22
213.208.44.0/22 maxlen: 22
213.208.40.0/22 maxlen: 22
213.208.48.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114807952 (0x6d7d490)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64ef98adbf42d5bacd24cadb0adf092c4576daf3
Validity
Not Before: Jan 1 07:58:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ab5fc02a51aa9fad2389a98b38c6fc7d574a4923
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:26:76:72:6f:a2:96:47:c7:86:6d:80:70:3e:
f2:02:b5:b1:ca:5a:5f:be:67:47:ff:38:b8:31:34:
ad:87:3f:cc:df:76:3c:34:0a:a7:80:2d:3c:d0:85:
81:03:74:cc:17:b4:20:7c:66:be:dc:28:5c:05:ce:
bf:69:9f:fd:3a:c4:2e:a4:d1:8c:c1:d0:dc:a3:de:
c5:85:7b:29:0d:17:8b:2e:cc:94:c9:d0:16:6f:76:
8f:8d:d4:38:9a:d0:a0:fe:ad:bc:8a:ae:f6:90:3f:
0e:c4:02:4f:15:dd:2e:f9:89:07:49:eb:cb:c6:01:
04:21:29:dc:c6:a9:b7:bd:0a:2e:c2:8c:ea:a3:30:
96:cd:69:09:53:0e:1c:6f:09:2d:b9:76:c9:8b:cb:
26:46:43:d2:8a:1d:21:68:55:54:53:b4:cc:25:29:
35:3d:3d:df:71:24:99:a6:95:e7:f8:64:0d:ee:83:
2e:ea:88:00:3e:95:d2:0f:03:60:c2:20:b1:05:b1:
64:0f:19:fb:b8:61:f8:a3:72:6c:e4:62:eb:c8:04:
84:bc:2b:ab:16:75:11:92:d4:5d:4e:75:c3:21:22:
b1:35:cf:87:47:66:b4:19:34:7a:9c:70:f4:01:0c:
ed:97:c2:d1:72:40:e3:01:43:b3:ef:96:b4:71:e0:
49:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:5F:C0:2A:51:AA:9F:AD:23:89:A9:8B:38:C6:FC:7D:57:4A:49:23
X509v3 Authority Key Identifier:
keyid:64:EF:98:AD:BF:42:D5:BA:CD:24:CA:DB:0A:DF:09:2C:45:76:DA:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZO-Yrb9C1brNJMrbCt8JLEV22vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/e49bc5-68c5-4ce2-a9b9-03c6feaf1d9f/1/q1_AKlGqn60jiamLOMb8fVdKSSM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/e49bc5-68c5-4ce2-a9b9-03c6feaf1d9f/1/ZO-Yrb9C1brNJMrbCt8JLEV22vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.178.24.0/22
213.208.40.0-213.208.51.255
Signature Algorithm: sha256WithRSAEncryption
55:c5:da:01:12:00:1d:dd:1d:ff:6c:d6:29:a0:c5:5e:33:c4:
76:05:d9:e6:15:e6:65:79:62:ba:08:80:bf:e4:7e:c9:92:0d:
a4:dc:89:cb:5b:22:47:12:1e:c0:3a:0c:6b:df:76:84:34:94:
2a:d4:87:2a:88:f1:45:90:32:02:c6:42:29:d2:7d:d3:e0:6d:
23:88:77:b5:11:8a:e3:1b:17:f4:6a:31:61:45:9a:f0:2a:c5:
fa:34:bc:81:98:3b:0c:cb:7e:35:fe:66:36:31:05:e8:72:11:
b1:5d:31:dd:91:88:be:fb:8d:a1:10:a6:26:99:d7:87:3a:60:
1f:a7:42:d1:a7:92:98:6b:4d:80:bc:e9:fb:bb:91:45:56:44:
ba:87:65:5c:b2:78:7c:d9:f4:d3:8a:b6:33:f2:64:15:2b:1d:
eb:e6:a4:f1:22:c8:6e:dd:b9:44:89:8c:1b:b7:0a:fe:a7:ad:
f5:37:22:91:80:56:be:f3:cf:56:2c:fe:3a:58:ae:c2:50:6e:
63:de:45:a4:09:62:19:80:59:11:ee:6a:18:da:78:56:00:8a:
83:bf:5c:71:07:43:cb:e6:89:fd:f3:85:45:4e:94:d2:67:1d:
85:46:c7:d0:2e:de:a0:f0:9d:b5:1d:b3:b2:d0:6a:a6:6a:11:
ed:50:68:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEBtfUkDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NGVmOThhZGJmNDJkNWJhY2QyNGNhZGIwYWRmMDkyYzQ1NzZkYWYzMB4XDTIyMDEw
MTA3NTgxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWI1ZmMwMmE1MWFh
OWZhZDIzODlhOThiMzhjNmZjN2Q1NzRhNDkyMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANYmdnJvopZHx4ZtgHA+8gK1scpaX75nR/84uDE0rYc/zN92
PDQKp4AtPNCFgQN0zBe0IHxmvtwoXAXOv2mf/TrELqTRjMHQ3KPexYV7KQ0Xiy7M
lMnQFm92j43UOJrQoP6tvIqu9pA/DsQCTxXdLvmJB0nry8YBBCEp3Mapt70KLsKM
6qMwls1pCVMOHG8JLbl2yYvLJkZD0oodIWhVVFO0zCUpNT0933EkmaaV5/hkDe6D
LuqIAD6V0g8DYMIgsQWxZA8Z+7hh+KNybORi68gEhLwrqxZ1EZLUXU51wyEisTXP
h0dmtBk0epxw9AEM7ZfC0XJA4wFDs++WtHHgSRsCAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBSrX8AqUaqfrSOJqYs4xvx9V0pJIzAfBgNVHSMEGDAWgBRk75itv0LVus0k
ytsK3wksRXba8zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1pPLVlyYjlDMWJyTkpNcmJDdDhKTEVWMjJ2TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjcvZTQ5YmM1LTY4YzUtNGNlMi1hOWI5LTAzYzZmZWFmMWQ5Zi8x
L3ExX0FLbEdxbjYwamlhbUxPTWI4ZlZkS1NTTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjcv
ZTQ5YmM1LTY4YzUtNGNlMi1hOWI5LTAzYzZmZWFmMWQ5Zi8xL1pPLVlyYjlDMWJy
TkpNcmJDdDhKTEVWMjJ2TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFAMEArmyGDAMAwQD1dAoAwQC1dAwMA0G
CSqGSIb3DQEBCwUAA4IBAQBVxdoBEgAd3R3/bNYpoMVeM8R2BdnmFeZleWK6CIC/
5H7Jkg2k3InLWyJHEh7AOgxr33aENJQq1IcqiPFFkDICxkIp0n3T4G0jiHe1EYrj
Gxf0ajFhRZrwKsX6NLyBmDsMy341/mY2MQXochGxXTHdkYi++42hEKYmmdeHOmAf
p0LRp5KYa02AvOn7u5FFVkS6h2Vcsnh82fTTirYz8mQVKx3r5qTxIshu3blEiYwb
twr+p631NyKRgFa+889WLP46WK7CUG5j3kWkCWIZgFkR7moY2nhWAIqDv1xxB0PL
5on984VFTpTSZx2FRsfQLt6g8J21HbOy0GqmahHtUGgb
-----END CERTIFICATE-----
Generated at Sun May 11 05:15:23 2025 by rpki-client