Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/04hyoJOSOGQzARfqq2FnacqiMO4.roa
File: 04hyoJOSOGQzARfqq2FnacqiMO4.roa (raw, json)
Hash identifier: yKHg1GCvyXYLLW09h4k5vxzXpIySqpFDi+BkJhQnavY=
Subject key identifier: D3:88:72:A0:93:92:38:64:33:01:17:EA:AB:61:67:69:CA:A2:30:EE
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0189434B8AD5D96401C6D548AFCB2B1476F1
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/04hyoJOSOGQzARfqq2FnacqiMO4.roa
Signing time: Tue 11 Jul 2023 04:52:51 +0000
ROA not before: Tue 11 Jul 2023 04:52:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207084
IP address blocks: 195.133.80.0/24 maxlen: 24
193.124.17.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.6.0/24 maxlen: 24
194.87.138.0/24 maxlen: 24
194.87.25.0/24 maxlen: 24
194.87.33.0/24 maxlen: 24
195.133.19.0/24 maxlen: 24
195.58.53.0/24 maxlen: 24
195.133.41.0/24 maxlen: 24
194.87.182.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:43:4b:8a:d5:d9:64:01:c6:d5:48:af:cb:2b:14:76:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 11 04:52:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d38872a093923864330117eaab616769caa230ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:83:47:31:9f:33:1d:1c:dc:c9:2e:e8:2d:e5:
29:9b:41:76:a8:91:7e:54:99:b1:2a:37:2d:55:e9:
5d:1b:85:60:d3:5b:eb:90:55:c5:ac:43:4e:4f:e8:
a7:17:cb:47:fd:cd:88:31:27:12:cf:61:12:93:af:
c6:d0:19:23:7f:07:55:cd:0d:29:5c:77:9d:32:9a:
54:61:25:0f:f3:9c:43:9c:5d:49:25:9e:58:a2:3e:
e9:8e:0a:09:2f:44:21:be:d6:b9:1e:1c:cb:21:28:
a7:49:b3:f9:a0:f7:2d:8e:6f:a8:ca:5a:e0:14:65:
6a:70:51:46:a2:65:31:13:f0:a9:eb:73:89:80:3c:
9a:66:aa:b2:a6:a2:cb:c2:bb:df:80:ef:4a:40:eb:
64:5c:3d:da:30:15:02:50:da:1a:e6:7a:f0:15:76:
d1:e9:2c:7f:ad:5e:c9:ec:27:e5:07:23:01:62:a5:
79:16:8b:b0:94:15:4c:e3:3f:10:b1:d0:07:13:4e:
53:8d:71:2a:e8:79:4c:a8:66:b8:4a:3b:09:1b:9c:
81:14:4c:0f:46:26:01:e4:9d:c4:9a:6a:ad:14:5d:
d8:db:35:37:e3:83:6c:5d:cc:eb:1c:d4:8d:94:c4:
05:af:83:eb:0c:93:19:81:b4:ff:91:f5:31:b9:dd:
78:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:88:72:A0:93:92:38:64:33:01:17:EA:AB:61:67:69:CA:A2:30:EE
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/04hyoJOSOGQzARfqq2FnacqiMO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.17.0/24
194.87.6.0/24
194.87.25.0/24
194.87.33.0/24
194.87.118.0/24
194.87.138.0/24
194.87.182.0/24
195.58.53.0/24
195.133.19.0/24
195.133.41.0/24
195.133.80.0/24
Signature Algorithm: sha256WithRSAEncryption
66:e5:21:74:db:ba:7e:a9:71:db:67:56:d2:25:23:55:75:28:
ed:8c:d9:3d:f6:f9:9a:19:67:6f:59:53:14:96:49:bb:20:1e:
b7:ce:de:53:1c:13:2c:00:4c:e0:6b:b6:ef:e5:5e:c1:29:03:
52:b6:8b:1c:bb:7d:1b:5f:03:ea:e4:d7:98:f3:35:4d:16:3d:
25:56:b1:ff:5b:f1:8d:6c:6c:92:96:41:92:88:05:78:76:82:
16:0d:7a:25:fe:f6:19:af:1a:a1:bc:2b:8a:0b:57:26:39:f9:
d4:7e:1e:c5:fc:83:86:64:59:50:29:14:0d:7d:ec:b2:55:95:
04:c7:f7:70:c2:58:46:d0:ae:dc:fa:f2:7d:36:5e:0e:22:bc:
36:76:70:2d:83:f1:cb:d8:bb:31:21:7c:a9:ea:b1:9d:e3:0b:
d3:cf:61:74:a8:69:7e:ee:96:32:1e:3c:9d:f4:6a:7e:c8:a1:
0f:7b:80:d9:55:86:0f:63:b3:31:6c:7c:f2:6e:16:e6:58:7d:
f1:e3:13:9e:e9:5b:09:ba:9b:7e:13:d4:9b:7f:d9:4f:c2:75:
02:de:05:55:17:95:f1:21:4a:a0:cc:cb:12:b9:9a:27:61:6e:
53:44:19:0c:08:bf:f4:31:5c:c5:1b:5e:ad:4b:b2:ad:2e:86:
9f:a0:e9:89
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYlDS4rV2WQBxtVIr8srFHbxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzExMDQ1MjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzg4NzJhMDkzOTIzODY0MzMwMTE3ZWFhYjYxNjc2OWNhYTIzMGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYNHMZ8zHRzcyS7oLeUpm0F2qJF+
VJmxKjctVeldG4Vg01vrkFXFrENOT+inF8tH/c2IMScSz2ESk6/G0BkjfwdVzQ0p
XHedMppUYSUP85xDnF1JJZ5Yoj7pjgoJL0Qhvta5HhzLISinSbP5oPctjm+oylrg
FGVqcFFGomUxE/Cp63OJgDyaZqqypqLLwrvfgO9KQOtkXD3aMBUCUNoa5nrwFXbR
6Sx/rV7J7CflByMBYqV5FouwlBVM4z8QsdAHE05TjXEq6HlMqGa4SjsJG5yBFEwP
RiYB5J3EmmqtFF3Y2zU344NsXczrHNSNlMQFr4PrDJMZgbT/kfUxud14fwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFNOIcqCTkjhkMwEX6qthZ2nKojDuMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMDRoeW9KT1NPR1F6QVJmcXEyRm5hY3FpTU80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAwXwRAwQA
wlcGAwQAwlcZAwQAwlchAwQAwld2AwQAwleKAwQAwle2AwQAwzo1AwQAw4UTAwQA
w4UpAwQAw4VQMA0GCSqGSIb3DQEBCwUAA4IBAQBm5SF027p+qXHbZ1bSJSNVdSjt
jNk99vmaGWdvWVMUlkm7IB63zt5THBMsAEzga7bv5V7BKQNStoscu30bXwPq5NeY
8zVNFj0lVrH/W/GNbGySlkGSiAV4doIWDXol/vYZrxqhvCuKC1cmOfnUfh7F/IOG
ZFlQKRQNfeyyVZUEx/dwwlhG0K7c+vJ9Nl4OIrw2dnAtg/HL2LsxIXyp6rGd4wvT
z2F0qGl+7pYyHjyd9Gp+yKEPe4DZVYYPY7MxbHzybhbmWH3x4xOe6VsJupt+E9Sb
f9lPwnUC3gVVF5XxIUqgzMsSuZonYW5TRBkMCL/0MVzFG16tS7KtLoafoOmJ
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:28:01 2025 by rpki-client