Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/c2fdf2-2a0a-443f-b7e0-a5bdbb145a78/1/HtsgF3eLqA8vHcCoEqKklO2Pmro.roa
File: HtsgF3eLqA8vHcCoEqKklO2Pmro.roa (raw, json)
Hash identifier: 8xnco86asdQhdnblCn8ckZ+atg9zh/gM5BLgLa/hFVI=
Subject key identifier: 1E:DB:20:17:77:8B:A8:0F:2F:1D:C0:A8:12:A2:A4:94:ED:8F:9A:BA
Certificate issuer: /CN=3f528c95f6080ab13cb049783e9244d33d9c4b32
Certificate serial: 054AB7D0
Authority key identifier: 3F:52:8C:95:F6:08:0A:B1:3C:B0:49:78:3E:92:44:D3:3D:9C:4B:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P1KMlfYICrE8sEl4PpJE0z2cSzI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/c2fdf2-2a0a-443f-b7e0-a5bdbb145a78/1/HtsgF3eLqA8vHcCoEqKklO2Pmro.roa
Signing time: Sat 01 Jan 2022 08:01:22 +0000
ROA not before: Sat 01 Jan 2022 08:01:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213231
IP address blocks: 194.48.191.0/24 maxlen: 24
194.45.217.0/24 maxlen: 24
194.45.233.0/24 maxlen: 24
194.48.3.0/24 maxlen: 24
2a07:e6c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88782800 (0x54ab7d0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f528c95f6080ab13cb049783e9244d33d9c4b32
Validity
Not Before: Jan 1 08:01:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1edb2017778ba80f2f1dc0a812a2a494ed8f9aba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:9c:11:a3:87:9b:f2:04:01:bc:85:f3:ef:af:
20:ab:26:08:b4:63:42:2f:5f:43:d0:33:d8:81:a8:
25:5e:09:e5:e5:62:86:4d:b9:5e:a9:d2:0a:0c:49:
5d:0d:27:3e:b8:65:01:41:d3:30:fb:41:ca:3b:c8:
e4:dc:a0:46:0c:64:cd:a0:81:30:81:fd:90:db:f8:
1f:44:2c:08:3e:d1:c3:0c:c3:6f:8a:12:31:56:10:
b9:4c:42:08:b6:94:22:d1:e4:4b:e7:46:93:91:00:
e5:e0:69:9d:c9:40:7b:61:c2:3d:42:62:9c:3a:e5:
7b:bb:bb:65:d4:4f:fd:59:ba:d9:ae:2c:79:97:09:
79:d5:f6:a2:59:db:af:02:49:55:0a:c5:de:11:95:
8d:17:11:80:96:c8:46:f0:62:df:9c:90:46:b6:69:
66:f7:e1:39:72:fa:4a:fd:b8:f2:0e:13:5a:c6:04:
db:cb:d1:2d:c7:bd:78:a5:f6:c4:b7:e2:09:6f:5d:
1d:98:31:e0:ab:de:a1:43:2e:57:50:29:35:1e:b9:
11:f8:91:94:83:83:28:53:25:b5:2a:68:bd:f7:d1:
c8:01:29:03:e7:dd:17:76:ab:cc:7e:0b:99:a6:e7:
f7:c1:0d:af:1f:d6:a3:62:7a:fc:12:ea:02:b4:04:
78:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:DB:20:17:77:8B:A8:0F:2F:1D:C0:A8:12:A2:A4:94:ED:8F:9A:BA
X509v3 Authority Key Identifier:
keyid:3F:52:8C:95:F6:08:0A:B1:3C:B0:49:78:3E:92:44:D3:3D:9C:4B:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P1KMlfYICrE8sEl4PpJE0z2cSzI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/c2fdf2-2a0a-443f-b7e0-a5bdbb145a78/1/HtsgF3eLqA8vHcCoEqKklO2Pmro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/c2fdf2-2a0a-443f-b7e0-a5bdbb145a78/1/P1KMlfYICrE8sEl4PpJE0z2cSzI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.45.217.0/24
194.45.233.0/24
194.48.3.0/24
194.48.191.0/24
IPv6:
2a07:e6c0::/29
Signature Algorithm: sha256WithRSAEncryption
87:07:6a:d1:96:01:3f:4a:31:50:05:b9:e9:9f:37:fe:09:f4:
70:43:a5:cf:9d:a0:9b:90:81:a9:32:b1:35:87:db:94:71:f4:
d4:c0:c3:f2:9e:48:f4:f8:e5:91:be:db:be:a0:52:2a:c5:b4:
57:32:ef:98:6c:1a:81:84:51:f9:b1:1b:29:f3:5a:2a:ce:4d:
87:1b:1f:e6:d2:35:77:6d:3c:af:cc:61:17:54:bb:3b:96:ca:
2c:8f:41:82:e4:74:42:d0:2f:e2:02:62:6c:6c:12:bb:ca:01:
92:1a:6c:a8:2d:be:7b:90:d5:7a:e6:56:47:59:5c:ca:50:4b:
55:62:4a:47:cf:6d:3c:e8:62:39:52:fc:9e:8d:14:7b:c3:d0:
a4:47:64:55:98:34:34:6b:8b:e6:88:c6:75:f4:87:a4:a8:8a:
24:86:ca:3d:50:b3:b3:19:30:31:69:d3:7c:b4:ec:fc:20:12:
47:e3:fe:84:1b:51:df:08:d8:e9:60:e3:09:ab:1c:1a:db:f5:
00:06:30:1f:f2:63:2b:cb:be:fa:9f:49:05:d9:18:37:5e:de:
a2:7a:df:df:fe:d7:e8:12:80:9a:4d:ff:d1:3f:71:58:a6:0a:
34:eb:53:e7:00:dc:51:a3:56:c9:8d:05:8e:d9:ae:66:46:15:
f2:81:98:7d
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEBUq30DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZjUyOGM5NWY2MDgwYWIxM2NiMDQ5NzgzZTkyNDRkMzNkOWM0YjMyMB4XDTIyMDEw
MTA4MDEyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWVkYjIwMTc3Nzhi
YTgwZjJmMWRjMGE4MTJhMmE0OTRlZDhmOWFiYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALicEaOHm/IEAbyF8++vIKsmCLRjQi9fQ9Az2IGoJV4J5eVi
hk25XqnSCgxJXQ0nPrhlAUHTMPtByjvI5NygRgxkzaCBMIH9kNv4H0QsCD7RwwzD
b4oSMVYQuUxCCLaUItHkS+dGk5EA5eBpnclAe2HCPUJinDrle7u7ZdRP/Vm62a4s
eZcJedX2olnbrwJJVQrF3hGVjRcRgJbIRvBi35yQRrZpZvfhOXL6Sv248g4TWsYE
28vRLce9eKX2xLfiCW9dHZgx4KveoUMuV1ApNR65EfiRlIODKFMltSpovffRyAEp
A+fdF3arzH4Lmabn98ENrx/Wo2J6/BLqArQEeCkCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBQe2yAXd4uoDy8dwKgSoqSU7Y+aujAfBgNVHSMEGDAWgBQ/UoyV9ggKsTyw
SXg+kkTTPZxLMjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1AxS01sZllJQ3JFOHNFbDRQcEpFMHoyY1N6SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDEvYzJmZGYyLTJhMGEtNDQzZi1iN2UwLWE1YmRiYjE0NWE3OC8x
L0h0c2dGM2VMcUE4dkhjQ29FcUtrbE8yUG1yby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDEv
YzJmZGYyLTJhMGEtNDQzZi1iN2UwLWE1YmRiYjE0NWE3OC8xL1AxS01sZllJQ3JF
OHNFbDRQcEpFMHoyY1N6SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAMIt2QMEAMIt6QMEAMIwAwMEAMIw
vzANBAIAAjAHAwUDKgfmwDANBgkqhkiG9w0BAQsFAAOCAQEAhwdq0ZYBP0oxUAW5
6Z83/gn0cEOlz52gm5CBqTKxNYfblHH01MDD8p5I9Pjlkb7bvqBSKsW0VzLvmGwa
gYRR+bEbKfNaKs5Nhxsf5tI1d208r8xhF1S7O5bKLI9BguR0QtAv4gJibGwSu8oB
khpsqC2+e5DVeuZWR1lcylBLVWJKR89tPOhiOVL8no0Ue8PQpEdkVZg0NGuL5ojG
dfSHpKiKJIbKPVCzsxkwMWnTfLTs/CASR+P+hBtR3wjY6WDjCascGtv1AAYwH/Jj
K8u++p9JBdkYN17eonrf3/7X6BKAmk3/0T9xWKYKNOtT5wDcUaNWyY0FjtmuZkYV
8oGYfQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:30:57 2025 by rpki-client