Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/3298e3-9a50-4cfb-84e6-d137ade166d1/1/HPcsn2tXKeYGgypt8iLE7KeROKg.roa
File: HPcsn2tXKeYGgypt8iLE7KeROKg.roa (raw, json)
Hash identifier: +odL8qWEE/C0dmnHqdPpBR1AOaV7bDPda/ywO9My7yo=
Subject key identifier: 1C:F7:2C:9F:6B:57:29:E6:06:83:2A:6D:F2:22:C4:EC:A7:91:38:A8
Certificate issuer: /CN=706d64134faa746293c0384edac0371950f3b224
Certificate serial: 11404952
Authority key identifier: 70:6D:64:13:4F:AA:74:62:93:C0:38:4E:DA:C0:37:19:50:F3:B2:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cG1kE0-qdGKTwDhO2sA3GVDzsiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/3298e3-9a50-4cfb-84e6-d137ade166d1/1/HPcsn2tXKeYGgypt8iLE7KeROKg.roa
Signing time: Sat 01 Jan 2022 09:56:26 +0000
ROA not before: Sat 01 Jan 2022 09:56:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203231
IP address blocks: 193.218.161.0/24 maxlen: 24
193.218.160.0/24 maxlen: 24
193.218.160.0/20 maxlen: 20
2a0a:5180::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 289425746 (0x11404952)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=706d64134faa746293c0384edac0371950f3b224
Validity
Not Before: Jan 1 09:56:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1cf72c9f6b5729e606832a6df222c4eca79138a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:7b:63:6d:d9:1d:4a:66:7b:1a:44:72:14:c5:
fa:af:4b:ad:86:2a:f1:87:70:97:24:f0:55:3f:5f:
99:70:16:90:c9:1a:ce:4e:3a:1f:df:d7:b3:f7:df:
a5:ae:2b:67:11:0e:d2:ab:97:f2:17:f2:5f:b0:3a:
fc:f7:b9:69:3e:d2:14:7e:b8:5d:6c:86:76:09:7e:
93:0b:2b:e2:56:a2:ea:e6:ce:ed:97:fb:5f:88:e1:
e3:cf:74:bd:99:5c:78:5d:9a:0f:d2:c4:7a:d0:02:
c3:66:af:54:96:d6:47:9c:e6:18:40:6c:86:b6:18:
98:dd:e0:7a:d4:93:f7:0f:b2:d9:28:b2:ee:75:5c:
bc:6f:4f:3d:ca:9b:29:0c:3a:a6:b1:1e:a0:3d:b3:
f8:96:88:bf:1b:66:a2:9b:02:1f:a4:22:ef:67:ff:
ba:ed:39:f7:71:95:7b:7a:7e:88:2a:01:d0:db:c9:
64:61:76:a2:12:05:6c:f7:60:95:b4:0f:8d:b0:9d:
3b:12:e3:a8:49:e9:af:21:b0:fb:9d:32:45:35:c6:
fd:92:21:1f:44:fa:7b:63:38:d3:65:7e:a1:31:8e:
37:bc:1b:8d:6e:c2:1b:7a:6c:01:30:35:b9:cb:a1:
d1:25:e0:2f:df:a6:80:ad:87:f9:da:4e:83:9a:de:
ca:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:F7:2C:9F:6B:57:29:E6:06:83:2A:6D:F2:22:C4:EC:A7:91:38:A8
X509v3 Authority Key Identifier:
keyid:70:6D:64:13:4F:AA:74:62:93:C0:38:4E:DA:C0:37:19:50:F3:B2:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cG1kE0-qdGKTwDhO2sA3GVDzsiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/3298e3-9a50-4cfb-84e6-d137ade166d1/1/HPcsn2tXKeYGgypt8iLE7KeROKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/3298e3-9a50-4cfb-84e6-d137ade166d1/1/cG1kE0-qdGKTwDhO2sA3GVDzsiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.218.160.0/20
IPv6:
2a0a:5180::/29
Signature Algorithm: sha256WithRSAEncryption
56:37:e7:40:b9:23:32:e2:a5:86:6e:86:1b:6e:e9:5a:75:cb:
ac:c4:14:66:23:6a:1f:0c:47:26:b8:94:c1:c4:49:64:bf:28:
40:4b:3c:f6:6f:c8:72:43:43:d7:e8:57:e9:cc:13:cf:13:53:
a3:ba:22:d4:0a:55:dd:4b:1b:ce:d1:0d:1d:74:b3:20:58:54:
30:10:99:00:aa:c1:86:66:76:56:18:02:dd:0d:b0:0e:d3:f7:
78:c7:99:45:34:87:7f:33:c5:90:5a:97:96:75:76:16:cf:c7:
f4:2d:00:57:ec:a3:14:7f:49:73:97:c5:dc:2c:79:98:1f:f1:
a3:da:77:31:70:23:eb:62:28:97:02:e7:23:ca:33:77:5d:e6:
1e:a5:30:9a:a0:25:9e:f7:fb:57:3d:52:ed:bf:55:63:b4:cf:
78:aa:a1:dd:a7:ba:5b:43:75:fb:07:2d:dc:e8:d6:20:1b:89:
97:d7:6d:ba:86:89:0c:07:b5:6a:e6:74:09:25:99:95:ee:cf:
2e:d2:83:e1:53:f3:ae:68:73:3f:f6:35:67:db:23:38:da:ca:
1c:61:72:6f:e4:1a:a8:d7:c8:43:29:a6:3f:d7:88:61:2c:f8:
cc:a3:6a:2a:fd:09:42:46:20:8e:8f:31:ec:5a:d2:99:f7:b8:
56:d0:be:8a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEEUBJUjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MDZkNjQxMzRmYWE3NDYyOTNjMDM4NGVkYWMwMzcxOTUwZjNiMjI0MB4XDTIyMDEw
MTA5NTYyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWNmNzJjOWY2YjU3
MjllNjA2ODMyYTZkZjIyMmM0ZWNhNzkxMzhhODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANZ7Y23ZHUpmexpEchTF+q9LrYYq8YdwlyTwVT9fmXAWkMka
zk46H9/Xs/ffpa4rZxEO0quX8hfyX7A6/Pe5aT7SFH64XWyGdgl+kwsr4lai6ubO
7Zf7X4jh4890vZlceF2aD9LEetACw2avVJbWR5zmGEBshrYYmN3getST9w+y2Siy
7nVcvG9PPcqbKQw6prEeoD2z+JaIvxtmopsCH6Qi72f/uu0593GVe3p+iCoB0NvJ
ZGF2ohIFbPdglbQPjbCdOxLjqEnpryGw+50yRTXG/ZIhH0T6e2M402V+oTGON7wb
jW7CG3psATA1ucuh0SXgL9+mgK2H+dpOg5reyvUCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQc9yyfa1cp5gaDKm3yIsTsp5E4qDAfBgNVHSMEGDAWgBRwbWQTT6p0YpPA
OE7awDcZUPOyJDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NHMWtFMC1xZEdLVHdEaE8yc0EzR1ZEenNpUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGQvMzI5OGUzLTlhNTAtNGNmYi04NGU2LWQxMzdhZGUxNjZkMS8x
L0hQY3NuMnRYS2VZR2d5cHQ4aUxFN0tlUk9LZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGQv
MzI5OGUzLTlhNTAtNGNmYi04NGU2LWQxMzdhZGUxNjZkMS8xL2NHMWtFMC1xZEdL
VHdEaE8yc0EzR1ZEenNpUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEBMHaoDANBAIAAjAHAwUDKgpRgDAN
BgkqhkiG9w0BAQsFAAOCAQEAVjfnQLkjMuKlhm6GG27pWnXLrMQUZiNqHwxHJriU
wcRJZL8oQEs89m/IckND1+hX6cwTzxNTo7oi1ApV3UsbztENHXSzIFhUMBCZAKrB
hmZ2VhgC3Q2wDtP3eMeZRTSHfzPFkFqXlnV2Fs/H9C0AV+yjFH9Jc5fF3Cx5mB/x
o9p3MXAj62IolwLnI8ozd13mHqUwmqAlnvf7Vz1S7b9VY7TPeKqh3ae6W0N1+wct
3OjWIBuJl9dtuoaJDAe1auZ0CSWZle7PLtKD4VPzrmhzP/Y1Z9sjONrKHGFyb+Qa
qNfIQymmP9eIYSz4zKNqKv0JQkYgjo8x7FrSmfe4VtC+ig==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:32 2025 by rpki-client