Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/5e1be9-e4ea-4c84-a8b7-d0d476f41fd6/1/HQH6eOk5BdV--5eqJvyRupMeQ_A.roa
File: HQH6eOk5BdV--5eqJvyRupMeQ_A.roa (raw, json)
Hash identifier: SeCc+8A0Hrfs4zgDzzD519Bks0fy3i/GrSJNp3bb62A=
Subject key identifier: 1D:01:FA:78:E9:39:05:D5:7E:FB:97:AA:26:FC:91:BA:93:1E:43:F0
Certificate issuer: /CN=744dcb72e8cb478cfc4b25aeb1f03b406266375c
Certificate serial: 0184F0F94C797F717F28290BCB54C2A6AC6C
Authority key identifier: 74:4D:CB:72:E8:CB:47:8C:FC:4B:25:AE:B1:F0:3B:40:62:66:37:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dE3LcujLR4z8SyWusfA7QGJmN1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/5e1be9-e4ea-4c84-a8b7-d0d476f41fd6/1/HQH6eOk5BdV--5eqJvyRupMeQ_A.roa
Signing time: Thu 08 Dec 2022 09:03:00 +0000
ROA not before: Thu 08 Dec 2022 09:03:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12350
IP address blocks: 193.246.207.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f0:f9:4c:79:7f:71:7f:28:29:0b:cb:54:c2:a6:ac:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=744dcb72e8cb478cfc4b25aeb1f03b406266375c
Validity
Not Before: Dec 8 09:03:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1d01fa78e93905d57efb97aa26fc91ba931e43f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:fe:bf:e9:58:a5:d3:16:c7:40:eb:b5:1a:79:
d0:4a:25:e7:91:e8:f2:34:19:97:33:df:2d:97:b4:
b4:42:81:dc:af:4d:a0:88:6e:78:da:99:50:64:ed:
83:16:33:43:5d:63:33:fb:8a:ce:06:a8:51:23:53:
73:cc:99:e5:f6:82:1c:9a:3e:a5:4e:be:4a:83:75:
25:21:21:11:ae:cf:7e:a2:c3:b7:ee:89:c3:4e:ec:
65:97:e9:32:25:f8:7b:c5:4b:1f:82:b4:71:3c:73:
f6:31:41:35:03:5a:fd:7f:d9:1b:d5:49:4b:06:1e:
d5:62:85:da:d9:bc:58:15:68:ee:24:54:d6:63:bb:
04:55:42:e1:0c:72:fe:22:d2:ae:32:3e:b9:a4:eb:
93:5d:e0:e3:1e:b6:c9:53:9f:fb:1f:18:4e:65:bc:
4e:bc:89:9e:ca:c0:f8:72:32:03:aa:04:5a:26:4a:
f8:c6:0c:8d:a3:c9:0b:e4:42:3b:c8:d2:ff:bf:b9:
5c:c2:e6:c4:80:0b:bb:6f:a6:68:55:84:8b:bb:78:
41:9b:42:12:c7:03:6f:af:22:6a:c2:92:a3:ca:50:
72:cd:12:35:83:06:11:31:46:55:7b:7d:7d:ab:89:
f2:f9:42:5f:ba:11:4c:83:c8:71:fe:b8:2c:f5:41:
9b:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:01:FA:78:E9:39:05:D5:7E:FB:97:AA:26:FC:91:BA:93:1E:43:F0
X509v3 Authority Key Identifier:
keyid:74:4D:CB:72:E8:CB:47:8C:FC:4B:25:AE:B1:F0:3B:40:62:66:37:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dE3LcujLR4z8SyWusfA7QGJmN1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/5e1be9-e4ea-4c84-a8b7-d0d476f41fd6/1/HQH6eOk5BdV--5eqJvyRupMeQ_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/5e1be9-e4ea-4c84-a8b7-d0d476f41fd6/1/dE3LcujLR4z8SyWusfA7QGJmN1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.246.207.0/24
Signature Algorithm: sha256WithRSAEncryption
84:43:38:82:7c:e8:a8:20:c6:97:60:10:cf:b6:38:b9:f5:d2:
cb:72:06:29:c7:9b:b4:7d:91:69:9a:d0:dd:d3:c9:5f:11:a4:
17:ed:6f:8e:6c:60:6f:e2:86:65:78:4f:91:50:b2:d6:6c:1c:
ab:67:20:c8:70:f8:8d:cd:97:2a:7a:01:76:63:5a:bb:15:58:
c5:e0:b8:55:c8:3e:06:c2:ba:a4:36:e8:80:78:bc:fe:d5:81:
24:37:ad:f5:56:12:93:51:eb:14:84:10:f4:5d:e9:01:b8:a2:
b1:24:5c:d8:23:a1:c1:91:f9:66:b3:93:5e:db:8b:7a:e1:9c:
2d:ab:e9:e8:30:d5:ba:b7:88:2a:b4:6d:31:70:12:ce:f8:48:
1d:72:e7:be:66:1b:bc:bb:20:d6:f7:8a:79:85:83:42:6d:1a:
1a:c1:07:06:3e:25:39:0f:be:52:9a:ea:41:15:d4:37:cf:78:
46:41:86:3c:a7:f3:9b:90:20:04:38:c7:47:ea:30:63:80:a1:
ee:0b:a9:65:42:b8:3f:86:f8:40:a3:03:95:ad:17:5b:69:06:
59:d3:c4:e7:90:9e:cb:d3:2b:31:5f:47:3e:8a:02:c7:e6:ef:
84:c1:4e:17:78:f1:74:47:37:29:ef:52:00:f5:a9:ed:3c:f5:
f1:06:93:10
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTw+Ux5f3F/KCkLy1TCpqxsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NGRjYjcyZThjYjQ3OGNmYzRiMjVhZWIxZjAzYjQwNjI2
NjM3NWMwHhcNMjIxMjA4MDkwMzAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDAxZmE3OGU5MzkwNWQ1N2VmYjk3YWEyNmZjOTFiYTkzMWU0M2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqP6/6Vil0xbHQOu1GnnQSiXnkejy
NBmXM98tl7S0QoHcr02giG542plQZO2DFjNDXWMz+4rOBqhRI1NzzJnl9oIcmj6l
Tr5Kg3UlISERrs9+osO37onDTuxll+kyJfh7xUsfgrRxPHP2MUE1A1r9f9kb1UlL
Bh7VYoXa2bxYFWjuJFTWY7sEVULhDHL+ItKuMj65pOuTXeDjHrbJU5/7HxhOZbxO
vImeysD4cjIDqgRaJkr4xgyNo8kL5EI7yNL/v7lcwubEgAu7b6ZoVYSLu3hBm0IS
xwNvryJqwpKjylByzRI1gwYRMUZVe319q4ny+UJfuhFMg8hx/rgs9UGbyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB0B+njpOQXVfvuXqib8kbqTHkPwMB8GA1UdIwQY
MBaAFHRNy3Loy0eM/EslrrHwO0BiZjdcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEUzTGN1akxSNHo4U3lXdXNmQTdRR0ptTjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi81ZTFiZTktZTRlYS00Yzg0LWE4Yjct
ZDBkNDc2ZjQxZmQ2LzEvSFFINmVPazVCZFYtLTVlcUp2eVJ1cE1lUV9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi81ZTFiZTktZTRlYS00Yzg0LWE4YjctZDBkNDc2ZjQxZmQ2
LzEvZEUzTGN1akxSNHo4U3lXdXNmQTdRR0ptTjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwfbPMA0G
CSqGSIb3DQEBCwUAA4IBAQCEQziCfOioIMaXYBDPtji59dLLcgYpx5u0fZFpmtDd
08lfEaQX7W+ObGBv4oZleE+RULLWbByrZyDIcPiNzZcqegF2Y1q7FVjF4LhVyD4G
wrqkNuiAeLz+1YEkN631VhKTUesUhBD0XekBuKKxJFzYI6HBkflms5Ne24t64Zwt
q+noMNW6t4gqtG0xcBLO+Egdcue+Zhu8uyDW94p5hYNCbRoawQcGPiU5D75SmupB
FdQ3z3hGQYY8p/ObkCAEOMdH6jBjgKHuC6llQrg/hvhAowOVrRdbaQZZ08TnkJ7L
0ysxX0c+igLH5u+EwU4XePF0Rzcp71IA9antPPXxBpMQ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:59 2025 by rpki-client