Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/70ddc4-f9c4-498b-85ee-16fc9d44ec7d/1/hvpHm9g4-JrAKmiWdl4DVY0hn1Y.roa
File: hvpHm9g4-JrAKmiWdl4DVY0hn1Y.roa (raw, json)
Hash identifier: qYH407HAPI039jkgNyWpVwyxqPNYngRoptz2l0Tq7Xk=
Subject key identifier: 86:FA:47:9B:D8:38:F8:9A:C0:2A:68:96:76:5E:03:55:8D:21:9F:56
Certificate issuer: /CN=9c0d5540bdcd33052bc00fff266338bf3cc82a80
Certificate serial: 01856D41715D062A47EA34336E584975900D
Authority key identifier: 9C:0D:55:40:BD:CD:33:05:2B:C0:0F:FF:26:63:38:BF:3C:C8:2A:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nA1VQL3NMwUrwA__JmM4vzzIKoA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/70ddc4-f9c4-498b-85ee-16fc9d44ec7d/1/hvpHm9g4-JrAKmiWdl4DVY0hn1Y.roa
Signing time: Sun 01 Jan 2023 12:14:43 +0000
ROA not before: Sun 01 Jan 2023 12:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 400161
IP address blocks: 195.96.137.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:41:71:5d:06:2a:47:ea:34:33:6e:58:49:75:90:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c0d5540bdcd33052bc00fff266338bf3cc82a80
Validity
Not Before: Jan 1 12:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=86fa479bd838f89ac02a6896765e03558d219f56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:73:fa:33:1a:c2:68:39:c7:57:99:fd:e4:a8:
72:f9:92:07:24:f8:32:9e:bb:f2:c6:ef:f0:3c:79:
26:88:7c:a2:f4:65:d5:d1:fd:1a:7e:74:09:ce:d8:
6c:f6:89:fb:12:81:bb:0e:16:24:98:4e:42:26:fd:
34:9e:15:65:5c:9e:23:1b:6d:48:cf:40:fd:13:3d:
11:09:21:77:5c:a7:55:5e:c8:00:c5:7a:06:40:7e:
46:28:b5:f2:48:ee:92:a1:eb:73:0b:ed:e0:d7:cc:
a9:d6:37:80:fa:08:e3:07:e3:79:d2:f4:8b:cd:c3:
2a:1f:b8:48:ef:c5:d6:34:c1:24:bd:cd:04:75:9a:
95:5a:c9:40:66:23:20:27:66:a3:27:61:8b:2a:f6:
d6:9d:c7:0c:2f:61:ab:c8:e7:1e:48:13:ab:db:61:
f2:a1:e0:d6:1a:2c:6c:25:6c:19:25:6c:25:58:aa:
63:73:3a:a8:8a:61:bf:d7:95:71:0d:cd:a2:be:24:
a2:c6:10:1f:a6:a6:9c:7e:87:0f:70:eb:0c:88:39:
10:39:26:13:66:4a:5b:a8:1e:48:96:5d:a2:1e:54:
5b:49:ac:f1:15:1b:f8:dc:e4:0d:f3:68:2b:d9:05:
f1:47:a9:07:89:30:58:19:2b:a8:07:7b:ec:2b:a3:
5e:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:FA:47:9B:D8:38:F8:9A:C0:2A:68:96:76:5E:03:55:8D:21:9F:56
X509v3 Authority Key Identifier:
keyid:9C:0D:55:40:BD:CD:33:05:2B:C0:0F:FF:26:63:38:BF:3C:C8:2A:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nA1VQL3NMwUrwA__JmM4vzzIKoA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/70ddc4-f9c4-498b-85ee-16fc9d44ec7d/1/hvpHm9g4-JrAKmiWdl4DVY0hn1Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/70ddc4-f9c4-498b-85ee-16fc9d44ec7d/1/nA1VQL3NMwUrwA__JmM4vzzIKoA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.96.137.0/24
Signature Algorithm: sha256WithRSAEncryption
05:a4:10:b1:af:27:5f:ef:f1:8a:61:26:a4:2c:02:76:84:af:
24:af:7b:02:c4:2c:cf:2c:2d:ab:35:d7:b0:b7:06:c9:e0:e3:
c9:c7:e0:e2:bd:a2:ea:e3:33:b2:6f:29:9c:68:7e:e5:7b:fa:
97:e6:1c:04:8b:76:ef:b0:c1:49:ba:b2:28:df:b5:2c:53:40:
7c:74:21:0c:15:33:31:38:1d:b8:de:25:d2:1c:b1:e8:a5:67:
1c:0c:68:1f:73:61:a3:5a:7b:3d:a6:a4:07:6b:51:fc:c0:0e:
ec:4d:3f:79:6c:86:51:dc:ed:9b:a1:71:a0:31:c4:a5:98:1a:
55:da:fc:8d:0b:e2:c7:6b:df:25:ce:f0:88:c8:1a:7a:9e:53:
f8:cc:26:42:f4:13:3a:1e:de:2a:c0:ae:f6:6b:b6:03:34:bf:
06:28:50:a0:25:d3:58:7c:f2:e4:1b:52:ae:1f:e5:b4:8d:29:
ff:49:40:cc:d9:f3:04:91:2c:0b:45:a9:d9:69:15:2a:d5:83:
a9:05:cd:ed:1f:54:63:17:a0:1f:dc:2f:1b:fa:fd:b7:51:a8:
e3:77:e4:36:d6:b2:87:aa:7d:b2:09:30:f0:62:21:62:43:08:
82:34:e2:8c:ed:e2:4b:93:34:93:7d:32:3f:ee:a3:bd:0e:5e:
c0:6a:03:b1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtQXFdBipH6jQzblhJdZANMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljMGQ1NTQwYmRjZDMzMDUyYmMwMGZmZjI2NjMzOGJmM2Nj
ODJhODAwHhcNMjMwMTAxMTIxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmZhNDc5YmQ4MzhmODlhYzAyYTY4OTY3NjVlMDM1NThkMjE5ZjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXP6MxrCaDnHV5n95Khy+ZIHJPgy
nrvyxu/wPHkmiHyi9GXV0f0afnQJzths9on7EoG7DhYkmE5CJv00nhVlXJ4jG21I
z0D9Ez0RCSF3XKdVXsgAxXoGQH5GKLXySO6SoetzC+3g18yp1jeA+gjjB+N50vSL
zcMqH7hI78XWNMEkvc0EdZqVWslAZiMgJ2ajJ2GLKvbWnccML2GryOceSBOr22Hy
oeDWGixsJWwZJWwlWKpjczqoimG/15VxDc2iviSixhAfpqacfocPcOsMiDkQOSYT
ZkpbqB5Ill2iHlRbSazxFRv43OQN82gr2QXxR6kHiTBYGSuoB3vsK6NevwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIb6R5vYOPiawCpolnZeA1WNIZ9WMB8GA1UdIwQY
MBaAFJwNVUC9zTMFK8AP/yZjOL88yCqAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkExVlFMM05Nd1Vyd0FfX0ptTTR2enpJS29BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi83MGRkYzQtZjljNC00OThiLTg1ZWUt
MTZmYzlkNDRlYzdkLzEvaHZwSG05ZzQtSnJBS21pV2RsNERWWTBobjFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi83MGRkYzQtZjljNC00OThiLTg1ZWUtMTZmYzlkNDRlYzdk
LzEvbkExVlFMM05Nd1Vyd0FfX0ptTTR2enpJS29BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw2CJMA0G
CSqGSIb3DQEBCwUAA4IBAQAFpBCxrydf7/GKYSakLAJ2hK8kr3sCxCzPLC2rNdew
twbJ4OPJx+DivaLq4zOybymcaH7le/qX5hwEi3bvsMFJurIo37UsU0B8dCEMFTMx
OB243iXSHLHopWccDGgfc2GjWns9pqQHa1H8wA7sTT95bIZR3O2boXGgMcSlmBpV
2vyNC+LHa98lzvCIyBp6nlP4zCZC9BM6Ht4qwK72a7YDNL8GKFCgJdNYfPLkG1Ku
H+W0jSn/SUDM2fMEkSwLRanZaRUq1YOpBc3tH1RjF6Af3C8b+v23Uajjd+Q21rKH
qn2yCTDwYiFiQwiCNOKM7eJLkzSTfTI/7qO9Dl7AagOx
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:01:21 2025 by rpki-client