Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/a73f09-1b9d-4c26-b01d-0e8a9485a9a2/1/HCdKYv9WHb_tIfkU43Degg8utvo.roa
File: HCdKYv9WHb_tIfkU43Degg8utvo.roa (raw, json)
Hash identifier: Cm9MUsd8nLlBp4aPMI8UNyYvw62LBS6g4RGKoAxPXeM=
Subject key identifier: 1C:27:4A:62:FF:56:1D:BF:ED:21:F9:14:E3:70:DE:82:0F:2E:B6:FA
Certificate issuer: /CN=1aaaba7da7c8f36c8b275ca738491cedccb5e312
Certificate serial: 018570429D5E23A9204B62C76A489CCB712D
Authority key identifier: 1A:AA:BA:7D:A7:C8:F3:6C:8B:27:5C:A7:38:49:1C:ED:CC:B5:E3:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gqq6fafI82yLJ1ynOEkc7cy14xI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/a73f09-1b9d-4c26-b01d-0e8a9485a9a2/1/HCdKYv9WHb_tIfkU43Degg8utvo.roa
Signing time: Mon 02 Jan 2023 02:14:51 +0000
ROA not before: Mon 02 Jan 2023 02:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 196722
IP address blocks: 193.5.181.0/24 maxlen: 24
193.5.185.0/24 maxlen: 24
193.5.182.0/24 maxlen: 24
193.5.186.0/24 maxlen: 24
193.5.180.0/24 maxlen: 24
193.5.188.0/24 maxlen: 24
193.5.187.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:9d:5e:23:a9:20:4b:62:c7:6a:48:9c:cb:71:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aaaba7da7c8f36c8b275ca738491cedccb5e312
Validity
Not Before: Jan 2 02:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c274a62ff561dbfed21f914e370de820f2eb6fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:07:1e:dc:ed:51:38:9e:38:77:b8:2d:ff:33:
58:f5:17:fa:56:51:15:16:b8:36:62:3d:7a:cf:86:
fd:6f:16:4f:46:c3:a8:08:2d:1d:de:5c:ff:a6:66:
8d:55:d0:9e:e9:18:2b:16:f0:fd:9d:d1:74:78:f4:
f1:26:39:bd:ed:b3:b9:bf:09:87:68:e4:1c:16:55:
be:be:5c:d5:88:38:91:13:75:e9:41:51:22:74:db:
d5:6f:09:24:0f:85:51:56:f1:98:48:10:e6:67:44:
39:2f:6d:b3:d4:51:1f:2b:7d:98:88:b7:a7:cf:b2:
6c:d4:18:f4:a9:0f:f3:f6:d7:95:59:ce:a2:04:c3:
01:26:00:d6:9e:3b:9b:70:e2:3e:60:ea:69:2d:b3:
6d:66:82:9b:11:43:37:26:14:f0:34:8b:f2:70:f4:
d0:4d:ef:c0:93:a0:a7:c7:dc:7b:51:3e:cd:7f:07:
76:1f:92:a0:34:89:49:37:dd:dd:1c:1d:dc:3b:09:
1e:b0:bc:c0:cb:e9:a4:48:d5:e6:3b:5d:88:83:e4:
a3:4e:53:94:7d:67:6d:b3:ee:14:e0:3c:d7:72:6f:
e2:25:44:f0:4c:1d:a7:28:6e:dc:d0:98:fd:db:f5:
64:d8:6c:87:e4:6f:df:3b:42:8c:f5:7d:55:69:9f:
27:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:27:4A:62:FF:56:1D:BF:ED:21:F9:14:E3:70:DE:82:0F:2E:B6:FA
X509v3 Authority Key Identifier:
keyid:1A:AA:BA:7D:A7:C8:F3:6C:8B:27:5C:A7:38:49:1C:ED:CC:B5:E3:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gqq6fafI82yLJ1ynOEkc7cy14xI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/a73f09-1b9d-4c26-b01d-0e8a9485a9a2/1/HCdKYv9WHb_tIfkU43Degg8utvo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/a73f09-1b9d-4c26-b01d-0e8a9485a9a2/1/Gqq6fafI82yLJ1ynOEkc7cy14xI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.5.180.0-193.5.182.255
193.5.185.0-193.5.188.255
Signature Algorithm: sha256WithRSAEncryption
3f:30:87:16:ad:a7:d4:4c:5c:7f:6a:8b:41:51:03:c6:b9:fb:
72:be:1f:87:44:91:fe:84:97:94:a4:3a:57:33:8d:ea:2d:20:
4c:99:ca:47:a4:fb:05:19:f3:23:c7:6a:8b:aa:8e:7d:75:f2:
fa:a0:c8:c3:64:e4:a9:10:21:c7:38:a3:69:8f:e6:19:f2:fd:
ab:2f:9a:2f:79:98:e8:23:dd:01:68:23:3e:9d:20:a8:54:5b:
b3:f1:f5:cd:c1:b8:af:ae:d6:90:bc:6d:cb:66:53:88:cc:f1:
2f:d8:73:a4:3d:1f:d1:92:9d:d9:f9:6d:19:5c:55:bb:8f:b3:
9d:fe:b5:38:6d:d6:f7:52:0b:a2:e6:44:5d:00:c7:80:0f:b8:
7e:42:7f:ce:97:b8:11:5e:81:e6:c3:44:38:72:e2:8c:29:e1:
10:71:8f:e1:1e:55:3d:e8:ae:a0:71:f4:46:29:03:c6:73:97:
7f:3e:41:a2:98:d7:fe:f5:a4:be:c9:b2:13:d7:d9:1c:a6:db:
f2:9f:2e:30:3c:58:73:61:9d:bf:48:83:6a:4d:ae:3d:30:06:
f1:59:35:40:03:9b:1e:e2:a2:95:f2:b4:0f:08:a8:23:19:ee:
b5:b3:b6:3f:00:f2:6d:49:e9:b3:67:b1:38:0e:a7:fa:c8:1a:
cc:3b:ba:cb
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYVwQp1eI6kgS2LHakicy3EtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhYWFiYTdkYTdjOGYzNmM4YjI3NWNhNzM4NDkxY2VkY2Ni
NWUzMTIwHhcNMjMwMTAyMDIxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzI3NGE2MmZmNTYxZGJmZWQyMWY5MTRlMzcwZGU4MjBmMmViNmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAigce3O1ROJ44d7gt/zNY9Rf6VlEV
Frg2Yj16z4b9bxZPRsOoCC0d3lz/pmaNVdCe6RgrFvD9ndF0ePTxJjm97bO5vwmH
aOQcFlW+vlzViDiRE3XpQVEidNvVbwkkD4VRVvGYSBDmZ0Q5L22z1FEfK32YiLen
z7Js1Bj0qQ/z9teVWc6iBMMBJgDWnjubcOI+YOppLbNtZoKbEUM3JhTwNIvycPTQ
Te/Ak6Cnx9x7UT7Nfwd2H5KgNIlJN93dHB3cOwkesLzAy+mkSNXmO12Ig+SjTlOU
fWdts+4U4DzXcm/iJUTwTB2nKG7c0Jj92/Vk2GyH5G/fO0KM9X1VaZ8n+QIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFBwnSmL/Vh2/7SH5FONw3oIPLrb6MB8GA1UdIwQY
MBaAFBqqun2nyPNsiydcpzhJHO3MteMSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3FxNmZhZkk4MnlMSjF5bk9Fa2M3Y3kxNHhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9hNzNmMDktMWI5ZC00YzI2LWIwMWQt
MGU4YTk0ODVhOWEyLzEvSENkS1l2OVdIYl90SWZrVTQzRGVnZzh1dHZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9hNzNmMDktMWI5ZC00YzI2LWIwMWQtMGU4YTk0ODVhOWEy
LzEvR3FxNmZhZkk4MnlMSjF5bk9Fa2M3Y3kxNHhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBALBBbQD
BADBBbYwDAMEAMEFuQMEAMEFvDANBgkqhkiG9w0BAQsFAAOCAQEAPzCHFq2n1Exc
f2qLQVEDxrn7cr4fh0SR/oSXlKQ6VzON6i0gTJnKR6T7BRnzI8dqi6qOfXXy+qDI
w2TkqRAhxzijaY/mGfL9qy+aL3mY6CPdAWgjPp0gqFRbs/H1zcG4r67WkLxty2ZT
iMzxL9hzpD0f0ZKd2fltGVxVu4+znf61OG3W91ILouZEXQDHgA+4fkJ/zpe4EV6B
5sNEOHLijCnhEHGP4R5VPeiuoHH0RikDxnOXfz5BopjX/vWkvsmyE9fZHKbb8p8u
MDxYc2Gdv0iDak2uPTAG8Vk1QAObHuKilfK0DwioIxnutbO2PwDybUnps2exOA6n
+sgazDu6yw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:12:17 2025 by rpki-client