Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/0adcd8-8a4b-4923-bf36-814a611eca60/1/khcu7atzhTigGzeAUNWqceUkNJk.roa
File: khcu7atzhTigGzeAUNWqceUkNJk.roa (raw, json)
Hash identifier: 471fShT9CscK+Cas3ZNKxVUSBLtGqt2ODX26WErCJio=
Subject key identifier: 92:17:2E:ED:AB:73:85:38:A0:1B:37:80:50:D5:AA:71:E5:24:34:99
Certificate issuer: /CN=329b513e65706fcaa543a11a0e42d28b109df3b6
Certificate serial: 03D70032
Authority key identifier: 32:9B:51:3E:65:70:6F:CA:A5:43:A1:1A:0E:42:D2:8B:10:9D:F3:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MptRPmVwb8qlQ6EaDkLSixCd87Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/0adcd8-8a4b-4923-bf36-814a611eca60/1/khcu7atzhTigGzeAUNWqceUkNJk.roa
Signing time: Sat 01 Jan 2022 12:57:35 +0000
ROA not before: Sat 01 Jan 2022 12:57:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34253
IP address blocks: 193.242.110.0/24 maxlen: 24
195.242.71.0/24 maxlen: 24
195.242.70.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64421938 (0x3d70032)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=329b513e65706fcaa543a11a0e42d28b109df3b6
Validity
Not Before: Jan 1 12:57:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=92172eedab738538a01b378050d5aa71e5243499
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:be:f5:05:1d:04:38:a5:59:55:4e:cb:0c:3b:
e9:30:b8:90:a6:64:0a:96:db:92:1e:02:db:6b:31:
8d:66:6e:52:ef:04:18:79:19:e7:87:82:2a:fd:3a:
f8:cc:cf:6d:24:8a:4c:98:46:52:09:ef:69:7c:3e:
26:7a:0a:6f:c4:90:73:2b:fd:c5:12:6d:b2:ee:dc:
34:e5:d2:e2:4a:90:45:0a:f8:6f:02:85:a7:ed:a5:
1f:c3:d2:14:bd:f7:61:18:1a:b5:87:aa:c5:3f:36:
d0:24:03:f5:ae:0a:dc:4c:d3:13:f2:9c:b8:9a:0c:
38:39:15:f9:75:a4:e7:cb:db:df:70:63:b0:3d:32:
1c:24:42:54:6f:5a:b9:a4:c6:5d:76:09:42:8f:d7:
6a:24:e3:1d:ff:56:ab:c4:68:12:93:2c:c3:c0:cb:
67:55:6b:ab:ba:8c:78:2a:b2:6d:5b:61:3b:38:e2:
0b:a0:46:84:54:66:ae:2b:91:97:72:a0:48:16:db:
c9:66:49:be:c1:e1:a9:d1:c7:26:9a:49:56:24:d5:
25:52:d9:0c:c8:6d:23:66:dc:67:60:67:15:79:98:
e0:8a:57:2e:f3:68:e5:16:c2:47:46:19:63:b3:f6:
75:29:b9:a2:d0:6b:83:90:4a:c5:d0:1c:3a:1a:50:
1c:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:17:2E:ED:AB:73:85:38:A0:1B:37:80:50:D5:AA:71:E5:24:34:99
X509v3 Authority Key Identifier:
keyid:32:9B:51:3E:65:70:6F:CA:A5:43:A1:1A:0E:42:D2:8B:10:9D:F3:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MptRPmVwb8qlQ6EaDkLSixCd87Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/0adcd8-8a4b-4923-bf36-814a611eca60/1/khcu7atzhTigGzeAUNWqceUkNJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/0adcd8-8a4b-4923-bf36-814a611eca60/1/MptRPmVwb8qlQ6EaDkLSixCd87Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.242.110.0/24
195.242.70.0/23
Signature Algorithm: sha256WithRSAEncryption
2d:a8:6f:3e:5d:0f:3c:ed:55:af:6e:ca:a2:6b:32:06:23:17:
21:a8:0f:0c:6c:ed:45:e5:34:f4:dc:f0:ec:4d:1d:74:5b:25:
1a:99:8f:31:28:70:c9:09:65:e1:17:70:e7:97:33:f9:44:63:
ae:b1:17:cb:4d:e9:3f:36:39:91:d3:85:53:76:5f:be:f9:80:
d4:c2:40:bc:49:a1:27:71:91:3b:fb:dd:cc:d4:5d:3c:13:c8:
ac:26:45:f5:b3:bb:5e:1f:8b:50:b9:f4:5e:f6:b3:bb:86:e9:
4f:1a:a6:5b:54:6d:a3:d6:ca:12:2f:79:50:d7:53:c7:4b:c8:
96:eb:d2:55:f8:c9:6b:00:4e:5b:4a:dd:ae:24:8e:27:6d:6d:
54:e9:69:d7:55:87:2a:34:19:36:5b:3a:77:cc:95:98:95:27:
46:4d:55:6d:e7:f2:6e:10:d3:a4:73:d6:8e:43:a1:95:53:bf:
1e:b5:80:03:2c:0a:4d:bf:56:9c:12:cb:bd:a8:79:47:9e:a5:
8b:d8:68:2b:54:68:d6:27:98:d8:c3:44:22:5f:83:b7:d8:f8:
cf:2a:9c:37:bf:2f:76:e6:8e:81:e3:8b:a1:74:bc:32:93:30:
91:ec:93:58:01:04:46:8b:8f:7f:a0:3b:bc:9f:6f:89:95:0e:
3f:c0:85:54
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEA9cAMjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MjliNTEzZTY1NzA2ZmNhYTU0M2ExMWEwZTQyZDI4YjEwOWRmM2I2MB4XDTIyMDEw
MTEyNTczNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTIxNzJlZWRhYjcz
ODUzOGEwMWIzNzgwNTBkNWFhNzFlNTI0MzQ5OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJO+9QUdBDilWVVOyww76TC4kKZkCpbbkh4C22sxjWZuUu8E
GHkZ54eCKv06+MzPbSSKTJhGUgnvaXw+JnoKb8SQcyv9xRJtsu7cNOXS4kqQRQr4
bwKFp+2lH8PSFL33YRgatYeqxT820CQD9a4K3EzTE/KcuJoMODkV+XWk58vb33Bj
sD0yHCRCVG9auaTGXXYJQo/XaiTjHf9Wq8RoEpMsw8DLZ1Vrq7qMeCqybVthOzji
C6BGhFRmriuRl3KgSBbbyWZJvsHhqdHHJppJViTVJVLZDMhtI2bcZ2BnFXmY4IpX
LvNo5RbCR0YZY7P2dSm5otBrg5BKxdAcOhpQHIcCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSSFy7tq3OFOKAbN4BQ1apx5SQ0mTAfBgNVHSMEGDAWgBQym1E+ZXBvyqVD
oRoOQtKLEJ3ztjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01wdFJQbVZ3YjhxbFE2RWFEa0xTaXhDZDg3WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWEvMGFkY2Q4LThhNGItNDkyMy1iZjM2LTgxNGE2MTFlY2E2MC8x
L2toY3U3YXR6aFRpZ0d6ZUFVTldxY2VVa05Kay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWEv
MGFkY2Q4LThhNGItNDkyMy1iZjM2LTgxNGE2MTFlY2E2MC8xL01wdFJQbVZ3Yjhx
bFE2RWFEa0xTaXhDZDg3WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAMHybgMEAcPyRjANBgkqhkiG9w0B
AQsFAAOCAQEALahvPl0PPO1Vr27KomsyBiMXIagPDGztReU09Nzw7E0ddFslGpmP
MShwyQll4Rdw55cz+URjrrEXy03pPzY5kdOFU3ZfvvmA1MJAvEmhJ3GRO/vdzNRd
PBPIrCZF9bO7Xh+LULn0Xvazu4bpTxqmW1Rto9bKEi95UNdTx0vIluvSVfjJawBO
W0rdriSOJ21tVOlp11WHKjQZNls6d8yVmJUnRk1VbefybhDTpHPWjkOhlVO/HrWA
AywKTb9WnBLLvah5R56li9hoK1Ro1ieY2MNEIl+Dt9j4zyqcN78vduaOgeOLoXS8
MpMwkeyTWAEERouPf6A7vJ9viZUOP8CFVA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:41 2025 by rpki-client