Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/3552ae-c55e-4a0b-b8fe-e26e9f51ddb2/1/H_e1__zvg0Lgcckl682lcyagycM.roa
File: H_e1__zvg0Lgcckl682lcyagycM.roa (raw, json)
Hash identifier: uxQC2VQxJtcEkjaFfR/+328H3u9id/EmlIJpR/9cRfM=
Subject key identifier: 1F:F7:B5:FF:FC:EF:83:42:E0:71:C9:25:EB:CD:A5:73:26:A0:C9:C3
Certificate issuer: /CN=33af5dc629cd4937597f3fcd858ca5c80ed97c50
Certificate serial: 01856DC1E7E96E8F4684BA075ED506EE8D2A
Authority key identifier: 33:AF:5D:C6:29:CD:49:37:59:7F:3F:CD:85:8C:A5:C8:0E:D9:7C:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M69dxinNSTdZfz_NhYylyA7ZfFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/3552ae-c55e-4a0b-b8fe-e26e9f51ddb2/1/H_e1__zvg0Lgcckl682lcyagycM.roa
Signing time: Sun 01 Jan 2023 14:35:02 +0000
ROA not before: Sun 01 Jan 2023 14:35:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31645
IP address blocks: 194.32.84.0/24 maxlen: 24
194.32.84.0/23 maxlen: 23
194.32.85.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:c1:e7:e9:6e:8f:46:84:ba:07:5e:d5:06:ee:8d:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33af5dc629cd4937597f3fcd858ca5c80ed97c50
Validity
Not Before: Jan 1 14:35:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1ff7b5fffcef8342e071c925ebcda57326a0c9c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:8a:c1:46:e5:c1:b6:a6:96:99:b3:fa:12:4d:
7c:b2:ca:01:ed:7a:a1:70:22:de:17:57:71:7a:c3:
b5:bf:63:fb:1e:d7:09:81:e3:35:e0:af:d0:3f:99:
93:d8:5a:a1:c3:6a:bc:98:2d:af:ff:53:a1:e0:77:
5f:09:60:7d:ac:b6:ac:9e:b6:18:50:be:46:36:48:
07:7f:25:59:04:6a:e9:dd:43:40:14:78:a9:fa:ca:
f5:47:50:c0:bd:31:7f:a2:c0:36:7a:24:3c:30:ba:
b1:95:2a:ec:05:de:80:b9:0a:82:a0:7e:70:35:a9:
53:2e:00:aa:1b:63:6a:39:78:ce:9e:a2:ee:98:5a:
97:af:5f:2f:b7:5b:5d:4a:7c:95:50:e7:22:48:16:
8e:ee:81:6f:f8:1e:f1:be:c1:5c:1a:f9:cc:94:9e:
b1:78:b1:71:50:12:d1:38:97:eb:5c:e3:4f:9f:54:
c0:8d:9a:ed:41:5a:b5:a7:ef:79:f4:be:c0:a4:69:
1a:d8:a0:d8:4e:87:d9:16:99:c5:48:65:98:78:b5:
d3:6e:49:dd:f3:c0:80:b9:d7:d9:dc:e0:9c:19:f5:
0a:e5:5d:35:33:1a:e2:c1:4c:23:2b:55:97:b1:ae:
f8:50:79:c0:b8:86:95:e6:b7:c1:3b:5a:34:2e:9c:
47:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:F7:B5:FF:FC:EF:83:42:E0:71:C9:25:EB:CD:A5:73:26:A0:C9:C3
X509v3 Authority Key Identifier:
keyid:33:AF:5D:C6:29:CD:49:37:59:7F:3F:CD:85:8C:A5:C8:0E:D9:7C:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M69dxinNSTdZfz_NhYylyA7ZfFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/3552ae-c55e-4a0b-b8fe-e26e9f51ddb2/1/H_e1__zvg0Lgcckl682lcyagycM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/3552ae-c55e-4a0b-b8fe-e26e9f51ddb2/1/M69dxinNSTdZfz_NhYylyA7ZfFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.32.84.0/23
Signature Algorithm: sha256WithRSAEncryption
5d:48:bd:e7:50:2e:c9:41:11:9c:ae:1a:55:5d:4b:87:8f:f2:
2c:fb:79:0d:77:25:36:ed:03:cb:09:3a:08:94:c5:d1:1b:cc:
10:1f:74:bb:76:f7:2b:1e:ae:36:06:75:58:08:68:bf:44:ce:
6b:34:1f:c1:a8:33:75:f2:da:bf:20:45:1f:d7:ea:9a:09:e7:
b4:1b:c8:68:e6:f2:82:c2:a8:f9:3e:ee:76:af:cc:7e:59:cb:
8f:b5:5d:63:e7:3a:cd:37:b8:be:ba:01:6e:78:cd:9b:5a:47:
bf:00:0e:cf:4f:95:b5:79:04:91:3c:f7:d8:22:14:33:5d:01:
e4:df:a5:17:40:15:97:a9:d9:53:23:da:f0:9c:e9:3b:5a:06:
1d:92:8e:7f:d8:8d:14:da:e6:49:2a:89:5c:6f:e8:b7:fd:a2:
0c:b6:e8:78:c2:24:a3:e0:95:e9:1c:c3:af:5a:12:4d:90:45:
50:38:b1:d2:e2:1c:8e:60:e8:dd:d9:e5:73:60:2a:17:c5:cc:
2b:7e:6f:f6:38:82:3e:74:23:cb:51:c0:80:82:26:e0:39:64:
07:eb:d5:d9:1d:80:7c:3c:c9:39:34:f0:28:de:cf:de:57:e0:
ff:ec:70:e6:25:a7:09:e2:5c:78:4c:e1:65:9c:b9:ff:82:41:
5e:e2:ae:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtwefpbo9GhLoHXtUG7o0qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzYWY1ZGM2MjljZDQ5Mzc1OTdmM2ZjZDg1OGNhNWM4MGVk
OTdjNTAwHhcNMjMwMTAxMTQzNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmY3YjVmZmZjZWY4MzQyZTA3MWM5MjVlYmNkYTU3MzI2YTBjOWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIrBRuXBtqaWmbP6Ek18ssoB7Xqh
cCLeF1dxesO1v2P7HtcJgeM14K/QP5mT2Fqhw2q8mC2v/1Oh4HdfCWB9rLasnrYY
UL5GNkgHfyVZBGrp3UNAFHip+sr1R1DAvTF/osA2eiQ8MLqxlSrsBd6AuQqCoH5w
NalTLgCqG2NqOXjOnqLumFqXr18vt1tdSnyVUOciSBaO7oFv+B7xvsFcGvnMlJ6x
eLFxUBLROJfrXONPn1TAjZrtQVq1p+959L7ApGka2KDYTofZFpnFSGWYeLXTbknd
88CAudfZ3OCcGfUK5V01MxriwUwjK1WXsa74UHnAuIaV5rfBO1o0LpxHXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB/3tf/874NC4HHJJevNpXMmoMnDMB8GA1UdIwQY
MBaAFDOvXcYpzUk3WX8/zYWMpcgO2XxQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTY5ZHhpbk5TVGRaZnpfTmhZeWx5QTdaZkZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8zNTUyYWUtYzU1ZS00YTBiLWI4ZmUt
ZTI2ZTlmNTFkZGIyLzEvSF9lMV9fenZnMExnY2NrbDY4MmxjeWFneWNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8zNTUyYWUtYzU1ZS00YTBiLWI4ZmUtZTI2ZTlmNTFkZGIy
LzEvTTY5ZHhpbk5TVGRaZnpfTmhZeWx5QTdaZkZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwiBUMA0G
CSqGSIb3DQEBCwUAA4IBAQBdSL3nUC7JQRGcrhpVXUuHj/Is+3kNdyU27QPLCToI
lMXRG8wQH3S7dvcrHq42BnVYCGi/RM5rNB/BqDN18tq/IEUf1+qaCee0G8ho5vKC
wqj5Pu52r8x+WcuPtV1j5zrNN7i+ugFueM2bWke/AA7PT5W1eQSRPPfYIhQzXQHk
36UXQBWXqdlTI9rwnOk7WgYdko5/2I0U2uZJKolcb+i3/aIMtuh4wiSj4JXpHMOv
WhJNkEVQOLHS4hyOYOjd2eVzYCoXxcwrfm/2OII+dCPLUcCAgibgOWQH69XZHYB8
PMk5NPAo3s/eV+D/7HDmJacJ4lx4TOFlnLn/gkFe4q7e
-----END CERTIFICATE-----
Generated at Fri Apr 18 19:04:15 2025 by rpki-client