Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/a2a6ad-b15f-4734-b59e-664a9926f333/1/h2Nd6nwQMLS2efUQp9zUpp1BMUQ.roa
File: h2Nd6nwQMLS2efUQp9zUpp1BMUQ.roa (raw, json)
Hash identifier: 9hnSvS6hM5S29Yv/SCb7FiIp/noPSTCBzpnDF5uZjMU=
Subject key identifier: 87:63:5D:EA:7C:10:30:B4:B6:79:F5:10:A7:DC:D4:A6:9D:41:31:44
Certificate issuer: /CN=c5450afa73f0b87a420028c2b2a48cce0fe92b0a
Certificate serial: 01856F025133078ED136880951E5B7E5F592
Authority key identifier: C5:45:0A:FA:73:F0:B8:7A:42:00:28:C2:B2:A4:8C:CE:0F:E9:2B:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xUUK-nPwuHpCACjCsqSMzg_pKwo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/a2a6ad-b15f-4734-b59e-664a9926f333/1/h2Nd6nwQMLS2efUQp9zUpp1BMUQ.roa
Signing time: Sun 01 Jan 2023 20:25:00 +0000
ROA not before: Sun 01 Jan 2023 20:25:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197451
IP address blocks: 147.229.192.0/19 maxlen: 19
147.229.0.0/17 maxlen: 17
147.229.224.0/19 maxlen: 19
147.229.128.0/18 maxlen: 18
185.62.108.0/23 maxlen: 23
2001:67c:1220::/46 maxlen: 46
2a03:2e0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:51:33:07:8e:d1:36:88:09:51:e5:b7:e5:f5:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5450afa73f0b87a420028c2b2a48cce0fe92b0a
Validity
Not Before: Jan 1 20:25:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=87635dea7c1030b4b679f510a7dcd4a69d413144
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:36:f2:c9:4f:85:de:b1:08:7e:25:65:cd:cc:
22:70:09:11:cf:a5:21:8c:b0:79:97:bd:68:25:86:
e8:01:0a:35:e3:b6:45:17:ea:90:49:4b:b8:7b:79:
11:d7:3b:40:11:ae:8a:1a:c9:11:b4:f7:13:90:6e:
df:b6:8c:26:de:51:0f:fb:06:e5:2b:58:7f:1d:31:
c7:6f:b6:88:26:5b:d6:96:9d:ba:5b:8a:89:81:d2:
1f:9b:ce:f5:ae:80:1b:16:a9:be:5f:a7:6a:19:42:
ba:4f:df:87:24:ad:f9:74:0d:68:ee:07:b4:41:46:
73:04:ce:30:2e:9b:db:f9:d6:39:a2:66:7a:1c:7f:
a3:9d:5d:f2:9e:13:51:db:30:4b:cd:37:24:36:1b:
43:f4:9b:5b:51:0f:e8:43:f1:73:aa:c6:6a:2f:90:
1b:ba:c8:98:cb:de:2f:7f:ee:6f:36:9f:ac:b3:13:
01:da:16:db:04:a5:75:45:c4:60:18:ce:2e:48:8d:
4f:ac:57:da:72:c3:1d:a9:4a:01:98:2e:6c:26:e3:
38:27:73:47:a7:be:0d:01:54:eb:ff:53:cc:81:1b:
16:79:81:0e:1b:ca:ab:02:74:0a:ac:92:b5:09:66:
eb:23:e0:bb:1c:c5:f6:8a:da:71:af:8d:51:a4:78:
2c:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:63:5D:EA:7C:10:30:B4:B6:79:F5:10:A7:DC:D4:A6:9D:41:31:44
X509v3 Authority Key Identifier:
keyid:C5:45:0A:FA:73:F0:B8:7A:42:00:28:C2:B2:A4:8C:CE:0F:E9:2B:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xUUK-nPwuHpCACjCsqSMzg_pKwo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/a2a6ad-b15f-4734-b59e-664a9926f333/1/h2Nd6nwQMLS2efUQp9zUpp1BMUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/a2a6ad-b15f-4734-b59e-664a9926f333/1/xUUK-nPwuHpCACjCsqSMzg_pKwo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.229.0.0/16
185.62.108.0/23
IPv6:
2001:67c:1220::/46
2a03:2e0::/29
Signature Algorithm: sha256WithRSAEncryption
04:02:58:ec:c3:81:80:96:f4:d6:30:bf:a3:96:57:38:20:3e:
55:d2:a1:57:91:cc:06:1d:59:cb:eb:ae:d5:32:e5:99:07:40:
ee:10:10:75:e3:20:8b:2b:15:8f:80:ce:c8:49:a0:80:82:42:
56:20:b8:90:36:80:ae:97:14:ba:50:4d:bb:17:e0:20:5b:ba:
42:03:31:ca:63:82:8a:d3:60:28:a3:04:e7:70:29:12:7a:8b:
73:8c:54:50:29:fe:ab:2a:6c:c6:b2:29:7a:1f:18:f5:f6:14:
5c:0e:c8:5a:bc:2f:e8:19:c7:27:45:b4:60:b9:ea:8a:23:61:
ff:bc:28:2a:be:3c:2f:c5:21:5e:2b:d8:e5:8a:6f:4d:60:6a:
b0:94:9e:72:3c:38:39:be:08:24:45:51:a8:4d:e6:cb:eb:9f:
a9:1b:61:8f:ef:16:21:dc:de:c3:45:20:73:6f:52:33:ce:2e:
1a:76:c3:b2:b0:db:29:d2:74:39:ab:bb:5c:36:a1:de:68:0b:
a4:4f:9b:67:56:91:67:fd:e0:1c:c6:41:ff:96:e3:d1:e4:f7:
27:dd:6c:bc:cc:a0:30:8a:c5:3d:6b:64:f2:c6:d7:af:35:b6:
5f:02:ad:cd:f3:f6:f4:fb:f7:aa:a0:82:06:d2:66:a0:49:ec:
d8:91:b4:a1
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVvAlEzB47RNogJUeW35fWSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1NDUwYWZhNzNmMGI4N2E0MjAwMjhjMmIyYTQ4Y2NlMGZl
OTJiMGEwHhcNMjMwMTAxMjAyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzYzNWRlYTdjMTAzMGI0YjY3OWY1MTBhN2RjZDRhNjlkNDEzMTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDbyyU+F3rEIfiVlzcwicAkRz6Uh
jLB5l71oJYboAQo147ZFF+qQSUu4e3kR1ztAEa6KGskRtPcTkG7ftowm3lEP+wbl
K1h/HTHHb7aIJlvWlp26W4qJgdIfm871roAbFqm+X6dqGUK6T9+HJK35dA1o7ge0
QUZzBM4wLpvb+dY5omZ6HH+jnV3ynhNR2zBLzTckNhtD9JtbUQ/oQ/FzqsZqL5Ab
usiYy94vf+5vNp+ssxMB2hbbBKV1RcRgGM4uSI1PrFfacsMdqUoBmC5sJuM4J3NH
p74NAVTr/1PMgRsWeYEOG8qrAnQKrJK1CWbrI+C7HMX2itpxr41RpHgsFQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFIdjXep8EDC0tnn1EKfc1KadQTFEMB8GA1UdIwQY
MBaAFMVFCvpz8Lh6QgAowrKkjM4P6SsKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFVVSy1uUHd1SHBDQUNqQ3NxU016Z19wS3dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9hMmE2YWQtYjE1Zi00NzM0LWI1OWUt
NjY0YTk5MjZmMzMzLzEvaDJOZDZud1FNTFMyZWZVUXA5elVwcDFCTVVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9hMmE2YWQtYjE1Zi00NzM0LWI1OWUtNjY0YTk5MjZmMzMz
LzEveFVVSy1uUHd1SHBDQUNqQ3NxU016Z19wS3dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzARBAIAATALAwMAk+UDBAG5
PmwwFgQCAAIwEAMHAiABBnwSIAMFAyoDAuAwDQYJKoZIhvcNAQELBQADggEBAAQC
WOzDgYCW9NYwv6OWVzggPlXSoVeRzAYdWcvrrtUy5ZkHQO4QEHXjIIsrFY+AzshJ
oICCQlYguJA2gK6XFLpQTbsX4CBbukIDMcpjgorTYCijBOdwKRJ6i3OMVFAp/qsq
bMayKXofGPX2FFwOyFq8L+gZxydFtGC56oojYf+8KCq+PC/FIV4r2OWKb01garCU
nnI8ODm+CCRFUahN5svrn6kbYY/vFiHc3sNFIHNvUjPOLhp2w7Kw2ynSdDmru1w2
od5oC6RPm2dWkWf94BzGQf+W49Hk9yfdbLzMoDCKxT1rZPLG1681tl8Crc3z9vT7
96qgggbSZqBJ7NiRtKE=
-----END CERTIFICATE-----
Generated at Sat Apr 19 14:00:36 2025 by rpki-client