Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/227d14-d751-4573-9919-fec8a80ed233/1/9XdJHqN0HhgNHTVlotVCLnxtxxw.roa
File: 9XdJHqN0HhgNHTVlotVCLnxtxxw.roa (raw, json)
Hash identifier: DVF2+Z1ZWEGbFxnWHUiV6WDwCiyg+jwXG0NrpWlfE0g=
Subject key identifier: F5:77:49:1E:A3:74:1E:18:0D:1D:35:65:A2:D5:42:2E:7C:6D:C7:1C
Certificate issuer: /CN=a23224c5017d34ecdc28d0cf36442d65bef9e0a0
Certificate serial: 018CB532DC2EA169CF8EBD2187AEE0AC6C4A
Authority key identifier: A2:32:24:C5:01:7D:34:EC:DC:28:D0:CF:36:44:2D:65:BE:F9:E0:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ojIkxQF9NOzcKNDPNkQtZb754KA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/227d14-d751-4573-9919-fec8a80ed233/1/9XdJHqN0HhgNHTVlotVCLnxtxxw.roa
Signing time: Fri 29 Dec 2023 10:50:58 +0000
ROA not before: Fri 29 Dec 2023 10:50:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199493
IP address blocks: 193.221.196.0/22 maxlen: 24
37.220.64.0/20 maxlen: 24
80.243.232.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b5:32:dc:2e:a1:69:cf:8e:bd:21:87:ae:e0:ac:6c:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a23224c5017d34ecdc28d0cf36442d65bef9e0a0
Validity
Not Before: Dec 29 10:50:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f577491ea3741e180d1d3565a2d5422e7c6dc71c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:b5:dd:8a:b9:a4:61:6c:f7:54:a5:90:82:2d:
ef:57:01:3e:72:85:99:e1:2f:73:bb:98:68:63:17:
e4:5c:22:95:11:24:b0:ef:b1:89:f0:44:bf:3f:ed:
a1:9b:0e:f5:0d:5e:d2:1a:50:28:b3:ba:7f:40:5c:
3a:e9:a0:64:d8:d4:5a:51:00:2a:0e:ae:03:5c:3e:
02:64:46:b6:32:e0:3e:93:ac:e4:c7:1a:72:54:93:
1a:5b:88:9a:e0:d8:a2:16:49:28:a3:f9:bd:b3:47:
b1:73:ba:2e:39:2d:23:1d:de:95:96:36:c8:33:3d:
87:fa:fa:7f:e1:b7:9d:19:d5:b3:b3:13:ae:af:07:
bb:b0:8b:c5:2f:d8:7e:1b:68:ef:d9:24:5a:c1:de:
e4:dc:81:3c:f5:2a:bc:32:1e:92:b7:56:99:e8:40:
d2:79:61:0d:28:8b:11:d5:a1:5a:00:11:cf:ca:7a:
e9:b7:f4:c2:45:9b:ff:f6:29:6b:b6:d1:25:25:0c:
68:ba:45:0e:88:e8:1d:a3:d9:82:97:5c:0c:32:0c:
a3:4c:62:c9:da:d1:e5:fc:ce:90:c7:40:dc:3c:9e:
aa:8a:dc:cd:36:15:8f:13:5c:4b:bf:90:37:ec:84:
f2:06:4a:fd:f9:7a:b6:ac:eb:95:8c:02:2a:34:51:
5d:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:77:49:1E:A3:74:1E:18:0D:1D:35:65:A2:D5:42:2E:7C:6D:C7:1C
X509v3 Authority Key Identifier:
keyid:A2:32:24:C5:01:7D:34:EC:DC:28:D0:CF:36:44:2D:65:BE:F9:E0:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ojIkxQF9NOzcKNDPNkQtZb754KA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/227d14-d751-4573-9919-fec8a80ed233/1/9XdJHqN0HhgNHTVlotVCLnxtxxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/227d14-d751-4573-9919-fec8a80ed233/1/ojIkxQF9NOzcKNDPNkQtZb754KA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.220.64.0/20
80.243.232.0/22
193.221.196.0/22
Signature Algorithm: sha256WithRSAEncryption
08:87:95:6e:70:e9:51:6d:10:2a:1b:58:77:d3:cf:74:fa:70:
24:d7:f1:21:b9:62:1f:9e:8b:f5:03:37:78:63:a5:b6:33:37:
fe:a3:83:38:87:e7:06:bd:7c:f0:e9:35:0c:13:b4:d8:51:d6:
a9:0b:64:6b:ec:bd:1e:ca:ee:e5:50:0b:99:aa:69:e6:19:d7:
2a:21:cd:83:a0:12:c6:54:0e:8b:3e:ac:19:fa:52:c6:54:4c:
cc:64:4b:70:78:49:f4:50:b8:33:19:ee:3a:a8:48:4b:4d:06:
d6:b6:83:bf:51:dc:0c:9f:be:8f:31:90:09:4e:a0:34:92:6c:
30:08:c9:5f:54:6f:63:69:6f:3c:6b:bd:91:19:9d:90:1f:ec:
2e:ef:90:35:9b:ce:4b:7e:5d:e9:5a:90:ba:b9:ee:3b:bb:47:
a5:56:b8:20:4f:9c:4c:55:3f:50:6a:50:35:8a:09:3b:be:5c:
1b:13:60:c0:64:8c:57:a9:de:26:06:64:a4:1f:d8:e7:11:51:
c4:f9:bc:ee:fb:1f:b1:be:7e:fb:71:1b:ee:5f:73:e2:2f:2b:
11:f0:02:5e:45:fb:43:f2:35:e2:ea:a7:6f:b0:01:d2:be:90:
dc:fa:05:50:71:19:1a:ca:94:74:1e:09:f5:dc:da:07:ab:45:
29:29:de:cd
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYy1MtwuoWnPjr0hh67grGxKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMzIyNGM1MDE3ZDM0ZWNkYzI4ZDBjZjM2NDQyZDY1YmVm
OWUwYTAwHhcNMjMxMjI5MTA1MDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTc3NDkxZWEzNzQxZTE4MGQxZDM1NjVhMmQ1NDIyZTdjNmRjNzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrXdirmkYWz3VKWQgi3vVwE+coWZ
4S9zu5hoYxfkXCKVESSw77GJ8ES/P+2hmw71DV7SGlAos7p/QFw66aBk2NRaUQAq
Dq4DXD4CZEa2MuA+k6zkxxpyVJMaW4ia4NiiFkkoo/m9s0exc7ouOS0jHd6VljbI
Mz2H+vp/4bedGdWzsxOurwe7sIvFL9h+G2jv2SRawd7k3IE89Sq8Mh6St1aZ6EDS
eWENKIsR1aFaABHPynrpt/TCRZv/9ilrttElJQxoukUOiOgdo9mCl1wMMgyjTGLJ
2tHl/M6Qx0DcPJ6qitzNNhWPE1xLv5A37ITyBkr9+Xq2rOuVjAIqNFFd8wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPV3SR6jdB4YDR01ZaLVQi58bcccMB8GA1UdIwQY
MBaAFKIyJMUBfTTs3CjQzzZELWW++eCgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2pJa3hRRjlOT3pjS05EUE5rUXRaYjc1NEtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8yMjdkMTQtZDc1MS00NTczLTk5MTkt
ZmVjOGE4MGVkMjMzLzEvOVhkSkhxTjBIaGdOSFRWbG90VkNMbnh0eHh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi8yMjdkMTQtZDc1MS00NTczLTk5MTktZmVjOGE4MGVkMjMz
LzEvb2pJa3hRRjlOT3pjS05EUE5rUXRaYjc1NEtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEJdxAAwQC
UPPoAwQCwd3EMA0GCSqGSIb3DQEBCwUAA4IBAQAIh5VucOlRbRAqG1h30890+nAk
1/EhuWIfnov1Azd4Y6W2Mzf+o4M4h+cGvXzw6TUME7TYUdapC2Rr7L0eyu7lUAuZ
qmnmGdcqIc2DoBLGVA6LPqwZ+lLGVEzMZEtweEn0ULgzGe46qEhLTQbWtoO/UdwM
n76PMZAJTqA0kmwwCMlfVG9jaW88a72RGZ2QH+wu75A1m85Lfl3pWpC6ue47u0el
VrggT5xMVT9QalA1igk7vlwbE2DAZIxXqd4mBmSkH9jnEVHE+bzu+x+xvn77cRvu
X3PiLysR8AJeRftD8jXi6qdvsAHSvpDc+gVQcRkaypR0Hgn13NoHq0UpKd7N
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:00 2025 by rpki-client