Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/DHUJp4bEBC928APCixb9Gddz3Jg.roa
File: DHUJp4bEBC928APCixb9Gddz3Jg.roa (raw, json)
Hash identifier: FRoqmGgXeJjguoapSjo2A1AUhnlg9TweSMWotnMZgj0=
Subject key identifier: 0C:75:09:A7:86:C4:04:2F:76:F0:03:C2:8B:16:FD:19:D7:73:DC:98
Certificate issuer: /CN=38ca3f38d8e5a301eaf6924b924fe8f57aac690d
Certificate serial: 11897A84
Authority key identifier: 38:CA:3F:38:D8:E5:A3:01:EA:F6:92:4B:92:4F:E8:F5:7A:AC:69:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OMo_ONjlowHq9pJLkk_o9XqsaQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/DHUJp4bEBC928APCixb9Gddz3Jg.roa
Signing time: Sun 27 Mar 2022 10:12:02 +0000
ROA not before: Sun 27 Mar 2022 10:12:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203905
IP address blocks: 193.19.72.0/23 maxlen: 23
2a00:6ba0:dddd::/48 maxlen: 48
2a00:6ba0:bbbb::/48 maxlen: 48
2a00:6ba0:eeee::/48 maxlen: 48
2a00:6ba0:cccc::/48 maxlen: 48
2a00:6ba0:ffff::/48 maxlen: 48
2a00:6ba0:aaaa::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 294222468 (0x11897a84)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38ca3f38d8e5a301eaf6924b924fe8f57aac690d
Validity
Not Before: Mar 27 10:12:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0c7509a786c4042f76f003c28b16fd19d773dc98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:4e:f8:d2:0a:1c:84:d4:b4:91:c1:41:1b:0c:
cc:f6:a9:d3:d6:84:cb:aa:7d:7b:14:96:97:5f:64:
f5:bc:f3:b4:bc:d8:4f:8d:9c:e0:a6:56:fe:00:49:
16:0c:37:19:ee:63:c9:c2:0a:65:47:72:4a:ae:2e:
b6:4c:5a:72:61:19:10:64:b7:7b:7c:61:20:f7:f8:
75:a6:ad:32:30:1a:9c:ae:87:e9:39:ed:f5:7d:0b:
e3:bf:9a:92:bd:01:86:ed:d9:c7:2c:db:6b:65:70:
71:e6:d5:37:31:a3:18:0b:14:e3:71:12:ff:06:8a:
b1:60:6d:fa:07:0c:b4:18:49:de:64:7d:f8:af:26:
71:0d:53:da:b3:5f:21:00:83:69:ca:b3:da:b0:96:
8b:a8:80:b7:7c:e9:06:e7:9d:ff:a0:e3:76:ec:3e:
8d:7f:da:cb:7f:dd:5b:ec:2a:d2:05:02:e7:5c:20:
1d:08:a9:3f:4e:35:ad:e7:4c:43:e4:0e:f5:7f:7d:
dd:27:0b:31:06:1a:e5:b5:83:df:29:57:4a:7f:38:
05:f9:ff:60:16:68:76:26:7b:e0:eb:6d:82:b0:47:
11:b2:df:11:49:48:da:c8:fd:ab:73:c7:fc:49:16:
ca:5d:ab:f3:c0:01:84:e1:4b:fa:6b:2e:a6:e5:db:
f2:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:75:09:A7:86:C4:04:2F:76:F0:03:C2:8B:16:FD:19:D7:73:DC:98
X509v3 Authority Key Identifier:
keyid:38:CA:3F:38:D8:E5:A3:01:EA:F6:92:4B:92:4F:E8:F5:7A:AC:69:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OMo_ONjlowHq9pJLkk_o9XqsaQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/DHUJp4bEBC928APCixb9Gddz3Jg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/OMo_ONjlowHq9pJLkk_o9XqsaQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.19.72.0/23
IPv6:
2a00:6ba0:aaaa::/48
2a00:6ba0:bbbb::/48
2a00:6ba0:cccc::/48
2a00:6ba0:dddd::/48
2a00:6ba0:eeee::/48
2a00:6ba0:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
00:4f:45:c6:47:66:b8:a9:7f:3a:af:5c:31:62:1c:74:a5:4e:
f7:75:57:b6:e5:e0:85:2c:5e:1b:a7:6d:a2:80:9e:2a:9d:d5:
36:37:cf:1d:19:b7:bc:8e:4d:36:8c:fe:5a:fe:ea:88:2e:ba:
65:20:39:7b:2f:00:16:52:1d:11:99:03:51:f6:e5:79:9e:62:
7b:60:76:64:2b:6b:b0:60:9a:ea:d1:d2:57:1b:7d:ae:f4:d6:
a4:f8:74:5e:7d:1b:18:ab:26:ef:9a:79:47:bb:14:86:bf:9e:
57:a8:ef:67:c1:f5:78:d3:76:64:23:e2:1c:5f:41:4e:c0:38:
52:ac:b5:33:0f:c2:13:61:e7:c7:27:dc:7e:3e:70:e7:76:f9:
c0:af:9d:b9:24:55:d0:cf:7d:ef:18:ce:9b:dd:83:c2:eb:f6:
c5:33:34:8e:f8:49:95:cd:25:3b:5b:6b:05:86:62:7a:b3:75:
85:9c:04:ce:05:ce:ea:0d:2b:72:f9:d1:66:82:69:4e:cc:67:
d6:7a:d8:46:21:c1:4d:04:c5:43:c8:5b:2c:46:15:e2:19:0b:
6d:1b:64:79:e0:6c:76:d9:83:06:87:fe:be:c5:db:0f:b6:84:
24:5e:82:e0:4c:97:19:39:7b:5f:bd:97:65:54:26:f6:0c:f8:
f7:ce:b7:2d
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIEEYl6hDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
OGNhM2YzOGQ4ZTVhMzAxZWFmNjkyNGI5MjRmZThmNTdhYWM2OTBkMB4XDTIyMDMy
NzEwMTIwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGM3NTA5YTc4NmM0
MDQyZjc2ZjAwM2MyOGIxNmZkMTlkNzczZGM5ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALVO+NIKHITUtJHBQRsMzPap09aEy6p9exSWl19k9bzztLzY
T42c4KZW/gBJFgw3Ge5jycIKZUdySq4utkxacmEZEGS3e3xhIPf4daatMjAanK6H
6Tnt9X0L47+akr0Bhu3Zxyzba2VwcebVNzGjGAsU43ES/waKsWBt+gcMtBhJ3mR9
+K8mcQ1T2rNfIQCDacqz2rCWi6iAt3zpBued/6Djduw+jX/ay3/dW+wq0gUC51wg
HQipP041redMQ+QO9X993ScLMQYa5bWD3ylXSn84Bfn/YBZodiZ74OttgrBHEbLf
EUlI2sj9q3PH/EkWyl2r88ABhOFL+msupuXb8h0CAwEAAaOCAkcwggJDMB0GA1Ud
DgQWBBQMdQmnhsQEL3bwA8KLFv0Z13PcmDAfBgNVHSMEGDAWgBQ4yj842OWjAer2
kkuST+j1eqxpDTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09Nb19PTmpsb3dIcTlwSkxra19vOVhxc2FRMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzUvYmE2NzU1LTQyNzMtNDhlMS04NTgyLTcxMmZhNjVhMjViYS8x
L0RIVUpwNGJFQkM5MjhBUENpeGI5R2RkejNKZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzUv
YmE2NzU1LTQyNzMtNDhlMS04NTgyLTcxMmZhNjVhMjViYS8xL09Nb19PTmpsb3dI
cTlwSkxra19vOVhxc2FRMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBd
BggrBgEFBQcBBwEB/wROMEwwDAQCAAEwBgMEAcETSDA8BAIAAjA2AwcAKgBroKqq
AwcAKgBroLu7AwcAKgBroMzMAwcAKgBroN3dAwcAKgBroO7uAwcAKgBroP//MA0G
CSqGSIb3DQEBCwUAA4IBAQAAT0XGR2a4qX86r1wxYhx0pU73dVe25eCFLF4bp22i
gJ4qndU2N88dGbe8jk02jP5a/uqILrplIDl7LwAWUh0RmQNR9uV5nmJ7YHZkK2uw
YJrq0dJXG32u9Nak+HRefRsYqybvmnlHuxSGv55XqO9nwfV403ZkI+IcX0FOwDhS
rLUzD8ITYefHJ9x+PnDndvnAr525JFXQz33vGM6b3YPC6/bFMzSO+EmVzSU7W2sF
hmJ6s3WFnATOBc7qDSty+dFmgmlOzGfWethGIcFNBMVDyFssRhXiGQttG2R54Gx2
2YMGh/6+xdsPtoQkXoLgTJcZOXtfvZdlVCb2DPj3zrct
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:14 2024 by rpki-client on console-fra.rpki-client.org