Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/42694f-89a6-43c8-8346-bb0eed13f23b/1/1-hwB7IzBtM9lG43eHiwKKfflEG0.roa
File: 1-hwB7IzBtM9lG43eHiwKKfflEG0.roa (raw, json)
Hash identifier: VssedRBYWzNJRYWUFMJR8Y4IQZMWp4fSFXak5OqMua8=
Subject key identifier: FA:1C:01:EC:8C:C1:B4:CF:65:1B:8D:DE:1E:2C:0A:29:F7:E5:10:6D
Certificate issuer: /CN=276abb1ad567e5bb1e475a72a0a68453e3fba1cd
Certificate serial: 01856B6E8944A1CEFDBE4C1BFF5C0626491D
Authority key identifier: 27:6A:BB:1A:D5:67:E5:BB:1E:47:5A:72:A0:A6:84:53:E3:FB:A1:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J2q7GtVn5bseR1pyoKaEU-P7oc0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/42694f-89a6-43c8-8346-bb0eed13f23b/1/1-hwB7IzBtM9lG43eHiwKKfflEG0.roa
Signing time: Sun 01 Jan 2023 03:44:44 +0000
ROA not before: Sun 01 Jan 2023 03:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212033
IP address blocks: 193.3.45.0/24 maxlen: 24
2a10:5dc0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:6e:89:44:a1:ce:fd:be:4c:1b:ff:5c:06:26:49:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=276abb1ad567e5bb1e475a72a0a68453e3fba1cd
Validity
Not Before: Jan 1 03:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa1c01ec8cc1b4cf651b8dde1e2c0a29f7e5106d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a7:15:1d:d0:4c:f4:f6:a1:24:3f:d8:0f:30:
52:5e:34:a3:e5:52:24:c4:2b:88:d0:8e:20:b5:d2:
4f:82:a4:96:1e:53:d3:fb:92:b6:6e:00:28:07:95:
83:b9:c9:90:58:aa:24:af:62:76:84:b5:de:7b:cc:
20:e6:da:b8:de:52:e9:0f:42:53:a3:dd:69:9a:3a:
89:13:23:e5:84:b3:b2:64:11:eb:e3:0e:cc:4f:30:
42:07:b2:6d:d2:8c:c4:c3:d5:a9:44:3b:1e:47:ab:
fe:e4:6b:b0:a2:48:ab:4a:28:f0:59:d5:33:5c:ee:
25:06:f8:f5:86:e8:45:9c:6d:10:1e:9e:ee:d0:54:
7d:f7:3d:90:0b:8b:1c:81:e6:ef:b0:30:43:ac:3e:
bc:26:76:09:d2:bb:db:93:fc:6b:61:dd:54:13:1f:
e6:6b:af:b6:72:ec:e4:bb:c6:e5:6f:41:b6:c8:bd:
2f:46:76:46:03:3d:ab:64:01:3e:a7:c4:30:63:85:
2f:3d:d5:36:fc:2e:94:c7:16:f2:67:c7:f4:f6:f2:
02:ab:1b:7e:2e:b5:86:6e:34:62:d9:2a:6f:57:55:
c5:03:8a:12:cc:9a:4a:07:99:fd:8a:7c:03:42:e3:
0c:46:63:3f:55:55:12:db:f7:7e:b1:60:4e:a7:7c:
4d:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:1C:01:EC:8C:C1:B4:CF:65:1B:8D:DE:1E:2C:0A:29:F7:E5:10:6D
X509v3 Authority Key Identifier:
keyid:27:6A:BB:1A:D5:67:E5:BB:1E:47:5A:72:A0:A6:84:53:E3:FB:A1:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J2q7GtVn5bseR1pyoKaEU-P7oc0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/42694f-89a6-43c8-8346-bb0eed13f23b/1/1-hwB7IzBtM9lG43eHiwKKfflEG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/42694f-89a6-43c8-8346-bb0eed13f23b/1/J2q7GtVn5bseR1pyoKaEU-P7oc0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.3.45.0/24
IPv6:
2a10:5dc0::/32
Signature Algorithm: sha256WithRSAEncryption
4f:5a:54:c9:c8:70:0b:3a:a0:5a:fd:fc:dd:f9:db:01:e3:25:
30:cb:c5:a1:9d:3b:09:40:51:d0:6b:a0:77:47:0f:11:29:25:
62:4a:dc:56:1d:3f:53:aa:19:82:4c:f2:81:21:15:11:da:e6:
69:9e:4b:23:5c:c2:6f:b3:fd:7d:77:47:f6:d5:15:58:8d:e3:
e1:19:d6:64:28:2f:aa:89:64:b4:19:50:1a:87:5c:d6:12:13:
00:2a:91:a1:be:0e:d2:3e:2a:6e:44:7c:f8:b3:06:1b:dd:5b:
7e:ef:2a:2b:da:d8:5b:9e:64:9d:fe:64:68:1d:0e:1b:00:42:
ff:39:a4:32:4f:65:f6:48:4e:19:20:eb:ba:8e:65:64:59:c6:
25:ee:11:51:20:c6:bd:cf:f9:ce:d7:35:d2:3c:c9:24:56:b3:
0b:5d:57:85:2d:aa:86:c0:c1:3e:3d:d7:9c:a5:22:45:b6:3f:
00:85:dd:e4:7e:db:f3:22:73:3d:f1:ab:26:45:89:1f:bc:a9:
01:63:1b:3e:61:6a:0b:70:bd:17:e3:a0:5d:01:f4:a5:bf:45:
ba:df:2f:8d:e4:a9:f5:7f:3c:aa:c9:d3:18:63:1f:0e:60:91:
a9:12:2f:e1:cc:ab:cf:63:ab:1e:f8:3a:d6:30:f2:b9:26:6a:
c4:d3:35:c7
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVrbolEoc79vkwb/1wGJkkdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3NmFiYjFhZDU2N2U1YmIxZTQ3NWE3MmEwYTY4NDUzZTNm
YmExY2QwHhcNMjMwMTAxMDM0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTFjMDFlYzhjYzFiNGNmNjUxYjhkZGUxZTJjMGEyOWY3ZTUxMDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6cVHdBM9PahJD/YDzBSXjSj5VIk
xCuI0I4gtdJPgqSWHlPT+5K2bgAoB5WDucmQWKokr2J2hLXee8wg5tq43lLpD0JT
o91pmjqJEyPlhLOyZBHr4w7MTzBCB7Jt0ozEw9WpRDseR6v+5GuwokirSijwWdUz
XO4lBvj1huhFnG0QHp7u0FR99z2QC4scgebvsDBDrD68JnYJ0rvbk/xrYd1UEx/m
a6+2cuzku8blb0G2yL0vRnZGAz2rZAE+p8QwY4UvPdU2/C6UxxbyZ8f09vICqxt+
LrWGbjRi2SpvV1XFA4oSzJpKB5n9inwDQuMMRmM/VVUS2/d+sWBOp3xN0QIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFPocAeyMwbTPZRuN3h4sCin35RBtMB8GA1UdIwQY
MBaAFCdquxrVZ+W7HkdacqCmhFPj+6HNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjJxN0d0Vm41YnNlUjFweW9LYUVVLVA3b2MwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC80MjY5NGYtODlhNi00M2M4LTgzNDYt
YmIwZWVkMTNmMjNiLzEvMS1od0I3SXpCdE05bEc0M2VIaXdLS2ZmbEVHMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzgvNDI2OTRmLTg5YTYtNDNjOC04MzQ2LWJiMGVlZDEzZjIz
Yi8xL0oycTdHdFZuNWJzZVIxcHlvS2FFVS1QN29jMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAMEDLTAN
BAIAAjAHAwUAKhBdwDANBgkqhkiG9w0BAQsFAAOCAQEAT1pUychwCzqgWv383fnb
AeMlMMvFoZ07CUBR0Gugd0cPESklYkrcVh0/U6oZgkzygSEVEdrmaZ5LI1zCb7P9
fXdH9tUVWI3j4RnWZCgvqolktBlQGodc1hITACqRob4O0j4qbkR8+LMGG91bfu8q
K9rYW55knf5kaB0OGwBC/zmkMk9l9khOGSDruo5lZFnGJe4RUSDGvc/5ztc10jzJ
JFazC11XhS2qhsDBPj3XnKUiRbY/AIXd5H7b8yJzPfGrJkWJH7ypAWMbPmFqC3C9
F+OgXQH0pb9Fut8vjeSp9X88qsnTGGMfDmCRqRIv4cyrz2OrHvg61jDyuSZqxNM1
xw==
-----END CERTIFICATE-----
Generated at Fri Mar 14 12:14:03 2025 by rpki-client