Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/7e2f28-5cae-4e6f-a5f0-01bb5fd534f5/1/HM0_onK9yQtyTHM4i_6v_kGo3O4.roa
File: HM0_onK9yQtyTHM4i_6v_kGo3O4.roa (raw, json)
Hash identifier: tXR7C6NqYhrJL/+nVw18GgFHoDrg4mn9IwJDDu+6AXA=
Subject key identifier: 1C:CD:3F:A2:72:BD:C9:0B:72:4C:73:38:8B:FE:AF:FE:41:A8:DC:EE
Certificate issuer: /CN=435e41960d590e99804e90b9af0365584c712c72
Certificate serial: 01856FA71047EC6E0B2E7A191829BC8F1B6F
Authority key identifier: 43:5E:41:96:0D:59:0E:99:80:4E:90:B9:AF:03:65:58:4C:71:2C:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q15Blg1ZDpmATpC5rwNlWExxLHI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/7e2f28-5cae-4e6f-a5f0-01bb5fd534f5/1/HM0_onK9yQtyTHM4i_6v_kGo3O4.roa
Signing time: Sun 01 Jan 2023 23:24:57 +0000
ROA not before: Sun 01 Jan 2023 23:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209462
IP address blocks: 185.196.151.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a7:10:47:ec:6e:0b:2e:7a:19:18:29:bc:8f:1b:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=435e41960d590e99804e90b9af0365584c712c72
Validity
Not Before: Jan 1 23:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1ccd3fa272bdc90b724c73388bfeaffe41a8dcee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:b4:bf:a3:06:9b:3b:d2:1b:53:7c:ca:c7:ef:
82:bd:58:2b:35:72:15:88:d8:59:ce:a7:2a:69:f2:
63:1c:0f:0b:94:26:a0:c6:a7:13:70:de:99:5a:6d:
06:4a:76:01:68:d1:af:60:59:6f:7f:c2:e7:97:c5:
4c:9d:77:15:ab:4c:1b:cb:74:bb:f7:32:83:ae:b9:
96:4d:5a:88:4e:49:dd:3e:e1:14:b9:f7:ee:39:41:
5f:b6:21:ea:86:46:64:a4:20:3a:67:7e:fc:bc:67:
1f:82:39:7d:48:60:77:2e:dd:a9:1f:0c:1e:da:e4:
91:01:5e:a4:25:a0:24:9d:73:be:87:cf:3f:f5:12:
0d:51:38:cc:93:fe:af:81:d4:6a:33:dc:bb:78:5a:
2a:cf:5a:fc:51:c4:7d:ba:32:62:26:ba:f5:34:d5:
f6:67:c3:2d:48:80:6b:e3:cc:70:a7:21:ab:2d:27:
fe:14:94:8a:08:fb:67:0c:9f:18:68:57:a1:05:e9:
b6:f6:41:9e:02:5a:28:a8:13:81:e4:04:56:27:3c:
7b:b3:d8:17:71:55:90:78:db:54:0b:b3:8e:41:6c:
16:c9:0b:d5:81:e7:4f:1a:c2:c5:5d:4f:9c:3d:6a:
8e:cc:ad:f6:a0:cc:cf:68:67:ad:bb:ae:f5:09:ef:
93:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:CD:3F:A2:72:BD:C9:0B:72:4C:73:38:8B:FE:AF:FE:41:A8:DC:EE
X509v3 Authority Key Identifier:
keyid:43:5E:41:96:0D:59:0E:99:80:4E:90:B9:AF:03:65:58:4C:71:2C:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q15Blg1ZDpmATpC5rwNlWExxLHI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/7e2f28-5cae-4e6f-a5f0-01bb5fd534f5/1/HM0_onK9yQtyTHM4i_6v_kGo3O4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/7e2f28-5cae-4e6f-a5f0-01bb5fd534f5/1/Q15Blg1ZDpmATpC5rwNlWExxLHI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.196.151.0/24
Signature Algorithm: sha256WithRSAEncryption
79:da:be:fd:99:4d:cb:44:59:64:7c:99:d3:c6:08:ca:e0:2e:
65:b3:23:de:b4:6d:b3:ab:4f:f0:63:b3:b2:4e:e4:34:a6:75:
29:77:a4:7d:8d:db:37:19:63:24:b1:9c:86:41:70:99:8f:f8:
2d:ad:e2:3f:ee:3b:56:2e:16:c5:91:d7:6d:4e:7c:bb:7b:94:
6f:9c:10:99:37:5a:1b:e4:62:68:94:be:44:0f:31:f0:8d:a8:
0e:f1:f7:c3:0b:4a:e8:36:86:07:2e:a4:4a:b9:f9:db:c2:c0:
79:33:fa:bf:9a:19:8f:56:56:c6:9d:42:26:de:7b:64:0e:09:
8c:60:68:4b:3b:b2:91:be:ea:b8:e3:3e:9e:3b:1f:c0:d7:f0:
c3:b3:4d:29:85:b4:dc:6c:e1:ca:66:75:7e:dc:a6:4e:3f:80:
ae:9b:0d:8f:e0:80:44:a8:84:9b:7c:01:c4:84:c6:9a:65:64:
7c:06:bb:5a:82:a1:94:cc:64:b1:8d:a5:98:8a:9a:b3:ca:4f:
15:18:20:5f:a1:19:60:07:80:4b:8f:ce:0c:4a:e1:4a:4a:bc:
8f:9f:fd:eb:5b:5a:1c:4f:34:20:c5:b9:3e:5c:e0:15:19:77:
4f:02:da:7b:2d:be:4f:d3:3c:98:c1:39:93:c3:70:24:56:d1:
84:32:f2:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvpxBH7G4LLnoZGCm8jxtvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNWU0MTk2MGQ1OTBlOTk4MDRlOTBiOWFmMDM2NTU4NGM3
MTJjNzIwHhcNMjMwMTAxMjMyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2NkM2ZhMjcyYmRjOTBiNzI0YzczMzg4YmZlYWZmZTQxYThkY2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0bS/owabO9IbU3zKx++CvVgrNXIV
iNhZzqcqafJjHA8LlCagxqcTcN6ZWm0GSnYBaNGvYFlvf8Lnl8VMnXcVq0wby3S7
9zKDrrmWTVqITkndPuEUuffuOUFftiHqhkZkpCA6Z378vGcfgjl9SGB3Lt2pHwwe
2uSRAV6kJaAknXO+h88/9RINUTjMk/6vgdRqM9y7eFoqz1r8UcR9ujJiJrr1NNX2
Z8MtSIBr48xwpyGrLSf+FJSKCPtnDJ8YaFehBem29kGeAlooqBOB5ARWJzx7s9gX
cVWQeNtUC7OOQWwWyQvVgedPGsLFXU+cPWqOzK32oMzPaGetu671Ce+T1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBzNP6JyvckLckxzOIv+r/5BqNzuMB8GA1UdIwQY
MBaAFENeQZYNWQ6ZgE6Qua8DZVhMcSxyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTE1QmxnMVpEcG1BVHBDNXJ3TmxXRXh4TEhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC83ZTJmMjgtNWNhZS00ZTZmLWE1ZjAt
MDFiYjVmZDUzNGY1LzEvSE0wX29uSzl5UXR5VEhNNGlfNnZfa0dvM080LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC83ZTJmMjgtNWNhZS00ZTZmLWE1ZjAtMDFiYjVmZDUzNGY1
LzEvUTE1QmxnMVpEcG1BVHBDNXJ3TmxXRXh4TEhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucSXMA0G
CSqGSIb3DQEBCwUAA4IBAQB52r79mU3LRFlkfJnTxgjK4C5lsyPetG2zq0/wY7Oy
TuQ0pnUpd6R9jds3GWMksZyGQXCZj/gtreI/7jtWLhbFkddtTny7e5RvnBCZN1ob
5GJolL5EDzHwjagO8ffDC0roNoYHLqRKufnbwsB5M/q/mhmPVlbGnUIm3ntkDgmM
YGhLO7KRvuq44z6eOx/A1/DDs00phbTcbOHKZnV+3KZOP4Cumw2P4IBEqISbfAHE
hMaaZWR8BrtagqGUzGSxjaWYipqzyk8VGCBfoRlgB4BLj84MSuFKSryPn/3rW1oc
TzQgxbk+XOAVGXdPAtp7Lb5P0zyYwTmTw3AkVtGEMvL3
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:40 2025 by rpki-client