Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/beaf9d-5b28-4df4-b67d-6a7fa82296c9/1/h2inD2buc0aQCnqOtLijw57kpEQ.roa
File: h2inD2buc0aQCnqOtLijw57kpEQ.roa (raw, json)
Hash identifier: G2CoqjKfPy0deh1E9BNtaqCZcweVSL7Hklg/p/9W3NA=
Subject key identifier: 87:68:A7:0F:66:EE:73:46:90:0A:7A:8E:B4:B8:A3:C3:9E:E4:A4:44
Certificate issuer: /CN=8fd38fb4d3b9a2c7c8fff597718c905b9e2f84cd
Certificate serial: 0AA41CD8
Authority key identifier: 8F:D3:8F:B4:D3:B9:A2:C7:C8:FF:F5:97:71:8C:90:5B:9E:2F:84:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j9OPtNO5osfI__WXcYyQW54vhM0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/beaf9d-5b28-4df4-b67d-6a7fa82296c9/1/h2inD2buc0aQCnqOtLijw57kpEQ.roa
Signing time: Sat 01 Jan 2022 16:02:14 +0000
ROA not before: Sat 01 Jan 2022 16:02:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3320
IP address blocks: 193.84.136.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 178527448 (0xaa41cd8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8fd38fb4d3b9a2c7c8fff597718c905b9e2f84cd
Validity
Not Before: Jan 1 16:02:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8768a70f66ee7346900a7a8eb4b8a3c39ee4a444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d5:28:6d:1e:d4:18:0c:8a:bf:e3:1d:50:f8:
fd:7f:8b:2a:df:05:96:0c:50:f7:aa:43:d8:66:d1:
65:20:68:76:29:33:c5:08:b5:1c:65:54:96:4c:23:
ab:20:14:b8:ed:48:b5:10:50:a9:16:a4:46:f2:52:
5e:98:cf:8b:e1:e8:22:9c:bc:70:dd:29:58:2c:31:
d1:90:5c:3a:51:e9:77:24:b6:66:93:88:d8:78:88:
db:37:37:b9:24:84:f6:ae:f2:e9:2e:e8:7c:4e:f3:
d0:84:0f:13:18:64:4c:71:14:b2:58:5e:ba:2a:35:
ea:62:1f:a0:51:b2:9b:c7:d0:6a:59:55:86:c4:14:
1d:e1:33:29:4d:e2:c5:46:7a:88:fe:7f:de:0d:ac:
02:18:17:43:95:df:76:5f:65:0d:95:0b:1a:a7:8b:
67:dd:a4:52:89:e4:b3:0e:ef:21:32:36:0c:ba:e7:
43:97:67:d8:16:a2:8c:21:09:4e:8a:6e:49:3b:5a:
91:10:98:90:f6:05:c7:66:ef:6b:cf:e0:9b:2e:30:
c7:15:48:24:f4:d3:1f:15:6a:4a:21:53:6e:ca:65:
8d:e1:c6:55:20:63:c6:e6:ad:6c:fa:4c:19:a0:d9:
21:49:3c:67:60:e6:23:c0:f5:3b:6b:e5:a7:b7:95:
26:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:68:A7:0F:66:EE:73:46:90:0A:7A:8E:B4:B8:A3:C3:9E:E4:A4:44
X509v3 Authority Key Identifier:
keyid:8F:D3:8F:B4:D3:B9:A2:C7:C8:FF:F5:97:71:8C:90:5B:9E:2F:84:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j9OPtNO5osfI__WXcYyQW54vhM0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/beaf9d-5b28-4df4-b67d-6a7fa82296c9/1/h2inD2buc0aQCnqOtLijw57kpEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/beaf9d-5b28-4df4-b67d-6a7fa82296c9/1/j9OPtNO5osfI__WXcYyQW54vhM0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.84.136.0/22
Signature Algorithm: sha256WithRSAEncryption
53:64:f9:a0:f4:63:c9:ed:26:19:98:1e:33:ff:54:30:9a:7d:
1d:fb:53:f7:e1:d9:d6:15:77:e8:f7:72:b5:26:a1:bc:f1:82:
65:0d:b5:7b:eb:64:e0:5b:62:62:60:d4:4f:b6:c3:7f:60:d5:
64:15:ee:38:83:32:8e:e3:b6:49:73:03:39:8d:a7:92:dd:ea:
d5:a9:1a:e0:a0:50:ce:de:c5:2e:ec:c7:46:9d:c1:e7:3a:44:
fa:bf:fb:b2:c2:e5:b1:40:bf:b7:a5:ce:0e:4a:f7:a0:a7:3a:
02:39:08:47:ec:82:24:84:c3:e6:ba:c2:6c:e1:e7:54:bc:e6:
14:58:8b:02:6a:88:b2:24:28:c6:4e:b6:09:10:69:3a:76:96:
19:47:56:12:a5:e4:1d:38:dd:e6:e4:4d:9e:6b:e0:40:fe:1a:
fd:99:01:26:05:4a:93:42:22:67:a6:4f:f9:11:41:2e:ac:46:
9e:d9:91:d7:b1:1c:5e:84:1a:73:30:77:73:b2:e8:42:ed:97:
02:8f:41:aa:65:fd:b8:69:af:fb:19:0e:da:f2:a4:ad:78:c8:
9e:39:af:af:8e:91:3c:04:08:87:f5:34:0d:1c:11:ba:ac:0d:
c7:20:40:7a:67:9f:75:9d:bc:86:8e:66:26:5b:8e:55:f0:c7:
7d:41:05:15
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECqQc2DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZmQzOGZiNGQzYjlhMmM3YzhmZmY1OTc3MThjOTA1YjllMmY4NGNkMB4XDTIyMDEw
MTE2MDIxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODc2OGE3MGY2NmVl
NzM0NjkwMGE3YThlYjRiOGEzYzM5ZWU0YTQ0NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMHVKG0e1BgMir/jHVD4/X+LKt8FlgxQ96pD2GbRZSBodikz
xQi1HGVUlkwjqyAUuO1ItRBQqRakRvJSXpjPi+HoIpy8cN0pWCwx0ZBcOlHpdyS2
ZpOI2HiI2zc3uSSE9q7y6S7ofE7z0IQPExhkTHEUslheuio16mIfoFGym8fQallV
hsQUHeEzKU3ixUZ6iP5/3g2sAhgXQ5Xfdl9lDZULGqeLZ92kUonksw7vITI2DLrn
Q5dn2BaijCEJTopuSTtakRCYkPYFx2bva8/gmy4wxxVIJPTTHxVqSiFTbspljeHG
VSBjxuatbPpMGaDZIUk8Z2DmI8D1O2vlp7eVJq0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSHaKcPZu5zRpAKeo60uKPDnuSkRDAfBgNVHSMEGDAWgBSP04+007mix8j/
9ZdxjJBbni+EzTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2o5T1B0Tk81b3NmSV9fV1hjWXlRVzU0dmhNMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTIvYmVhZjlkLTViMjgtNGRmNC1iNjdkLTZhN2ZhODIyOTZjOS8x
L2gyaW5EMmJ1YzBhUUNucU90TGlqdzU3a3BFUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTIv
YmVhZjlkLTViMjgtNGRmNC1iNjdkLTZhN2ZhODIyOTZjOS8xL2o5T1B0Tk81b3Nm
SV9fV1hjWXlRVzU0dmhNMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsFUiDANBgkqhkiG9w0BAQsFAAOC
AQEAU2T5oPRjye0mGZgeM/9UMJp9HftT9+HZ1hV36PdytSahvPGCZQ21e+tk4Fti
YmDUT7bDf2DVZBXuOIMyjuO2SXMDOY2nkt3q1aka4KBQzt7FLuzHRp3B5zpE+r/7
ssLlsUC/t6XODkr3oKc6AjkIR+yCJITD5rrCbOHnVLzmFFiLAmqIsiQoxk62CRBp
OnaWGUdWEqXkHTjd5uRNnmvgQP4a/ZkBJgVKk0IiZ6ZP+RFBLqxGntmR17EcXoQa
czB3c7LoQu2XAo9BqmX9uGmv+xkO2vKkrXjInjmvr46RPAQIh/U0DRwRuqwNxyBA
emefdZ28ho5mJluOVfDHfUEFFQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:17 2025 by rpki-client