Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/hKr8N8RHr87EXXdC4n1w094ZdPo.roa
File: hKr8N8RHr87EXXdC4n1w094ZdPo.roa (raw, json)
Hash identifier: u6sF8QtBUkjeUr9R2BG0VZylxWRpBMUFQgtIuDlISNs=
Subject key identifier: 84:AA:FC:37:C4:47:AF:CE:C4:5D:77:42:E2:7D:70:D3:DE:19:74:FA
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 01856FD51A9B278994517DE36B5AC1FE6E78
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/hKr8N8RHr87EXXdC4n1w094ZdPo.roa
Signing time: Mon 02 Jan 2023 00:15:15 +0000
ROA not before: Mon 02 Jan 2023 00:15:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39383
IP address blocks: 93.114.82.0/24 maxlen: 24
188.212.100.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:1a:9b:27:89:94:51:7d:e3:6b:5a:c1:fe:6e:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 2 00:15:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=84aafc37c447afcec45d7742e27d70d3de1974fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:d0:ab:69:2b:2e:f3:7f:52:29:cd:3b:af:25:
b3:d2:cb:11:9c:b9:b9:fe:6f:0b:42:a3:2d:03:d7:
b0:0b:56:b2:ef:35:f8:44:01:4f:b9:b5:dd:62:a1:
63:92:e6:5c:b8:46:12:da:00:2c:53:17:ce:a3:2d:
86:65:d7:4a:21:37:22:b5:ad:c7:af:f9:f0:76:bd:
74:cf:0e:a0:3b:87:04:e6:21:0b:47:ec:b9:a7:84:
77:af:13:be:5f:fd:d9:75:e3:51:46:85:57:9e:58:
67:42:ed:7e:a7:b6:f8:46:bd:9b:de:b9:6b:ec:f8:
52:dc:ca:7f:f5:f2:bc:4d:34:4b:05:aa:bf:c9:f5:
7f:42:6d:fb:ce:40:ee:f5:9d:92:5d:21:4c:44:aa:
66:f2:49:ff:5b:f1:20:bd:46:f2:fa:3c:85:93:be:
4f:38:60:42:66:69:96:c6:a5:31:bd:38:e1:30:d4:
96:50:31:b2:60:43:86:0d:c9:bc:e3:e5:6a:90:22:
af:31:2f:a1:e5:39:8c:c7:65:a6:c3:10:19:af:9e:
9e:d8:2b:b0:db:c7:ae:37:8b:6a:c3:d8:d8:e3:b7:
6e:04:fb:06:a7:4d:b7:be:33:f5:55:65:33:a5:4b:
84:f1:a0:32:ed:fc:e5:18:2c:a3:cf:ec:1a:c3:44:
b5:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:AA:FC:37:C4:47:AF:CE:C4:5D:77:42:E2:7D:70:D3:DE:19:74:FA
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/hKr8N8RHr87EXXdC4n1w094ZdPo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.114.82.0/24
188.212.100.0/22
Signature Algorithm: sha256WithRSAEncryption
cb:58:40:e8:27:7d:c8:8b:0e:08:ff:d7:83:e2:c8:56:6c:e8:
f8:53:ac:72:c2:a6:a3:c9:fd:fb:b1:1d:12:90:fd:ac:7f:75:
fc:6f:1e:fc:73:31:17:df:d2:0b:af:8c:03:22:72:47:16:2f:
43:c9:5a:df:ce:e0:94:0d:09:6f:49:08:90:5b:73:c5:4d:02:
76:0c:8b:32:44:0e:7b:1f:da:e6:fd:91:e6:1b:9e:b7:e4:4e:
de:ff:47:87:69:ce:c9:56:72:ce:7f:d2:3f:d7:bb:cf:ab:88:
8b:fb:99:e8:c2:67:7b:e6:b9:d9:1d:32:61:e9:7b:fd:de:d2:
c0:d2:85:ee:15:a3:d2:b3:ac:75:55:ed:43:44:3f:ca:ee:ea:
83:d2:54:eb:00:97:9c:94:8b:34:48:21:cc:19:f2:06:9d:b5:
75:dc:02:67:77:d3:98:73:5e:4f:3d:72:a7:77:ea:cd:82:4d:
de:4c:83:3f:60:da:86:e9:2f:3a:08:1e:f4:00:3c:2c:b0:fa:
8b:39:c2:19:e2:3d:b2:87:a4:81:54:83:3d:51:a4:f2:30:de:
02:5c:90:c9:4f:9d:7b:1e:5b:fb:d6:97:7f:1f:4f:f8:0e:55:
e9:0a:7d:02:6c:c4:4b:1b:85:55:69:5b:96:bb:2a:6b:f0:a9:
86:38:fa:21
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVv1RqbJ4mUUX3ja1rB/m54MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjMwMTAyMDAxNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGFhZmMzN2M0NDdhZmNlYzQ1ZDc3NDJlMjdkNzBkM2RlMTk3NGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNCraSsu839SKc07ryWz0ssRnLm5
/m8LQqMtA9ewC1ay7zX4RAFPubXdYqFjkuZcuEYS2gAsUxfOoy2GZddKITcita3H
r/nwdr10zw6gO4cE5iELR+y5p4R3rxO+X/3ZdeNRRoVXnlhnQu1+p7b4Rr2b3rlr
7PhS3Mp/9fK8TTRLBaq/yfV/Qm37zkDu9Z2SXSFMRKpm8kn/W/EgvUby+jyFk75P
OGBCZmmWxqUxvTjhMNSWUDGyYEOGDcm84+VqkCKvMS+h5TmMx2WmwxAZr56e2Cuw
28euN4tqw9jY47duBPsGp023vjP1VWUzpUuE8aAy7fzlGCyjz+waw0S1KQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFISq/DfER6/OxF13QuJ9cNPeGXT6MB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL2hLcjhOOFJIcjg3RVhYZEM0bjF3MDk0WmRQby5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBABdclID
BAK81GQwDQYJKoZIhvcNAQELBQADggEBAMtYQOgnfciLDgj/14PiyFZs6PhTrHLC
pqPJ/fuxHRKQ/ax/dfxvHvxzMRff0guvjAMickcWL0PJWt/O4JQNCW9JCJBbc8VN
AnYMizJEDnsf2ub9keYbnrfkTt7/R4dpzslWcs5/0j/Xu8+riIv7mejCZ3vmudkd
MmHpe/3e0sDShe4Vo9KzrHVV7UNEP8ru6oPSVOsAl5yUizRIIcwZ8gadtXXcAmd3
05hzXk89cqd36s2CTd5Mgz9g2obpLzoIHvQAPCyw+os5whniPbKHpIFUgz1RpPIw
3gJckMlPnXseW/vWl38fT/gOVekKfQJsxEsbhVVpW5a7KmvwqYY4+iE=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:39:59 2025 by rpki-client