Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/cef114-5868-47b8-9788-7b64089bb141/1/DHPawiT0bNPSTZk2l3dM6qyHafg.roa
File: DHPawiT0bNPSTZk2l3dM6qyHafg.roa (raw, json)
Hash identifier: XMIaO3W1TqnAtsPMuTvkW2OcSIm0G1cFaZoxrmEZP4U=
Subject key identifier: 0C:73:DA:C2:24:F4:6C:D3:D2:4D:99:36:97:77:4C:EA:AC:87:69:F8
Certificate issuer: /CN=827173a380cdf93c7b28668fabae569aa6f7a35a
Certificate serial: 01856D4186D238DFF60405584B111284ABFC
Authority key identifier: 82:71:73:A3:80:CD:F9:3C:7B:28:66:8F:AB:AE:56:9A:A6:F7:A3:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnFzo4DN-Tx7KGaPq65Wmqb3o1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/cef114-5868-47b8-9788-7b64089bb141/1/DHPawiT0bNPSTZk2l3dM6qyHafg.roa
Signing time: Sun 01 Jan 2023 12:14:48 +0000
ROA not before: Sun 01 Jan 2023 12:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213100
IP address blocks: 193.17.35.0/24 maxlen: 24
2a10:cdc0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:41:86:d2:38:df:f6:04:05:58:4b:11:12:84:ab:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827173a380cdf93c7b28668fabae569aa6f7a35a
Validity
Not Before: Jan 1 12:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c73dac224f46cd3d24d993697774ceaac8769f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:eb:b6:59:63:63:e6:15:0e:de:a1:10:50:21:
3f:14:f1:8f:56:ff:61:65:bd:52:8e:b7:64:f4:c6:
99:be:00:81:a7:be:c5:a5:63:ff:59:32:a7:5f:b9:
79:11:a1:5e:c1:84:92:23:37:42:89:f2:59:cb:a6:
30:f3:bc:42:d7:cb:18:8b:80:38:e9:44:84:2f:d4:
f5:34:a5:fb:5a:58:5e:21:97:76:52:10:c9:60:7d:
af:dd:b7:fe:68:3c:e1:af:cf:a0:32:38:3a:ac:5e:
bd:ae:10:7b:70:0b:8e:ff:e4:76:11:e7:c6:4f:20:
91:3c:01:ad:6f:d6:26:cc:3d:3f:f6:96:6a:88:ab:
92:67:52:3a:40:be:9a:b8:d7:5b:98:ed:cf:a3:95:
dd:64:e1:09:ef:a3:d8:d4:95:2e:9b:ca:e8:50:7f:
67:3d:25:af:5d:82:47:38:fc:7a:b1:db:81:9e:fb:
64:f1:35:6e:a8:73:2e:51:73:d0:29:c9:f5:b9:7a:
c6:45:7a:ac:81:35:43:f8:44:a4:7e:96:9e:43:d0:
76:9e:49:82:39:a1:f6:c4:55:19:61:de:52:c6:c8:
0a:43:e2:06:64:4d:9e:8c:31:31:ef:50:f4:65:fc:
85:d0:3f:78:c6:88:6d:2f:bf:1c:4b:c6:36:14:53:
cc:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:73:DA:C2:24:F4:6C:D3:D2:4D:99:36:97:77:4C:EA:AC:87:69:F8
X509v3 Authority Key Identifier:
keyid:82:71:73:A3:80:CD:F9:3C:7B:28:66:8F:AB:AE:56:9A:A6:F7:A3:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnFzo4DN-Tx7KGaPq65Wmqb3o1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/cef114-5868-47b8-9788-7b64089bb141/1/DHPawiT0bNPSTZk2l3dM6qyHafg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/cef114-5868-47b8-9788-7b64089bb141/1/gnFzo4DN-Tx7KGaPq65Wmqb3o1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.35.0/24
IPv6:
2a10:cdc0::/29
Signature Algorithm: sha256WithRSAEncryption
c2:8c:8c:63:2c:95:3f:c2:31:42:f5:bb:f1:e9:72:2b:22:78:
d5:9b:25:c4:43:0c:ae:a2:f2:7f:ee:36:01:35:ce:93:e4:56:
08:bd:cf:09:ac:00:07:cb:55:5e:4f:4e:2f:6f:cc:94:37:24:
d6:d1:aa:01:28:95:07:08:47:fa:c1:15:32:86:ac:4c:75:b9:
ca:3c:b0:df:c0:38:54:12:34:27:f8:d5:ce:4a:37:8f:0c:6e:
17:cb:c0:2a:50:97:76:f2:c1:d9:5f:15:f5:e3:22:54:c5:8d:
4f:c0:7b:76:1f:52:30:d4:8e:83:72:4e:3d:17:07:77:25:39:
45:a7:5c:aa:c3:6c:b9:e2:80:d9:97:d1:05:43:47:f4:ab:be:
44:76:90:2a:0a:bd:ca:a0:a4:ae:c5:c7:f8:71:06:18:e7:7a:
86:aa:c7:8b:cc:2e:1f:11:96:bc:16:a3:39:d3:5f:36:16:3b:
90:bc:30:4e:59:3e:65:16:08:2d:00:62:15:25:d2:a2:46:a1:
33:b0:d8:5b:2e:e6:5b:f9:6a:8c:5f:d9:85:44:ef:95:d3:e3:
e1:58:44:87:85:8b:03:df:ca:00:1f:01:07:6f:30:a2:13:e6:
e1:c5:45:ad:af:8f:3a:8a:c5:4d:c0:15:2e:55:18:2d:b6:c7:
15:ab:1a:58
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtQYbSON/2BAVYSxEShKv8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzE3M2EzODBjZGY5M2M3YjI4NjY4ZmFiYWU1NjlhYTZm
N2EzNWEwHhcNMjMwMTAxMTIxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzczZGFjMjI0ZjQ2Y2QzZDI0ZDk5MzY5Nzc3NGNlYWFjODc2OWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAieu2WWNj5hUO3qEQUCE/FPGPVv9h
Zb1Sjrdk9MaZvgCBp77FpWP/WTKnX7l5EaFewYSSIzdCifJZy6Yw87xC18sYi4A4
6USEL9T1NKX7WlheIZd2UhDJYH2v3bf+aDzhr8+gMjg6rF69rhB7cAuO/+R2EefG
TyCRPAGtb9YmzD0/9pZqiKuSZ1I6QL6auNdbmO3Po5XdZOEJ76PY1JUum8roUH9n
PSWvXYJHOPx6sduBnvtk8TVuqHMuUXPQKcn1uXrGRXqsgTVD+ESkfpaeQ9B2nkmC
OaH2xFUZYd5SxsgKQ+IGZE2ejDEx71D0ZfyF0D94xohtL78cS8Y2FFPMswIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAxz2sIk9GzT0k2ZNpd3TOqsh2n4MB8GA1UdIwQY
MBaAFIJxc6OAzfk8eyhmj6uuVpqm96NaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25Gem80RE4tVHg3S0dhUHE2NVdtcWIzbzFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9jZWYxMTQtNTg2OC00N2I4LTk3ODgt
N2I2NDA4OWJiMTQxLzEvREhQYXdpVDBiTlBTVFprMmwzZE02cXlIYWZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9jZWYxMTQtNTg2OC00N2I4LTk3ODgtN2I2NDA4OWJiMTQx
LzEvZ25Gem80RE4tVHg3S0dhUHE2NVdtcWIzbzFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwREjMA0E
AgACMAcDBQMqEM3AMA0GCSqGSIb3DQEBCwUAA4IBAQDCjIxjLJU/wjFC9bvx6XIr
InjVmyXEQwyuovJ/7jYBNc6T5FYIvc8JrAAHy1VeT04vb8yUNyTW0aoBKJUHCEf6
wRUyhqxMdbnKPLDfwDhUEjQn+NXOSjePDG4Xy8AqUJd28sHZXxX14yJUxY1PwHt2
H1Iw1I6Dck49Fwd3JTlFp1yqw2y54oDZl9EFQ0f0q75EdpAqCr3KoKSuxcf4cQYY
53qGqseLzC4fEZa8FqM50182FjuQvDBOWT5lFggtAGIVJdKiRqEzsNhbLuZb+WqM
X9mFRO+V0+PhWESHhYsD38oAHwEHbzCiE+bhxUWtr486isVNwBUuVRgttscVqxpY
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:47 2025 by rpki-client