Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/c502c1-f314-40b1-a024-8d10fee584fe/1/H0Dh4P4lEes6ZNP_iVbmSAbd5hQ.roa
File: H0Dh4P4lEes6ZNP_iVbmSAbd5hQ.roa (raw, json)
Hash identifier: iP70LY/l3SJhRifDh/SvuZo2w+QqJozI60Brj7gPiRA=
Subject key identifier: 1F:40:E1:E0:FE:25:11:EB:3A:64:D3:FF:89:56:E6:48:06:DD:E6:14
Certificate issuer: /CN=19622650048107918adf1b22cdf087c8a834f79c
Certificate serial: 01858BD8D47DDC35D035CC4DD143FE18FA87
Authority key identifier: 19:62:26:50:04:81:07:91:8A:DF:1B:22:CD:F0:87:C8:A8:34:F7:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GWImUASBB5GK3xsizfCHyKg095w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/c502c1-f314-40b1-a024-8d10fee584fe/1/H0Dh4P4lEes6ZNP_iVbmSAbd5hQ.roa
Signing time: Sat 07 Jan 2023 10:48:41 +0000
ROA not before: Sat 07 Jan 2023 10:48:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206170
IP address blocks: 86.106.25.0/24 maxlen: 24
86.107.103.0/24 maxlen: 24
188.66.63.0/24 maxlen: 24
2001:67c:750::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:8b:d8:d4:7d:dc:35:d0:35:cc:4d:d1:43:fe:18:fa:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19622650048107918adf1b22cdf087c8a834f79c
Validity
Not Before: Jan 7 10:48:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1f40e1e0fe2511eb3a64d3ff8956e64806dde614
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:ef:4e:79:f6:d6:34:43:e1:c3:9f:fd:0a:c5:
87:17:56:45:99:a9:6f:03:f7:be:fe:23:04:0d:31:
6c:ff:d9:a1:96:de:1b:c9:f8:a1:89:bf:41:87:0a:
8c:d1:7a:12:47:93:47:36:49:8c:e0:82:84:c6:45:
8d:60:5c:72:6d:64:6d:95:ee:71:67:e5:85:77:da:
65:79:c4:70:d1:60:0e:5b:36:be:ee:3b:90:72:a6:
80:79:4e:db:6b:6b:a2:99:12:de:85:2c:8e:5e:19:
96:b1:ad:4a:0a:e6:b0:26:e6:bd:93:89:a9:f4:31:
8a:84:68:c9:53:7a:24:be:5b:cc:96:fb:a7:53:d8:
77:f2:06:e4:a1:a7:37:7b:69:8b:26:78:7c:82:b2:
ec:0c:84:c3:bf:76:69:61:a4:ec:ba:7b:70:02:d2:
a3:5d:a2:31:00:a9:ec:b3:9d:97:4d:72:59:46:79:
32:8e:54:b0:08:46:1e:b4:be:d0:b2:72:79:1d:74:
3f:7d:81:06:78:ff:9b:20:71:87:52:72:bf:2c:4c:
6b:46:8b:e1:bb:0a:91:27:0d:13:20:8d:e2:c5:57:
3c:d9:15:74:fb:c8:9d:bc:c2:b3:08:c7:05:5a:3f:
31:10:ce:e1:be:b9:27:34:4a:e6:71:9b:95:0f:9d:
e2:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:40:E1:E0:FE:25:11:EB:3A:64:D3:FF:89:56:E6:48:06:DD:E6:14
X509v3 Authority Key Identifier:
keyid:19:62:26:50:04:81:07:91:8A:DF:1B:22:CD:F0:87:C8:A8:34:F7:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GWImUASBB5GK3xsizfCHyKg095w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/c502c1-f314-40b1-a024-8d10fee584fe/1/H0Dh4P4lEes6ZNP_iVbmSAbd5hQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/c502c1-f314-40b1-a024-8d10fee584fe/1/GWImUASBB5GK3xsizfCHyKg095w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.106.25.0/24
86.107.103.0/24
188.66.63.0/24
IPv6:
2001:67c:750::/48
Signature Algorithm: sha256WithRSAEncryption
1c:d8:89:f3:0d:21:1b:07:76:81:f7:3f:b4:cc:be:dd:c4:d1:
34:87:10:f2:c4:c8:2e:fc:00:67:33:cf:56:bc:58:4c:56:27:
6a:9a:48:ff:bd:9e:3f:7f:9f:ed:de:ac:2c:eb:1b:e6:50:f6:
ff:29:87:d4:17:8c:42:05:4e:5e:a8:f3:ff:98:2e:41:08:b2:
48:87:53:ac:35:e4:4f:5a:82:76:bf:44:39:35:eb:43:1b:44:
4c:4d:4b:b7:75:b3:81:85:f3:c7:0c:86:09:78:f5:c3:52:cf:
77:1b:e2:7d:12:72:9f:9c:71:67:ed:95:32:a3:87:c4:a1:b1:
06:f3:53:21:22:c5:67:d8:06:65:21:ae:c0:f3:58:9e:db:57:
23:9d:12:bd:45:1d:bc:73:21:f4:38:75:1a:87:e1:c8:fa:8a:
f8:13:3d:e4:c2:4a:6c:5e:97:ea:d9:cc:ef:57:d7:b7:1e:74:
0f:1d:ae:15:f1:30:a0:44:dc:7a:5d:81:69:3e:9b:42:0c:a1:
f0:c7:d7:99:9b:eb:89:34:2b:55:ac:c8:68:35:57:f7:71:41:
46:65:3c:c5:a2:cc:63:c9:bf:b9:15:5e:37:44:69:20:28:2f:
7e:77:c7:2b:22:f7:06:21:5b:88:b2:c6:41:5e:1e:12:f1:69:
e6:46:1b:0b
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYWL2NR93DXQNcxN0UP+GPqHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NjIyNjUwMDQ4MTA3OTE4YWRmMWIyMmNkZjA4N2M4YTgz
NGY3OWMwHhcNMjMwMTA3MTA0ODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjQwZTFlMGZlMjUxMWViM2E2NGQzZmY4OTU2ZTY0ODA2ZGRlNjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlu9OefbWNEPhw5/9CsWHF1ZFmalv
A/e+/iMEDTFs/9mhlt4byfihib9BhwqM0XoSR5NHNkmM4IKExkWNYFxybWRtle5x
Z+WFd9plecRw0WAOWza+7juQcqaAeU7ba2uimRLehSyOXhmWsa1KCuawJua9k4mp
9DGKhGjJU3okvlvMlvunU9h38gbkoac3e2mLJnh8grLsDITDv3ZpYaTsuntwAtKj
XaIxAKnss52XTXJZRnkyjlSwCEYetL7QsnJ5HXQ/fYEGeP+bIHGHUnK/LExrRovh
uwqRJw0TII3ixVc82RV0+8idvMKzCMcFWj8xEM7hvrknNErmcZuVD53iIQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFB9A4eD+JRHrOmTT/4lW5kgG3eYUMB8GA1UdIwQY
MBaAFBliJlAEgQeRit8bIs3wh8ioNPecMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1dJbVVBU0JCNUdLM3hzaXpmQ0h5S2cwOTV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9jNTAyYzEtZjMxNC00MGIxLWEwMjQt
OGQxMGZlZTU4NGZlLzEvSDBEaDRQNGxFZXM2Wk5QX2lWYm1TQWJkNWhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9jNTAyYzEtZjMxNC00MGIxLWEwMjQtOGQxMGZlZTU4NGZl
LzEvR1dJbVVBU0JCNUdLM3hzaXpmQ0h5S2cwOTV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAVmoZAwQA
VmtnAwQAvEI/MA8EAgACMAkDBwAgAQZ8B1AwDQYJKoZIhvcNAQELBQADggEBABzY
ifMNIRsHdoH3P7TMvt3E0TSHEPLEyC78AGczz1a8WExWJ2qaSP+9nj9/n+3erCzr
G+ZQ9v8ph9QXjEIFTl6o8/+YLkEIskiHU6w15E9agna/RDk160MbRExNS7d1s4GF
88cMhgl49cNSz3cb4n0Scp+ccWftlTKjh8ShsQbzUyEixWfYBmUhrsDzWJ7bVyOd
Er1FHbxzIfQ4dRqH4cj6ivgTPeTCSmxel+rZzO9X17cedA8drhXxMKBE3HpdgWk+
m0IMofDH15mb64k0K1WsyGg1V/dxQUZlPMWizGPJv7kVXjdEaSAoL353xysi9wYh
W4iyxkFeHhLxaeZGGws=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:05 2025 by rpki-client