Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/6633d5-8676-4ec4-a3fc-c536df5c274e/1/dahHwDAggVC_tS0P7mOciXLN3fI.roa
File: dahHwDAggVC_tS0P7mOciXLN3fI.roa (raw, json)
Hash identifier: wwBfYyYJjInWeDQi5rPIPX4LSc0p5khjqCDk3il3X1Y=
Subject key identifier: 75:A8:47:C0:30:20:81:50:BF:B5:2D:0F:EE:63:9C:89:72:CD:DD:F2
Certificate issuer: /CN=5243ded745b05f4038e983fb9d78edf56f251346
Certificate serial: 06CB0853
Authority key identifier: 52:43:DE:D7:45:B0:5F:40:38:E9:83:FB:9D:78:ED:F5:6F:25:13:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UkPe10WwX0A46YP7nXjt9W8lE0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/6633d5-8676-4ec4-a3fc-c536df5c274e/1/dahHwDAggVC_tS0P7mOciXLN3fI.roa
Signing time: Sat 01 Jan 2022 08:02:03 +0000
ROA not before: Sat 01 Jan 2022 08:02:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200602
IP address blocks: 193.143.18.0/24 maxlen: 24
193.143.75.0/24 maxlen: 24
193.143.72.0/24 maxlen: 24
193.143.76.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 113969235 (0x6cb0853)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5243ded745b05f4038e983fb9d78edf56f251346
Validity
Not Before: Jan 1 08:02:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=75a847c030208150bfb52d0fee639c8972cdddf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:e1:bf:69:28:1d:85:1e:4e:6d:b5:de:48:36:
07:b8:ae:d6:5a:c1:75:be:f7:20:46:39:6e:b3:f3:
e3:3d:41:eb:bc:c3:73:9f:7a:ca:d9:59:01:1d:63:
16:45:8a:40:ff:12:d5:a8:e0:10:25:38:24:81:1b:
95:80:38:79:87:1a:60:7b:cf:bc:9b:1c:f7:6c:3b:
71:3f:04:09:d8:01:ce:47:f6:54:74:14:92:58:d9:
c9:3d:eb:69:7e:fb:cd:f4:0e:04:9d:9d:95:fc:bd:
69:f5:35:34:6b:dd:2c:ed:85:43:b5:c8:eb:3d:6b:
14:8a:da:e0:58:80:18:b2:f3:cc:08:9e:0f:26:b9:
2b:1d:f1:c7:1d:04:f8:ee:6e:55:6d:6a:8c:e6:50:
99:39:32:d8:a5:6f:0e:55:89:7e:e0:71:77:3b:26:
6c:e7:a1:27:1d:b8:d7:36:c0:72:31:ea:a4:97:29:
b0:65:1a:60:69:8b:d8:d5:d6:47:2d:f7:36:fa:b3:
4a:75:a5:ff:44:62:82:68:15:bf:dd:65:59:75:75:
0f:ae:cf:b6:1c:ab:d4:f9:82:8c:66:e5:6f:5d:3d:
88:27:07:63:b1:69:b9:44:b2:f4:4e:73:9a:f2:7b:
b6:b9:96:d5:4e:4e:81:31:15:a0:32:f5:82:47:8f:
9f:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:A8:47:C0:30:20:81:50:BF:B5:2D:0F:EE:63:9C:89:72:CD:DD:F2
X509v3 Authority Key Identifier:
keyid:52:43:DE:D7:45:B0:5F:40:38:E9:83:FB:9D:78:ED:F5:6F:25:13:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UkPe10WwX0A46YP7nXjt9W8lE0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/6633d5-8676-4ec4-a3fc-c536df5c274e/1/dahHwDAggVC_tS0P7mOciXLN3fI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/6633d5-8676-4ec4-a3fc-c536df5c274e/1/UkPe10WwX0A46YP7nXjt9W8lE0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.143.18.0/24
193.143.72.0/24
193.143.75.0-193.143.76.255
Signature Algorithm: sha256WithRSAEncryption
a1:76:07:2b:61:12:d1:cd:41:73:d8:2f:62:0b:3d:fd:a8:cb:
cc:f3:65:62:44:98:86:30:38:73:c6:b7:28:57:40:4e:46:b7:
77:fc:bf:27:53:2c:ad:d4:05:dd:cc:75:6c:1d:13:18:e3:d2:
9b:d8:32:3c:73:3d:4a:08:b4:9c:ed:c4:b0:22:63:6a:be:44:
66:9f:c1:f0:0c:30:b5:5c:71:11:96:11:91:ea:f0:73:81:41:
d0:8f:33:b8:ce:91:bf:4c:89:2c:80:bb:42:25:42:33:55:dc:
2b:71:3b:4e:1d:6f:c1:26:04:4b:17:17:a2:2e:ee:68:04:cd:
06:b4:e1:80:c6:0d:d4:aa:de:ee:45:60:1f:13:96:a2:f8:95:
27:ce:51:d6:f9:fa:b4:5f:5d:cd:92:0d:dc:22:fa:a5:71:6b:
aa:51:44:4c:23:4e:3b:c9:e3:10:3e:36:98:f8:86:4b:fc:bc:
60:72:23:c3:b1:36:65:cc:f8:03:7f:2f:2e:88:1c:3e:11:7d:
c3:8e:f4:41:7b:f6:cc:ec:f4:30:9a:55:c8:b1:fc:1a:05:8b:
e6:45:22:92:f1:52:af:e0:b4:e7:60:59:ec:e5:2a:fd:d4:c1:
df:a4:8b:91:49:b5:a8:51:71:8a:54:00:68:c5:d4:6f:65:11:
92:72:aa:f8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEBssIUzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MjQzZGVkNzQ1YjA1ZjQwMzhlOTgzZmI5ZDc4ZWRmNTZmMjUxMzQ2MB4XDTIyMDEw
MTA4MDIwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzVhODQ3YzAzMDIw
ODE1MGJmYjUyZDBmZWU2MzljODk3MmNkZGRmMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKHhv2koHYUeTm213kg2B7iu1lrBdb73IEY5brPz4z1B67zD
c596ytlZAR1jFkWKQP8S1ajgECU4JIEblYA4eYcaYHvPvJsc92w7cT8ECdgBzkf2
VHQUkljZyT3raX77zfQOBJ2dlfy9afU1NGvdLO2FQ7XI6z1rFIra4FiAGLLzzAie
Dya5Kx3xxx0E+O5uVW1qjOZQmTky2KVvDlWJfuBxdzsmbOehJx241zbAcjHqpJcp
sGUaYGmL2NXWRy33NvqzSnWl/0RigmgVv91lWXV1D67Pthyr1PmCjGblb109iCcH
Y7FpuUSy9E5zmvJ7trmW1U5OgTEVoDL1gkePn6UCAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBR1qEfAMCCBUL+1LQ/uY5yJcs3d8jAfBgNVHSMEGDAWgBRSQ97XRbBfQDjp
g/udeO31byUTRjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VrUGUxMFd3WDBBNDZZUDduWGp0OVc4bEUwWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTYvNjYzM2Q1LTg2NzYtNGVjNC1hM2ZjLWM1MzZkZjVjMjc0ZS8x
L2RhaEh3REFnZ1ZDX3RTMFA3bU9jaVhMTjNmSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTYv
NjYzM2Q1LTg2NzYtNGVjNC1hM2ZjLWM1MzZkZjVjMjc0ZS8xL1VrUGUxMFd3WDBB
NDZZUDduWGp0OVc4bEUwWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGgMEAMGPEgMEAMGPSDAMAwQAwY9LAwQA
wY9MMA0GCSqGSIb3DQEBCwUAA4IBAQChdgcrYRLRzUFz2C9iCz39qMvM82ViRJiG
MDhzxrcoV0BORrd3/L8nUyyt1AXdzHVsHRMY49Kb2DI8cz1KCLSc7cSwImNqvkRm
n8HwDDC1XHERlhGR6vBzgUHQjzO4zpG/TIksgLtCJUIzVdwrcTtOHW/BJgRLFxei
Lu5oBM0GtOGAxg3Uqt7uRWAfE5ai+JUnzlHW+fq0X13Nkg3cIvqlcWuqUURMI047
yeMQPjaY+IZL/LxgciPDsTZlzPgDfy8uiBw+EX3DjvRBe/bM7PQwmlXIsfwaBYvm
RSKS8VKv4LTnYFns5Sr91MHfpIuRSbWoUXGKVABoxdRvZRGScqr4
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:44 2025 by rpki-client