Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/HAedQ__iADeCo96KFNRKA5OHbt4.roa
File: HAedQ__iADeCo96KFNRKA5OHbt4.roa (raw, json)
Hash identifier: txW4EgnWPTivG7yTLeiWYTHtu5PFGAzbKB57Ojy3cv0=
Subject key identifier: 1C:07:9D:43:FF:E2:00:37:82:A3:DE:8A:14:D4:4A:03:93:87:6E:DE
Certificate issuer: /CN=2dd596c1ea7ecbb1be1777fc0d38ed06ca40eabe
Certificate serial: 01856FD51C12292983E86603D165F835DF6D
Authority key identifier: 2D:D5:96:C1:EA:7E:CB:B1:BE:17:77:FC:0D:38:ED:06:CA:40:EA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LdWWwep-y7G-F3f8DTjtBspA6r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/HAedQ__iADeCo96KFNRKA5OHbt4.roa
Signing time: Mon 02 Jan 2023 00:15:15 +0000
ROA not before: Mon 02 Jan 2023 00:15:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60571
IP address blocks: 194.104.148.0/24 maxlen: 24
2a06:1c4::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:1c:12:29:29:83:e8:66:03:d1:65:f8:35:df:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2dd596c1ea7ecbb1be1777fc0d38ed06ca40eabe
Validity
Not Before: Jan 2 00:15:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c079d43ffe2003782a3de8a14d44a0393876ede
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:bd:1b:ec:eb:60:6f:c5:0c:a8:f7:df:7c:c8:
bc:5f:87:7c:87:3e:59:55:9f:bb:73:cc:ca:c2:4e:
59:20:2e:5f:40:f6:e6:ff:f3:0b:ec:00:1e:2d:2e:
74:1b:94:71:9c:c0:5f:31:52:5d:2a:f2:61:29:0a:
cb:20:f4:19:c2:60:5a:c7:11:30:bd:c5:f1:06:2b:
66:c6:37:35:8f:3b:24:7a:9f:37:14:94:f7:79:25:
10:1b:e7:48:f7:bd:48:40:aa:45:0f:26:7e:00:a9:
59:36:89:e3:c2:00:84:3d:a9:7d:bc:df:b4:25:99:
a8:68:79:77:03:00:8a:2b:71:11:be:44:39:f2:12:
5b:ac:f9:d3:f8:b1:68:e7:66:d5:f8:ba:7e:f6:db:
27:10:e6:33:09:03:b9:ab:e8:6d:6d:e7:57:93:7d:
77:dd:1f:cd:23:76:3e:ea:48:dd:82:32:16:03:6c:
62:39:d4:5d:ca:1a:d0:e2:f6:1b:56:53:10:82:40:
44:ff:ae:b8:db:89:5a:55:ba:85:de:d5:52:b7:bc:
c9:3f:61:ca:3b:ee:db:c7:b2:24:cc:9b:5d:88:5d:
ed:c8:cb:bd:4f:b7:e7:33:9a:9d:29:54:00:04:0b:
33:41:7c:c8:53:d7:07:4a:fa:0f:35:e4:eb:92:54:
56:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:07:9D:43:FF:E2:00:37:82:A3:DE:8A:14:D4:4A:03:93:87:6E:DE
X509v3 Authority Key Identifier:
keyid:2D:D5:96:C1:EA:7E:CB:B1:BE:17:77:FC:0D:38:ED:06:CA:40:EA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LdWWwep-y7G-F3f8DTjtBspA6r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/HAedQ__iADeCo96KFNRKA5OHbt4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/LdWWwep-y7G-F3f8DTjtBspA6r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.104.148.0/24
IPv6:
2a06:1c4::/32
Signature Algorithm: sha256WithRSAEncryption
31:1e:2e:b7:b0:1f:4c:29:57:03:8c:f7:d6:ea:53:b1:c6:51:
97:2b:6a:37:aa:dd:b5:9a:d1:c9:40:9b:e6:2c:35:36:80:df:
f3:8d:14:b2:4a:98:ad:6c:81:78:f8:fd:83:c9:63:bb:c0:68:
ea:a9:64:bb:f1:84:e0:39:c2:dd:e3:91:3b:f4:39:9f:3f:3b:
b6:4e:87:81:6d:27:ed:14:50:17:cd:7e:4c:99:6e:38:a3:c5:
67:e1:20:b5:e4:73:2d:76:2e:90:12:e1:c0:53:29:fd:e6:10:
96:ea:f7:08:94:c0:e7:a1:03:37:13:24:6f:bd:9d:4c:35:70:
f9:6b:a4:38:f1:ef:16:fb:ca:77:da:dc:1e:73:90:92:31:4a:
29:37:ad:9d:70:26:78:c6:6a:1d:cf:a7:43:76:a6:cb:f8:d4:
1b:ac:da:0e:19:3e:03:11:4a:81:c3:d4:83:16:4e:8e:5b:6f:
78:47:eb:cf:0d:da:62:47:de:ac:9c:0e:78:2d:25:1b:d0:e4:
7f:ae:39:6a:9f:24:a4:bf:4a:25:0e:68:56:8a:54:44:4b:1e:
26:fa:54:a8:00:82:c3:c5:ad:7d:12:4a:84:7f:dd:3c:e1:1c:
7b:19:8f:c2:6e:e1:a9:b8:03:0f:a6:a8:38:1b:37:03:18:44:
72:6b:5f:be
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVv1RwSKSmD6GYD0WX4Nd9tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkZDU5NmMxZWE3ZWNiYjFiZTE3NzdmYzBkMzhlZDA2Y2E0
MGVhYmUwHhcNMjMwMTAyMDAxNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzA3OWQ0M2ZmZTIwMDM3ODJhM2RlOGExNGQ0NGEwMzkzODc2ZWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxL0b7Otgb8UMqPfffMi8X4d8hz5Z
VZ+7c8zKwk5ZIC5fQPbm//ML7AAeLS50G5RxnMBfMVJdKvJhKQrLIPQZwmBaxxEw
vcXxBitmxjc1jzskep83FJT3eSUQG+dI971IQKpFDyZ+AKlZNonjwgCEPal9vN+0
JZmoaHl3AwCKK3ERvkQ58hJbrPnT+LFo52bV+Lp+9tsnEOYzCQO5q+htbedXk313
3R/NI3Y+6kjdgjIWA2xiOdRdyhrQ4vYbVlMQgkBE/66424laVbqF3tVSt7zJP2HK
O+7bx7IkzJtdiF3tyMu9T7fnM5qdKVQABAszQXzIU9cHSvoPNeTrklRWOQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBwHnUP/4gA3gqPeihTUSgOTh27eMB8GA1UdIwQY
MBaAFC3VlsHqfsuxvhd3/A047QbKQOq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGRXV3dlcC15N0ctRjNmOERUanRCc3BBNnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8zNjNlY2MtMmFhMS00MjgxLTk1YjEt
OGIwZmMwNzg1OGQ2LzEvSEFlZFFfX2lBRGVDbzk2S0ZOUktBNU9IYnQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8zNjNlY2MtMmFhMS00MjgxLTk1YjEtOGIwZmMwNzg1OGQ2
LzEvTGRXV3dlcC15N0ctRjNmOERUanRCc3BBNnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwmiUMA0E
AgACMAcDBQAqBgHEMA0GCSqGSIb3DQEBCwUAA4IBAQAxHi63sB9MKVcDjPfW6lOx
xlGXK2o3qt21mtHJQJvmLDU2gN/zjRSySpitbIF4+P2DyWO7wGjqqWS78YTgOcLd
45E79DmfPzu2ToeBbSftFFAXzX5MmW44o8Vn4SC15HMtdi6QEuHAUyn95hCW6vcI
lMDnoQM3EyRvvZ1MNXD5a6Q48e8W+8p32twec5CSMUopN62dcCZ4xmodz6dDdqbL
+NQbrNoOGT4DEUqBw9SDFk6OW294R+vPDdpiR96snA54LSUb0OR/rjlqnySkv0ol
DmhWilRESx4m+lSoAILDxa19EkqEf9084Rx7GY/CbuGpuAMPpqg4GzcDGERya1++
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:46 2025 by rpki-client