Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/1-hudRaIJ4uoL5oA8zGJoyByNF9Y.roa
File: 1-hudRaIJ4uoL5oA8zGJoyByNF9Y.roa (raw, json)
Hash identifier: YvoPdH1hYUyCb25fpHsjBq6mPNV3PX8uroZZvunPlRw=
Subject key identifier: FA:1B:9D:45:A2:09:E2:EA:0B:E6:80:3C:CC:62:68:C8:1C:8D:17:D6
Certificate issuer: /CN=af734108705a95796e8577125dd300c751dfd9a8
Certificate serial: 0188D46F4EE20893C87DF41F4200DBF3822C
Authority key identifier: AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/1-hudRaIJ4uoL5oA8zGJoyByNF9Y.roa
Signing time: Mon 19 Jun 2023 16:14:04 +0000
ROA not before: Mon 19 Jun 2023 16:14:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3177
IP address blocks: 195.28.11.0/24 maxlen: 24
103.215.223.0/24 maxlen: 24
103.215.221.0/24 maxlen: 24
103.215.222.0/24 maxlen: 24
103.215.220.0/24 maxlen: 24
195.238.231.0/24 maxlen: 24
2a05:63c0::/29 maxlen: 29
2a10:ef04:1000::/48 maxlen: 48
2a0f:c040::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d4:6f:4e:e2:08:93:c8:7d:f4:1f:42:00:db:f3:82:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af734108705a95796e8577125dd300c751dfd9a8
Validity
Not Before: Jun 19 16:14:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa1b9d45a209e2ea0be6803ccc6268c81c8d17d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:19:7e:fb:64:5b:f2:53:17:a1:97:65:3d:94:
51:fb:11:6b:04:1e:ae:00:80:3f:b5:4b:aa:f2:e5:
ac:92:6d:5f:be:74:0f:44:f7:90:ef:5e:61:1f:17:
cb:f4:42:c5:61:ab:33:d1:d5:7c:b1:57:ec:7c:df:
6d:26:34:48:0a:14:e4:bf:9c:a4:d6:18:8e:9e:fa:
e4:2b:6c:c3:a1:1e:b6:9f:63:73:5f:69:61:76:5c:
6e:97:a5:af:d7:13:b6:15:58:62:22:d6:3a:88:d7:
46:80:f2:0b:c7:41:c2:25:5b:e5:65:37:52:39:8b:
c5:b6:3a:f5:7a:38:2e:ff:89:99:2e:2c:0c:d7:e8:
6c:f5:b8:15:07:c4:76:5b:a6:0f:65:ff:9f:32:cc:
6a:08:9c:ee:5d:ad:a4:03:23:8d:88:b7:7f:59:3b:
6b:73:b6:a4:8f:61:af:5f:56:48:9b:a5:02:31:7b:
f7:17:63:c6:a7:bc:23:d6:0b:3a:98:01:2e:c0:14:
a7:96:06:68:7d:0c:ef:7b:eb:b6:59:dd:03:01:43:
3f:91:ee:83:ca:1d:c4:d2:1c:02:c9:92:f8:c7:24:
2c:47:be:65:32:9c:ab:52:26:c8:39:fb:04:b5:52:
8c:88:33:da:c4:c1:33:b1:ce:fd:ab:7a:ce:6e:7b:
83:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:1B:9D:45:A2:09:E2:EA:0B:E6:80:3C:CC:62:68:C8:1C:8D:17:D6
X509v3 Authority Key Identifier:
keyid:AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/1-hudRaIJ4uoL5oA8zGJoyByNF9Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/r3NBCHBalXluhXcSXdMAx1Hf2ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.215.220.0/22
195.28.11.0/24
195.238.231.0/24
IPv6:
2a05:63c0::/29
2a0f:c040::/29
2a10:ef04:1000::/48
Signature Algorithm: sha256WithRSAEncryption
13:1b:87:26:3f:7c:b1:b7:2f:1f:a6:71:63:5a:b8:a7:6f:f6:
3a:c4:9b:2f:8f:ee:b4:9d:7a:95:f3:63:3f:86:cc:16:cd:19:
8f:b1:46:48:37:ac:f3:e2:85:16:9a:c5:65:49:46:e7:35:c0:
4f:1f:76:6b:23:b3:09:9e:94:44:90:71:eb:f1:b7:48:b7:c4:
77:9f:5d:f6:92:0e:96:d7:16:b4:ee:3a:91:bd:d6:f3:b2:9a:
78:88:7c:14:1f:70:c5:a2:c2:a8:e7:61:c9:77:7a:a7:61:a5:
d2:11:de:f7:87:6b:ae:36:f5:a2:49:07:00:c7:4e:b7:bd:29:
5f:07:a9:8d:a9:c6:5a:1a:e9:27:ca:c1:6a:a9:c7:cd:f8:11:
b5:02:ea:1a:fa:45:38:ec:c5:10:11:4b:af:f6:40:67:50:b7:
35:09:8f:58:04:54:c8:16:84:2c:45:85:76:60:4c:19:2e:14:
29:ad:be:df:9c:7b:8f:a7:bb:1a:9d:97:05:dd:9b:c6:3d:59:
44:a6:05:fd:29:63:df:50:f3:7a:49:a3:b2:7b:79:a9:0e:6e:
e6:5d:1b:3f:25:10:12:10:5d:1e:95:ee:2a:03:ea:d8:7f:dd:
46:36:53:68:1f:eb:ed:a3:ce:75:6e:d4:c6:b2:a7:d1:8e:95:
4e:1d:53:50
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYjUb07iCJPIffQfQgDb84IsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNzM0MTA4NzA1YTk1Nzk2ZTg1NzcxMjVkZDMwMGM3NTFk
ZmQ5YTgwHhcNMjMwNjE5MTYxNDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTFiOWQ0NWEyMDllMmVhMGJlNjgwM2NjYzYyNjhjODFjOGQxN2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixl++2Rb8lMXoZdlPZRR+xFrBB6u
AIA/tUuq8uWskm1fvnQPRPeQ715hHxfL9ELFYasz0dV8sVfsfN9tJjRIChTkv5yk
1hiOnvrkK2zDoR62n2NzX2lhdlxul6Wv1xO2FVhiItY6iNdGgPILx0HCJVvlZTdS
OYvFtjr1ejgu/4mZLiwM1+hs9bgVB8R2W6YPZf+fMsxqCJzuXa2kAyONiLd/WTtr
c7akj2GvX1ZIm6UCMXv3F2PGp7wj1gs6mAEuwBSnlgZofQzve+u2Wd0DAUM/ke6D
yh3E0hwCyZL4xyQsR75lMpyrUibIOfsEtVKMiDPaxMEzsc79q3rObnuDnwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFPobnUWiCeLqC+aAPMxiaMgcjRfWMB8GA1UdIwQY
MBaAFK9zQQhwWpV5boV3El3TAMdR39moMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjNOQkNIQmFsWGx1aFhjU1hkTUF4MUhmMmFnLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9jOTNhNjYtYzdjNy00YzMzLWE3MjUt
MThkMWE0MDZhYWVkLzEvMS1odWRSYUlKNHVvTDVvQTh6R0pveUJ5TkY5WS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOWUvYzkzYTY2LWM3YzctNGMzMy1hNzI1LTE4ZDFhNDA2YWFl
ZC8xL3IzTkJDSEJhbFhsdWhYY1NYZE1BeDFIZjJhZy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBKBggrBgEFBQcBBwEB/wQ7MDkwGAQCAAEwEgMEAmfX3AME
AMMcCwMEAMPu5zAdBAIAAjAXAwUDKgVjwAMFAyoPwEADBwAqEO8EEAAwDQYJKoZI
hvcNAQELBQADggEBABMbhyY/fLG3Lx+mcWNauKdv9jrEmy+P7rSdepXzYz+GzBbN
GY+xRkg3rPPihRaaxWVJRuc1wE8fdmsjswmelESQcevxt0i3xHefXfaSDpbXFrTu
OpG91vOymniIfBQfcMWiwqjnYcl3eqdhpdIR3veHa6429aJJBwDHTre9KV8HqY2p
xloa6SfKwWqpx834EbUC6hr6RTjsxRARS6/2QGdQtzUJj1gEVMgWhCxFhXZgTBku
FCmtvt+ce4+nuxqdlwXdm8Y9WUSmBf0pY99Q83pJo7J7eakObuZdGz8lEBIQXR6V
7ioD6th/3UY2U2gf6+2jznVu1Mayp9GOlU4dU1A=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:00 2025 by rpki-client