Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/9a6860-224f-4b34-a9b6-bc192bb73025/1/fHKtMb7BVd9gwY2l1Nx93ntRuf4.roa
File: fHKtMb7BVd9gwY2l1Nx93ntRuf4.roa (raw, json)
Hash identifier: 25R0iuWalCTahH5zGcFb4xEHFXLOQ22sqoDwqo9Eyfc=
Subject key identifier: 7C:72:AD:31:BE:C1:55:DF:60:C1:8D:A5:D4:DC:7D:DE:7B:51:B9:FE
Certificate issuer: /CN=02cc691476a6e7895b0e456116444f91937bf01e
Certificate serial: 01856B77C886FED6B46FBB7356AA6FBE3642
Authority key identifier: 02:CC:69:14:76:A6:E7:89:5B:0E:45:61:16:44:4F:91:93:7B:F0:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AsxpFHam54lbDkVhFkRPkZN78B4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/9a6860-224f-4b34-a9b6-bc192bb73025/1/fHKtMb7BVd9gwY2l1Nx93ntRuf4.roa
Signing time: Sun 01 Jan 2023 03:54:50 +0000
ROA not before: Sun 01 Jan 2023 03:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8319
IP address blocks: 195.158.32.0/19 maxlen: 24
194.153.151.0/24 maxlen: 24
212.218.0.0/16 maxlen: 24
195.250.48.0/24 maxlen: 24
2001:4cd8::/32 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:77:c8:86:fe:d6:b4:6f:bb:73:56:aa:6f:be:36:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02cc691476a6e7895b0e456116444f91937bf01e
Validity
Not Before: Jan 1 03:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7c72ad31bec155df60c18da5d4dc7dde7b51b9fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:f2:36:b7:73:41:a8:00:91:04:84:f3:aa:b4:
11:e4:0f:e3:62:01:ff:93:86:bc:19:a3:94:72:30:
7e:db:5f:65:06:fe:d0:43:f2:d1:ee:b3:52:9c:65:
71:1c:fe:dc:7a:b8:f5:6d:ed:7b:14:c6:29:9c:46:
1c:1b:b4:e3:e2:aa:4e:ed:22:3a:81:f9:94:75:9c:
ca:1d:6e:11:c8:e1:85:57:e9:1b:b4:c9:11:01:28:
8c:11:f7:7b:1c:85:8c:16:e2:91:18:e3:c0:1c:24:
ee:c6:f9:35:c7:fa:9e:8f:ff:e2:c2:cd:30:7b:2a:
12:06:98:fe:6f:d0:e9:c9:57:d0:1c:fb:b5:64:08:
88:97:9a:53:66:e7:0b:6d:a4:05:2f:4d:83:5a:48:
55:3f:ee:ff:16:ef:e0:75:33:03:fd:73:39:e0:81:
76:61:11:bb:12:93:c7:d2:97:9d:e7:32:3d:54:e0:
44:d5:11:2a:d6:6e:59:56:a6:63:09:df:8f:35:ef:
1c:23:19:c5:6e:b9:4e:43:5b:88:b0:a1:95:46:c3:
f7:44:14:50:e7:e9:2a:45:2c:c3:19:34:17:f7:7c:
c2:3f:c5:17:13:49:db:0f:2d:0f:44:6d:69:e2:c4:
3b:98:8a:7c:11:47:d4:27:fe:17:08:70:a9:2c:4a:
0e:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:72:AD:31:BE:C1:55:DF:60:C1:8D:A5:D4:DC:7D:DE:7B:51:B9:FE
X509v3 Authority Key Identifier:
keyid:02:CC:69:14:76:A6:E7:89:5B:0E:45:61:16:44:4F:91:93:7B:F0:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AsxpFHam54lbDkVhFkRPkZN78B4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/9a6860-224f-4b34-a9b6-bc192bb73025/1/fHKtMb7BVd9gwY2l1Nx93ntRuf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/9a6860-224f-4b34-a9b6-bc192bb73025/1/AsxpFHam54lbDkVhFkRPkZN78B4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.153.151.0/24
195.158.32.0/19
195.250.48.0/24
212.218.0.0/16
IPv6:
2001:4cd8::/32
Signature Algorithm: sha256WithRSAEncryption
9f:7d:a2:18:01:ad:14:11:73:b3:e0:d0:be:9a:a4:56:62:3c:
24:b1:27:2f:bc:ba:3b:9f:e1:d9:d3:2b:2d:c2:b1:99:bd:76:
3c:04:80:a0:da:83:22:e4:bb:71:c2:03:46:d2:2d:be:83:cc:
df:0f:ec:3a:47:e6:62:13:c5:b5:bd:60:a4:51:ec:83:f3:7c:
7a:35:c6:28:be:3d:cf:25:6b:54:d8:8d:06:37:b2:7d:23:b1:
1d:3a:f7:d5:fb:8b:1a:bb:df:27:ed:12:7c:69:e7:b3:73:1e:
e2:3f:d9:ed:1e:20:35:cd:28:bc:93:08:11:50:82:8d:2f:f6:
18:d7:17:ae:5f:c9:6e:be:87:70:d1:cd:84:ab:2a:0d:80:30:
2c:84:4e:e3:cf:85:cb:e4:72:89:b3:0c:68:86:1a:ae:8e:53:
4d:39:09:aa:eb:e0:8f:03:10:11:c4:16:e7:88:cd:ff:5a:a8:
e5:b0:fb:e7:2a:2c:61:f8:0a:57:e4:91:3f:4b:f7:77:35:32:
ef:71:9f:38:de:24:5e:02:64:91:4b:bd:55:71:3d:18:5f:a9:
13:f5:99:6f:01:b3:7a:71:99:46:c3:d1:4a:e2:c1:b7:eb:b1:
13:80:a8:06:87:3d:f5:0a:b4:6f:d7:ae:0e:24:1f:c2:bd:50:
0c:82:ee:11
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVrd8iG/ta0b7tzVqpvvjZCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyY2M2OTE0NzZhNmU3ODk1YjBlNDU2MTE2NDQ0ZjkxOTM3
YmYwMWUwHhcNMjMwMTAxMDM1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzcyYWQzMWJlYzE1NWRmNjBjMThkYTVkNGRjN2RkZTdiNTFiOWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/I2t3NBqACRBITzqrQR5A/jYgH/
k4a8GaOUcjB+219lBv7QQ/LR7rNSnGVxHP7cerj1be17FMYpnEYcG7Tj4qpO7SI6
gfmUdZzKHW4RyOGFV+kbtMkRASiMEfd7HIWMFuKRGOPAHCTuxvk1x/qej//iws0w
eyoSBpj+b9DpyVfQHPu1ZAiIl5pTZucLbaQFL02DWkhVP+7/Fu/gdTMD/XM54IF2
YRG7EpPH0ped5zI9VOBE1REq1m5ZVqZjCd+PNe8cIxnFbrlOQ1uIsKGVRsP3RBRQ
5+kqRSzDGTQX93zCP8UXE0nbDy0PRG1p4sQ7mIp8EUfUJ/4XCHCpLEoO+wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFHxyrTG+wVXfYMGNpdTcfd57Ubn+MB8GA1UdIwQY
MBaAFALMaRR2pueJWw5FYRZET5GTe/AeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXN4cEZIYW01NGxiRGtWaEZrUlBrWk43OEI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS85YTY4NjAtMjI0Zi00YjM0LWE5YjYt
YmMxOTJiYjczMDI1LzEvZkhLdE1iN0JWZDlnd1kybDFOeDkzbnRSdWY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS85YTY4NjAtMjI0Zi00YjM0LWE5YjYtYmMxOTJiYjczMDI1
LzEvQXN4cEZIYW01NGxiRGtWaEZrUlBrWk43OEI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAdBAIAATAXAwQAwpmXAwQF
w54gAwQAw/owAwMA1NowDQQCAAIwBwMFACABTNgwDQYJKoZIhvcNAQELBQADggEB
AJ99ohgBrRQRc7Pg0L6apFZiPCSxJy+8ujuf4dnTKy3CsZm9djwEgKDagyLku3HC
A0bSLb6DzN8P7DpH5mITxbW9YKRR7IPzfHo1xii+Pc8la1TYjQY3sn0jsR0699X7
ixq73yftEnxp57NzHuI/2e0eIDXNKLyTCBFQgo0v9hjXF65fyW6+h3DRzYSrKg2A
MCyETuPPhcvkcomzDGiGGq6OU005Carr4I8DEBHEFueIzf9aqOWw++cqLGH4Clfk
kT9L93c1Mu9xnzjeJF4CZJFLvVVxPRhfqRP1mW8Bs3pxmUbD0UriwbfrsROAqAaH
PfUKtG/Xrg4kH8K9UAyC7hE=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:01:46 2025 by rpki-client