Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/973bb5-0661-456c-9e1e-253be9f6ed3d/1/8gUxr__9cZcbBqAttHDogirKxnU.roa
File: 8gUxr__9cZcbBqAttHDogirKxnU.roa (raw, json)
Hash identifier: JWzW1yL37q0QDoIUDpzkv6efLShHCm/pnXT2ovROgMI=
Subject key identifier: F2:05:31:AF:FF:FD:71:97:1B:06:A0:2D:B4:70:E8:82:2A:CA:C6:75
Certificate issuer: /CN=1f528429034dcfba01f7fff5c7cc8856d4d06e1b
Certificate serial: 0183214E0347FB104B0BC78306EA971E6AEC
Authority key identifier: 1F:52:84:29:03:4D:CF:BA:01:F7:FF:F5:C7:CC:88:56:D4:D0:6E:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H1KEKQNNz7oB9__1x8yIVtTQbhs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/973bb5-0661-456c-9e1e-253be9f6ed3d/1/8gUxr__9cZcbBqAttHDogirKxnU.roa
Signing time: Fri 09 Sep 2022 08:11:44 +0000
ROA not before: Fri 09 Sep 2022 08:11:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198143
IP address blocks: 193.150.25.0/24 maxlen: 24
193.150.24.0/24 maxlen: 24
193.150.24.0/23 maxlen: 23
2001:67c:24a0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:21:4e:03:47:fb:10:4b:0b:c7:83:06:ea:97:1e:6a:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f528429034dcfba01f7fff5c7cc8856d4d06e1b
Validity
Not Before: Sep 9 08:11:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f20531affffd71971b06a02db470e8822acac675
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:de:f6:ad:2f:7d:b5:22:5a:2b:9f:47:2b:b3:
2a:7f:2b:4b:a4:5a:97:de:fb:d1:fd:78:df:f4:61:
f6:62:c6:f5:49:33:d9:8a:e1:7f:3d:9b:b5:55:7e:
cd:63:09:39:d7:c0:ec:0a:3c:f4:1e:c0:3d:c4:7e:
eb:0d:40:58:3f:f3:1a:42:9e:7f:b8:a5:8c:21:3c:
f9:73:26:c7:71:6e:43:af:55:41:11:33:ba:b1:99:
73:9b:a8:44:9c:29:3a:fc:39:49:33:b0:f2:67:3a:
b6:37:20:05:a3:f7:35:3e:17:33:64:49:3c:fd:bf:
46:40:a4:31:01:e4:75:8f:a0:60:b5:a1:25:20:95:
e0:d7:bf:2d:fa:2d:98:5d:b4:33:da:34:66:6f:4e:
04:84:17:22:05:83:ad:63:24:c9:6a:6e:56:53:58:
1d:6c:1c:39:d6:df:37:7a:a6:14:02:5e:13:71:59:
8c:c8:19:d8:72:4d:e2:7b:30:fc:da:b0:3c:20:cd:
ba:21:61:0c:d0:3c:f0:35:9d:cb:16:31:1a:a3:14:
88:5f:a5:70:07:e2:44:f5:f3:55:a7:c2:c9:30:78:
d8:79:57:1d:b2:01:fe:cd:b1:ee:e0:3d:27:0d:41:
9b:71:27:ad:d0:bf:a1:c7:39:4b:7b:2a:80:08:a1:
f7:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:05:31:AF:FF:FD:71:97:1B:06:A0:2D:B4:70:E8:82:2A:CA:C6:75
X509v3 Authority Key Identifier:
keyid:1F:52:84:29:03:4D:CF:BA:01:F7:FF:F5:C7:CC:88:56:D4:D0:6E:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H1KEKQNNz7oB9__1x8yIVtTQbhs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/973bb5-0661-456c-9e1e-253be9f6ed3d/1/8gUxr__9cZcbBqAttHDogirKxnU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/973bb5-0661-456c-9e1e-253be9f6ed3d/1/H1KEKQNNz7oB9__1x8yIVtTQbhs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.150.24.0/23
IPv6:
2001:67c:24a0::/48
Signature Algorithm: sha256WithRSAEncryption
0d:4d:e7:d3:3e:3d:24:34:74:58:27:2c:ce:d5:bb:a9:a1:a2:
55:2e:8b:b1:38:ce:05:c2:1c:5d:47:5e:06:1d:38:58:9a:27:
83:e1:0f:b9:40:c9:b6:fa:a7:44:49:67:1a:4a:f3:c4:07:cf:
c6:fb:d3:24:4d:48:60:6f:f5:72:a2:37:cd:e5:d1:11:b3:0d:
77:df:f6:41:b8:3f:f7:da:43:0b:a5:d5:dc:30:4c:cd:55:96:
0d:1c:76:26:22:f3:3f:38:8f:06:f2:50:4d:d0:95:43:86:c0:
d0:5b:b1:4a:82:40:96:7c:6c:40:ee:1b:73:dc:2b:9d:bb:75:
25:bc:1f:c0:a3:45:cd:fb:d5:d6:04:9d:7a:b1:3d:77:b8:fe:
ce:b1:7b:24:e0:85:bb:58:62:f7:79:29:ea:c9:30:c8:b7:40:
04:1e:e2:88:de:3e:7b:21:d2:11:3d:c6:a9:73:b3:e4:c2:80:
7f:a8:ee:b9:32:36:6d:ce:13:49:aa:ac:73:9e:7c:e5:29:78:
18:51:42:28:fe:2e:90:98:a6:06:20:fb:80:4b:dc:65:25:25:
f6:e6:7b:ec:87:f4:61:86:2c:d1:7f:ab:02:57:ce:10:80:e2:
0e:c8:84:4a:9f:04:28:52:4b:89:f4:38:c6:0e:62:e9:09:00:
d4:0f:06:99
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYMhTgNH+xBLC8eDBuqXHmrsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNTI4NDI5MDM0ZGNmYmEwMWY3ZmZmNWM3Y2M4ODU2ZDRk
MDZlMWIwHhcNMjIwOTA5MDgxMTQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjA1MzFhZmZmZmQ3MTk3MWIwNmEwMmRiNDcwZTg4MjJhY2FjNjc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiN72rS99tSJaK59HK7MqfytLpFqX
3vvR/Xjf9GH2Ysb1STPZiuF/PZu1VX7NYwk518DsCjz0HsA9xH7rDUBYP/MaQp5/
uKWMITz5cybHcW5Dr1VBETO6sZlzm6hEnCk6/DlJM7DyZzq2NyAFo/c1PhczZEk8
/b9GQKQxAeR1j6BgtaElIJXg178t+i2YXbQz2jRmb04EhBciBYOtYyTJam5WU1gd
bBw51t83eqYUAl4TcVmMyBnYck3iezD82rA8IM26IWEM0DzwNZ3LFjEaoxSIX6Vw
B+JE9fNVp8LJMHjYeVcdsgH+zbHu4D0nDUGbcSet0L+hxzlLeyqACKH3owIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPIFMa///XGXGwagLbRw6IIqysZ1MB8GA1UdIwQY
MBaAFB9ShCkDTc+6Aff/9cfMiFbU0G4bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDFLRUtRTk56N29COV9fMXg4eUlWdFRRYmhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC85NzNiYjUtMDY2MS00NTZjLTllMWUt
MjUzYmU5ZjZlZDNkLzEvOGdVeHJfXzljWmNiQnFBdHRIRG9naXJLeG5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC85NzNiYjUtMDY2MS00NTZjLTllMWUtMjUzYmU5ZjZlZDNk
LzEvSDFLRUtRTk56N29COV9fMXg4eUlWdFRRYmhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBwZYYMA8E
AgACMAkDBwAgAQZ8JKAwDQYJKoZIhvcNAQELBQADggEBAA1N59M+PSQ0dFgnLM7V
u6mholUui7E4zgXCHF1HXgYdOFiaJ4PhD7lAybb6p0RJZxpK88QHz8b70yRNSGBv
9XKiN83l0RGzDXff9kG4P/faQwul1dwwTM1Vlg0cdiYi8z84jwbyUE3QlUOGwNBb
sUqCQJZ8bEDuG3PcK527dSW8H8CjRc371dYEnXqxPXe4/s6xeyTghbtYYvd5KerJ
MMi3QAQe4ojePnsh0hE9xqlzs+TCgH+o7rkyNm3OE0mqrHOefOUpeBhRQij+LpCY
pgYg+4BL3GUlJfbme+yH9GGGLNF/qwJXzhCA4g7IhEqfBChSS4n0OMYOYukJANQP
Bpk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:13 2024 by rpki-client on console-ams.rpki-client.org