Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/c383cb-33ea-43cf-8e2e-14d07bd1889c/1/DHI4fe9k9iu18BYmafafrQeRITU.roa
File: DHI4fe9k9iu18BYmafafrQeRITU.roa (raw, json)
Hash identifier: g7Rbnn0bFcMWFAVf/Tm/AztzMQQq91LeH/ngI7z1hI4=
Subject key identifier: 0C:72:38:7D:EF:64:F6:2B:B5:F0:16:26:69:F6:9F:AD:07:91:21:35
Certificate issuer: /CN=07733fc63b8f1880e5c0af6b4643d1e32181d7a5
Certificate serial: 018573685F26CFE7962F76B87107FA52AC33
Authority key identifier: 07:73:3F:C6:3B:8F:18:80:E5:C0:AF:6B:46:43:D1:E3:21:81:D7:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B3M_xjuPGIDlwK9rRkPR4yGB16U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/c383cb-33ea-43cf-8e2e-14d07bd1889c/1/DHI4fe9k9iu18BYmafafrQeRITU.roa
Signing time: Mon 02 Jan 2023 16:54:58 +0000
ROA not before: Mon 02 Jan 2023 16:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28932
IP address blocks: 195.238.162.0/24 maxlen: 32
195.238.163.0/24 maxlen: 32
195.238.160.0/24 maxlen: 32
195.238.161.0/24 maxlen: 32
194.113.177.0/24 maxlen: 32
194.113.176.0/24 maxlen: 32
194.113.178.0/24 maxlen: 32
194.113.179.0/24 maxlen: 32
195.22.136.0/24 maxlen: 32
195.22.137.0/24 maxlen: 32
195.49.156.0/24 maxlen: 32
195.49.159.0/24 maxlen: 32
195.49.157.0/24 maxlen: 32
195.49.158.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:68:5f:26:cf:e7:96:2f:76:b8:71:07:fa:52:ac:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07733fc63b8f1880e5c0af6b4643d1e32181d7a5
Validity
Not Before: Jan 2 16:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c72387def64f62bb5f0162669f69fad07912135
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ad:5b:2a:64:a4:ea:d9:8e:68:46:f4:ab:06:
6d:67:86:b1:f8:71:7e:4c:de:11:63:5e:98:53:fc:
b9:30:01:e6:5b:a5:2b:59:74:33:89:f5:f7:96:52:
8d:bc:6f:9b:c4:d4:3c:a9:72:d8:20:bc:1e:f9:f9:
8f:e4:ae:f0:3a:d8:5a:33:de:51:2e:75:87:a4:83:
b7:84:bf:c2:5b:0c:0a:fe:05:94:bb:67:6a:89:e5:
0f:25:6b:58:38:de:d8:bf:c3:19:b5:09:e1:be:a6:
1e:b6:24:84:1c:2f:f9:26:ba:1c:c4:cb:ca:a7:f5:
cb:47:95:1e:3d:eb:83:19:42:35:e0:ed:a7:f4:cf:
b3:b6:ba:8e:48:d0:57:a8:ab:23:97:66:8b:3a:23:
ff:fc:58:6e:d0:f4:4c:a1:4c:2f:49:56:d7:d5:2a:
45:84:95:69:ce:ce:7f:a0:b0:47:2a:71:68:6f:dc:
f2:db:3e:fe:07:9a:52:12:f6:59:76:1d:81:f6:8e:
7e:01:fb:21:57:69:35:17:02:10:8b:9c:1d:2a:f1:
ee:99:18:f7:15:76:dc:15:c5:58:a5:e3:a6:e5:a7:
3d:8a:ce:a7:d6:5d:17:1b:ff:48:a5:d8:e4:80:15:
22:63:8a:ed:eb:13:cf:d8:b4:89:f8:6a:c0:1e:1e:
ab:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:72:38:7D:EF:64:F6:2B:B5:F0:16:26:69:F6:9F:AD:07:91:21:35
X509v3 Authority Key Identifier:
keyid:07:73:3F:C6:3B:8F:18:80:E5:C0:AF:6B:46:43:D1:E3:21:81:D7:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B3M_xjuPGIDlwK9rRkPR4yGB16U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/c383cb-33ea-43cf-8e2e-14d07bd1889c/1/DHI4fe9k9iu18BYmafafrQeRITU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/c383cb-33ea-43cf-8e2e-14d07bd1889c/1/B3M_xjuPGIDlwK9rRkPR4yGB16U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.113.176.0/22
195.22.136.0/23
195.49.156.0/22
195.238.160.0/22
Signature Algorithm: sha256WithRSAEncryption
54:d1:a7:86:be:c7:86:8e:b6:91:72:6d:10:8d:0c:f5:6c:5f:
96:d7:5c:a1:6b:d9:60:76:a5:c8:2d:2c:41:e2:66:9d:67:d0:
b4:c9:ed:a6:82:a4:84:7c:79:ea:1a:03:04:74:f4:43:99:0d:
20:85:4b:e0:75:9b:29:ac:6e:0d:e2:a2:06:8b:28:ac:ac:02:
42:f3:e7:13:11:07:46:36:f9:74:c9:3b:b3:72:f1:03:95:88:
a8:72:56:c6:15:08:c0:ff:d6:8c:18:50:00:c6:8a:4d:85:00:
80:33:94:b5:bb:a8:0f:a9:08:06:39:09:cb:4f:30:1e:33:35:
52:d8:66:a9:f3:29:be:97:a5:dc:0d:e7:1f:c8:a4:5b:ac:b5:
96:77:5c:7f:ea:26:5e:be:8a:6f:9b:0c:b6:f3:59:6c:de:7f:
b0:73:35:fc:0c:8b:1c:7f:38:4c:46:c5:ec:07:5d:42:b6:a9:
f6:97:3e:47:04:9a:81:e6:a0:fd:d0:05:4d:1c:d1:a9:12:5b:
a1:7a:e1:65:50:83:a4:81:e2:70:82:de:89:75:87:9a:76:22:
00:ce:11:c4:af:0a:12:9d:61:88:51:f6:41:43:eb:b8:25:58:
0d:15:d6:c1:b2:60:6d:7e:45:3e:45:f9:04:00:41:18:60:7c:
f7:cd:8c:3b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVzaF8mz+eWL3a4cQf6UqwzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3NzMzZmM2M2I4ZjE4ODBlNWMwYWY2YjQ2NDNkMWUzMjE4
MWQ3YTUwHhcNMjMwMTAyMTY1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzcyMzg3ZGVmNjRmNjJiYjVmMDE2MjY2OWY2OWZhZDA3OTEyMTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAra1bKmSk6tmOaEb0qwZtZ4ax+HF+
TN4RY16YU/y5MAHmW6UrWXQzifX3llKNvG+bxNQ8qXLYILwe+fmP5K7wOthaM95R
LnWHpIO3hL/CWwwK/gWUu2dqieUPJWtYON7Yv8MZtQnhvqYetiSEHC/5JrocxMvK
p/XLR5UePeuDGUI14O2n9M+ztrqOSNBXqKsjl2aLOiP//Fhu0PRMoUwvSVbX1SpF
hJVpzs5/oLBHKnFob9zy2z7+B5pSEvZZdh2B9o5+AfshV2k1FwIQi5wdKvHumRj3
FXbcFcVYpeOm5ac9is6n1l0XG/9IpdjkgBUiY4rt6xPP2LSJ+GrAHh6rywIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAxyOH3vZPYrtfAWJmn2n60HkSE1MB8GA1UdIwQY
MBaAFAdzP8Y7jxiA5cCva0ZD0eMhgdelMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjNNX3hqdVBHSURsd0s5clJrUFI0eUdCMTZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9jMzgzY2ItMzNlYS00M2NmLThlMmUt
MTRkMDdiZDE4ODljLzEvREhJNGZlOWs5aXUxOEJZbWFmYWZyUWVSSVRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9jMzgzY2ItMzNlYS00M2NmLThlMmUtMTRkMDdiZDE4ODlj
LzEvQjNNX3hqdVBHSURsd0s5clJrUFI0eUdCMTZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCwnGwAwQB
wxaIAwQCwzGcAwQCw+6gMA0GCSqGSIb3DQEBCwUAA4IBAQBU0aeGvseGjraRcm0Q
jQz1bF+W11yha9lgdqXILSxB4madZ9C0ye2mgqSEfHnqGgMEdPRDmQ0ghUvgdZsp
rG4N4qIGiyisrAJC8+cTEQdGNvl0yTuzcvEDlYioclbGFQjA/9aMGFAAxopNhQCA
M5S1u6gPqQgGOQnLTzAeMzVS2Gap8ym+l6XcDecfyKRbrLWWd1x/6iZevopvmwy2
81ls3n+wczX8DIscfzhMRsXsB11Ctqn2lz5HBJqB5qD90AVNHNGpEluheuFlUIOk
geJwgt6JdYeadiIAzhHErwoSnWGIUfZBQ+u4JVgNFdbBsmBtfkU+RfkEAEEYYHz3
zYw7
-----END CERTIFICATE-----
Generated at Sun Apr 13 12:18:12 2025 by rpki-client