Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/b2dbe0-04c5-41ba-ac62-3a53d0ef8b5a/1/HKbxGO2U3HchIPbG9QMM154qF4w.roa
File: HKbxGO2U3HchIPbG9QMM154qF4w.roa (raw, json)
Hash identifier: ENeIGE53L7VkeYJmPfhd9VbHYveY1RRCRI4mYEouEM0=
Subject key identifier: 1C:A6:F1:18:ED:94:DC:77:21:20:F6:C6:F5:03:0C:D7:9E:2A:17:8C
Certificate issuer: /CN=c8c2c7314593042cf74210f7f03be7106c224f89
Certificate serial: 018C68241C0D7A27697B85D6FF9F24657B4A
Authority key identifier: C8:C2:C7:31:45:93:04:2C:F7:42:10:F7:F0:3B:E7:10:6C:22:4F:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yMLHMUWTBCz3QhD38DvnEGwiT4k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/b2dbe0-04c5-41ba-ac62-3a53d0ef8b5a/1/HKbxGO2U3HchIPbG9QMM154qF4w.roa
Signing time: Thu 14 Dec 2023 11:44:06 +0000
ROA not before: Thu 14 Dec 2023 11:44:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212269
IP address blocks: 194.5.232.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:68:24:1c:0d:7a:27:69:7b:85:d6:ff:9f:24:65:7b:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8c2c7314593042cf74210f7f03be7106c224f89
Validity
Not Before: Dec 14 11:44:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1ca6f118ed94dc772120f6c6f5030cd79e2a178c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:26:54:99:cd:8b:be:49:79:81:36:6f:a2:54:
81:ac:4e:56:70:b4:ef:8f:2c:fb:f3:0e:7f:24:49:
53:fd:d9:91:20:2b:fb:40:7a:36:68:67:95:99:78:
99:8f:88:de:e5:3d:0a:14:1d:a3:84:3b:d6:0e:aa:
73:05:4f:4a:d4:6e:18:ff:72:fb:e3:29:f2:9a:ff:
49:b9:af:b7:32:94:f1:34:43:b6:43:8a:84:87:e4:
cf:6e:5e:d7:e9:89:6c:25:a6:f6:88:99:73:a7:1c:
dc:4b:16:0e:27:d9:76:95:ed:74:2e:0a:01:fd:5f:
64:96:6a:65:a0:e6:d2:48:f9:b1:5d:3d:4c:3c:66:
53:df:ae:43:8c:2d:f4:69:52:75:0c:67:e9:60:58:
9f:1a:a3:4f:e7:0a:6c:ce:6c:10:d0:51:9d:e6:8f:
67:eb:74:c8:e7:56:3e:bd:f1:63:f2:1b:f2:d7:87:
8a:43:7c:dd:af:14:65:c5:e2:ba:83:83:0f:33:b3:
5c:b9:99:75:6a:0e:93:40:b0:81:4d:a3:ed:81:be:
17:a5:bf:c4:db:55:80:55:0b:a7:a4:19:30:79:2d:
e4:68:89:e1:c0:7d:35:c8:b4:ce:ca:c1:4d:6f:36:
d4:1c:ac:d1:ef:88:61:17:e9:52:ad:0d:c2:e1:46:
56:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:A6:F1:18:ED:94:DC:77:21:20:F6:C6:F5:03:0C:D7:9E:2A:17:8C
X509v3 Authority Key Identifier:
keyid:C8:C2:C7:31:45:93:04:2C:F7:42:10:F7:F0:3B:E7:10:6C:22:4F:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yMLHMUWTBCz3QhD38DvnEGwiT4k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/b2dbe0-04c5-41ba-ac62-3a53d0ef8b5a/1/HKbxGO2U3HchIPbG9QMM154qF4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/b2dbe0-04c5-41ba-ac62-3a53d0ef8b5a/1/yMLHMUWTBCz3QhD38DvnEGwiT4k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.5.232.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:d6:40:ba:8d:b0:7d:bd:22:09:2c:91:2e:0e:72:53:4f:05:
d6:69:6a:a6:1a:e6:56:c3:4f:2a:82:f7:bf:ac:f7:d3:e3:b7:
c0:7e:7a:30:db:1a:73:af:8c:48:ec:df:05:cc:99:5c:70:1c:
52:25:3b:57:dc:1e:a1:93:82:2a:62:31:74:9c:ed:9c:6c:b9:
e9:fe:35:a0:14:3a:03:f7:80:b9:3f:41:04:36:e4:4a:01:d1:
89:49:bc:b8:14:55:72:a9:5f:9c:83:64:57:52:d0:6e:6e:6f:
01:01:5e:c4:f6:e2:68:b4:90:11:6b:f6:71:0e:a3:99:d7:6e:
39:94:e7:36:1e:72:2e:db:be:74:a8:8c:53:c1:33:fb:db:96:
36:44:a4:c3:d3:06:3f:49:be:32:7b:b4:05:a1:ab:a3:2e:95:
7e:0b:ec:3f:51:36:7c:7a:c2:da:aa:e4:26:24:b1:53:85:0b:
e7:f0:bc:0c:73:5c:cc:3b:91:c4:d7:2d:66:5c:c7:93:18:bd:
a0:f2:79:9d:9d:28:0e:18:12:b0:61:3a:08:fb:70:f9:24:4a:
2c:f3:dd:09:8d:a0:a9:87:44:9c:f0:1f:9b:af:42:06:20:d3:
95:ac:b9:48:0f:b4:87:51:b6:e9:f0:a4:89:8e:3a:45:99:7f:
0e:87:ec:aa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxoJBwNeidpe4XW/58kZXtKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4YzJjNzMxNDU5MzA0MmNmNzQyMTBmN2YwM2JlNzEwNmMy
MjRmODkwHhcNMjMxMjE0MTE0NDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2E2ZjExOGVkOTRkYzc3MjEyMGY2YzZmNTAzMGNkNzllMmExNzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSZUmc2Lvkl5gTZvolSBrE5WcLTv
jyz78w5/JElT/dmRICv7QHo2aGeVmXiZj4je5T0KFB2jhDvWDqpzBU9K1G4Y/3L7
4ynymv9Jua+3MpTxNEO2Q4qEh+TPbl7X6YlsJab2iJlzpxzcSxYOJ9l2le10LgoB
/V9klmploObSSPmxXT1MPGZT365DjC30aVJ1DGfpYFifGqNP5wpszmwQ0FGd5o9n
63TI51Y+vfFj8hvy14eKQ3zdrxRlxeK6g4MPM7NcuZl1ag6TQLCBTaPtgb4Xpb/E
21WAVQunpBkweS3kaInhwH01yLTOysFNbzbUHKzR74hhF+lSrQ3C4UZWMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBym8RjtlNx3ISD2xvUDDNeeKheMMB8GA1UdIwQY
MBaAFMjCxzFFkwQs90IQ9/A75xBsIk+JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU1MSE1VV1RCQ3ozUWhEMzhEdm5FR3dpVDRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9iMmRiZTAtMDRjNS00MWJhLWFjNjIt
M2E1M2QwZWY4YjVhLzEvSEtieEdPMlUzSGNoSVBiRzlRTU0xNTRxRjR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9iMmRiZTAtMDRjNS00MWJhLWFjNjItM2E1M2QwZWY4YjVh
LzEveU1MSE1VV1RCQ3ozUWhEMzhEdm5FR3dpVDRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgXoMA0G
CSqGSIb3DQEBCwUAA4IBAQC91kC6jbB9vSIJLJEuDnJTTwXWaWqmGuZWw08qgve/
rPfT47fAfnow2xpzr4xI7N8FzJlccBxSJTtX3B6hk4IqYjF0nO2cbLnp/jWgFDoD
94C5P0EENuRKAdGJSby4FFVyqV+cg2RXUtBubm8BAV7E9uJotJARa/ZxDqOZ1245
lOc2HnIu2750qIxTwTP725Y2RKTD0wY/Sb4ye7QFoaujLpV+C+w/UTZ8esLaquQm
JLFThQvn8LwMc1zMO5HE1y1mXMeTGL2g8nmdnSgOGBKwYToI+3D5JEos890JjaCp
h0Sc8B+br0IGINOVrLlID7SHUbbp8KSJjjpFmX8Oh+yq
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:59:32 2025 by rpki-client