Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/HpIh6Iv3zNEDRciZc6Rx3_UHdRo.roa
File: HpIh6Iv3zNEDRciZc6Rx3_UHdRo.roa (raw, json)
Hash identifier: h3o8BWEdQU+yigEYLIY5ZKKxHK0B+2BLa/YImupuaOo=
Subject key identifier: 1E:92:21:E8:8B:F7:CC:D1:03:45:C8:99:73:A4:71:DF:F5:07:75:1A
Certificate issuer: /CN=0c5140282591f9912f9639ee1412b6d1dcff0861
Certificate serial: 0188436C20B642C469BFFB50F8C7BC1FCFDE
Authority key identifier: 0C:51:40:28:25:91:F9:91:2F:96:39:EE:14:12:B6:D1:DC:FF:08:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DFFAKCWR-ZEvljnuFBK20dz_CGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/HpIh6Iv3zNEDRciZc6Rx3_UHdRo.roa
Signing time: Mon 22 May 2023 12:25:39 +0000
ROA not before: Mon 22 May 2023 12:25:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49571
IP address blocks: 188.72.23.0/24 maxlen: 24
188.72.20.0/24 maxlen: 24
188.72.29.0/24 maxlen: 24
185.72.254.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:43:6c:20:b6:42:c4:69:bf:fb:50:f8:c7:bc:1f:cf:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c5140282591f9912f9639ee1412b6d1dcff0861
Validity
Not Before: May 22 12:25:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e9221e88bf7ccd10345c89973a471dff507751a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:0f:48:b9:e3:09:1a:c8:c7:ce:a9:12:54:e5:
4f:c0:79:f1:ba:c0:46:a8:00:bf:ef:11:71:fd:3a:
5c:b1:ec:8a:a0:c4:73:99:32:6a:2c:cd:f3:2a:64:
97:c7:3b:9f:1f:32:5d:1c:87:d5:74:c7:bf:2e:a0:
d9:e5:f4:41:87:e6:82:4d:ac:1e:45:77:e9:e5:73:
49:27:fe:63:5e:9d:e6:da:b1:62:aa:b5:61:0c:98:
1a:ba:5c:a0:c3:8e:ab:c8:c2:66:aa:2b:39:2e:14:
bb:f4:42:bb:6c:fe:c6:e2:74:ca:57:7e:53:ef:46:
55:0c:44:38:e2:1b:f8:4f:89:5a:0f:56:e2:b0:27:
3f:bc:c1:1e:22:d4:54:af:31:78:a7:e8:67:0f:6d:
ae:49:a5:41:1d:ea:95:89:bd:ba:4d:0e:29:09:19:
3b:74:a0:a5:2e:28:7e:f9:6e:02:16:f2:62:ae:92:
59:31:f6:12:3e:cb:0d:80:94:42:43:fa:84:0d:c3:
88:a9:2e:d9:ab:6b:7b:30:8f:22:d2:5b:c0:ca:e2:
1e:4a:ca:f4:eb:39:2c:b2:f2:64:d0:c4:6f:a3:07:
86:54:78:ec:85:2a:a3:b4:21:8e:fe:db:41:26:bc:
c3:23:6f:c3:4d:89:c9:d2:16:af:a1:ef:79:01:d5:
86:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:92:21:E8:8B:F7:CC:D1:03:45:C8:99:73:A4:71:DF:F5:07:75:1A
X509v3 Authority Key Identifier:
keyid:0C:51:40:28:25:91:F9:91:2F:96:39:EE:14:12:B6:D1:DC:FF:08:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DFFAKCWR-ZEvljnuFBK20dz_CGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/HpIh6Iv3zNEDRciZc6Rx3_UHdRo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/DFFAKCWR-ZEvljnuFBK20dz_CGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.254.0/24
188.72.20.0/24
188.72.23.0/24
188.72.29.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:cf:0e:5d:01:e1:33:cf:59:fe:b9:3b:5d:d0:63:95:2e:6b:
9b:a4:ae:1b:95:a0:8b:4f:7e:c3:7e:da:44:de:b7:5d:fb:ad:
86:15:f4:67:15:0c:bc:8f:06:69:37:f6:c0:b5:aa:2b:f2:e4:
b8:10:9f:a4:0a:32:b2:ed:30:eb:59:a9:b6:74:c3:f0:f7:cf:
82:14:52:33:30:e0:95:41:bf:9a:da:6a:2a:a2:16:05:24:fd:
00:33:3d:0b:12:d6:b4:55:db:0a:62:81:1f:4c:00:73:32:f7:
58:a8:03:e1:4e:92:ab:a9:05:23:31:94:47:aa:0d:58:69:81:
a5:92:9e:8f:b0:d8:55:7a:13:ec:90:bc:64:a5:5e:51:1f:f3:
ba:cd:05:df:13:1f:f3:64:95:2d:5c:13:00:ea:e0:be:16:99:
d9:f9:25:b2:4f:ba:70:0a:02:76:7a:55:a2:2e:53:23:a7:84:
1b:1a:48:1b:64:9b:f5:5d:36:d5:75:67:93:22:01:78:54:34:
1c:80:d6:e2:fd:9e:f1:8a:14:5a:ca:ad:67:1a:c3:40:a0:e7:
45:a7:74:1b:d3:9e:46:d8:3a:24:d5:6e:02:87:ca:70:3b:75:
10:98:f5:e9:f6:71:f2:eb:18:81:3c:7d:94:e6:13:33:f3:ee:
0a:09:ee:48
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYhDbCC2QsRpv/tQ+Me8H8/eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNTE0MDI4MjU5MWY5OTEyZjk2MzllZTE0MTJiNmQxZGNm
ZjA4NjEwHhcNMjMwNTIyMTIyNTM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTkyMjFlODhiZjdjY2QxMDM0NWM4OTk3M2E0NzFkZmY1MDc3NTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxw9IueMJGsjHzqkSVOVPwHnxusBG
qAC/7xFx/TpcseyKoMRzmTJqLM3zKmSXxzufHzJdHIfVdMe/LqDZ5fRBh+aCTawe
RXfp5XNJJ/5jXp3m2rFiqrVhDJgaulygw46ryMJmqis5LhS79EK7bP7G4nTKV35T
70ZVDEQ44hv4T4laD1bisCc/vMEeItRUrzF4p+hnD22uSaVBHeqVib26TQ4pCRk7
dKClLih++W4CFvJirpJZMfYSPssNgJRCQ/qEDcOIqS7Zq2t7MI8i0lvAyuIeSsr0
6zkssvJk0MRvoweGVHjshSqjtCGO/ttBJrzDI2/DTYnJ0havoe95AdWGDwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFB6SIeiL98zRA0XImXOkcd/1B3UaMB8GA1UdIwQY
MBaAFAxRQCglkfmRL5Y57hQSttHc/whhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREZGQUtDV1ItWkV2bGpudUZCSzIwZHpfQ0dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8wNTU0YTItZDNkOS00ZmM0LThlZDUt
ZGU5MTQ2OWQzNzcyLzEvSHBJaDZJdjN6TkVEUmNpWmM2UngzX1VIZFJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8wNTU0YTItZDNkOS00ZmM0LThlZDUtZGU5MTQ2OWQzNzcy
LzEvREZGQUtDV1ItWkV2bGpudUZCSzIwZHpfQ0dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuUj+AwQA
vEgUAwQAvEgXAwQAvEgdMA0GCSqGSIb3DQEBCwUAA4IBAQCmzw5dAeEzz1n+uTtd
0GOVLmubpK4blaCLT37DftpE3rdd+62GFfRnFQy8jwZpN/bAtaor8uS4EJ+kCjKy
7TDrWam2dMPw98+CFFIzMOCVQb+a2moqohYFJP0AMz0LEta0VdsKYoEfTABzMvdY
qAPhTpKrqQUjMZRHqg1YaYGlkp6PsNhVehPskLxkpV5RH/O6zQXfEx/zZJUtXBMA
6uC+FpnZ+SWyT7pwCgJ2elWiLlMjp4QbGkgbZJv1XTbVdWeTIgF4VDQcgNbi/Z7x
ihRayq1nGsNAoOdFp3Qb055G2Dok1W4Ch8pwO3UQmPXp9nHy6xiBPH2U5hMz8+4K
Ce5I
-----END CERTIFICATE-----
Generated at Sat Apr 19 18:36:56 2025 by rpki-client