Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/4hCU90RyjvLanNC3binXJQgy6Mc.roa
File: 4hCU90RyjvLanNC3binXJQgy6Mc.roa (raw, json)
Hash identifier: VkeJkhUKWDdZnfjhVWq1kiDdvjKa7KGbP6HhSvKJUvw=
Subject key identifier: E2:10:94:F7:44:72:8E:F2:DA:9C:D0:B7:6E:29:D7:25:08:32:E8:C7
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018A6A9045A7C54181C62F8C190683D8230E
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/4hCU90RyjvLanNC3binXJQgy6Mc.roa
Signing time: Wed 06 Sep 2023 12:55:54 +0000
ROA not before: Wed 06 Sep 2023 12:55:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1299
IP address blocks: 193.234.82.0/24 maxlen: 24
193.182.245.0/24 maxlen: 24
193.180.119.0/24 maxlen: 24
194.71.221.0/24 maxlen: 24
193.234.18.0/24 maxlen: 24
193.235.104.0/24 maxlen: 24
193.235.106.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6a:90:45:a7:c5:41:81:c6:2f:8c:19:06:83:d8:23:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Sep 6 12:55:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e21094f744728ef2da9cd0b76e29d7250832e8c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:0c:6f:ba:69:8c:51:b7:14:42:2e:d2:38:f5:
dc:99:74:68:55:78:2b:3a:9d:80:77:5c:ee:83:6d:
5c:1c:6e:e8:8a:32:76:16:05:03:b7:04:91:ca:d9:
bd:e2:99:cd:94:49:53:98:00:18:cb:b8:bf:09:eb:
d4:8f:f1:b8:e6:e6:29:40:50:bc:bb:7a:f9:1b:e2:
02:cb:94:4a:40:e7:c5:c8:a1:17:b3:36:28:6e:2b:
e8:b4:11:00:01:05:70:8f:d8:1c:46:a8:f0:1e:1f:
dd:fe:74:83:ec:e4:41:15:fb:c3:81:70:e0:f3:8a:
42:00:e3:d9:b3:65:24:3b:aa:03:93:90:6c:de:ab:
c5:ae:22:14:75:5f:e4:ea:4d:b8:3e:85:32:40:c8:
c3:3d:37:2b:4b:f9:b3:d4:e3:ee:d5:0a:57:97:ae:
e2:b1:b3:86:ef:d5:c6:cb:97:19:2a:2b:14:9d:6e:
53:fe:60:c6:60:67:47:60:e0:a2:06:f5:86:0a:86:
36:95:f8:12:8c:c2:d3:55:3b:a1:72:7e:5c:c0:0f:
66:5b:c7:2c:27:4c:8b:99:55:e0:ca:0a:04:db:ef:
14:ef:1f:e3:b7:3e:f2:21:0f:68:64:57:e3:3e:fb:
2f:2a:ef:d7:45:5b:f5:db:6a:f8:fa:ad:b8:2b:ff:
20:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:10:94:F7:44:72:8E:F2:DA:9C:D0:B7:6E:29:D7:25:08:32:E8:C7
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/4hCU90RyjvLanNC3binXJQgy6Mc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.180.119.0/24
193.182.245.0/24
193.234.18.0/24
193.234.82.0/24
193.235.104.0/24
193.235.106.0/24
194.71.221.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:a7:d9:5c:05:75:30:ca:a5:f6:ee:38:c3:16:5a:89:46:32:
bd:16:ae:17:f9:77:78:41:bf:0e:8c:49:ec:1c:54:1e:bc:f5:
81:d6:f9:af:9e:05:68:b7:e3:f6:e9:7b:e4:9c:5a:90:78:79:
f6:5f:99:08:d6:5d:1a:0a:28:58:31:04:fd:66:0a:a2:f4:c3:
fb:a1:b3:45:df:04:9a:40:ce:d9:bc:ee:d7:c2:07:e8:fd:d1:
2b:01:0f:96:ae:56:ee:9c:e1:03:ed:63:27:31:a3:a7:65:99:
2d:6b:a1:f4:d9:94:82:9e:05:34:fd:d8:b2:65:ff:2a:39:bd:
1d:ea:b7:c4:93:f8:7b:09:1f:01:e9:86:7d:67:08:02:42:46:
de:d5:9f:d1:e5:a4:f3:1c:c7:b3:75:9b:ec:ef:b3:25:2b:4b:
9d:a3:7b:62:f9:cf:db:eb:fc:3c:17:8c:d8:8a:7c:f4:df:ab:
f5:a9:73:3b:a8:e2:95:83:7f:98:7f:0a:71:0d:e7:c8:10:43:
ca:df:78:c7:0d:aa:f1:dc:8f:77:76:de:15:ae:47:bd:43:9c:
de:d8:a4:b2:4a:ec:41:68:08:ed:f9:f6:0c:9f:6f:5f:d8:0c:
30:9f:1f:7e:b1:0b:f7:fd:21:02:b7:d3:a0:5d:ca:14:39:45:
8f:cb:d1:13
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYpqkEWnxUGBxi+MGQaD2CMOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMwOTA2MTI1NTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjEwOTRmNzQ0NzI4ZWYyZGE5Y2QwYjc2ZTI5ZDcyNTA4MzJlOGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjAxvummMUbcUQi7SOPXcmXRoVXgr
Op2Ad1zug21cHG7oijJ2FgUDtwSRytm94pnNlElTmAAYy7i/CevUj/G45uYpQFC8
u3r5G+ICy5RKQOfFyKEXszYobivotBEAAQVwj9gcRqjwHh/d/nSD7ORBFfvDgXDg
84pCAOPZs2UkO6oDk5Bs3qvFriIUdV/k6k24PoUyQMjDPTcrS/mz1OPu1QpXl67i
sbOG79XGy5cZKisUnW5T/mDGYGdHYOCiBvWGCoY2lfgSjMLTVTuhcn5cwA9mW8cs
J0yLmVXgygoE2+8U7x/jtz7yIQ9oZFfjPvsvKu/XRVv122r4+q24K/8gmQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFOIQlPdEco7y2pzQt24p1yUIMujHMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvNGhDVTkwUnlqdkxhbk5DM2JpblhKUWd5Nk1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAwbR3AwQA
wbb1AwQAweoSAwQAwepSAwQAwetoAwQAwetqAwQAwkfdMA0GCSqGSIb3DQEBCwUA
A4IBAQCxp9lcBXUwyqX27jjDFlqJRjK9Fq4X+Xd4Qb8OjEnsHFQevPWB1vmvngVo
t+P26XvknFqQeHn2X5kI1l0aCihYMQT9Zgqi9MP7obNF3wSaQM7ZvO7Xwgfo/dEr
AQ+WrlbunOED7WMnMaOnZZkta6H02ZSCngU0/diyZf8qOb0d6rfEk/h7CR8B6YZ9
ZwgCQkbe1Z/R5aTzHMezdZvs77MlK0udo3ti+c/b6/w8F4zYinz036v1qXM7qOKV
g3+YfwpxDefIEEPK33jHDarx3I93dt4Vrke9Q5ze2KSySuxBaAjt+fYMn29f2Aww
nx9+sQv3/SECt9OgXcoUOUWPy9ET
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:00:53 2025 by rpki-client