Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/AQ9BaY5FH92TzEd2-_ZN17BEr28.roa
File: AQ9BaY5FH92TzEd2-_ZN17BEr28.roa (raw, json)
Hash identifier: H8J2ECollpn2GZc0JBNBLVD6kGsN4KEE9NmBoVpNndI=
Subject key identifier: 01:0F:41:69:8E:45:1F:DD:93:CC:47:76:FB:F6:4D:D7:B0:44:AF:6F
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 0186A72CDE92EAEBC92BFA5EDCDF70D901F4
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/AQ9BaY5FH92TzEd2-_ZN17BEr28.roa
Signing time: Fri 03 Mar 2023 11:13:00 +0000
ROA not before: Fri 03 Mar 2023 11:13:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197942
IP address blocks: 193.234.81.0/24 maxlen: 24
194.103.18.0/24 maxlen: 24
193.183.182.0/24 maxlen: 24
193.183.188.0/24 maxlen: 24
193.234.198.0/24 maxlen: 24
194.14.187.0/24 maxlen: 24
193.180.160.0/23 maxlen: 23
192.36.180.0/24 maxlen: 24
194.71.64.0/22 maxlen: 22
194.71.68.0/22 maxlen: 22
194.14.218.0/24 maxlen: 24
194.71.72.0/21 maxlen: 24
194.71.81.0/24 maxlen: 24
193.182.121.0/24 maxlen: 24
194.71.80.0/24 maxlen: 24
194.71.82.0/24 maxlen: 24
2a01:280:3a8::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a7:2c:de:92:ea:eb:c9:2b:fa:5e:dc:df:70:d9:01:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Mar 3 11:13:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=010f41698e451fdd93cc4776fbf64dd7b044af6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:10:38:7f:5a:5b:93:5c:63:a8:d3:19:15:5a:
f0:1f:b7:cd:ae:cf:c8:d3:85:2c:78:56:c6:d3:3e:
55:23:2c:74:cf:52:23:dd:01:d3:0d:f7:da:46:c0:
3e:01:ed:fd:39:47:a4:aa:8d:c0:51:a6:0d:50:45:
1f:41:fe:31:e4:50:d1:10:a3:d2:d3:6a:ed:fa:a7:
b5:1e:06:27:99:04:b5:d7:55:2a:07:ac:fc:fd:46:
57:22:2e:5e:e3:22:3d:ed:89:fc:f7:67:8d:6d:fe:
38:e8:15:d4:f5:42:b8:bc:53:27:fc:49:0f:b0:8b:
60:c5:8a:6d:92:ef:10:73:c0:1e:93:4a:46:e5:e2:
ab:41:cc:de:86:1c:47:15:63:e0:e8:e0:fc:1a:a0:
98:df:31:bc:4d:f9:34:0f:a2:8d:a5:ee:35:33:7f:
7f:73:28:91:3b:bd:bd:eb:2c:5f:54:1b:45:1e:ba:
08:0d:c8:c7:d8:34:a5:b3:41:95:e9:6c:8c:d5:73:
e8:9d:90:1f:ea:65:1c:1c:ed:c7:fa:76:19:b1:8b:
4a:57:67:65:e6:12:25:5d:3f:c4:d5:6a:af:0b:26:
e8:03:9c:34:3f:22:03:f2:2f:ab:51:9d:23:0f:c5:
55:36:08:8d:4d:23:07:bc:53:9d:0e:ea:9c:76:21:
70:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:0F:41:69:8E:45:1F:DD:93:CC:47:76:FB:F6:4D:D7:B0:44:AF:6F
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/AQ9BaY5FH92TzEd2-_ZN17BEr28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.180.0/24
193.180.160.0/23
193.182.121.0/24
193.183.182.0/24
193.183.188.0/24
193.234.81.0/24
193.234.198.0/24
194.14.187.0/24
194.14.218.0/24
194.71.64.0-194.71.82.255
194.103.18.0/24
IPv6:
2a01:280:3a8::/48
Signature Algorithm: sha256WithRSAEncryption
7e:d8:98:61:5c:cd:32:59:97:5b:b5:9d:d2:38:21:c2:d2:c9:
f6:eb:66:34:d7:96:2a:99:97:b3:42:cf:da:0c:20:c1:04:52:
6a:e3:fd:07:d7:50:55:7a:fc:92:ae:76:ad:41:c3:4f:b1:ea:
bd:d7:4d:f2:dc:f0:cf:f4:fa:ca:7f:96:2f:4f:b9:fc:6f:18:
bc:b3:24:48:21:ca:a8:b7:2c:4d:d8:a1:ee:bd:20:5a:d9:34:
af:28:ee:f4:69:fa:76:04:e9:58:e4:0b:12:be:4c:f3:6c:9e:
c0:a2:33:49:57:cf:37:ad:c7:29:33:74:f4:04:66:53:ba:e2:
59:79:27:50:01:91:fd:69:47:11:9b:da:ab:68:f6:d1:c0:1b:
09:e8:66:f2:db:b9:d6:40:43:47:75:f4:9f:68:e4:a1:50:ae:
fe:af:4f:fc:96:97:ad:b8:9d:3e:10:d3:4f:6c:ea:5c:05:36:
0a:58:79:c8:04:2a:37:01:cd:b1:86:1b:5f:72:d9:6d:bb:f8:
09:02:e3:4a:62:98:35:a0:62:bd:1c:45:2f:f8:18:92:a6:05:
af:ed:38:11:03:d9:88:ce:8f:63:21:28:d3:95:d5:e8:a4:cb:
0f:b2:19:e4:4a:6b:9f:84:f2:2b:d3:76:e1:60:69:a1:d9:15:
b4:7e:e0:07
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAYanLN6S6uvJK/pe3N9w2QH0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMwMzAzMTExMzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTBmNDE2OThlNDUxZmRkOTNjYzQ3NzZmYmY2NGRkN2IwNDRhZjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxA4f1pbk1xjqNMZFVrwH7fNrs/I
04UseFbG0z5VIyx0z1Ij3QHTDffaRsA+Ae39OUekqo3AUaYNUEUfQf4x5FDREKPS
02rt+qe1HgYnmQS111UqB6z8/UZXIi5e4yI97Yn892eNbf446BXU9UK4vFMn/EkP
sItgxYptku8Qc8Aek0pG5eKrQczehhxHFWPg6OD8GqCY3zG8Tfk0D6KNpe41M39/
cyiRO7296yxfVBtFHroIDcjH2DSls0GV6WyM1XPonZAf6mUcHO3H+nYZsYtKV2dl
5hIlXT/E1WqvCyboA5w0PyID8i+rUZ0jD8VVNgiNTSMHvFOdDuqcdiFwqQIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFAEPQWmORR/dk8xHdvv2TdewRK9vMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvQVE5QmFZNUZIOTJUekVkMi1fWk4xN0JFcjI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzBQBAIAATBKAwQAwCS0AwQB
wbSgAwQAwbZ5AwQAwbe2AwQAwbe8AwQAwepRAwQAwerGAwQAwg67AwQAwg7aMAwD
BAbCR0ADBADCR1IDBADCZxIwDwQCAAIwCQMHACoBAoADqDANBgkqhkiG9w0BAQsF
AAOCAQEAftiYYVzNMlmXW7Wd0jghwtLJ9utmNNeWKpmXs0LP2gwgwQRSauP9B9dQ
VXr8kq52rUHDT7HqvddN8tzwz/T6yn+WL0+5/G8YvLMkSCHKqLcsTdih7r0gWtk0
ryju9Gn6dgTpWOQLEr5M82yewKIzSVfPN63HKTN09ARmU7riWXknUAGR/WlHEZva
q2j20cAbCehm8tu51kBDR3X0n2jkoVCu/q9P/JaXrbidPhDTT2zqXAU2Clh5yAQq
NwHNsYYbX3LZbbv4CQLjSmKYNaBivRxFL/gYkqYFr+04EQPZiM6PYyEo05XV6KTL
D7IZ5Eprn4TyK9N24WBpodkVtH7gBw==
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:58:28 2025 by rpki-client