Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/hNPbjpAsdXdYcY82CRy21O4rOVM.roa
File: hNPbjpAsdXdYcY82CRy21O4rOVM.roa (raw, json)
Hash identifier: WpWybs0njpyS/akoa+9W/MlO+2AveelQ5c+vhSqTvtk=
Subject key identifier: 84:D3:DB:8E:90:2C:75:77:58:71:8F:36:09:1C:B6:D4:EE:2B:39:53
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01856CCACFAD9A4817D75E691C4C012DE975
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/hNPbjpAsdXdYcY82CRy21O4rOVM.roa
Signing time: Sun 01 Jan 2023 10:05:08 +0000
ROA not before: Sun 01 Jan 2023 10:05:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3399
IP address blocks: 194.71.217.0/24 maxlen: 24
194.71.216.0/23 maxlen: 23
194.71.216.0/24 maxlen: 24
192.165.178.0/23 maxlen: 23
194.132.9.0/24 maxlen: 24
194.68.220.0/23 maxlen: 23
193.180.23.0/24 maxlen: 24
192.36.22.0/24 maxlen: 24
193.183.116.0/24 maxlen: 24
193.180.164.0/23 maxlen: 23
194.68.170.0/23 maxlen: 23
194.68.170.0/24 maxlen: 24
194.68.171.0/24 maxlen: 24
193.182.111.0/24 maxlen: 24
192.36.208.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:cf:ad:9a:48:17:d7:5e:69:1c:4c:01:2d:e9:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 10:05:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=84d3db8e902c757758718f36091cb6d4ee2b3953
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:34:f6:42:67:99:e1:03:f5:ad:fc:c7:ac:cd:
b9:4a:da:c0:b4:1f:a0:31:4e:db:db:15:be:da:74:
8a:f5:9e:de:76:ed:5d:3e:3f:a2:25:90:74:c7:34:
71:c3:f4:44:8e:30:30:8a:5d:98:32:91:4c:5c:b4:
24:d2:2e:33:8b:3b:9d:23:40:e6:60:5f:a5:24:74:
64:02:d9:4e:f2:ef:38:17:f0:56:4f:56:44:ea:03:
4e:22:91:44:9a:e5:99:74:b3:f2:12:cf:74:c1:0e:
b6:b8:c0:a7:b9:5c:0a:cd:92:5d:2b:39:67:f0:b0:
f1:4d:38:e0:ea:6a:d0:84:88:57:26:f2:a0:62:06:
36:f7:e2:cf:1a:9c:1b:b0:4b:e3:62:e0:1c:54:4f:
3b:7d:52:de:88:d2:c2:e5:db:23:38:b3:86:8b:cd:
f9:b2:20:97:54:e6:87:0d:b6:bb:bf:18:06:83:d8:
28:f6:d7:05:f0:6f:0c:7d:25:5a:ed:54:2e:37:bd:
86:65:35:6f:a6:4c:0b:45:23:95:38:f1:f4:06:b1:
cc:27:4a:c9:20:58:92:0a:aa:b5:82:b6:be:ab:13:
05:af:91:1e:0f:4d:35:e2:45:0a:5c:82:09:35:ad:
66:cc:20:0a:99:36:98:d9:0a:d6:61:51:1c:70:51:
cb:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:D3:DB:8E:90:2C:75:77:58:71:8F:36:09:1C:B6:D4:EE:2B:39:53
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/hNPbjpAsdXdYcY82CRy21O4rOVM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.22.0/24
192.36.208.0/24
192.165.178.0/23
193.180.23.0/24
193.180.164.0/23
193.182.111.0/24
193.183.116.0/24
194.68.170.0/23
194.68.220.0/23
194.71.216.0/23
194.132.9.0/24
Signature Algorithm: sha256WithRSAEncryption
23:60:58:9b:bd:f0:ce:97:fb:b5:b5:f6:a8:68:4b:76:f8:83:
93:25:7d:70:b3:e9:16:f4:86:2e:3e:3a:58:47:d6:0c:f7:ba:
17:20:91:44:a6:8b:20:72:73:8b:9b:24:5c:7a:56:15:ae:43:
25:47:79:18:68:4d:0e:e6:65:f9:e9:b2:2b:ee:d2:70:41:c8:
87:b9:28:6c:4c:6e:04:69:5f:90:bf:b1:93:f6:db:83:12:09:
b2:9d:12:fc:11:c6:05:04:44:df:96:6a:bc:95:8d:5f:d1:c3:
62:cf:10:b3:01:eb:45:b9:bf:55:b2:54:b3:9b:dd:f2:41:24:
86:15:78:67:87:8d:42:10:12:b8:51:04:a1:2c:1e:f1:6a:ec:
96:e8:a5:82:b2:f6:37:58:8c:fa:65:71:0a:31:bb:0d:ad:bf:
a0:31:92:cc:7f:46:fd:d8:f0:09:ea:81:c1:97:de:0d:22:7b:
b2:a7:35:ac:44:7a:1d:dd:85:f5:a8:a9:ad:cf:66:f8:81:a5:
73:11:e8:78:9c:56:f8:5e:92:74:7e:9e:de:e7:d3:78:b3:d9:
e9:b0:46:7a:e6:77:84:ec:e4:c6:59:5e:82:9f:1d:9c:66:05:
57:8d:c1:95:88:00:42:96:0f:db:d4:6e:2a:e2:6b:d0:06:4f:
2d:c8:70:80
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYVsys+tmkgX115pHEwBLel1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMwMTAxMTAwNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGQzZGI4ZTkwMmM3NTc3NTg3MThmMzYwOTFjYjZkNGVlMmIzOTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7TT2QmeZ4QP1rfzHrM25StrAtB+g
MU7b2xW+2nSK9Z7edu1dPj+iJZB0xzRxw/REjjAwil2YMpFMXLQk0i4zizudI0Dm
YF+lJHRkAtlO8u84F/BWT1ZE6gNOIpFEmuWZdLPyEs90wQ62uMCnuVwKzZJdKzln
8LDxTTjg6mrQhIhXJvKgYgY29+LPGpwbsEvjYuAcVE87fVLeiNLC5dsjOLOGi835
siCXVOaHDba7vxgGg9go9tcF8G8MfSVa7VQuN72GZTVvpkwLRSOVOPH0BrHMJ0rJ
IFiSCqq1gra+qxMFr5EeD0014kUKXIIJNa1mzCAKmTaY2QrWYVEccFHLdwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFITT246QLHV3WHGPNgkcttTuKzlTMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvaE5QYmpwQXNkWGRZY1k4MkNSeTIxTzRyT1ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAwCQWAwQA
wCTQAwQBwKWyAwQAwbQXAwQBwbSkAwQAwbZvAwQAwbd0AwQBwkSqAwQBwkTcAwQB
wkfYAwQAwoQJMA0GCSqGSIb3DQEBCwUAA4IBAQAjYFibvfDOl/u1tfaoaEt2+IOT
JX1ws+kW9IYuPjpYR9YM97oXIJFEposgcnOLmyRcelYVrkMlR3kYaE0O5mX56bIr
7tJwQciHuShsTG4EaV+Qv7GT9tuDEgmynRL8EcYFBETflmq8lY1f0cNizxCzAetF
ub9VslSzm93yQSSGFXhnh41CEBK4UQShLB7xauyW6KWCsvY3WIz6ZXEKMbsNrb+g
MZLMf0b92PAJ6oHBl94NInuypzWsRHod3YX1qKmtz2b4gaVzEeh4nFb4XpJ0fp7e
59N4s9npsEZ65neE7OTGWV6Cnx2cZgVXjcGViABClg/b1G4q4mvQBk8tyHCA
-----END CERTIFICATE-----
Generated at Sat Apr 19 06:05:34 2025 by rpki-client