Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/hppdMajSDz3qynZ3mpzaDP4rRT0.roa
File: hppdMajSDz3qynZ3mpzaDP4rRT0.roa (raw, json)
Hash identifier: 2X5GT8mUF7QzRFjvKZgc0x8aJkX990ij7wGuo0papXM=
Subject key identifier: 86:9A:5D:31:A8:D2:0F:3D:EA:CA:76:77:9A:9C:DA:0C:FE:2B:45:3D
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 0185E32DF4AA1DF56CA552893D386F1ABDEA
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/hppdMajSDz3qynZ3mpzaDP4rRT0.roa
Signing time: Tue 24 Jan 2023 09:48:37 +0000
ROA not before: Tue 24 Jan 2023 09:48:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197942
IP address blocks: 193.234.81.0/24 maxlen: 24
194.103.18.0/24 maxlen: 24
193.183.188.0/24 maxlen: 24
193.234.198.0/24 maxlen: 24
193.180.160.0/23 maxlen: 23
192.36.180.0/24 maxlen: 24
194.71.64.0/22 maxlen: 22
194.71.68.0/22 maxlen: 22
194.14.218.0/24 maxlen: 24
194.71.72.0/21 maxlen: 24
194.71.81.0/24 maxlen: 24
194.71.80.0/24 maxlen: 24
194.71.82.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e3:2d:f4:aa:1d:f5:6c:a5:52:89:3d:38:6f:1a:bd:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 24 09:48:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=869a5d31a8d20f3deaca76779a9cda0cfe2b453d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:32:18:ae:3c:65:11:ea:77:e8:dd:a4:c1:8b:
00:0a:62:69:8f:e9:b8:88:56:6f:6d:9e:36:ea:7c:
92:ca:60:ad:f6:ae:d2:a9:6b:9f:39:8a:1e:39:24:
2d:14:5a:45:2d:b3:0c:bb:ce:13:b5:79:3a:d3:9a:
1e:19:b6:82:6e:9b:43:b2:47:2f:d4:a7:5d:1f:ad:
d9:8c:80:9d:cc:61:dc:2d:6f:c4:39:5c:4a:63:da:
27:46:90:be:89:0e:75:e4:98:20:11:99:49:b3:af:
fa:99:e6:0c:7d:58:a2:e5:5f:a1:4d:bc:c5:5d:fa:
48:90:9c:c8:36:c3:d0:d4:46:b5:c5:b7:ae:8a:7c:
54:be:22:fd:91:20:ef:3b:e1:17:b0:ba:9a:d1:98:
95:7a:8d:10:6f:fe:c8:12:2b:c0:b3:ef:10:54:40:
f5:f5:e1:84:88:7c:8a:a2:9d:c0:62:9b:7d:84:c1:
c9:62:84:1f:78:f6:8d:c7:43:b2:8d:e9:13:9a:c9:
9a:7b:ce:2b:d7:4f:19:97:05:24:d6:8b:90:0c:8c:
a2:d3:bf:64:22:9c:6a:59:c1:7d:7e:1a:dd:8d:26:
00:88:64:3b:40:7d:c7:8b:34:c0:bd:40:d5:d3:c7:
aa:ad:d8:b3:32:32:54:f5:59:1a:bb:70:8e:dd:db:
d7:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:9A:5D:31:A8:D2:0F:3D:EA:CA:76:77:9A:9C:DA:0C:FE:2B:45:3D
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/hppdMajSDz3qynZ3mpzaDP4rRT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.180.0/24
193.180.160.0/23
193.183.188.0/24
193.234.81.0/24
193.234.198.0/24
194.14.218.0/24
194.71.64.0-194.71.82.255
194.103.18.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:39:6b:34:4d:9a:c6:c7:86:e1:4a:fc:31:06:b5:b0:54:2d:
ed:cc:1c:b5:7a:9d:02:7e:e3:af:53:3e:e8:4b:67:1e:38:7e:
a6:18:95:90:69:c9:85:1a:85:44:05:88:90:28:14:37:09:f8:
18:57:1f:0e:1b:0f:25:a6:cb:60:15:67:43:d1:39:7a:bd:3b:
23:81:33:7c:95:51:20:e4:4c:4a:e6:63:bf:d0:36:4c:8e:75:
1a:18:ed:19:4a:4b:59:be:11:d9:fc:eb:31:20:57:bb:bf:eb:
9c:dc:8c:1a:fa:23:22:ad:85:8b:d6:d0:d4:97:60:46:9b:8b:
e2:ce:15:bf:9b:b0:d6:49:b7:3c:9d:51:e0:69:21:74:66:ca:
08:91:fd:f1:fc:35:1c:c5:d7:69:28:79:f2:54:2c:44:a3:b3:
88:e2:c4:dd:65:3d:fd:13:00:bd:5a:eb:1b:1f:f6:db:e0:73:
3a:12:f2:07:cf:cf:b1:51:8d:c5:c6:d6:fc:45:53:83:f1:28:
74:53:3f:34:95:48:6b:a9:04:f3:9b:9e:87:08:59:4a:e8:1c:
05:2b:fd:45:9f:05:fe:78:cf:de:96:3d:e0:77:f7:3f:06:b7:
fc:5c:f0:7d:5e:a2:ea:f6:21:f7:26:b4:8c:f2:a1:ee:8b:86:
d9:d6:c1:9e
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYXjLfSqHfVspVKJPThvGr3qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMwMTI0MDk0ODM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjlhNWQzMWE4ZDIwZjNkZWFjYTc2Nzc5YTljZGEwY2ZlMmI0NTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDIYrjxlEep36N2kwYsACmJpj+m4
iFZvbZ426nySymCt9q7SqWufOYoeOSQtFFpFLbMMu84TtXk605oeGbaCbptDskcv
1KddH63ZjICdzGHcLW/EOVxKY9onRpC+iQ515JggEZlJs6/6meYMfVii5V+hTbzF
XfpIkJzINsPQ1Ea1xbeuinxUviL9kSDvO+EXsLqa0ZiVeo0Qb/7IEivAs+8QVED1
9eGEiHyKop3AYpt9hMHJYoQfePaNx0OyjekTmsmae84r108ZlwUk1ouQDIyi079k
IpxqWcF9fhrdjSYAiGQ7QH3HizTAvUDV08eqrdizMjJU9Vkau3CO3dvXawIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFIaaXTGo0g896sp2d5qc2gz+K0U9MB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvaHBwZE1halNEejNxeW5aM21wemFEUDRyUlQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAwCS0AwQB
wbSgAwQAwbe8AwQAwepRAwQAwerGAwQAwg7aMAwDBAbCR0ADBADCR1IDBADCZxIw
DQYJKoZIhvcNAQELBQADggEBAKE5azRNmsbHhuFK/DEGtbBULe3MHLV6nQJ+469T
PuhLZx44fqYYlZBpyYUahUQFiJAoFDcJ+BhXHw4bDyWmy2AVZ0PROXq9OyOBM3yV
USDkTErmY7/QNkyOdRoY7RlKS1m+Edn86zEgV7u/65zcjBr6IyKthYvW0NSXYEab
i+LOFb+bsNZJtzydUeBpIXRmygiR/fH8NRzF12koefJULESjs4jixN1lPf0TAL1a
6xsf9tvgczoS8gfPz7FRjcXG1vxFU4PxKHRTPzSVSGupBPObnocIWUroHAUr/UWf
Bf54z96WPeB39z8Gt/xc8H1eour2IfcmtIzyoe6LhtnWwZ4=
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:58:24 2025 by rpki-client