Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/hDrhVGY2fP6-MXNZxa8-43heAa8.roa
File: hDrhVGY2fP6-MXNZxa8-43heAa8.roa (raw, json)
Hash identifier: vpcToudolfmthNGqFm40lskcy6ATnNMFPDKrmo+hfZc=
Subject key identifier: 84:3A:E1:54:66:36:7C:FE:BE:31:73:59:C5:AF:3E:E3:78:5E:01:AF
Certificate issuer: /CN=5753c06290a371994d7577318685f5bc4a538d47
Certificate serial: 0185719E85B3A242F504CAFD351235894F46
Authority key identifier: 57:53:C0:62:90:A3:71:99:4D:75:77:31:86:85:F5:BC:4A:53:8D:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V1PAYpCjcZlNdXcxhoX1vEpTjUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/hDrhVGY2fP6-MXNZxa8-43heAa8.roa
Signing time: Mon 02 Jan 2023 08:34:52 +0000
ROA not before: Mon 02 Jan 2023 08:34:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3352
IP address blocks: 193.148.144.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:9e:85:b3:a2:42:f5:04:ca:fd:35:12:35:89:4f:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5753c06290a371994d7577318685f5bc4a538d47
Validity
Not Before: Jan 2 08:34:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=843ae15466367cfebe317359c5af3ee3785e01af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:95:49:5e:77:ad:f0:45:01:82:e2:bc:f9:12:
94:d5:29:ea:6d:3e:37:ee:26:c2:44:fd:e4:41:1d:
44:95:b3:8b:a3:3c:1e:94:22:62:38:5d:2e:d3:9b:
0b:dc:6d:72:f4:ae:9b:1d:04:cb:fb:ef:f6:b0:d0:
dc:1a:9d:89:31:cc:28:0a:93:45:e3:04:27:d6:f1:
db:2f:80:9e:6f:4b:6d:c8:87:50:86:1f:89:17:88:
42:d2:0c:72:7f:c7:33:e3:ff:b2:74:b0:a3:02:2a:
9a:1b:4e:5b:7f:16:44:56:f6:21:a5:b7:49:28:2a:
90:d7:93:33:fb:6a:43:4f:cb:fe:5b:ac:eb:06:12:
15:ec:ae:58:a2:ba:67:28:53:55:d8:75:01:82:b5:
33:f1:b4:9e:b5:c8:b1:6f:20:4a:a9:32:fa:d0:82:
a5:44:70:53:e9:c2:b0:31:8a:f2:4b:e0:6e:b5:89:
8b:46:bc:9e:61:3f:85:b3:d1:98:d1:a0:3b:7c:04:
80:a7:8e:16:4f:89:30:12:a3:e4:7d:d1:46:cd:82:
65:42:93:b5:e8:e8:a4:73:37:7e:78:85:cc:fc:26:
6f:96:f9:45:eb:0b:4f:30:80:f5:9d:1b:9a:ca:01:
50:4f:b0:10:e3:73:6f:d1:13:66:fb:95:84:40:b4:
4d:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:3A:E1:54:66:36:7C:FE:BE:31:73:59:C5:AF:3E:E3:78:5E:01:AF
X509v3 Authority Key Identifier:
keyid:57:53:C0:62:90:A3:71:99:4D:75:77:31:86:85:F5:BC:4A:53:8D:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V1PAYpCjcZlNdXcxhoX1vEpTjUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/hDrhVGY2fP6-MXNZxa8-43heAa8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/V1PAYpCjcZlNdXcxhoX1vEpTjUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.148.144.0/20
Signature Algorithm: sha256WithRSAEncryption
90:32:79:3d:4d:ba:fa:06:a9:eb:88:df:d9:a7:af:0a:34:9e:
e2:bd:43:30:45:ea:2a:7b:66:7e:ee:8b:3d:cb:dd:ca:cc:79:
03:82:ca:2e:22:fd:bd:b3:94:ba:33:a6:a8:05:41:f5:a6:4d:
bd:8a:09:0e:e0:f3:9e:42:37:cb:57:90:ed:75:6d:fc:cc:8b:
0e:e3:3f:7d:5e:3b:6d:64:de:b1:35:7c:75:51:9b:ca:2c:d8:
f4:80:4c:11:76:f6:0e:26:bf:63:f5:76:92:87:b5:4c:74:5c:
c0:a9:bf:55:15:68:38:99:7a:ef:d8:ff:2d:8c:bd:b5:35:20:
cc:4d:b1:51:5d:7e:99:dc:ee:99:b5:98:bc:6b:01:5a:a9:8a:
01:73:3f:e4:4d:bb:d7:05:c1:cc:0a:25:53:a7:4c:90:ca:c7:
45:f0:2f:81:08:0f:ba:e4:8f:f9:2f:51:a0:62:03:80:1f:af:
5d:56:54:20:3e:48:19:09:d5:19:d3:55:84:d6:3b:84:2a:44:
8e:01:b3:e6:12:54:59:6b:f7:c4:71:e1:01:25:33:62:86:60:
a3:4e:13:ca:bd:e8:08:2b:80:57:bf:9c:07:cb:93:e3:c3:bd:
1c:95:c7:56:08:6d:ab:a2:e5:f1:48:0a:ec:56:b1:c7:12:83:
46:87:7e:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxnoWzokL1BMr9NRI1iU9GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NTNjMDYyOTBhMzcxOTk0ZDc1NzczMTg2ODVmNWJjNGE1
MzhkNDcwHhcNMjMwMTAyMDgzNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDNhZTE1NDY2MzY3Y2ZlYmUzMTczNTljNWFmM2VlMzc4NWUwMWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpVJXnet8EUBguK8+RKU1SnqbT43
7ibCRP3kQR1ElbOLozwelCJiOF0u05sL3G1y9K6bHQTL++/2sNDcGp2JMcwoCpNF
4wQn1vHbL4Ceb0ttyIdQhh+JF4hC0gxyf8cz4/+ydLCjAiqaG05bfxZEVvYhpbdJ
KCqQ15Mz+2pDT8v+W6zrBhIV7K5YorpnKFNV2HUBgrUz8bSetcixbyBKqTL60IKl
RHBT6cKwMYryS+ButYmLRryeYT+Fs9GY0aA7fASAp44WT4kwEqPkfdFGzYJlQpO1
6Oikczd+eIXM/CZvlvlF6wtPMID1nRuaygFQT7AQ43Nv0RNm+5WEQLRNjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIQ64VRmNnz+vjFzWcWvPuN4XgGvMB8GA1UdIwQY
MBaAFFdTwGKQo3GZTXV3MYaF9bxKU41HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjFQQVlwQ2pjWmxOZFhjeGhvWDF2RXBUalVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9iNDFhYjYtYjlmMy00YjRhLTliN2It
MWVkMTA5NTRiZDk2LzEvaERyaFZHWTJmUDYtTVhOWnhhOC00M2hlQWE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9iNDFhYjYtYjlmMy00YjRhLTliN2ItMWVkMTA5NTRiZDk2
LzEvVjFQQVlwQ2pjWmxOZFhjeGhvWDF2RXBUalVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEwZSQMA0G
CSqGSIb3DQEBCwUAA4IBAQCQMnk9Tbr6BqnriN/Zp68KNJ7ivUMwReoqe2Z+7os9
y93KzHkDgsouIv29s5S6M6aoBUH1pk29igkO4POeQjfLV5DtdW38zIsO4z99Xjtt
ZN6xNXx1UZvKLNj0gEwRdvYOJr9j9XaSh7VMdFzAqb9VFWg4mXrv2P8tjL21NSDM
TbFRXX6Z3O6ZtZi8awFaqYoBcz/kTbvXBcHMCiVTp0yQysdF8C+BCA+65I/5L1Gg
YgOAH69dVlQgPkgZCdUZ01WE1juEKkSOAbPmElRZa/fEceEBJTNihmCjThPKvegI
K4BXv5wHy5Pjw70clcdWCG2rouXxSArsVrHHEoNGh37F
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:26 2025 by rpki-client