Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/H9W1xnBkaufbsAYkg_yk48CIetY.roa
File: H9W1xnBkaufbsAYkg_yk48CIetY.roa (raw, json)
Hash identifier: VjYFyfMmKouc4JQV6My+wK4BrKdics2iRWYuibaSBio=
Subject key identifier: 1F:D5:B5:C6:70:64:6A:E7:DB:B0:06:24:83:FC:A4:E3:C0:88:7A:D6
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018924A970B9D05449EBB890FE309CB52D05
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/H9W1xnBkaufbsAYkg_yk48CIetY.roa
Signing time: Wed 05 Jul 2023 06:07:11 +0000
ROA not before: Wed 05 Jul 2023 06:07:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 193.23.129.0/24 maxlen: 24
193.23.128.0/24 maxlen: 24
91.188.205.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:24:a9:70:b9:d0:54:49:eb:b8:90:fe:30:9c:b5:2d:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jul 5 06:07:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1fd5b5c670646ae7dbb0062483fca4e3c0887ad6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:9e:1e:d6:e1:bb:de:72:8d:9a:2b:4c:2d:dc:
dd:15:1b:0c:00:b0:04:86:f0:a1:4a:00:00:c3:65:
44:b1:8e:b1:f6:28:56:95:a8:14:47:51:d8:b8:ec:
fe:a5:5c:cc:9d:bf:0e:01:bc:f4:01:b3:02:37:95:
96:ab:50:fd:ed:55:64:59:07:d1:7e:9a:ce:4e:2e:
3b:5d:95:0c:49:47:6e:d3:fc:c2:ce:de:c4:c0:1e:
e0:80:2c:63:07:c7:8a:9c:c3:d4:56:1f:8b:ef:49:
21:f4:93:1b:20:de:31:57:7a:a8:1b:4f:50:af:4d:
be:c1:da:62:b5:9b:03:52:4f:0b:13:ea:ef:40:0a:
3e:49:e6:24:3e:a0:7c:31:19:dc:ad:c0:24:9a:e9:
8a:c8:1a:7b:1b:ad:5c:f1:62:3a:d1:56:48:28:62:
88:d2:f4:0e:a4:ea:6f:4a:4e:8f:5b:f8:20:9f:24:
6d:9c:b7:70:4c:20:7a:0a:6d:08:19:c6:97:15:f2:
4d:ee:0f:ab:16:1d:1e:b5:27:17:46:51:f4:0c:85:
06:e1:74:bc:18:73:05:91:d4:5f:80:28:2d:f2:b2:
8e:c2:22:2a:9f:b5:c0:18:d3:19:a7:80:1c:b4:7d:
de:4f:83:a1:93:61:74:95:5e:05:33:98:6f:76:8a:
d1:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:D5:B5:C6:70:64:6A:E7:DB:B0:06:24:83:FC:A4:E3:C0:88:7A:D6
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/H9W1xnBkaufbsAYkg_yk48CIetY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.188.205.0/24
193.23.128.0/23
Signature Algorithm: sha256WithRSAEncryption
76:df:76:ca:9f:c2:1a:45:f7:1b:0b:42:b8:e8:96:dd:e2:d0:
65:e9:c4:56:98:34:8c:11:28:e1:2f:3c:63:a1:b8:c7:e9:00:
4e:a1:63:a5:6c:1e:96:4d:96:ee:82:14:de:3a:8c:33:10:34:
e8:3e:d7:25:52:5d:83:08:e5:99:33:10:df:6d:62:7a:31:2a:
b2:0f:2a:f4:c1:87:96:b5:c7:c6:76:9b:6a:0d:e0:63:2a:0f:
2f:b7:47:e7:f3:76:bf:79:a0:06:ae:d4:49:3a:ee:ea:45:0f:
69:25:a9:0d:a7:c0:83:f5:98:3d:22:e2:26:45:b4:97:ed:d3:
81:63:d4:1b:f2:8d:c6:76:2a:da:f3:f4:f5:0f:82:fa:3d:60:
ab:1b:d1:75:3c:6a:a6:49:7e:30:b4:da:66:2a:2b:54:14:71:
94:ae:3e:68:b6:72:8e:2c:48:a4:1e:8d:f3:97:fa:1d:c7:82:
93:c7:31:2a:bf:5a:a5:35:c0:2f:72:ac:ea:74:c0:64:32:ba:
4a:56:20:49:3d:de:16:b2:89:78:47:a6:aa:e3:7d:5e:a0:49:
bc:04:e6:06:74:a9:8d:c3:63:f4:76:7a:de:14:73:ce:72:2c:
a4:42:20:89:e5:c0:c9:72:56:ea:da:c1:d8:45:ad:73:00:e9:
26:0e:37:78
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYkkqXC50FRJ67iQ/jCctS0FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNzA1MDYwNzExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmQ1YjVjNjcwNjQ2YWU3ZGJiMDA2MjQ4M2ZjYTRlM2MwODg3YWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZ4e1uG73nKNmitMLdzdFRsMALAE
hvChSgAAw2VEsY6x9ihWlagUR1HYuOz+pVzMnb8OAbz0AbMCN5WWq1D97VVkWQfR
fprOTi47XZUMSUdu0/zCzt7EwB7ggCxjB8eKnMPUVh+L70kh9JMbIN4xV3qoG09Q
r02+wdpitZsDUk8LE+rvQAo+SeYkPqB8MRncrcAkmumKyBp7G61c8WI60VZIKGKI
0vQOpOpvSk6PW/ggnyRtnLdwTCB6Cm0IGcaXFfJN7g+rFh0etScXRlH0DIUG4XS8
GHMFkdRfgCgt8rKOwiIqn7XAGNMZp4ActH3eT4Ohk2F0lV4FM5hvdorRvwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB/VtcZwZGrn27AGJIP8pOPAiHrWMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvSDlXMXhuQmthdWZic0FZa2dfeWs0OENJZXRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW7zNAwQB
wReAMA0GCSqGSIb3DQEBCwUAA4IBAQB233bKn8IaRfcbC0K46Jbd4tBl6cRWmDSM
ESjhLzxjobjH6QBOoWOlbB6WTZbughTeOowzEDToPtclUl2DCOWZMxDfbWJ6MSqy
Dyr0wYeWtcfGdptqDeBjKg8vt0fn83a/eaAGrtRJOu7qRQ9pJakNp8CD9Zg9IuIm
RbSX7dOBY9Qb8o3Gdira8/T1D4L6PWCrG9F1PGqmSX4wtNpmKitUFHGUrj5otnKO
LEikHo3zl/odx4KTxzEqv1qlNcAvcqzqdMBkMrpKViBJPd4Wsol4R6aq431eoEm8
BOYGdKmNw2P0dnreFHPOciykQiCJ5cDJclbq2sHYRa1zAOkmDjd4
-----END CERTIFICATE-----
Generated at Wed May 14 00:12:34 2025 by rpki-client