Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/770732-cc5a-42e1-8038-544b9c2e7726/1/8lHD-PPOldWQXqj1-XfmUE9d06Q.roa
File: 8lHD-PPOldWQXqj1-XfmUE9d06Q.roa (raw, json)
Hash identifier: JD49BODNRAFV2aUjCMaNhD3lGvs2nNdQnD2U03jX01E=
Subject key identifier: F2:51:C3:F8:F3:CE:95:D5:90:5E:A8:F5:F9:77:E6:50:4F:5D:D3:A4
Certificate issuer: /CN=c42f846f7dab127866ba27bfa964ba7d2de2044c
Certificate serial: 01856FC25D2D0ADA31B11D915F2E9E874E91
Authority key identifier: C4:2F:84:6F:7D:AB:12:78:66:BA:27:BF:A9:64:BA:7D:2D:E2:04:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xC-Eb32rEnhmuie_qWS6fS3iBEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/770732-cc5a-42e1-8038-544b9c2e7726/1/8lHD-PPOldWQXqj1-XfmUE9d06Q.roa
Signing time: Sun 01 Jan 2023 23:54:46 +0000
ROA not before: Sun 01 Jan 2023 23:54:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 33853
IP address blocks: 193.26.216.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:c2:5d:2d:0a:da:31:b1:1d:91:5f:2e:9e:87:4e:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c42f846f7dab127866ba27bfa964ba7d2de2044c
Validity
Not Before: Jan 1 23:54:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f251c3f8f3ce95d5905ea8f5f977e6504f5dd3a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:40:6f:c5:25:93:a3:80:8a:24:75:74:5c:a9:
05:0c:82:cc:45:e9:14:7a:7e:10:6c:f3:1f:19:26:
d6:59:78:ce:30:2d:3a:a7:55:cb:f3:0a:c1:71:5e:
96:b9:12:7a:d6:45:84:0c:8e:59:21:54:fc:02:27:
75:d5:ff:88:4c:c8:c6:b9:b1:ec:16:25:b2:03:cf:
95:36:7a:b8:b5:61:a3:e9:f8:23:fe:0e:1e:0b:2a:
14:83:63:24:84:51:11:4d:3d:15:31:58:fa:37:af:
c9:f3:46:20:97:74:4c:38:2d:0a:e5:b8:a7:8a:c1:
28:ca:53:6d:f9:fc:e5:27:c0:8e:3c:ec:b7:6f:0c:
07:b4:fb:bc:6f:e6:29:f3:20:13:1b:ab:33:11:fe:
9c:b7:1b:8b:fc:37:ef:2c:9d:74:b2:3c:28:99:37:
74:72:59:a8:b5:58:59:e2:11:c3:8e:90:28:2b:ac:
25:54:8a:c4:84:d7:a5:86:dd:7e:83:11:a1:b3:55:
3f:64:f8:bb:6c:92:ac:fb:d3:3c:50:96:3d:57:50:
c9:2a:f8:3a:b1:01:f0:ab:04:9e:99:55:3d:82:62:
20:15:fc:3a:f2:df:2a:89:ea:0d:c1:ef:cf:6b:0e:
be:59:e2:69:e0:e0:b5:e6:e7:1b:ec:e9:05:e7:99:
65:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:51:C3:F8:F3:CE:95:D5:90:5E:A8:F5:F9:77:E6:50:4F:5D:D3:A4
X509v3 Authority Key Identifier:
keyid:C4:2F:84:6F:7D:AB:12:78:66:BA:27:BF:A9:64:BA:7D:2D:E2:04:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xC-Eb32rEnhmuie_qWS6fS3iBEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/770732-cc5a-42e1-8038-544b9c2e7726/1/8lHD-PPOldWQXqj1-XfmUE9d06Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/770732-cc5a-42e1-8038-544b9c2e7726/1/xC-Eb32rEnhmuie_qWS6fS3iBEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.26.216.0/24
Signature Algorithm: sha256WithRSAEncryption
63:60:61:02:3d:13:20:59:75:2b:3d:55:cb:11:4e:36:9f:e2:
6e:e2:f5:37:2e:ea:5e:65:4c:61:1e:7b:bb:5c:68:00:d0:f0:
8a:6e:99:d8:59:a6:76:6c:a3:8c:26:b7:71:23:68:21:f3:08:
f9:d0:a1:a4:19:4f:98:b9:d8:0c:97:ea:94:0d:e1:9f:59:70:
07:90:96:e1:55:2e:ce:c8:b2:5d:e8:3a:56:f3:b0:7a:30:28:
04:5a:51:5a:1f:e0:78:cf:7e:70:a3:fc:f2:20:51:3d:46:1a:
06:88:6a:37:da:5e:6e:97:97:bb:10:c6:b6:99:1a:21:af:b8:
ec:3f:a3:fb:8e:a8:2b:90:79:4e:e4:5e:4c:d0:7e:dc:cf:5e:
68:39:7d:d7:f8:7c:02:ce:5b:6d:e4:5a:74:ad:79:31:57:91:
44:3c:85:23:d3:9f:9f:9a:54:3b:0a:a8:21:dc:f2:3b:0b:6e:
18:cb:ec:ee:d9:ad:6b:78:80:4a:6a:30:4a:d4:cd:67:75:05:
86:71:c5:c1:6e:a1:52:fa:9b:aa:05:3c:34:ec:fc:70:8c:7e:
72:7a:51:a4:19:ad:2d:83:b0:31:f3:aa:b9:b0:8b:11:b1:c7:
88:cf:d3:b7:19:82:26:5b:51:8b:86:c7:1a:4e:72:05:3a:e6:
1a:e9:4a:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvwl0tCtoxsR2RXy6eh06RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MmY4NDZmN2RhYjEyNzg2NmJhMjdiZmE5NjRiYTdkMmRl
MjA0NGMwHhcNMjMwMTAxMjM1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjUxYzNmOGYzY2U5NWQ1OTA1ZWE4ZjVmOTc3ZTY1MDRmNWRkM2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwEBvxSWTo4CKJHV0XKkFDILMRekU
en4QbPMfGSbWWXjOMC06p1XL8wrBcV6WuRJ61kWEDI5ZIVT8Aid11f+ITMjGubHs
FiWyA8+VNnq4tWGj6fgj/g4eCyoUg2MkhFERTT0VMVj6N6/J80Ygl3RMOC0K5bin
isEoylNt+fzlJ8COPOy3bwwHtPu8b+Yp8yATG6szEf6ctxuL/DfvLJ10sjwomTd0
clmotVhZ4hHDjpAoK6wlVIrEhNelht1+gxGhs1U/ZPi7bJKs+9M8UJY9V1DJKvg6
sQHwqwSemVU9gmIgFfw68t8qieoNwe/Paw6+WeJp4OC15ucb7OkF55llBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPJRw/jzzpXVkF6o9fl35lBPXdOkMB8GA1UdIwQY
MBaAFMQvhG99qxJ4Zronv6lkun0t4gRMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEMtRWIzMnJFbmhtdWllX3FXUzZmUzNpQkV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi83NzA3MzItY2M1YS00MmUxLTgwMzgt
NTQ0YjljMmU3NzI2LzEvOGxIRC1QUE9sZFdRWHFqMS1YZm1VRTlkMDZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi83NzA3MzItY2M1YS00MmUxLTgwMzgtNTQ0YjljMmU3NzI2
LzEveEMtRWIzMnJFbmhtdWllX3FXUzZmUzNpQkV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRrYMA0G
CSqGSIb3DQEBCwUAA4IBAQBjYGECPRMgWXUrPVXLEU42n+Ju4vU3LupeZUxhHnu7
XGgA0PCKbpnYWaZ2bKOMJrdxI2gh8wj50KGkGU+YudgMl+qUDeGfWXAHkJbhVS7O
yLJd6DpW87B6MCgEWlFaH+B4z35wo/zyIFE9RhoGiGo32l5ul5e7EMa2mRohr7js
P6P7jqgrkHlO5F5M0H7cz15oOX3X+HwCzltt5Fp0rXkxV5FEPIUj05+fmlQ7Cqgh
3PI7C24Yy+zu2a1reIBKajBK1M1ndQWGccXBbqFS+puqBTw07PxwjH5yelGkGa0t
g7Ax86q5sIsRsceIz9O3GYImW1GLhscaTnIFOuYa6Uov
-----END CERTIFICATE-----
Generated at Tue May 13 05:08:36 2025 by rpki-client