Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/0X3R_24Pc748-H43YdQz1auwyRw.roa
File: 0X3R_24Pc748-H43YdQz1auwyRw.roa (raw, json)
Hash identifier: HklRFgoQHvy3zcTT8GDjbMx3QKzwkwMEx9Qh0GJeHFM=
Subject key identifier: D1:7D:D1:FF:6E:0F:73:BE:3C:F8:7E:37:61:D4:33:D5:AB:B0:C9:1C
Certificate issuer: /CN=1c88af2f43654b3f452d5c74ed074712570d1fde
Certificate serial: 018B617C458A6D3DCE6449ADC60C914DBB98
Authority key identifier: 1C:88:AF:2F:43:65:4B:3F:45:2D:5C:74:ED:07:47:12:57:0D:1F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HIivL0NlSz9FLVx07QdHElcNH94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/0X3R_24Pc748-H43YdQz1auwyRw.roa
Signing time: Tue 24 Oct 2023 11:40:15 +0000
ROA not before: Tue 24 Oct 2023 11:40:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16205
IP address blocks: 178.249.24.0/21 maxlen: 21
81.201.144.0/20 maxlen: 20
31.210.160.0/21 maxlen: 21
217.18.176.0/20 maxlen: 20
176.52.200.0/21 maxlen: 21
2a00:8180::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:61:7c:45:8a:6d:3d:ce:64:49:ad:c6:0c:91:4d:bb:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c88af2f43654b3f452d5c74ed074712570d1fde
Validity
Not Before: Oct 24 11:40:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d17dd1ff6e0f73be3cf87e3761d433d5abb0c91c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b2:ed:6e:3f:d3:81:8b:a3:ab:d7:3f:17:c6:
0d:f0:9e:c6:99:27:c1:09:62:44:9d:64:27:dc:2a:
26:de:0b:69:7b:4b:16:73:0a:ba:62:e8:f2:9d:6e:
f2:42:1e:da:0a:08:25:2f:b6:1a:f2:63:05:2d:91:
33:e9:f3:19:3b:19:2a:86:d1:72:59:d4:91:1a:42:
f6:45:35:2c:11:54:df:9f:14:45:d5:cf:1a:24:0d:
10:19:0c:a2:9b:4b:dd:52:89:c2:f6:b3:27:ef:ae:
4a:90:d6:53:1d:36:6a:00:ee:68:cc:63:dd:ad:e8:
7f:2d:4d:62:2c:39:2c:9d:1b:7f:28:6a:7e:f7:ad:
37:37:0d:46:48:f2:d9:2c:20:59:fe:2a:98:a8:fd:
1d:2c:b1:60:27:26:04:dc:01:09:e5:72:4d:ca:b6:
50:9d:4e:41:12:d1:43:9f:07:d7:27:25:c4:57:32:
52:5a:f2:3e:9e:eb:21:cc:ed:13:f8:8b:0b:8d:d4:
e0:ba:3c:e2:9b:63:19:5c:98:20:aa:95:f5:ef:51:
1e:2b:52:9a:12:ac:7b:0f:a0:89:a6:a1:09:e9:e3:
aa:11:47:4a:bc:5e:83:4e:94:76:6c:9a:6a:23:17:
a0:aa:c6:83:dc:72:84:6e:53:87:76:dc:f6:47:da:
e1:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:7D:D1:FF:6E:0F:73:BE:3C:F8:7E:37:61:D4:33:D5:AB:B0:C9:1C
X509v3 Authority Key Identifier:
keyid:1C:88:AF:2F:43:65:4B:3F:45:2D:5C:74:ED:07:47:12:57:0D:1F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HIivL0NlSz9FLVx07QdHElcNH94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/0X3R_24Pc748-H43YdQz1auwyRw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.160.0/21
81.201.144.0/20
176.52.200.0/21
178.249.24.0/21
217.18.176.0/20
IPv6:
2a00:8180::/32
Signature Algorithm: sha256WithRSAEncryption
6c:9c:f7:6d:fc:00:2b:f7:2f:74:0a:1d:3b:6e:49:5c:b5:6d:
99:ae:8d:69:d3:9a:32:a2:77:b0:b0:0c:f4:15:a9:9f:67:ba:
b2:e7:a7:dd:32:bd:b3:73:33:bb:1e:af:3f:c3:ad:cf:d3:9f:
76:5c:72:e4:c2:91:07:17:0a:7f:8a:76:f2:d2:b5:1e:bb:8b:
47:88:19:b0:cf:fd:ca:d5:49:52:d3:9e:31:de:7e:3e:f4:6a:
62:24:42:a1:98:f9:ba:41:14:78:37:48:b7:3f:8e:8a:0f:0a:
b6:c2:42:c1:f5:08:cd:35:73:95:3d:80:3b:3d:b1:a2:d5:a2:
bb:30:56:e2:b4:78:32:9d:b4:c4:a7:2a:81:f1:78:cc:4f:cc:
e1:9f:08:33:5a:4f:99:ad:0e:75:5b:3b:c8:38:48:1c:3e:cf:
27:f8:22:40:77:ce:3e:e2:a3:40:37:51:d6:ff:aa:e8:7d:83:
9a:42:e0:0f:59:63:74:84:2b:7e:b8:be:fa:ce:85:b7:32:98:
18:bb:ab:2d:78:41:bd:0b:7c:d7:e2:c1:15:06:9a:a3:d4:f2:
f6:cb:15:ad:68:e2:5d:49:00:ae:bd:3b:35:a0:dd:b3:40:a7:
dd:fd:27:43:45:6d:a3:ae:b6:22:f9:3f:e9:a2:6a:ed:ee:ed:
42:7b:d8:f6
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYthfEWKbT3OZEmtxgyRTbuYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjODhhZjJmNDM2NTRiM2Y0NTJkNWM3NGVkMDc0NzEyNTcw
ZDFmZGUwHhcNMjMxMDI0MTE0MDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTdkZDFmZjZlMGY3M2JlM2NmODdlMzc2MWQ0MzNkNWFiYjBjOTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7Ltbj/TgYujq9c/F8YN8J7GmSfB
CWJEnWQn3Com3gtpe0sWcwq6YujynW7yQh7aCgglL7Ya8mMFLZEz6fMZOxkqhtFy
WdSRGkL2RTUsEVTfnxRF1c8aJA0QGQyim0vdUonC9rMn765KkNZTHTZqAO5ozGPd
reh/LU1iLDksnRt/KGp+9603Nw1GSPLZLCBZ/iqYqP0dLLFgJyYE3AEJ5XJNyrZQ
nU5BEtFDnwfXJyXEVzJSWvI+nushzO0T+IsLjdTgujzim2MZXJggqpX171EeK1Ka
Eqx7D6CJpqEJ6eOqEUdKvF6DTpR2bJpqIxegqsaD3HKEblOHdtz2R9rhKQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFNF90f9uD3O+PPh+N2HUM9WrsMkcMB8GA1UdIwQY
MBaAFByIry9DZUs/RS1cdO0HRxJXDR/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSElpdkwwTmxTejlGTFZ4MDdRZEhFbGNOSDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS82Y2ZjMmItOWJlOC00ZmUwLWE0MjQt
MTk2Y2MxNjcxMTNlLzEvMFgzUl8yNFBjNzQ4LUg0M1lkUXoxYXV3eVJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS82Y2ZjMmItOWJlOC00ZmUwLWE0MjQtMTk2Y2MxNjcxMTNl
LzEvSElpdkwwTmxTejlGTFZ4MDdRZEhFbGNOSDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDH9KgAwQE
UcmQAwQDsDTIAwQDsvkYAwQE2RKwMA0EAgACMAcDBQAqAIGAMA0GCSqGSIb3DQEB
CwUAA4IBAQBsnPdt/AAr9y90Ch07bklctW2Zro1p05oyonewsAz0FamfZ7qy56fd
Mr2zczO7Hq8/w63P0592XHLkwpEHFwp/inby0rUeu4tHiBmwz/3K1UlS054x3n4+
9GpiJEKhmPm6QRR4N0i3P46KDwq2wkLB9QjNNXOVPYA7PbGi1aK7MFbitHgynbTE
pyqB8XjMT8zhnwgzWk+ZrQ51WzvIOEgcPs8n+CJAd84+4qNAN1HW/6rofYOaQuAP
WWN0hCt+uL76zoW3MpgYu6steEG9C3zX4sEVBpqj1PL2yxWtaOJdSQCuvTs1oN2z
QKfd/SdDRW2jrrYi+T/pomrt7u1Ce9j2
-----END CERTIFICATE-----
Generated at Fri May 2 22:47:30 2025 by rpki-client