Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/07489a-805e-4339-b43a-539da69774c8/1/hu5QQ_CjRBv5cljvivKswLMH0js.roa
File: hu5QQ_CjRBv5cljvivKswLMH0js.roa (raw, json)
Hash identifier: +Wz0EIK59ncKwPtnIC7Uyoqs6V49vBUH8vp5CU8Omoo=
Subject key identifier: 86:EE:50:43:F0:A3:44:1B:F9:72:58:EF:8A:F2:AC:C0:B3:07:D2:3B
Certificate issuer: /CN=54f2b9a759357682ac419b5c0211cc0e420252ba
Certificate serial: 018D8D4748D0810DCE0F4EBA0D9980E7B6C6
Authority key identifier: 54:F2:B9:A7:59:35:76:82:AC:41:9B:5C:02:11:CC:0E:42:02:52:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VPK5p1k1doKsQZtcAhHMDkICUro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/07489a-805e-4339-b43a-539da69774c8/1/hu5QQ_CjRBv5cljvivKswLMH0js.roa
Signing time: Fri 09 Feb 2024 09:51:15 +0000
ROA not before: Fri 09 Feb 2024 09:51:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21034
IP address blocks: 185.2.146.0/23 maxlen: 23
185.179.103.0/24 maxlen: 24
212.43.96.0/19 maxlen: 20
2a00:1be0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:8d:47:48:d0:81:0d:ce:0f:4e:ba:0d:99:80:e7:b6:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54f2b9a759357682ac419b5c0211cc0e420252ba
Validity
Not Before: Feb 9 09:51:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86ee5043f0a3441bf97258ef8af2acc0b307d23b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:11:f3:96:da:9e:0b:3b:d8:3e:9b:9a:b3:cb:
d2:62:73:37:1f:60:30:84:42:ec:0c:9d:d5:84:ab:
45:1a:ac:47:93:aa:ee:e4:27:ae:15:8f:e3:1c:06:
a1:6d:4a:ff:a0:37:90:9f:77:01:dc:e5:80:d7:f4:
1f:56:19:8f:ee:c6:e6:84:ef:e1:e0:04:79:d3:b6:
dd:0e:ed:11:1a:bf:22:a1:7a:8e:df:96:48:84:d4:
11:92:0d:c0:cb:42:91:b7:5d:c5:64:ae:d2:1d:31:
03:93:ac:70:6d:d9:39:a2:6f:c6:08:b4:bd:ac:16:
69:d1:8c:64:a4:00:ef:56:a4:43:9c:c2:2f:0e:4e:
b1:15:04:6f:59:3f:f4:5a:a3:e8:1d:ad:34:b9:f3:
38:c9:4e:45:ae:5e:59:ba:be:8a:64:b2:8c:35:dd:
bc:c9:b7:d7:ed:77:d9:93:2e:5e:91:21:ca:dc:7e:
80:12:75:d0:68:0d:84:6a:be:bc:bb:cc:d2:86:ec:
8e:df:91:c2:52:78:ea:31:e8:b9:b2:3c:f3:7c:0a:
cc:b7:17:7e:8d:4e:56:9c:54:87:a7:e0:79:8a:14:
65:29:95:c5:2f:c3:95:66:27:c6:e3:8b:df:39:1c:
91:50:d7:df:c2:43:75:c7:ed:fe:b2:7c:9b:2f:98:
68:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:EE:50:43:F0:A3:44:1B:F9:72:58:EF:8A:F2:AC:C0:B3:07:D2:3B
X509v3 Authority Key Identifier:
keyid:54:F2:B9:A7:59:35:76:82:AC:41:9B:5C:02:11:CC:0E:42:02:52:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VPK5p1k1doKsQZtcAhHMDkICUro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/07489a-805e-4339-b43a-539da69774c8/1/hu5QQ_CjRBv5cljvivKswLMH0js.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/07489a-805e-4339-b43a-539da69774c8/1/VPK5p1k1doKsQZtcAhHMDkICUro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.2.146.0/23
185.179.103.0/24
212.43.96.0/19
IPv6:
2a00:1be0::/32
Signature Algorithm: sha256WithRSAEncryption
b9:8b:db:2d:59:3f:74:96:e9:47:18:2e:29:f5:ec:3a:59:2d:
40:55:9e:ff:ab:56:32:10:4b:21:15:52:22:2b:34:ee:33:6b:
0c:9c:84:fa:a4:53:a9:e9:63:fd:e6:cc:ed:74:55:15:88:84:
2a:8f:e4:b8:cd:a2:14:53:b2:3e:6a:ce:e1:97:8f:7a:3f:7d:
96:7b:82:31:99:d8:71:ce:2b:83:89:05:54:9b:00:0f:81:30:
8f:de:2c:e2:86:ba:27:e5:4e:64:9d:f5:f7:36:f9:cc:56:15:
ae:c0:59:1f:2e:07:ea:5a:81:f3:9f:02:59:5a:e5:ae:39:ce:
0c:e6:44:78:4a:26:e7:a9:62:0b:25:ec:09:cf:db:68:93:7f:
36:de:6c:fd:f3:cf:71:af:20:9d:67:8d:df:eb:ea:19:04:97:
ad:4f:56:4f:e2:75:e1:be:15:68:e3:f8:97:db:f0:51:c0:7d:
c6:25:c2:50:70:92:f2:c3:23:5b:3b:8b:0c:df:ef:ce:5d:46:
d4:e2:4b:b1:f0:07:84:f6:37:4f:65:72:c4:98:75:b3:16:43:
e0:f7:b1:f7:06:fb:de:ff:c7:64:95:cc:67:8e:dc:47:bb:af:
df:63:17:b7:03:8f:64:b1:9e:ad:10:6b:a6:a2:4f:9d:3d:5b:
a4:46:1a:fa
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY2NR0jQgQ3OD066DZmA57bGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0ZjJiOWE3NTkzNTc2ODJhYzQxOWI1YzAyMTFjYzBlNDIw
MjUyYmEwHhcNMjQwMjA5MDk1MTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmVlNTA0M2YwYTM0NDFiZjk3MjU4ZWY4YWYyYWNjMGIzMDdkMjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1xHzltqeCzvYPpuas8vSYnM3H2Aw
hELsDJ3VhKtFGqxHk6ru5CeuFY/jHAahbUr/oDeQn3cB3OWA1/QfVhmP7sbmhO/h
4AR507bdDu0RGr8ioXqO35ZIhNQRkg3Ay0KRt13FZK7SHTEDk6xwbdk5om/GCLS9
rBZp0YxkpADvVqRDnMIvDk6xFQRvWT/0WqPoHa00ufM4yU5Frl5Zur6KZLKMNd28
ybfX7XfZky5ekSHK3H6AEnXQaA2Ear68u8zShuyO35HCUnjqMei5sjzzfArMtxd+
jU5WnFSHp+B5ihRlKZXFL8OVZifG44vfORyRUNffwkN1x+3+snybL5hoswIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFIbuUEPwo0Qb+XJY74ryrMCzB9I7MB8GA1UdIwQY
MBaAFFTyuadZNXaCrEGbXAIRzA5CAlK6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlBLNXAxazFkb0tzUVp0Y0FoSE1Ea0lDVXJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8wNzQ4OWEtODA1ZS00MzM5LWI0M2Et
NTM5ZGE2OTc3NGM4LzEvaHU1UVFfQ2pSQnY1Y2xqdml2S3N3TE1IMGpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8wNzQ4OWEtODA1ZS00MzM5LWI0M2EtNTM5ZGE2OTc3NGM4
LzEvVlBLNXAxazFkb0tzUVp0Y0FoSE1Ea0lDVXJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBuQKSAwQA
ubNnAwQF1CtgMA0EAgACMAcDBQAqABvgMA0GCSqGSIb3DQEBCwUAA4IBAQC5i9st
WT90lulHGC4p9ew6WS1AVZ7/q1YyEEshFVIiKzTuM2sMnIT6pFOp6WP95sztdFUV
iIQqj+S4zaIUU7I+as7hl496P32We4IxmdhxziuDiQVUmwAPgTCP3izihron5U5k
nfX3NvnMVhWuwFkfLgfqWoHznwJZWuWuOc4M5kR4SibnqWILJewJz9tok3823mz9
889xryCdZ43f6+oZBJetT1ZP4nXhvhVo4/iX2/BRwH3GJcJQcJLywyNbO4sM3+/O
XUbU4kux8AeE9jdPZXLEmHWzFkPg97H3Bvve/8dklcxnjtxHu6/fYxe3A49ksZ6t
EGumok+dPVukRhr6
-----END CERTIFICATE-----
Generated at Tue Jul 29 04:36:53 2025 by rpki-client