Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/c67522-71c5-4061-a18b-6933a90c53fa/1/HQ6xkTkeDciSbdFLEOpCbBRAYOs.roa
File: HQ6xkTkeDciSbdFLEOpCbBRAYOs.roa (raw, json)
Hash identifier: lCOq4eQC19i5W1dsCW1XozOOwKfj3LmkhrnU2Nh35A0=
Subject key identifier: 1D:0E:B1:91:39:1E:0D:C8:92:6D:D1:4B:10:EA:42:6C:14:40:60:EB
Certificate issuer: /CN=72769d6e4a0fc2c98013b722eb2beb9e6e871fc6
Certificate serial: 018A4629277EE85337517ADA8F2A7004F1EB
Authority key identifier: 72:76:9D:6E:4A:0F:C2:C9:80:13:B7:22:EB:2B:EB:9E:6E:87:1F:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cnadbkoPwsmAE7ci6yvrnm6HH8Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/c67522-71c5-4061-a18b-6933a90c53fa/1/HQ6xkTkeDciSbdFLEOpCbBRAYOs.roa
Signing time: Wed 30 Aug 2023 11:16:56 +0000
ROA not before: Wed 30 Aug 2023 11:16:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48448
IP address blocks: 45.85.73.0/24 maxlen: 24
2a0e:bb81::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:46:29:27:7e:e8:53:37:51:7a:da:8f:2a:70:04:f1:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72769d6e4a0fc2c98013b722eb2beb9e6e871fc6
Validity
Not Before: Aug 30 11:16:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d0eb191391e0dc8926dd14b10ea426c144060eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:b3:cd:de:c5:21:b1:aa:1c:b5:b7:74:0a:3b:
c1:d1:53:7c:07:05:a9:0c:6c:ff:8a:70:1c:ea:69:
f7:f0:49:f6:3c:93:70:0c:7c:9e:c8:f7:8c:97:03:
3a:c1:98:09:ef:5d:00:05:96:80:9c:77:b4:2d:f5:
d3:3e:9d:d6:e3:81:d5:78:4d:b8:31:64:db:02:9e:
56:9b:a8:2c:9a:7c:de:0e:65:db:fe:a9:3c:5d:f0:
e1:84:55:c5:31:13:03:53:be:a3:74:a6:3f:d7:83:
8c:a7:7f:b1:ec:e8:26:fb:da:ed:8a:9f:87:35:4c:
3f:2d:f9:c8:03:31:44:86:ff:94:c8:9d:05:f9:07:
ee:e4:35:a8:7e:ca:2b:82:3c:ad:8b:63:79:f3:cf:
58:8d:a6:c8:9d:94:4a:ac:48:77:f6:16:8d:87:c2:
f6:75:f6:25:b8:11:a5:07:c7:9b:19:00:74:47:5b:
41:9b:3d:91:32:32:b0:9e:9c:dc:bd:cf:30:36:eb:
0d:15:3b:c5:b7:ff:50:a9:26:90:de:b5:f0:a0:ce:
72:95:37:59:13:2c:28:19:9d:3c:cc:04:e3:cb:eb:
5e:11:07:36:1a:7a:aa:7c:00:8e:6a:17:f7:8d:a5:
40:01:fe:9d:52:e9:55:6e:8f:0b:f5:26:8e:f1:c8:
6b:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:0E:B1:91:39:1E:0D:C8:92:6D:D1:4B:10:EA:42:6C:14:40:60:EB
X509v3 Authority Key Identifier:
keyid:72:76:9D:6E:4A:0F:C2:C9:80:13:B7:22:EB:2B:EB:9E:6E:87:1F:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cnadbkoPwsmAE7ci6yvrnm6HH8Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/c67522-71c5-4061-a18b-6933a90c53fa/1/HQ6xkTkeDciSbdFLEOpCbBRAYOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/c67522-71c5-4061-a18b-6933a90c53fa/1/cnadbkoPwsmAE7ci6yvrnm6HH8Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.73.0/24
IPv6:
2a0e:bb81::/32
Signature Algorithm: sha256WithRSAEncryption
0e:be:6a:ce:77:e3:71:d6:33:10:3e:16:40:2b:fb:1e:88:51:
38:51:c7:66:d3:c3:6a:ec:37:b6:63:ec:ae:6f:dd:e7:82:b7:
bc:d2:bf:57:d5:64:7c:db:17:32:b5:14:51:81:e3:4c:c0:12:
8f:5e:b9:3e:e2:ae:85:85:42:68:a1:dc:78:0e:07:c6:0b:9c:
b8:a7:c7:17:33:c0:1b:70:34:d6:7d:1f:4f:ad:a8:ae:41:60:
1c:76:0c:35:d5:0b:5c:06:74:3c:78:85:4c:c7:68:a5:80:40:
2c:07:93:f6:56:d1:6b:98:fd:8f:d8:a4:4c:cd:bf:02:93:de:
fa:ee:2c:1f:5c:a2:1f:c1:e2:e9:ee:f9:fc:96:27:c2:76:b4:
8f:0c:b5:14:36:26:5b:4c:86:83:88:fe:e6:96:ef:df:b5:d4:
b2:1a:3d:33:99:38:24:c7:9d:f3:c7:e1:e1:1d:ae:dc:d9:94:
c4:4b:cb:c1:56:ab:5c:f1:be:80:2f:f6:b4:05:f6:71:51:d8:
0a:86:d0:4e:fe:0b:87:fb:42:fa:cf:38:34:b1:a2:0d:00:f6:
13:0e:db:22:54:73:59:c9:b0:dc:1c:d5:1d:1d:35:4a:31:09:
c6:cf:9c:37:0f:13:1f:7c:40:9b:52:ac:54:f2:3c:06:ed:0e:
5b:3e:02:6d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYpGKSd+6FM3UXrajypwBPHrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNzY5ZDZlNGEwZmMyYzk4MDEzYjcyMmViMmJlYjllNmU4
NzFmYzYwHhcNMjMwODMwMTExNjU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDBlYjE5MTM5MWUwZGM4OTI2ZGQxNGIxMGVhNDI2YzE0NDA2MGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlLPN3sUhsaoctbd0CjvB0VN8BwWp
DGz/inAc6mn38En2PJNwDHyeyPeMlwM6wZgJ710ABZaAnHe0LfXTPp3W44HVeE24
MWTbAp5Wm6gsmnzeDmXb/qk8XfDhhFXFMRMDU76jdKY/14OMp3+x7Ogm+9rtip+H
NUw/LfnIAzFEhv+UyJ0F+Qfu5DWofsorgjyti2N5889YjabInZRKrEh39haNh8L2
dfYluBGlB8ebGQB0R1tBmz2RMjKwnpzcvc8wNusNFTvFt/9QqSaQ3rXwoM5ylTdZ
EywoGZ08zATjy+teEQc2GnqqfACOahf3jaVAAf6dUulVbo8L9SaO8chrlQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFB0OsZE5Hg3Ikm3RSxDqQmwUQGDrMB8GA1UdIwQY
MBaAFHJ2nW5KD8LJgBO3Iusr655uhx/GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY25hZGJrb1B3c21BRTdjaTZ5dnJubTZISDhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9jNjc1MjItNzFjNS00MDYxLWExOGIt
NjkzM2E5MGM1M2ZhLzEvSFE2eGtUa2VEY2lTYmRGTEVPcENiQlJBWU9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9jNjc1MjItNzFjNS00MDYxLWExOGItNjkzM2E5MGM1M2Zh
LzEvY25hZGJrb1B3c21BRTdjaTZ5dnJubTZISDhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALVVJMA0E
AgACMAcDBQAqDruBMA0GCSqGSIb3DQEBCwUAA4IBAQAOvmrOd+Nx1jMQPhZAK/se
iFE4Ucdm08Nq7De2Y+yub93ngre80r9X1WR82xcytRRRgeNMwBKPXrk+4q6FhUJo
odx4DgfGC5y4p8cXM8AbcDTWfR9PraiuQWAcdgw11QtcBnQ8eIVMx2ilgEAsB5P2
VtFrmP2P2KRMzb8Ck9767iwfXKIfweLp7vn8lifCdrSPDLUUNiZbTIaDiP7mlu/f
tdSyGj0zmTgkx53zx+HhHa7c2ZTES8vBVqtc8b6AL/a0BfZxUdgKhtBO/guH+0L6
zzg0saINAPYTDtsiVHNZybDcHNUdHTVKMQnGz5w3DxMffECbUqxU8jwG7Q5bPgJt
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:05:01 2025 by rpki-client