Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/6266af-ffbb-4462-baa6-5739ed83c691/1/hewdukKdRuQPgy2y9-y3lpBd86o.roa
File: hewdukKdRuQPgy2y9-y3lpBd86o.roa (raw, json)
Hash identifier: 7XWBmWPEZ3VRPFaaR64/x+wHMTcp1/jfX1DuMwOIzGc=
Subject key identifier: 85:EC:1D:BA:42:9D:46:E4:0F:83:2D:B2:F7:EC:B7:96:90:5D:F3:AA
Certificate issuer: /CN=6fe561f84c5bab17d503bf93d3c3d325c2a2252e
Certificate serial: 0185E9AD6527BF8595FFB78CE0E37874C3C6
Authority key identifier: 6F:E5:61:F8:4C:5B:AB:17:D5:03:BF:93:D3:C3:D3:25:C2:A2:25:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b-Vh-ExbqxfVA7-T08PTJcKiJS4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/6266af-ffbb-4462-baa6-5739ed83c691/1/hewdukKdRuQPgy2y9-y3lpBd86o.roa
Signing time: Wed 25 Jan 2023 16:05:32 +0000
ROA not before: Wed 25 Jan 2023 16:05:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61028
IP address blocks: 109.226.128.0/18 maxlen: 24
2a0d:c80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e9:ad:65:27:bf:85:95:ff:b7:8c:e0:e3:78:74:c3:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fe561f84c5bab17d503bf93d3c3d325c2a2252e
Validity
Not Before: Jan 25 16:05:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85ec1dba429d46e40f832db2f7ecb796905df3aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:b0:69:b9:df:26:37:79:a7:14:8d:48:a7:7f:
f7:bc:70:00:e2:bd:ef:ce:ac:45:77:78:ad:8f:d7:
e0:06:1a:55:87:8e:c6:79:5a:ac:7b:47:d4:35:ec:
48:7d:77:df:18:c4:10:af:f6:04:1a:e9:fe:e1:ef:
84:02:27:07:00:1c:2d:38:91:5b:09:ab:d7:db:e0:
65:9f:f4:af:8a:a9:f7:b7:b2:7c:5b:9e:31:00:6a:
72:5a:f0:2f:88:3e:a4:83:6f:d5:ff:45:f8:0f:5b:
3a:4e:ef:21:a6:a1:4c:97:9c:b4:e5:f8:ea:c6:3e:
44:e5:8e:85:6a:d5:92:df:b0:4e:1c:ec:c1:bf:e2:
78:2e:7d:56:6e:5f:08:e8:75:91:ec:c8:bb:f6:5f:
a9:67:57:86:0c:c6:12:e5:19:85:14:ae:de:e4:24:
e4:95:65:62:77:77:4e:f9:3b:d7:7b:c5:8b:e8:09:
17:8b:28:6f:36:97:9d:f5:4f:07:44:eb:08:55:74:
4b:97:00:b1:f7:b1:89:f0:6c:79:81:7d:2b:fd:85:
4e:8d:fa:13:7e:21:57:86:b1:99:12:23:ff:d8:4a:
23:ae:f9:70:2d:cb:76:8f:16:e1:25:f8:c6:aa:87:
f8:f5:13:63:e5:1f:98:a4:6f:dd:02:61:c9:0e:91:
6a:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:EC:1D:BA:42:9D:46:E4:0F:83:2D:B2:F7:EC:B7:96:90:5D:F3:AA
X509v3 Authority Key Identifier:
keyid:6F:E5:61:F8:4C:5B:AB:17:D5:03:BF:93:D3:C3:D3:25:C2:A2:25:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b-Vh-ExbqxfVA7-T08PTJcKiJS4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/6266af-ffbb-4462-baa6-5739ed83c691/1/hewdukKdRuQPgy2y9-y3lpBd86o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/6266af-ffbb-4462-baa6-5739ed83c691/1/b-Vh-ExbqxfVA7-T08PTJcKiJS4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.226.128.0/18
IPv6:
2a0d:c80::/29
Signature Algorithm: sha256WithRSAEncryption
f1:20:d3:ba:da:11:4e:0c:ca:47:8a:da:b2:9d:95:81:43:52:
86:07:8e:89:fa:85:d0:fd:38:18:aa:d8:ec:4f:4f:db:11:24:
c3:b2:62:01:da:22:22:ee:81:04:09:0d:9f:7c:ec:7a:4a:f4:
10:79:3f:f0:1b:4b:d7:7f:8f:9f:43:f9:e4:0e:81:3d:9c:b2:
9d:2d:7c:5b:7b:e3:6d:73:e8:29:d4:ed:89:41:cb:f0:c4:a9:
fe:c2:c0:c8:05:70:5b:75:00:a2:9d:4e:a4:ee:49:cb:33:7a:
61:54:84:7b:a6:5f:4b:b4:b7:86:a8:3e:71:9c:0f:fb:57:a5:
fc:f1:35:7a:78:2a:0a:bb:d8:02:75:62:b4:3a:4d:ea:c6:64:
59:ee:4b:8b:b5:d1:5e:1b:ae:17:bb:eb:64:35:de:cb:56:be:
22:a6:ae:21:75:df:23:62:73:64:86:98:2a:09:b4:12:f7:51:
10:45:31:d4:28:13:85:35:61:07:38:9b:52:3b:58:0b:49:b2:
36:49:9e:ef:d9:f2:63:c0:f9:ed:da:2f:55:0a:dd:4a:77:26:
e1:11:59:9b:8c:17:62:b0:8f:ae:e3:c0:7f:37:84:fb:c3:b9:
e2:60:46:e4:b7:47:d3:ea:43:dc:f2:5a:88:86:c3:26:73:d9:
67:46:52:ae
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYXprWUnv4WV/7eM4ON4dMPGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmZTU2MWY4NGM1YmFiMTdkNTAzYmY5M2QzYzNkMzI1YzJh
MjI1MmUwHhcNMjMwMTI1MTYwNTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWVjMWRiYTQyOWQ0NmU0MGY4MzJkYjJmN2VjYjc5NjkwNWRmM2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhrBpud8mN3mnFI1Ip3/3vHAA4r3v
zqxFd3itj9fgBhpVh47GeVqse0fUNexIfXffGMQQr/YEGun+4e+EAicHABwtOJFb
CavX2+Bln/Sviqn3t7J8W54xAGpyWvAviD6kg2/V/0X4D1s6Tu8hpqFMl5y05fjq
xj5E5Y6FatWS37BOHOzBv+J4Ln1Wbl8I6HWR7Mi79l+pZ1eGDMYS5RmFFK7e5CTk
lWVid3dO+TvXe8WL6AkXiyhvNped9U8HROsIVXRLlwCx97GJ8Gx5gX0r/YVOjfoT
fiFXhrGZEiP/2EojrvlwLct2jxbhJfjGqof49RNj5R+YpG/dAmHJDpFqMwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIXsHbpCnUbkD4Mtsvfst5aQXfOqMB8GA1UdIwQY
MBaAFG/lYfhMW6sX1QO/k9PD0yXCoiUuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYi1WaC1FeGJxeGZWQTctVDA4UFRKY0tpSlM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC82MjY2YWYtZmZiYi00NDYyLWJhYTYt
NTczOWVkODNjNjkxLzEvaGV3ZHVrS2RSdVFQZ3kyeTkteTNscEJkODZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC82MjY2YWYtZmZiYi00NDYyLWJhYTYtNTczOWVkODNjNjkx
LzEvYi1WaC1FeGJxeGZWQTctVDA4UFRKY0tpSlM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQGbeKAMA0E
AgACMAcDBQMqDQyAMA0GCSqGSIb3DQEBCwUAA4IBAQDxINO62hFODMpHitqynZWB
Q1KGB46J+oXQ/TgYqtjsT0/bESTDsmIB2iIi7oEECQ2ffOx6SvQQeT/wG0vXf4+f
Q/nkDoE9nLKdLXxbe+Ntc+gp1O2JQcvwxKn+wsDIBXBbdQCinU6k7knLM3phVIR7
pl9LtLeGqD5xnA/7V6X88TV6eCoKu9gCdWK0Ok3qxmRZ7kuLtdFeG64Xu+tkNd7L
Vr4ipq4hdd8jYnNkhpgqCbQS91EQRTHUKBOFNWEHOJtSO1gLSbI2SZ7v2fJjwPnt
2i9VCt1KdybhEVmbjBdisI+u48B/N4T7w7niYEbkt0fT6kPc8lqIhsMmc9lnRlKu
-----END CERTIFICATE-----
Generated at Wed Apr 23 05:13:38 2025 by rpki-client