Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/hms9ubREWNtP6I9GXeBQK0IJKGA.roa
File: hms9ubREWNtP6I9GXeBQK0IJKGA.roa (raw, json)
Hash identifier: tqFsQiJAy32vACLzdo/+Y1gdfUcvteLVa7OTbyYnjRI=
Subject key identifier: 86:6B:3D:B9:B4:44:58:DB:4F:E8:8F:46:5D:E0:50:2B:42:09:28:60
Certificate issuer: /CN=5da432a4ec3b0ac4ca4e4ecec0e9f4d46b497af0
Certificate serial: 018570306C18A7910F25C666DC53174DC1E3
Authority key identifier: 5D:A4:32:A4:EC:3B:0A:C4:CA:4E:4E:CE:C0:E9:F4:D4:6B:49:7A:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaQypOw7CsTKTk7OwOn01GtJevA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/hms9ubREWNtP6I9GXeBQK0IJKGA.roa
Signing time: Mon 02 Jan 2023 01:54:59 +0000
ROA not before: Mon 02 Jan 2023 01:54:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200505
IP address blocks: 185.126.94.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:6c:18:a7:91:0f:25:c6:66:dc:53:17:4d:c1:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da432a4ec3b0ac4ca4e4ecec0e9f4d46b497af0
Validity
Not Before: Jan 2 01:54:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=866b3db9b44458db4fe88f465de0502b42092860
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:72:4f:c0:30:ff:72:b4:93:e4:78:81:ad:a0:
64:79:82:01:99:46:04:cc:5a:a9:39:14:bb:05:a6:
92:1a:e9:01:50:17:aa:84:d8:8c:cc:7f:1c:04:ea:
29:78:85:96:a5:dc:bb:1e:8e:87:21:56:4d:b3:c6:
8b:e1:01:e6:46:2b:e9:d4:c4:35:05:25:0b:09:10:
52:f2:c6:9b:2c:7a:f7:b6:43:28:c5:8a:d9:4b:40:
57:93:8c:69:3a:12:33:18:dc:95:14:9c:fc:25:07:
57:8e:b6:c5:d6:ff:02:4b:b3:2f:bd:f8:ed:1a:15:
ef:3d:d6:0d:96:77:8e:39:7b:55:36:17:9c:f5:51:
a8:b9:b0:ed:9c:62:cf:dc:dd:14:ae:26:aa:af:17:
a5:fe:4d:55:48:85:08:01:74:bd:17:1b:35:34:c8:
bd:a9:8b:b4:78:5d:b8:57:73:69:15:a3:be:d1:29:
51:0e:fb:f2:f8:f9:34:7e:a5:e6:e8:22:db:37:66:
6e:03:13:a6:72:3c:b1:a1:9c:ee:68:d1:2e:2e:dc:
c0:4c:df:32:6f:71:b6:40:61:23:6a:ac:d4:c1:ec:
bf:93:86:22:e5:e5:1d:0e:01:3d:99:4a:de:40:53:
be:89:11:c6:7b:94:61:a8:ba:fa:ed:4b:bf:7d:63:
e9:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:6B:3D:B9:B4:44:58:DB:4F:E8:8F:46:5D:E0:50:2B:42:09:28:60
X509v3 Authority Key Identifier:
keyid:5D:A4:32:A4:EC:3B:0A:C4:CA:4E:4E:CE:C0:E9:F4:D4:6B:49:7A:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaQypOw7CsTKTk7OwOn01GtJevA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/hms9ubREWNtP6I9GXeBQK0IJKGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/XaQypOw7CsTKTk7OwOn01GtJevA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.126.94.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:02:ac:43:13:46:47:e3:f3:a7:e5:a3:f1:ca:d8:d1:b1:2b:
79:8b:7a:64:73:b2:0c:db:3b:87:59:e4:4c:88:b1:70:54:b0:
d6:8e:fc:27:a1:f3:2f:62:56:a5:64:c9:43:6d:c2:47:b7:77:
54:80:43:6e:cf:6d:0a:63:5f:13:8f:24:13:64:7c:c5:b4:9e:
45:5a:14:6e:93:07:c7:ca:58:8a:da:82:16:93:70:0d:fb:c0:
d1:46:8a:4e:ac:08:0f:9b:c5:6f:5a:9a:88:75:92:2e:fe:a1:
41:8c:97:4b:dc:c2:b5:57:8c:5e:bf:b1:33:be:11:f8:40:7c:
42:90:03:61:00:35:5a:61:25:ac:2c:56:a3:ef:56:57:08:12:
65:23:50:94:32:76:00:b2:b6:ac:a1:24:08:24:66:05:95:b1:
ed:b9:f4:f6:1f:c1:1d:32:43:35:3b:74:b5:0c:1f:0b:04:63:
85:fc:68:a7:70:28:5b:86:cc:a0:79:c6:67:b1:2d:2d:83:21:
9b:e0:2d:70:a5:33:33:be:c1:f2:1f:07:4e:ed:42:69:a0:89:
cf:7b:2f:f4:54:b9:5f:aa:92:e1:ec:2f:fa:b1:19:4a:95:67:
d8:e9:92:e5:07:c6:65:49:c1:20:35:30:89:bb:c5:3d:c4:cf:
4f:90:a3:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwMGwYp5EPJcZm3FMXTcHjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTQzMmE0ZWMzYjBhYzRjYTRlNGVjZWMwZTlmNGQ0NmI0
OTdhZjAwHhcNMjMwMTAyMDE1NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjZiM2RiOWI0NDQ1OGRiNGZlODhmNDY1ZGUwNTAyYjQyMDkyODYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3JPwDD/crST5HiBraBkeYIBmUYE
zFqpORS7BaaSGukBUBeqhNiMzH8cBOopeIWWpdy7Ho6HIVZNs8aL4QHmRivp1MQ1
BSULCRBS8sabLHr3tkMoxYrZS0BXk4xpOhIzGNyVFJz8JQdXjrbF1v8CS7Mvvfjt
GhXvPdYNlneOOXtVNhec9VGoubDtnGLP3N0Uriaqrxel/k1VSIUIAXS9Fxs1NMi9
qYu0eF24V3NpFaO+0SlRDvvy+Pk0fqXm6CLbN2ZuAxOmcjyxoZzuaNEuLtzATN8y
b3G2QGEjaqzUwey/k4Yi5eUdDgE9mUreQFO+iRHGe5RhqLr67Uu/fWPpNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIZrPbm0RFjbT+iPRl3gUCtCCShgMB8GA1UdIwQY
MBaAFF2kMqTsOwrEyk5OzsDp9NRrSXrwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFReXBPdzdDc1RLVGs3T3dPbjAxR3RKZXZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85ZTg0N2YtNDE0Ni00NTY2LThjM2Ut
MWJhNTQzZWVhZWQ3LzEvaG1zOXViUkVXTnRQNkk5R1hlQlFLMElKS0dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85ZTg0N2YtNDE0Ni00NTY2LThjM2UtMWJhNTQzZWVhZWQ3
LzEvWGFReXBPdzdDc1RLVGs3T3dPbjAxR3RKZXZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuX5eMA0G
CSqGSIb3DQEBCwUAA4IBAQAbAqxDE0ZH4/On5aPxytjRsSt5i3pkc7IM2zuHWeRM
iLFwVLDWjvwnofMvYlalZMlDbcJHt3dUgENuz20KY18TjyQTZHzFtJ5FWhRukwfH
yliK2oIWk3AN+8DRRopOrAgPm8VvWpqIdZIu/qFBjJdL3MK1V4xev7EzvhH4QHxC
kANhADVaYSWsLFaj71ZXCBJlI1CUMnYAsrasoSQIJGYFlbHtufT2H8EdMkM1O3S1
DB8LBGOF/GincChbhsygecZnsS0tgyGb4C1wpTMzvsHyHwdO7UJpoInPey/0VLlf
qpLh7C/6sRlKlWfY6ZLlB8ZlScEgNTCJu8U9xM9PkKOX
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:28:54 2025 by rpki-client