Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/hNRoBt1_9j5vpLJKyrlN_jC5JVk.roa
File: hNRoBt1_9j5vpLJKyrlN_jC5JVk.roa (raw, json)
Hash identifier: 17DkdicElb2pDOBwHWl5yR6YHyY4ajiLSWbIgvFiAcA=
Subject key identifier: 84:D4:68:06:DD:7F:F6:3E:6F:A4:B2:4A:CA:B9:4D:FE:30:B9:25:59
Certificate issuer: /CN=1e14eb1eef66c2d349f3f7d7bafa68e49fbfec9c
Certificate serial: 053B0C61
Authority key identifier: 1E:14:EB:1E:EF:66:C2:D3:49:F3:F7:D7:BA:FA:68:E4:9F:BF:EC:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/hNRoBt1_9j5vpLJKyrlN_jC5JVk.roa
Signing time: Wed 29 Jun 2022 18:50:02 +0000
ROA not before: Wed 29 Jun 2022 18:50:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29491
IP address blocks: 195.191.214.0/23 maxlen: 23
91.193.164.0/22 maxlen: 22
94.45.128.0/19 maxlen: 24
194.187.108.0/22 maxlen: 22
194.187.110.0/24 maxlen: 24
195.137.202.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87755873 (0x53b0c61)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e14eb1eef66c2d349f3f7d7bafa68e49fbfec9c
Validity
Not Before: Jun 29 18:50:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=84d46806dd7ff63e6fa4b24acab94dfe30b92559
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:08:16:6d:86:7d:dc:91:20:43:8b:48:45:7f:
b1:34:3a:15:66:a9:2e:3f:9f:76:07:90:dd:94:89:
95:f2:5a:ba:74:76:97:ed:e5:1f:e0:14:7e:a8:19:
8c:51:8b:f2:1f:2c:ae:b4:eb:f3:ba:63:85:f4:e6:
09:92:89:03:c2:20:e1:25:9e:ac:89:cd:47:a7:1d:
5f:30:16:64:e2:c4:c9:89:25:42:5f:5c:c9:d7:36:
52:b5:cd:f3:c1:df:d9:bd:cd:72:38:39:39:a8:93:
c8:d7:50:3e:61:e3:21:8b:d6:a5:79:de:33:ce:bf:
2c:98:29:e0:79:bf:3b:e6:28:ad:e7:95:d2:03:7b:
48:05:2e:bf:fd:99:dd:80:c5:49:4a:a7:07:d1:33:
27:69:ea:68:2d:5a:77:32:32:ce:7c:5f:ac:dc:a0:
5c:36:20:0d:2a:aa:16:32:45:86:a7:39:dd:03:66:
ef:53:c1:b2:76:ec:79:25:1e:d8:d1:c8:7b:5f:21:
ab:6b:c0:1f:62:45:34:50:ca:5c:b8:cf:ec:91:93:
30:8e:c6:de:de:0c:82:1c:cf:42:00:bb:e6:f6:3a:
da:a0:ed:32:a0:14:a8:26:95:39:87:4e:0d:e5:60:
42:a4:0f:a4:ff:38:02:31:54:d4:6c:70:7e:63:c6:
df:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:D4:68:06:DD:7F:F6:3E:6F:A4:B2:4A:CA:B9:4D:FE:30:B9:25:59
X509v3 Authority Key Identifier:
keyid:1E:14:EB:1E:EF:66:C2:D3:49:F3:F7:D7:BA:FA:68:E4:9F:BF:EC:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/hNRoBt1_9j5vpLJKyrlN_jC5JVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.164.0/22
94.45.128.0/19
194.187.108.0/22
195.137.202.0/23
195.191.214.0/23
Signature Algorithm: sha256WithRSAEncryption
4c:65:1a:39:3e:0d:e2:54:c6:ca:9b:91:b1:58:d4:c8:92:f4:
e8:6f:37:94:00:2a:cb:0b:e7:8b:ba:44:b0:61:87:0f:4e:cc:
c0:b5:a7:5b:3e:c1:c5:4e:bc:62:0b:b9:0f:d5:4b:7c:f8:db:
c2:97:16:31:48:0e:ad:a0:3e:66:e9:04:7e:0c:02:3b:89:9c:
fe:da:2a:5d:97:13:96:92:ab:e7:c0:5d:3d:73:13:1f:cf:fb:
de:4a:d6:79:2d:6c:2d:f6:20:e6:1b:89:9c:84:c1:96:4b:8f:
8c:6f:fc:1b:9b:e1:d0:10:7f:53:ed:1a:43:d8:86:86:9f:15:
69:1b:07:6f:66:38:79:0d:b2:b9:61:22:4e:9b:e5:7d:6a:4e:
21:36:02:2a:c3:9a:88:0c:d0:dd:26:33:37:af:52:94:d6:86:
cf:44:bd:06:c2:3d:15:56:d5:c8:f0:52:12:fa:82:de:4c:06:
5f:20:16:83:47:99:10:bc:70:66:98:26:6c:e6:40:5e:ac:92:
04:c4:e3:f6:92:f3:b6:f1:5f:5c:2e:55:9c:b5:ec:d0:84:e2:
10:7d:8c:62:ed:83:c1:c4:f7:7b:d9:13:13:83:a4:97:f7:fe:
65:8c:14:b7:e2:10:a4:98:e6:a7:3c:49:78:97:2b:b2:aa:31:
35:29:c5:0c
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEBTsMYTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZTE0ZWIxZWVmNjZjMmQzNDlmM2Y3ZDdiYWZhNjhlNDlmYmZlYzljMB4XDTIyMDYy
OTE4NTAwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODRkNDY4MDZkZDdm
ZjYzZTZmYTRiMjRhY2FiOTRkZmUzMGI5MjU1OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMMIFm2GfdyRIEOLSEV/sTQ6FWapLj+fdgeQ3ZSJlfJaunR2
l+3lH+AUfqgZjFGL8h8srrTr87pjhfTmCZKJA8Ig4SWerInNR6cdXzAWZOLEyYkl
Ql9cydc2UrXN88Hf2b3Ncjg5OaiTyNdQPmHjIYvWpXneM86/LJgp4Hm/O+YoreeV
0gN7SAUuv/2Z3YDFSUqnB9EzJ2nqaC1adzIyznxfrNygXDYgDSqqFjJFhqc53QNm
71PBsnbseSUe2NHIe18hq2vAH2JFNFDKXLjP7JGTMI7G3t4MghzPQgC75vY62qDt
MqAUqCaVOYdODeVgQqQPpP84AjFU1GxwfmPG390CAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBSE1GgG3X/2Pm+kskrKuU3+MLklWTAfBgNVHSMEGDAWgBQeFOse72bC00nz
99e6+mjkn7/snDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hoVHJIdTltd3ROSjhfZlh1dnBvNUotXzdKdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTMvMzMzYWIxLWFmOWItNDM0Yy04ZDEzLTljYTk4ZjQ5NTBjZi8x
L2hOUm9CdDFfOWo1dnBMSkt5cmxOX2pDNUpWay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTMv
MzMzYWIxLWFmOWItNDM0Yy04ZDEzLTljYTk4ZjQ5NTBjZi8xL0hoVHJIdTltd3RO
SjhfZlh1dnBvNUotXzdKdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAlvBpAMEBV4tgAMEAsK7bAMEAcOJ
ygMEAcO/1jANBgkqhkiG9w0BAQsFAAOCAQEATGUaOT4N4lTGypuRsVjUyJL06G83
lAAqywvni7pEsGGHD07MwLWnWz7BxU68Ygu5D9VLfPjbwpcWMUgOraA+ZukEfgwC
O4mc/toqXZcTlpKr58BdPXMTH8/73krWeS1sLfYg5huJnITBlkuPjG/8G5vh0BB/
U+0aQ9iGhp8VaRsHb2Y4eQ2yuWEiTpvlfWpOITYCKsOaiAzQ3SYzN69SlNaGz0S9
BsI9FVbVyPBSEvqC3kwGXyAWg0eZELxwZpgmbOZAXqySBMTj9pLztvFfXC5VnLXs
0ITiEH2MYu2DwcT3e9kTE4Okl/f+ZYwUt+IQpJjmpzxJeJcrsqoxNSnFDA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:39:26 2025 by rpki-client