Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/8c88bb-44dc-4f08-beee-fef48712acab/1/HGgZIcsCpGSPSjBW0qgSJIUkYTI.roa
File: HGgZIcsCpGSPSjBW0qgSJIUkYTI.roa (raw, json)
Hash identifier: iExEZbjf3eCAYPNbVf82gL7IsLQoDF8AzONtJEBIaNA=
Subject key identifier: 1C:68:19:21:CB:02:A4:64:8F:4A:30:56:D2:A8:12:24:85:24:61:32
Certificate issuer: /CN=c85106daad3a973fde98914f7cc1ccd35d8cc3c3
Certificate serial: 01856DAF5FA8C6561610F0B87031590F1683
Authority key identifier: C8:51:06:DA:AD:3A:97:3F:DE:98:91:4F:7C:C1:CC:D3:5D:8C:C3:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yFEG2q06lz_emJFPfMHM012Mw8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/8c88bb-44dc-4f08-beee-fef48712acab/1/HGgZIcsCpGSPSjBW0qgSJIUkYTI.roa
Signing time: Sun 01 Jan 2023 14:14:47 +0000
ROA not before: Sun 01 Jan 2023 14:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203462
IP address blocks: 2.57.84.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:af:5f:a8:c6:56:16:10:f0:b8:70:31:59:0f:16:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c85106daad3a973fde98914f7cc1ccd35d8cc3c3
Validity
Not Before: Jan 1 14:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c681921cb02a4648f4a3056d2a8122485246132
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:fa:db:bc:24:a3:03:05:ee:10:86:e4:cf:8a:
be:ed:c9:14:91:fc:b7:a1:3a:f7:d7:45:56:dd:b7:
17:d8:19:ec:9a:d2:60:67:dd:4c:9c:3e:4c:76:7e:
d5:b6:50:ef:77:d4:72:5e:ff:19:6c:3b:c1:98:5f:
da:93:14:c7:f0:f5:dd:77:1d:59:5f:7d:9e:55:20:
fa:d7:d0:5e:15:de:ae:52:ab:8b:a9:d6:4f:38:e8:
63:5b:09:b6:6f:44:ca:0e:a0:8b:85:bb:65:67:5d:
31:58:8e:5b:4a:95:ed:e2:ca:e8:05:a0:9b:e9:7d:
40:ca:ae:c0:70:b0:de:21:6d:dd:8f:64:af:da:b4:
5d:b2:2e:80:19:da:12:bd:ab:2b:11:1c:4c:22:d1:
30:7f:96:af:d8:e8:6e:d8:ab:c3:45:68:9c:65:ae:
18:7f:fe:26:38:dd:d0:8b:f2:d7:49:9b:46:e2:d1:
4e:00:52:3c:1a:b5:db:81:ea:ba:fc:b7:ed:01:b3:
77:d7:72:2e:ef:52:0b:3e:6c:54:0e:e4:a2:21:11:
77:3e:d8:91:d7:9e:21:5b:d3:fd:f1:6a:ce:6b:9b:
9e:0e:18:5f:e9:6c:97:63:15:79:02:1b:1b:f2:92:
63:1b:8e:51:97:38:73:3f:2c:eb:40:79:a6:3d:a2:
7b:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:68:19:21:CB:02:A4:64:8F:4A:30:56:D2:A8:12:24:85:24:61:32
X509v3 Authority Key Identifier:
keyid:C8:51:06:DA:AD:3A:97:3F:DE:98:91:4F:7C:C1:CC:D3:5D:8C:C3:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yFEG2q06lz_emJFPfMHM012Mw8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/8c88bb-44dc-4f08-beee-fef48712acab/1/HGgZIcsCpGSPSjBW0qgSJIUkYTI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/8c88bb-44dc-4f08-beee-fef48712acab/1/yFEG2q06lz_emJFPfMHM012Mw8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.84.0/22
Signature Algorithm: sha256WithRSAEncryption
3f:9c:8e:65:e5:43:a8:18:2e:45:8d:34:7c:99:03:6b:ed:a3:
d9:51:47:3a:b9:3f:b4:b8:0c:c1:77:f4:84:92:5f:66:35:77:
d0:93:37:fe:a7:7d:a3:c6:30:78:4b:e1:32:fd:c3:b7:80:4e:
1b:21:3e:7c:1b:d8:e0:dc:33:78:59:38:59:b8:05:6e:ab:b7:
25:d3:fd:7b:5d:6b:93:2c:89:ea:45:4a:37:0c:78:de:6c:b7:
4d:49:9f:d6:bc:de:ea:ea:07:cd:9e:aa:68:af:bb:c7:e0:c6:
26:ac:a3:1f:20:f0:4b:2c:e3:c7:46:86:95:a1:82:94:22:f8:
5d:46:d9:71:ae:a4:5d:f3:f6:15:ef:da:d2:a9:c5:68:1e:53:
9a:9d:16:0e:85:ab:c3:0b:1b:7e:29:95:c9:3d:3c:4e:71:20:
bc:15:54:64:cf:88:6b:60:f6:7f:15:ae:71:21:65:e2:18:7d:
d5:c0:28:85:e3:3f:43:22:4f:f3:00:fe:9e:fb:95:e1:cc:14:
22:a6:f0:f7:6d:f2:e7:15:24:a5:3b:f1:8a:32:bc:3b:ac:c5:
ad:25:e7:0e:c9:6d:41:e8:d4:c8:4f:28:00:05:33:cd:b3:10:
16:0e:4c:47:49:ea:fd:64:53:0a:ef:f2:54:86:56:46:a4:6c:
95:1d:33:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtr1+oxlYWEPC4cDFZDxaDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NTEwNmRhYWQzYTk3M2ZkZTk4OTE0ZjdjYzFjY2QzNWQ4
Y2MzYzMwHhcNMjMwMTAxMTQxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzY4MTkyMWNiMDJhNDY0OGY0YTMwNTZkMmE4MTIyNDg1MjQ2MTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvrbvCSjAwXuEIbkz4q+7ckUkfy3
oTr310VW3bcX2BnsmtJgZ91MnD5Mdn7VtlDvd9RyXv8ZbDvBmF/akxTH8PXddx1Z
X32eVSD619BeFd6uUquLqdZPOOhjWwm2b0TKDqCLhbtlZ10xWI5bSpXt4sroBaCb
6X1Ayq7AcLDeIW3dj2Sv2rRdsi6AGdoSvasrERxMItEwf5av2Ohu2KvDRWicZa4Y
f/4mON3Qi/LXSZtG4tFOAFI8GrXbgeq6/LftAbN313Iu71ILPmxUDuSiIRF3PtiR
154hW9P98WrOa5ueDhhf6WyXYxV5Ahsb8pJjG45RlzhzPyzrQHmmPaJ7bQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBxoGSHLAqRkj0owVtKoEiSFJGEyMB8GA1UdIwQY
MBaAFMhRBtqtOpc/3piRT3zBzNNdjMPDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUZFRzJxMDZsel9lbUpGUGZNSE0wMTJNdzhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC84Yzg4YmItNDRkYy00ZjA4LWJlZWUt
ZmVmNDg3MTJhY2FiLzEvSEdnWkljc0NwR1NQU2pCVzBxZ1NKSVVrWVRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC84Yzg4YmItNDRkYy00ZjA4LWJlZWUtZmVmNDg3MTJhY2Fi
LzEveUZFRzJxMDZsel9lbUpGUGZNSE0wMTJNdzhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCAjlUMA0G
CSqGSIb3DQEBCwUAA4IBAQA/nI5l5UOoGC5FjTR8mQNr7aPZUUc6uT+0uAzBd/SE
kl9mNXfQkzf+p32jxjB4S+Ey/cO3gE4bIT58G9jg3DN4WThZuAVuq7cl0/17XWuT
LInqRUo3DHjebLdNSZ/WvN7q6gfNnqpor7vH4MYmrKMfIPBLLOPHRoaVoYKUIvhd
RtlxrqRd8/YV79rSqcVoHlOanRYOhavDCxt+KZXJPTxOcSC8FVRkz4hrYPZ/Fa5x
IWXiGH3VwCiF4z9DIk/zAP6e+5XhzBQipvD3bfLnFSSlO/GKMrw7rMWtJecOyW1B
6NTITygABTPNsxAWDkxHSer9ZFMK7/JUhlZGpGyVHTN1
-----END CERTIFICATE-----
Generated at Sun Apr 20 15:01:19 2025 by rpki-client