Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/61fe00-73b3-45a5-8eff-6696dadb45eb/1/HyKpkUOS53qgRhnP2Bl4AmdYQ8Q.roa
File: HyKpkUOS53qgRhnP2Bl4AmdYQ8Q.roa (raw, json)
Hash identifier: l3M/9Qof/WglW+FUm8D9lBLAJqWu9boFJtYlxkhEIkI=
Subject key identifier: 1F:22:A9:91:43:92:E7:7A:A0:46:19:CF:D8:19:78:02:67:58:43:C4
Certificate issuer: /CN=c7736edeb92f937ea45893ea9bcf4ef83f15ffc8
Certificate serial: 018572C38D3F56EB294ED288EE8E3A915895
Authority key identifier: C7:73:6E:DE:B9:2F:93:7E:A4:58:93:EA:9B:CF:4E:F8:3F:15:FF:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x3Nu3rkvk36kWJPqm89O-D8V_8g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/61fe00-73b3-45a5-8eff-6696dadb45eb/1/HyKpkUOS53qgRhnP2Bl4AmdYQ8Q.roa
Signing time: Mon 02 Jan 2023 13:54:56 +0000
ROA not before: Mon 02 Jan 2023 13:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 33796
IP address blocks: 194.28.24.0/22 maxlen: 22
194.8.242.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:c3:8d:3f:56:eb:29:4e:d2:88:ee:8e:3a:91:58:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7736edeb92f937ea45893ea9bcf4ef83f15ffc8
Validity
Not Before: Jan 2 13:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1f22a9914392e77aa04619cfd8197802675843c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:0b:b8:37:21:55:26:e0:a9:5e:eb:af:a9:5d:
4f:9b:9a:3f:96:33:e9:b5:52:41:a8:99:e5:b4:ed:
44:d7:47:04:e5:9f:28:08:32:50:db:37:11:6e:ba:
bc:8e:3c:7e:7d:05:d9:b6:42:91:77:d2:94:19:ca:
da:ea:38:9b:33:b0:27:3e:b9:61:cc:83:68:cc:66:
40:40:2c:8e:4d:49:73:04:d4:66:66:bb:56:28:fc:
18:e1:d7:9f:59:8d:4d:f5:4e:fe:13:85:a7:0b:d1:
5a:54:a8:7f:10:24:bb:86:d9:aa:27:84:2a:b7:6c:
2e:1c:82:31:ac:ba:39:47:27:60:ba:b2:5a:d1:c3:
90:04:63:45:38:6b:3f:b6:84:d2:71:63:9f:d1:33:
a0:42:bb:92:bd:fa:d9:5b:72:7a:c7:65:e4:63:7e:
46:d7:14:72:7a:11:58:00:27:f8:e7:74:46:23:e8:
73:a9:42:d3:32:f2:c3:0a:5e:ce:c5:12:62:03:3b:
55:02:0f:77:6f:f5:97:8b:5b:25:a8:02:0b:64:3f:
54:b9:bf:ee:13:d0:43:29:f6:b9:99:d5:75:aa:1e:
d0:10:46:5c:e7:c0:f9:d3:56:f5:88:e6:87:82:39:
ab:c2:7f:2e:44:a5:c4:e6:50:6d:bd:d5:62:a3:98:
84:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:22:A9:91:43:92:E7:7A:A0:46:19:CF:D8:19:78:02:67:58:43:C4
X509v3 Authority Key Identifier:
keyid:C7:73:6E:DE:B9:2F:93:7E:A4:58:93:EA:9B:CF:4E:F8:3F:15:FF:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x3Nu3rkvk36kWJPqm89O-D8V_8g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/61fe00-73b3-45a5-8eff-6696dadb45eb/1/HyKpkUOS53qgRhnP2Bl4AmdYQ8Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/61fe00-73b3-45a5-8eff-6696dadb45eb/1/x3Nu3rkvk36kWJPqm89O-D8V_8g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.8.242.0/23
194.28.24.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:b8:3a:b8:94:63:58:0c:e0:b1:0f:6e:1e:d1:93:4c:81:93:
cd:48:24:cc:b1:33:8b:53:1e:22:00:32:96:72:dd:87:f4:1d:
57:89:f0:44:62:36:fd:1d:94:ec:23:0a:ac:3f:33:0a:59:bc:
1f:7f:86:6c:14:e1:9a:4d:96:e5:3b:9d:c6:42:33:97:54:10:
ae:fb:ca:7a:5c:08:bb:16:04:af:72:8d:54:6c:a9:62:ba:8f:
66:21:54:7c:d6:ab:05:4a:78:c2:26:7f:da:2b:83:0c:ba:7b:
45:9c:b6:28:0b:97:37:0f:f7:6b:60:6d:ac:80:0c:e1:0e:16:
0a:c4:fe:63:a3:1a:75:00:f4:91:9b:6f:6b:b2:c8:0c:0c:03:
36:c4:ca:fe:05:a4:56:85:0d:8b:77:e4:a8:49:d1:9f:86:e1:
fa:06:94:7c:3d:2e:23:bf:7b:e1:6b:ae:68:ff:b8:19:a1:d3:
07:9f:e2:f9:10:b9:bd:b1:7f:29:7f:74:50:df:36:aa:18:b7:
94:66:67:66:cb:3c:a4:20:df:ea:51:ad:b7:2b:a0:e5:52:f2:
a9:c3:04:ac:8a:e4:da:9e:f6:1e:18:94:e1:9e:b0:54:4b:8f:
06:2e:3e:ec:88:21:40:7c:89:82:cf:49:db:85:76:c8:d0:41:
27:08:40:98
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyw40/VuspTtKI7o46kViVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NzM2ZWRlYjkyZjkzN2VhNDU4OTNlYTliY2Y0ZWY4M2Yx
NWZmYzgwHhcNMjMwMTAyMTM1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjIyYTk5MTQzOTJlNzdhYTA0NjE5Y2ZkODE5NzgwMjY3NTg0M2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQu4NyFVJuCpXuuvqV1Pm5o/ljPp
tVJBqJnltO1E10cE5Z8oCDJQ2zcRbrq8jjx+fQXZtkKRd9KUGcra6jibM7AnPrlh
zINozGZAQCyOTUlzBNRmZrtWKPwY4defWY1N9U7+E4WnC9FaVKh/ECS7htmqJ4Qq
t2wuHIIxrLo5RydgurJa0cOQBGNFOGs/toTScWOf0TOgQruSvfrZW3J6x2XkY35G
1xRyehFYACf453RGI+hzqULTMvLDCl7OxRJiAztVAg93b/WXi1slqAILZD9Uub/u
E9BDKfa5mdV1qh7QEEZc58D501b1iOaHgjmrwn8uRKXE5lBtvdVio5iEaQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB8iqZFDkud6oEYZz9gZeAJnWEPEMB8GA1UdIwQY
MBaAFMdzbt65L5N+pFiT6pvPTvg/Ff/IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDNOdTNya3ZrMzZrV0pQcW04OU8tRDhWXzhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS82MWZlMDAtNzNiMy00NWE1LThlZmYt
NjY5NmRhZGI0NWViLzEvSHlLcGtVT1M1M3FnUmhuUDJCbDRBbWRZUThRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS82MWZlMDAtNzNiMy00NWE1LThlZmYtNjY5NmRhZGI0NWVi
LzEveDNOdTNya3ZrMzZrV0pQcW04OU8tRDhWXzhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwgjyAwQC
whwYMA0GCSqGSIb3DQEBCwUAA4IBAQCPuDq4lGNYDOCxD24e0ZNMgZPNSCTMsTOL
Ux4iADKWct2H9B1XifBEYjb9HZTsIwqsPzMKWbwff4ZsFOGaTZblO53GQjOXVBCu
+8p6XAi7FgSvco1UbKliuo9mIVR81qsFSnjCJn/aK4MMuntFnLYoC5c3D/drYG2s
gAzhDhYKxP5joxp1APSRm29rssgMDAM2xMr+BaRWhQ2Ld+SoSdGfhuH6BpR8PS4j
v3vha65o/7gZodMHn+L5ELm9sX8pf3RQ3zaqGLeUZmdmyzykIN/qUa23K6DlUvKp
wwSsiuTanvYeGJThnrBUS48GLj7siCFAfImCz0nbhXbI0EEnCECY
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:30:14 2025 by rpki-client