Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/c7aa2a-090c-4f77-9d69-a74e4a887804/1/HyYpHWfQUcWzTAKKqtbrs94pWZI.roa
File: HyYpHWfQUcWzTAKKqtbrs94pWZI.roa (raw, json)
Hash identifier: yWgM0pBIONX1V/lkZ6g5OPpVC9ihq2CwBm76+x/bok0=
Subject key identifier: 1F:26:29:1D:67:D0:51:C5:B3:4C:02:8A:AA:D6:EB:B3:DE:29:59:92
Certificate issuer: /CN=d36bfd928bccb42ad9c468a552ab7393fdd87095
Certificate serial: 018C3FB0D484EA903605C5A5189664AC9195
Authority key identifier: D3:6B:FD:92:8B:CC:B4:2A:D9:C4:68:A5:52:AB:73:93:FD:D8:70:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/02v9kovMtCrZxGilUqtzk_3YcJU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/c7aa2a-090c-4f77-9d69-a74e4a887804/1/HyYpHWfQUcWzTAKKqtbrs94pWZI.roa
Signing time: Wed 06 Dec 2023 15:13:22 +0000
ROA not before: Wed 06 Dec 2023 15:13:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29063
IP address blocks: 83.138.0.0/21 maxlen: 24
212.25.192.0/20 maxlen: 24
212.25.212.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3f:b0:d4:84:ea:90:36:05:c5:a5:18:96:64:ac:91:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d36bfd928bccb42ad9c468a552ab7393fdd87095
Validity
Not Before: Dec 6 15:13:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1f26291d67d051c5b34c028aaad6ebb3de295992
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:53:07:0b:7d:a7:3d:d6:e9:a9:3d:53:da:94:
8f:c6:00:ea:dd:28:d6:87:02:ea:3f:b9:ba:60:42:
1b:7f:00:01:41:1c:21:59:38:5f:80:9b:dc:8d:bd:
55:f7:d1:c2:af:8c:07:7e:97:d5:3b:f2:06:7e:04:
b4:85:d3:84:8f:39:43:eb:78:70:b5:a5:cd:44:28:
63:a1:39:48:b3:e3:79:f9:b6:aa:61:cd:74:1b:73:
99:16:91:6f:98:45:3a:dd:d8:df:6c:fc:f8:38:62:
23:bf:32:8a:ad:31:b0:28:28:36:b1:8d:3d:a3:a7:
f6:04:7c:48:a7:55:47:ba:c5:4b:66:f5:88:ea:6f:
3c:b7:d2:87:00:8e:0a:79:4f:2d:38:5e:f9:93:21:
67:86:3f:bb:c5:e9:3d:62:01:b8:66:e8:60:4a:42:
e8:b6:d8:c9:c9:0d:5d:36:e7:1d:76:69:f3:2e:a6:
b9:93:5a:12:c4:11:6b:ec:00:3a:ff:0e:44:2d:87:
ce:5b:63:10:c4:62:2f:24:eb:f2:68:d3:5d:d0:41:
5d:5e:b8:65:f9:b3:25:a7:73:08:11:6f:c8:93:3c:
9e:cc:da:4c:12:00:eb:eb:be:a6:c5:46:98:4b:f6:
cf:97:da:b9:ad:95:87:d3:f4:86:db:69:7e:99:41:
fe:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:26:29:1D:67:D0:51:C5:B3:4C:02:8A:AA:D6:EB:B3:DE:29:59:92
X509v3 Authority Key Identifier:
keyid:D3:6B:FD:92:8B:CC:B4:2A:D9:C4:68:A5:52:AB:73:93:FD:D8:70:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/02v9kovMtCrZxGilUqtzk_3YcJU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/c7aa2a-090c-4f77-9d69-a74e4a887804/1/HyYpHWfQUcWzTAKKqtbrs94pWZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/c7aa2a-090c-4f77-9d69-a74e4a887804/1/02v9kovMtCrZxGilUqtzk_3YcJU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.138.0.0/21
212.25.192.0/20
212.25.212.0/23
Signature Algorithm: sha256WithRSAEncryption
5d:62:56:14:15:b1:53:3f:48:9f:c8:00:f5:12:3a:52:10:11:
76:19:6e:b9:60:86:c4:b5:0b:84:42:aa:4b:24:a0:8e:9e:d2:
d1:e2:02:1a:ba:c2:cf:75:27:7a:17:5b:16:2e:1f:db:ca:67:
f8:a8:2f:4d:63:da:c7:21:83:39:0c:68:8c:f1:60:64:82:0a:
4e:ef:df:0a:a0:65:c9:c9:f4:6f:aa:22:41:ef:82:39:8b:3c:
01:ce:b7:51:0c:45:df:28:20:b4:52:62:f7:96:04:e0:03:d7:
33:30:1c:f9:7e:e6:16:eb:f9:7c:bc:f2:97:12:3c:a3:a9:93:
43:c3:13:26:46:5f:85:e5:96:55:d2:f5:ad:b4:00:9c:8c:90:
37:aa:ef:c7:20:7b:c3:04:d7:0c:d9:d8:d3:49:f1:84:3f:9b:
e9:1e:ab:f9:9d:31:e6:8d:8e:1f:5e:47:0e:1b:82:1a:e1:39:
a2:46:46:1b:e9:70:2e:2e:5c:60:b0:a5:d7:2a:91:07:25:5f:
fd:e7:2a:8e:bf:1f:ba:ab:08:2d:bb:21:74:02:80:ca:99:19:
d2:8c:47:26:a1:1e:9f:8b:58:62:82:c5:d9:f3:35:d0:3b:c9:
7c:1d:fa:f0:68:4c:a9:1b:97:4d:dc:ef:e4:a3:4f:b9:80:62:
a1:9d:94:6e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYw/sNSE6pA2BcWlGJZkrJGVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNmJmZDkyOGJjY2I0MmFkOWM0NjhhNTUyYWI3MzkzZmRk
ODcwOTUwHhcNMjMxMjA2MTUxMzIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjI2MjkxZDY3ZDA1MWM1YjM0YzAyOGFhYWQ2ZWJiM2RlMjk1OTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiVMHC32nPdbpqT1T2pSPxgDq3SjW
hwLqP7m6YEIbfwABQRwhWThfgJvcjb1V99HCr4wHfpfVO/IGfgS0hdOEjzlD63hw
taXNRChjoTlIs+N5+baqYc10G3OZFpFvmEU63djfbPz4OGIjvzKKrTGwKCg2sY09
o6f2BHxIp1VHusVLZvWI6m88t9KHAI4KeU8tOF75kyFnhj+7xek9YgG4ZuhgSkLo
ttjJyQ1dNucddmnzLqa5k1oSxBFr7AA6/w5ELYfOW2MQxGIvJOvyaNNd0EFdXrhl
+bMlp3MIEW/IkzyezNpMEgDr676mxUaYS/bPl9q5rZWH0/SG22l+mUH+owIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFB8mKR1n0FHFs0wCiqrW67PeKVmSMB8GA1UdIwQY
MBaAFNNr/ZKLzLQq2cRopVKrc5P92HCVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDJ2OWtvdk10Q3JaeEdpbFVxdHprXzNZY0pVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9jN2FhMmEtMDkwYy00Zjc3LTlkNjkt
YTc0ZTRhODg3ODA0LzEvSHlZcEhXZlFVY1d6VEFLS3F0YnJzOTRwV1pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9jN2FhMmEtMDkwYy00Zjc3LTlkNjktYTc0ZTRhODg3ODA0
LzEvMDJ2OWtvdk10Q3JaeEdpbFVxdHprXzNZY0pVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDU4oAAwQE
1BnAAwQB1BnUMA0GCSqGSIb3DQEBCwUAA4IBAQBdYlYUFbFTP0ifyAD1EjpSEBF2
GW65YIbEtQuEQqpLJKCOntLR4gIausLPdSd6F1sWLh/bymf4qC9NY9rHIYM5DGiM
8WBkggpO798KoGXJyfRvqiJB74I5izwBzrdRDEXfKCC0UmL3lgTgA9czMBz5fuYW
6/l8vPKXEjyjqZNDwxMmRl+F5ZZV0vWttACcjJA3qu/HIHvDBNcM2djTSfGEP5vp
Hqv5nTHmjY4fXkcOG4Ia4TmiRkYb6XAuLlxgsKXXKpEHJV/95yqOvx+6qwgtuyF0
AoDKmRnSjEcmoR6fi1higsXZ8zXQO8l8HfrwaEypG5dN3O/ko0+5gGKhnZRu
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:36 2025 by rpki-client