Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/HPqjygweHfTD0Z2Wn6doHHc5sa4.roa
File: HPqjygweHfTD0Z2Wn6doHHc5sa4.roa (raw, json)
Hash identifier: Cf3KhuywRDTVjwbz13fKcLhV0bGbkH1JNhn7hql8XO4=
Subject key identifier: 1C:FA:A3:CA:0C:1E:1D:F4:C3:D1:9D:96:9F:A7:68:1C:77:39:B1:AE
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 01856D8B1654ED3DA3774B6818F91571A2B0
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/HPqjygweHfTD0Z2Wn6doHHc5sa4.roa
Signing time: Sun 01 Jan 2023 13:35:09 +0000
ROA not before: Sun 01 Jan 2023 13:35:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208305
IP address blocks: 195.65.0.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8b:16:54:ed:3d:a3:77:4b:68:18:f9:15:71:a2:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 13:35:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1cfaa3ca0c1e1df4c3d19d969fa7681c7739b1ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a2:df:cb:52:14:1d:71:64:96:bc:a8:60:d6:
3e:84:57:70:18:13:a5:5b:29:85:51:d1:8b:61:72:
a4:fd:91:28:33:fc:59:2c:f2:95:d0:fc:03:27:8c:
9a:c8:fd:64:3a:43:fc:4c:b7:1c:67:17:23:c6:12:
b6:dd:c2:04:c2:ae:de:34:38:77:21:be:76:04:c3:
32:90:d3:5e:dc:55:bd:c6:4d:a8:80:e2:06:09:fb:
bb:0e:0b:8a:df:6c:57:aa:b5:e0:02:80:bb:fb:c3:
cf:d1:22:70:0b:1a:47:61:33:44:d0:2d:a6:6e:5a:
49:c7:bb:be:74:67:22:fe:af:6f:a7:80:8b:7f:8f:
b4:89:2a:d7:cb:91:51:77:05:0b:55:ed:23:cf:4a:
a2:fe:3b:63:11:0b:31:a6:ac:a9:97:96:af:f8:7d:
4d:42:c8:83:12:17:09:1b:3b:8e:df:d1:6b:de:4f:
ad:17:81:60:9d:12:cc:97:7f:9c:f9:90:4d:bf:33:
3c:52:ce:51:ca:c6:20:bf:6b:39:64:fc:f9:bb:12:
07:00:e1:97:e5:9c:51:00:fe:5d:1c:e0:95:f2:84:
82:f4:44:e6:ed:73:2c:e5:a0:25:20:53:18:86:65:
99:de:95:d4:45:c4:cc:58:62:5c:ce:32:5e:45:24:
9e:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:FA:A3:CA:0C:1E:1D:F4:C3:D1:9D:96:9F:A7:68:1C:77:39:B1:AE
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/HPqjygweHfTD0Z2Wn6doHHc5sa4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.65.0.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:0a:23:94:de:43:5a:d2:4c:77:87:4a:d5:e9:ba:0d:1c:22:
3c:6a:fa:ac:c8:43:a8:50:da:ca:a2:89:50:96:8c:20:44:cd:
98:79:b5:b7:f9:7b:d9:f4:f4:2c:3c:e5:a8:f0:f3:1f:64:1e:
15:d1:c8:36:b4:03:03:91:32:4d:a3:d7:13:cf:5d:dc:de:bb:
00:c5:ae:14:87:f4:a2:b8:57:62:d2:95:04:fa:5a:98:af:cf:
b8:9b:aa:c1:50:cc:6f:f6:94:94:cc:72:2b:c7:3b:b7:9d:eb:
ff:c1:08:52:29:45:d9:f5:6f:af:36:1d:2d:96:a2:0c:fb:72:
9d:99:c5:41:f0:90:79:9a:86:3a:00:6d:3a:97:22:a8:c2:44:
6c:5b:80:7f:09:10:4c:e3:19:ea:46:26:f5:37:d1:89:f5:48:
39:b8:68:bb:81:ca:05:44:ea:f4:83:72:39:f0:09:78:00:96:
4d:ae:3e:70:01:44:03:d0:ea:68:96:4b:bb:82:19:f1:f8:2c:
ac:8c:26:04:97:c7:37:66:e5:4f:25:90:b1:9a:04:e4:79:44:
ec:d7:a9:4a:d4:79:19:18:d1:a6:7f:8f:30:76:4f:f0:4c:4d:
30:14:a1:b7:bb:ab:63:f7:2b:4f:87:d6:a9:b7:46:a8:a7:c8:
c4:b9:94:83
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtixZU7T2jd0toGPkVcaKwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjNmM2RiMTUyZTA1NWFjMTQ1YmRiYjQyOWUwMTg2NTQy
MDRjOGQwHhcNMjMwMTAxMTMzNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2ZhYTNjYTBjMWUxZGY0YzNkMTlkOTY5ZmE3NjgxYzc3MzliMWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqLfy1IUHXFklryoYNY+hFdwGBOl
WymFUdGLYXKk/ZEoM/xZLPKV0PwDJ4yayP1kOkP8TLccZxcjxhK23cIEwq7eNDh3
Ib52BMMykNNe3FW9xk2ogOIGCfu7DguK32xXqrXgAoC7+8PP0SJwCxpHYTNE0C2m
blpJx7u+dGci/q9vp4CLf4+0iSrXy5FRdwULVe0jz0qi/jtjEQsxpqypl5av+H1N
QsiDEhcJGzuO39Fr3k+tF4FgnRLMl3+c+ZBNvzM8Us5RysYgv2s5ZPz5uxIHAOGX
5ZxRAP5dHOCV8oSC9ETm7XMs5aAlIFMYhmWZ3pXURcTMWGJczjJeRSSe3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBz6o8oMHh30w9Gdlp+naBx3ObGuMB8GA1UdIwQY
MBaAFCZj89sVLgVawUW9u0KeAYZUIEyNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUt
YmQxOTI2NzZjOWJiLzEvSFBxanlnd2VIZlREMFoyV242ZG9ISGM1c2E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUtYmQxOTI2NzZjOWJi
LzEvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw0EAMA0G
CSqGSIb3DQEBCwUAA4IBAQCtCiOU3kNa0kx3h0rV6boNHCI8avqsyEOoUNrKoolQ
lowgRM2YebW3+XvZ9PQsPOWo8PMfZB4V0cg2tAMDkTJNo9cTz13c3rsAxa4Uh/Si
uFdi0pUE+lqYr8+4m6rBUMxv9pSUzHIrxzu3nev/wQhSKUXZ9W+vNh0tlqIM+3Kd
mcVB8JB5moY6AG06lyKowkRsW4B/CRBM4xnqRib1N9GJ9Ug5uGi7gcoFROr0g3I5
8Al4AJZNrj5wAUQD0Opolku7ghnx+CysjCYEl8c3ZuVPJZCxmgTkeUTs16lK1HkZ
GNGmf48wdk/wTE0wFKG3u6tj9ytPh9apt0aop8jEuZSD
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:53:15 2025 by rpki-client