Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/HikE9ITT0xe4ldtwE_OJsFlL74g.roa
File: HikE9ITT0xe4ldtwE_OJsFlL74g.roa (raw, json)
Hash identifier: DV4RyEAUG90gGezyp6G2/ObouNjkdCOaDj4JNFfClP4=
Subject key identifier: 1E:29:04:F4:84:D3:D3:17:B8:95:DB:70:13:F3:89:B0:59:4B:EF:88
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 01856D8B02C59EDCC45C022AFC4E7FE72A26
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/HikE9ITT0xe4ldtwE_OJsFlL74g.roa
Signing time: Sun 01 Jan 2023 13:35:04 +0000
ROA not before: Sun 01 Jan 2023 13:35:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30934
IP address blocks: 212.243.12.0/24 maxlen: 24
195.65.103.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8b:02:c5:9e:dc:c4:5c:02:2a:fc:4e:7f:e7:2a:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 13:35:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e2904f484d3d317b895db7013f389b0594bef88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:66:d3:18:56:72:f9:dc:e5:e5:93:9f:94:a8:
c6:76:a2:6d:77:34:76:a4:f1:e2:90:8e:3b:db:9b:
25:2c:05:f1:ef:66:f2:4a:1d:d7:ca:ce:5c:a3:ff:
11:7d:9b:d6:3a:61:2f:c7:4c:33:45:16:4e:44:74:
62:b3:95:66:42:87:89:5c:f0:7f:4a:ad:60:fa:52:
a8:bb:8e:41:a5:11:d0:b9:17:96:40:12:5f:77:22:
73:6a:cf:e2:6c:b7:d8:aa:13:a9:95:9e:b8:ee:e8:
d3:3c:57:c9:fd:e4:47:30:80:80:e6:dc:4e:d4:4d:
8c:c2:58:21:36:7d:2d:23:30:e3:7f:a5:a1:5c:7e:
0f:87:cb:a0:c3:4a:e4:2e:17:8e:93:c0:8d:1d:11:
2d:ee:78:3d:36:89:39:84:f7:b2:be:70:67:c1:f9:
57:af:ab:71:60:f5:1e:64:8d:fe:1f:1e:f5:75:38:
4a:ac:75:48:95:66:78:08:db:70:e0:7e:e2:d7:46:
e6:07:2d:9f:c7:95:86:15:da:2d:24:d0:a9:52:aa:
d2:be:6f:a3:d9:81:43:ec:b6:fd:b7:6d:df:de:a7:
75:93:fd:fe:ad:ae:64:ba:c8:d8:c5:a2:03:3f:c7:
88:bb:40:6c:5a:31:ef:25:50:a3:57:21:79:6d:e0:
1e:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:29:04:F4:84:D3:D3:17:B8:95:DB:70:13:F3:89:B0:59:4B:EF:88
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/HikE9ITT0xe4ldtwE_OJsFlL74g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.65.103.0/24
212.243.12.0/24
Signature Algorithm: sha256WithRSAEncryption
26:f4:0d:7a:b5:c2:42:da:71:67:e5:70:17:39:3d:61:7a:42:
7f:60:d5:95:fa:af:6c:b1:46:bf:3e:4f:43:da:3d:45:84:bf:
62:a3:ae:00:c5:54:b9:d7:e5:d7:60:b5:d3:e5:c6:86:b3:c1:
8d:99:b2:bf:13:2a:65:65:22:4c:d7:7c:91:99:ba:87:d6:b9:
85:0d:d5:bb:64:0c:72:39:60:75:82:be:81:65:94:8c:33:71:
3f:c1:0a:64:1d:46:1c:d2:4d:67:16:70:b0:fd:82:22:5b:bf:
37:0e:0d:50:ee:65:1d:47:58:19:9b:a5:2f:9f:5f:a5:b1:b7:
cc:da:8c:41:38:52:d0:c6:dc:8d:eb:ab:5d:eb:56:e2:e9:70:
6a:1e:67:07:99:06:31:69:c0:0e:96:be:77:f5:dd:d2:73:16:
9a:2a:12:30:42:c6:40:f2:ac:9e:80:ad:1a:b2:a5:be:c8:d1:
7d:fc:95:60:87:f0:92:1a:b5:6e:1f:e3:d6:89:60:a1:d5:06:
ba:13:df:ff:7e:b2:82:6a:25:97:37:7e:ab:c1:35:0c:c1:53:
91:86:0a:b8:c5:bf:4c:32:fc:d8:0e:94:44:f7:07:7a:3f:c9:
3d:fc:75:f0:96:56:f6:75:c8:59:87:9c:b0:b8:82:cd:ce:07:
3f:0d:6a:38
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtiwLFntzEXAIq/E5/5yomMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjNmM2RiMTUyZTA1NWFjMTQ1YmRiYjQyOWUwMTg2NTQy
MDRjOGQwHhcNMjMwMTAxMTMzNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTI5MDRmNDg0ZDNkMzE3Yjg5NWRiNzAxM2YzODliMDU5NGJlZjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmbTGFZy+dzl5ZOflKjGdqJtdzR2
pPHikI4725slLAXx72bySh3Xys5co/8RfZvWOmEvx0wzRRZORHRis5VmQoeJXPB/
Sq1g+lKou45BpRHQuReWQBJfdyJzas/ibLfYqhOplZ647ujTPFfJ/eRHMICA5txO
1E2MwlghNn0tIzDjf6WhXH4Ph8ugw0rkLheOk8CNHREt7ng9Nok5hPeyvnBnwflX
r6txYPUeZI3+Hx71dThKrHVIlWZ4CNtw4H7i10bmBy2fx5WGFdotJNCpUqrSvm+j
2YFD7Lb9t23f3qd1k/3+ra5kusjYxaIDP8eIu0BsWjHvJVCjVyF5beAesQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB4pBPSE09MXuJXbcBPzibBZS++IMB8GA1UdIwQY
MBaAFCZj89sVLgVawUW9u0KeAYZUIEyNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUt
YmQxOTI2NzZjOWJiLzEvSGlrRTlJVFQweGU0bGR0d0VfT0pzRmxMNzRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUtYmQxOTI2NzZjOWJi
LzEvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw0FnAwQA
1PMMMA0GCSqGSIb3DQEBCwUAA4IBAQAm9A16tcJC2nFn5XAXOT1hekJ/YNWV+q9s
sUa/Pk9D2j1FhL9io64AxVS51+XXYLXT5caGs8GNmbK/EyplZSJM13yRmbqH1rmF
DdW7ZAxyOWB1gr6BZZSMM3E/wQpkHUYc0k1nFnCw/YIiW783Dg1Q7mUdR1gZm6Uv
n1+lsbfM2oxBOFLQxtyN66td61bi6XBqHmcHmQYxacAOlr539d3ScxaaKhIwQsZA
8qyegK0asqW+yNF9/JVgh/CSGrVuH+PWiWCh1Qa6E9//frKCaiWXN36rwTUMwVOR
hgq4xb9MMvzYDpRE9wd6P8k9/HXwllb2dchZh5ywuILNzgc/DWo4
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:31:59 2025 by rpki-client