Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/hlvcCEMi9UqfWQBqwNa4iPj2Kug.roa
File: hlvcCEMi9UqfWQBqwNa4iPj2Kug.roa (raw, json)
Hash identifier: D/OKyMQ+Ifh/M9F1287v0D7slJzfj4r1HMmnapQvra8=
Subject key identifier: 86:5B:DC:08:43:22:F5:4A:9F:59:00:6A:C0:D6:B8:88:F8:F6:2A:E8
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 01856D8AF7FC005B4D6764D66E1C754C9B4C
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/hlvcCEMi9UqfWQBqwNa4iPj2Kug.roa
Signing time: Sun 01 Jan 2023 13:35:01 +0000
ROA not before: Sun 01 Jan 2023 13:35:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9096
IP address blocks: 217.192.86.0/24 maxlen: 24
212.243.80.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8a:f7:fc:00:5b:4d:67:64:d6:6e:1c:75:4c:9b:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 13:35:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=865bdc084322f54a9f59006ac0d6b888f8f62ae8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:1c:b3:77:cb:de:f9:81:a2:26:09:e8:e6:80:
22:97:c4:3e:c3:5c:ee:b8:b6:ab:3d:84:6c:86:8e:
bf:53:3b:77:7e:93:ce:e8:23:57:ae:43:e7:df:72:
56:1d:0c:6b:6b:69:66:39:33:64:0c:d1:43:85:e4:
c8:b1:81:9e:3c:19:2c:24:92:35:de:52:da:0d:ab:
50:a3:14:b2:8a:d1:68:56:e1:8a:5f:33:39:55:fc:
f3:b2:d3:fa:1b:d1:a6:f3:08:84:b3:e0:50:61:4f:
4a:67:06:f0:d5:3c:d2:7e:e9:dd:0a:8f:b9:de:e4:
01:cc:42:0c:cb:13:66:d5:d1:ed:09:48:3b:8d:b0:
83:14:7b:a0:9f:7d:1f:85:2d:ab:40:9d:4e:d1:01:
3b:64:58:78:99:2d:e9:7f:e3:03:32:15:19:c2:eb:
04:12:2f:db:23:aa:99:c9:95:cd:58:6f:21:6a:a9:
01:cf:60:23:ab:c7:c1:d5:c7:d9:6b:ca:c7:1a:54:
f5:ea:85:27:02:54:5f:88:28:f9:8c:f7:64:1a:44:
45:b9:38:59:f4:67:61:d6:db:5c:50:6b:a7:b1:4a:
89:45:74:c3:a7:e5:38:5e:29:71:93:c4:21:12:09:
72:a7:73:c7:99:a0:eb:a9:cd:bf:f3:e4:23:2e:32:
86:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:5B:DC:08:43:22:F5:4A:9F:59:00:6A:C0:D6:B8:88:F8:F6:2A:E8
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/hlvcCEMi9UqfWQBqwNa4iPj2Kug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.243.80.0/24
217.192.86.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:c2:13:25:7d:02:6c:67:62:49:f6:59:8b:2f:6d:63:64:f3:
2c:ce:a0:a4:c2:88:5e:fb:d3:d9:d6:78:a9:da:e3:52:3b:bd:
02:ce:7e:de:fa:b7:00:7d:2b:26:82:02:ff:e2:16:25:8c:18:
d3:73:77:43:e9:0b:df:1a:98:96:86:8c:f6:33:1d:93:42:d9:
e3:6e:7a:38:09:2f:7d:fc:27:31:d5:6a:8d:7d:6c:9a:f7:7a:
f9:82:50:3d:76:e5:dc:d7:2e:5b:aa:ea:09:95:a1:18:ff:0a:
a8:a0:d7:02:46:d9:f2:00:b4:ab:0a:62:3d:ba:84:b1:70:c1:
93:e6:97:26:4b:9a:94:1f:63:1b:fb:2b:c6:e6:2e:0e:3e:06:
e0:d1:3d:c7:e4:1c:45:46:a0:3e:ba:eb:8c:cd:96:8f:b1:1c:
3c:8e:a9:80:12:d0:ed:c9:bc:73:e6:c3:6f:2e:1d:e7:b7:f5:
87:26:ae:e4:6a:1e:8b:07:4a:82:03:23:f2:f6:0d:da:8f:78:
d9:52:ae:22:dc:b6:3e:fe:f1:2b:b6:be:7d:36:fe:03:fa:a9:
a7:01:cc:8a:55:5b:04:50:3c:53:8b:4c:71:02:a1:8c:22:27:
e5:08:44:e1:06:6a:ff:9f:32:0d:e6:39:3d:78:9c:ee:2d:61:
fd:13:28:97
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtivf8AFtNZ2TWbhx1TJtMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjNmM2RiMTUyZTA1NWFjMTQ1YmRiYjQyOWUwMTg2NTQy
MDRjOGQwHhcNMjMwMTAxMTMzNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjViZGMwODQzMjJmNTRhOWY1OTAwNmFjMGQ2Yjg4OGY4ZjYyYWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhyzd8ve+YGiJgno5oAil8Q+w1zu
uLarPYRsho6/Uzt3fpPO6CNXrkPn33JWHQxra2lmOTNkDNFDheTIsYGePBksJJI1
3lLaDatQoxSyitFoVuGKXzM5VfzzstP6G9Gm8wiEs+BQYU9KZwbw1TzSfundCo+5
3uQBzEIMyxNm1dHtCUg7jbCDFHugn30fhS2rQJ1O0QE7ZFh4mS3pf+MDMhUZwusE
Ei/bI6qZyZXNWG8haqkBz2Ajq8fB1cfZa8rHGlT16oUnAlRfiCj5jPdkGkRFuThZ
9Gdh1ttcUGunsUqJRXTDp+U4Xilxk8QhEglyp3PHmaDrqc2/8+QjLjKGXQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIZb3AhDIvVKn1kAasDWuIj49iroMB8GA1UdIwQY
MBaAFCZj89sVLgVawUW9u0KeAYZUIEyNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUt
YmQxOTI2NzZjOWJiLzEvaGx2Y0NFTWk5VXFmV1FCcXdOYTRpUGoyS3VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUtYmQxOTI2NzZjOWJi
LzEvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1PNQAwQA
2cBWMA0GCSqGSIb3DQEBCwUAA4IBAQAqwhMlfQJsZ2JJ9lmLL21jZPMszqCkwohe
+9PZ1nip2uNSO70Czn7e+rcAfSsmggL/4hYljBjTc3dD6QvfGpiWhoz2Mx2TQtnj
bno4CS99/Ccx1WqNfWya93r5glA9duXc1y5bquoJlaEY/wqooNcCRtnyALSrCmI9
uoSxcMGT5pcmS5qUH2Mb+yvG5i4OPgbg0T3H5BxFRqA+uuuMzZaPsRw8jqmAEtDt
ybxz5sNvLh3nt/WHJq7kah6LB0qCAyPy9g3aj3jZUq4i3LY+/vErtr59Nv4D+qmn
AcyKVVsEUDxTi0xxAqGMIiflCEThBmr/nzIN5jk9eJzuLWH9EyiX
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:35:31 2025 by rpki-client