Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/9dac9c-85c6-4572-ad60-14512e7e59ef/1/HwaN0oSdE8aRBfch9vvg_eGNMJQ.roa
File: HwaN0oSdE8aRBfch9vvg_eGNMJQ.roa (raw, json)
Hash identifier: lQvr0fUgkMBIZYlpSXE3OPbg913a6RJaeRqUSW+MMoc=
Subject key identifier: 1F:06:8D:D2:84:9D:13:C6:91:05:F7:21:F6:FB:E0:FD:E1:8D:30:94
Certificate issuer: /CN=6e3ec972f9760b855f1d4390bc375b3fa3d411b6
Certificate serial: 06EBBCF3
Authority key identifier: 6E:3E:C9:72:F9:76:0B:85:5F:1D:43:90:BC:37:5B:3F:A3:D4:11:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bj7Jcvl2C4VfHUOQvDdbP6PUEbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/9dac9c-85c6-4572-ad60-14512e7e59ef/1/HwaN0oSdE8aRBfch9vvg_eGNMJQ.roa
Signing time: Sat 01 Jan 2022 00:52:10 +0000
ROA not before: Sat 01 Jan 2022 00:52:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201367
IP address blocks: 185.76.58.0/24 maxlen: 24
185.76.57.0/24 maxlen: 24
185.76.56.0/24 maxlen: 24
185.76.59.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116112627 (0x6ebbcf3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e3ec972f9760b855f1d4390bc375b3fa3d411b6
Validity
Not Before: Jan 1 00:52:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1f068dd2849d13c69105f721f6fbe0fde18d3094
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:e9:09:ed:99:ca:14:91:6d:69:f5:bc:3a:ec:
ca:f8:55:61:2f:8f:ff:c2:1b:37:b3:3f:02:d6:a0:
10:f8:09:cd:0b:0e:8a:b6:e5:28:c2:48:df:5e:be:
9d:a1:07:02:3d:ee:49:bc:18:b9:53:c4:24:9e:d3:
ff:07:67:c4:ec:a6:ac:2a:e9:87:b7:8d:23:3a:3a:
6d:a1:5a:05:ee:7b:36:ba:c4:70:6a:65:dc:8f:78:
88:6a:8a:be:e1:b0:bd:e8:1c:6b:c1:d9:52:f3:d9:
67:ea:fe:ef:5c:98:c3:e9:9c:5c:59:9a:0a:df:c1:
00:a7:11:c7:df:77:d8:99:91:6d:4c:b7:ed:bc:eb:
68:f2:84:bc:90:bf:d9:01:09:48:1a:4c:83:51:33:
db:03:76:e4:1d:4f:7a:b2:26:fe:60:e0:53:aa:1e:
03:fa:b8:a9:c8:c0:d5:17:ff:bc:95:8e:3b:fb:d2:
6b:72:b0:c8:c5:2b:46:77:24:6d:99:54:84:72:a9:
13:28:9d:3d:83:92:38:9f:0c:14:f3:5c:03:8f:74:
2b:64:d3:7f:da:0e:01:2b:f4:a8:7d:6a:7d:c0:c7:
84:28:67:c4:4b:fa:a0:43:e6:ea:91:61:64:9c:01:
94:9f:6e:a5:73:9b:51:f7:f5:57:e3:2b:c5:8c:cc:
b7:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:06:8D:D2:84:9D:13:C6:91:05:F7:21:F6:FB:E0:FD:E1:8D:30:94
X509v3 Authority Key Identifier:
keyid:6E:3E:C9:72:F9:76:0B:85:5F:1D:43:90:BC:37:5B:3F:A3:D4:11:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bj7Jcvl2C4VfHUOQvDdbP6PUEbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/9dac9c-85c6-4572-ad60-14512e7e59ef/1/HwaN0oSdE8aRBfch9vvg_eGNMJQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/9dac9c-85c6-4572-ad60-14512e7e59ef/1/bj7Jcvl2C4VfHUOQvDdbP6PUEbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.76.56.0/22
Signature Algorithm: sha256WithRSAEncryption
a6:f8:3a:76:df:7e:6c:a7:ad:03:e8:3e:e2:57:16:e3:17:a4:
82:0a:5c:c5:f7:02:90:d7:1e:f7:72:9c:c4:5c:53:f3:64:3a:
c3:c2:6b:e0:5d:f5:60:ce:2d:80:b9:ce:1e:6e:50:50:7f:1b:
d3:3c:af:47:89:ce:21:44:2c:4a:87:96:a0:05:ac:23:a2:2c:
14:e0:1f:23:b0:01:40:0d:5c:47:d2:32:22:4d:af:df:17:01:
a8:fe:51:ab:87:8f:6b:14:e7:f9:5c:25:57:82:bf:00:46:19:
04:f9:19:dd:8b:3b:37:53:44:d9:d6:36:9c:f2:fc:33:de:41:
90:6b:d7:55:dc:23:1f:28:dc:22:d9:df:81:77:6c:d1:5f:55:
ae:3e:7d:0e:50:31:b9:7d:6d:19:54:0f:f9:0b:2b:6f:86:93:
e7:7d:f6:9e:f2:8e:e4:27:54:a5:00:99:af:bc:8d:2e:a5:0c:
08:a4:e2:b6:82:32:ab:a2:44:1e:22:ab:51:cd:f9:4a:cc:24:
54:88:10:d9:04:e8:43:b0:26:a2:e9:3e:7d:5c:36:52:67:8d:
a3:23:42:f6:1c:da:02:86:5c:77:ea:73:e5:29:ca:7b:73:fc:
3b:a6:ff:ba:49:0f:83:89:cb:b5:e8:ea:95:46:84:2d:f4:cf:
62:d3:44:1c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBuu88zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZTNlYzk3MmY5NzYwYjg1NWYxZDQzOTBiYzM3NWIzZmEzZDQxMWI2MB4XDTIyMDEw
MTAwNTIxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWYwNjhkZDI4NDlk
MTNjNjkxMDVmNzIxZjZmYmUwZmRlMThkMzA5NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMjpCe2ZyhSRbWn1vDrsyvhVYS+P/8IbN7M/AtagEPgJzQsO
irblKMJI316+naEHAj3uSbwYuVPEJJ7T/wdnxOymrCrph7eNIzo6baFaBe57NrrE
cGpl3I94iGqKvuGwvegca8HZUvPZZ+r+71yYw+mcXFmaCt/BAKcRx9932JmRbUy3
7bzraPKEvJC/2QEJSBpMg1Ez2wN25B1PerIm/mDgU6oeA/q4qcjA1Rf/vJWOO/vS
a3KwyMUrRnckbZlUhHKpEyidPYOSOJ8MFPNcA490K2TTf9oOASv0qH1qfcDHhChn
xEv6oEPm6pFhZJwBlJ9upXObUff1V+MrxYzMtysCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQfBo3ShJ0TxpEF9yH2++D94Y0wlDAfBgNVHSMEGDAWgBRuPsly+XYLhV8d
Q5C8N1s/o9QRtjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JqN0pjdmwyQzRWZkhVT1F2RGRiUDZQVUViWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzEvOWRhYzljLTg1YzYtNDU3Mi1hZDYwLTE0NTEyZTdlNTllZi8x
L0h3YU4wb1NkRThhUkJmY2g5dnZnX2VHTk1KUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzEv
OWRhYzljLTg1YzYtNDU3Mi1hZDYwLTE0NTEyZTdlNTllZi8xL2JqN0pjdmwyQzRW
ZkhVT1F2RGRiUDZQVUViWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlMODANBgkqhkiG9w0BAQsFAAOC
AQEApvg6dt9+bKetA+g+4lcW4xekggpcxfcCkNce93KcxFxT82Q6w8Jr4F31YM4t
gLnOHm5QUH8b0zyvR4nOIUQsSoeWoAWsI6IsFOAfI7ABQA1cR9IyIk2v3xcBqP5R
q4ePaxTn+VwlV4K/AEYZBPkZ3Ys7N1NE2dY2nPL8M95BkGvXVdwjHyjcItnfgXds
0V9Vrj59DlAxuX1tGVQP+Qsrb4aT5332nvKO5CdUpQCZr7yNLqUMCKTitoIyq6JE
HiKrUc35SswkVIgQ2QToQ7Amouk+fVw2UmeNoyNC9hzaAoZcd+pz5SnKe3P8O6b/
ukkPg4nLtejqlUaELfTPYtNEHA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:49 2025 by rpki-client