Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/hn_E2893e4wZLYH0UrM2lPhiqA0.roa
File: hn_E2893e4wZLYH0UrM2lPhiqA0.roa (raw, json)
Hash identifier: taKhf33kdyCh9aQn4Zo6pqgNOc3TycJu466lEOICC6A=
Subject key identifier: 86:7F:C4:DB:CF:77:7B:8C:19:2D:81:F4:52:B3:36:94:F8:62:A8:0D
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 018671A757AFBD2718B8CE0AA4D4298F8E55
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/hn_E2893e4wZLYH0UrM2lPhiqA0.roa
Signing time: Tue 21 Feb 2023 01:47:17 +0000
ROA not before: Tue 21 Feb 2023 01:47:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 328867
IP address blocks: 45.158.254.0/24 maxlen: 24
185.243.7.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:71:a7:57:af:bd:27:18:b8:ce:0a:a4:d4:29:8f:8e:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: Feb 21 01:47:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=867fc4dbcf777b8c192d81f452b33694f862a80d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:d7:6a:dc:16:a5:82:42:a5:a6:0d:fc:d3:03:
98:d0:2b:cf:c5:5a:f1:18:e1:d5:42:0e:f8:bc:26:
90:3c:00:71:d2:b9:ee:85:59:a2:3e:a5:c8:88:5a:
61:91:2f:52:8d:32:48:cf:84:d2:5f:c6:40:e2:1a:
9a:e1:e8:a7:e5:7b:43:09:1d:41:6c:82:94:97:81:
66:66:fe:87:09:c8:47:4e:7f:db:10:b9:3c:a9:53:
08:f8:fa:46:af:ce:38:0c:73:46:1b:9d:e7:84:6f:
6a:6e:13:9f:30:5c:bf:09:86:8d:92:a9:8a:5e:bc:
66:29:60:6c:d3:ab:1d:41:eb:2c:b9:4d:2d:c7:1f:
b1:18:2b:37:81:92:43:15:b8:5b:1a:b5:2d:88:ce:
71:a8:d5:74:1a:53:27:4e:3c:42:06:2a:73:83:4a:
09:61:01:1f:53:c1:13:fd:f3:62:a8:c5:40:b8:9a:
c7:66:0c:9d:dc:04:87:95:c7:ba:78:1b:f8:70:cf:
80:df:90:65:65:95:b9:73:8e:cd:63:5c:a2:b5:e2:
1b:eb:73:6f:f3:23:25:db:22:6d:c8:34:00:6f:ed:
17:e7:3a:be:68:99:f4:f3:ea:15:a8:4d:46:7d:85:
0b:d7:62:f2:6a:73:a9:83:6f:68:78:35:b9:35:e1:
0f:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:7F:C4:DB:CF:77:7B:8C:19:2D:81:F4:52:B3:36:94:F8:62:A8:0D
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/hn_E2893e4wZLYH0UrM2lPhiqA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.254.0/24
185.243.7.0/24
Signature Algorithm: sha256WithRSAEncryption
97:4c:e4:41:2f:71:ee:6a:31:09:42:a2:b7:f4:f9:6b:5c:c3:
de:25:85:f4:9e:6e:50:7e:d9:a7:dc:91:b7:e6:73:e7:e3:4f:
39:a0:cf:63:df:c9:52:8e:24:0b:15:89:4a:a7:60:83:f5:f4:
ad:5d:f2:23:9a:ea:85:bd:37:fb:79:94:b4:ac:e2:2e:ae:6f:
30:e3:27:1b:67:ac:73:c6:bc:60:08:70:d0:4d:bb:da:8a:cf:
25:c8:8e:a9:32:4a:75:d6:09:26:81:c2:bf:e8:7e:a3:9c:f3:
7d:48:e4:ac:3e:46:d9:54:73:50:e5:81:e1:d4:1f:c5:8b:09:
dd:be:c5:1a:00:66:25:96:2d:a1:f5:f4:6d:70:f4:fa:d7:bb:
da:86:35:b8:9b:db:8d:41:cc:2e:26:71:f9:c1:20:05:0c:e7:
24:6c:ba:3e:17:fa:ce:54:78:82:0d:16:a9:cc:0b:0a:69:aa:
fe:cc:11:68:e7:83:e7:4c:9a:75:49:2e:3b:b4:13:89:0b:f7:
13:ac:fb:d2:6c:b6:03:d2:3d:18:5e:c7:44:bf:cd:ac:f0:88:
77:4d:7d:f9:9c:2c:b9:23:f1:46:cb:18:e8:0f:43:01:08:94:
a2:fe:b6:fd:28:17:87:72:df:31:1e:a5:5b:62:99:e0:5b:f3:
b7:26:b9:28
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYZxp1evvScYuM4KpNQpj45VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjMwMjIxMDE0NzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjdmYzRkYmNmNzc3YjhjMTkyZDgxZjQ1MmIzMzY5NGY4NjJhODBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhtdq3BalgkKlpg380wOY0CvPxVrx
GOHVQg74vCaQPABx0rnuhVmiPqXIiFphkS9SjTJIz4TSX8ZA4hqa4ein5XtDCR1B
bIKUl4FmZv6HCchHTn/bELk8qVMI+PpGr844DHNGG53nhG9qbhOfMFy/CYaNkqmK
XrxmKWBs06sdQessuU0txx+xGCs3gZJDFbhbGrUtiM5xqNV0GlMnTjxCBipzg0oJ
YQEfU8ET/fNiqMVAuJrHZgyd3ASHlce6eBv4cM+A35BlZZW5c47NY1yiteIb63Nv
8yMl2yJtyDQAb+0X5zq+aJn08+oVqE1GfYUL12LyanOpg29oeDW5NeEPTwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIZ/xNvPd3uMGS2B9FKzNpT4YqgNMB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvaG5fRTI4OTNlNHdaTFlIMFVyTTJsUGhpcUEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZ7+AwQA
ufMHMA0GCSqGSIb3DQEBCwUAA4IBAQCXTORBL3HuajEJQqK39PlrXMPeJYX0nm5Q
ftmn3JG35nPn4085oM9j38lSjiQLFYlKp2CD9fStXfIjmuqFvTf7eZS0rOIurm8w
4ycbZ6xzxrxgCHDQTbvais8lyI6pMkp11gkmgcK/6H6jnPN9SOSsPkbZVHNQ5YHh
1B/FiwndvsUaAGYlli2h9fRtcPT617vahjW4m9uNQcwuJnH5wSAFDOckbLo+F/rO
VHiCDRapzAsKaar+zBFo54PnTJp1SS47tBOJC/cTrPvSbLYD0j0YXsdEv82s8Ih3
TX35nCy5I/FGyxjoD0MBCJSi/rb9KBeHct8xHqVbYpngW/O3Jrko
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:51:04 2025 by rpki-client