Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/HLvPbGV5stsGp4GPSmQ74ryRiLM.roa
File: HLvPbGV5stsGp4GPSmQ74ryRiLM.roa (raw, json)
Hash identifier: WBXoRE6cSt/oTP7VvpeC++GV/qsCAXUE8MID1vxyAek=
Subject key identifier: 1C:BB:CF:6C:65:79:B2:DB:06:A7:81:8F:4A:64:3B:E2:BC:91:88:B3
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 018571F0F995E4961DCD437890F003C40FB9
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/HLvPbGV5stsGp4GPSmQ74ryRiLM.roa
Signing time: Mon 02 Jan 2023 10:04:55 +0000
ROA not before: Mon 02 Jan 2023 10:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60508
IP address blocks: 176.227.153.0/24 maxlen: 24
178.156.25.0/24 maxlen: 24
89.45.242.0/24 maxlen: 24
84.236.183.0/24 maxlen: 24
88.148.102.0/24 maxlen: 24
84.236.207.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:f0:f9:95:e4:96:1d:cd:43:78:90:f0:03:c4:0f:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 2 10:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1cbbcf6c6579b2db06a7818f4a643be2bc9188b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:24:48:08:f7:53:4d:02:8b:e1:91:84:e0:f2:
dc:95:1b:3a:1f:9d:95:e6:3e:a3:20:f5:2f:49:bc:
34:50:4f:a1:94:cd:45:5e:e3:62:85:66:59:ad:72:
f3:f3:63:eb:13:26:b4:1e:3e:eb:22:15:13:27:78:
b5:8e:13:12:f5:55:33:1b:05:5c:b9:37:4e:63:d2:
3f:95:dc:1e:f7:8d:d3:51:cf:30:b6:58:49:d3:6b:
c4:c8:ed:dd:e0:23:1f:58:c6:9b:29:c6:fc:ae:f9:
45:40:52:cd:d9:22:61:f8:d9:7e:c5:16:16:69:03:
92:0c:d9:65:64:95:97:dc:96:f6:08:43:58:a3:88:
ac:9c:60:8d:ad:22:30:7d:cb:5c:78:0b:2d:fa:34:
1c:2e:eb:47:2a:1a:f2:65:3a:4c:a4:7c:bc:b9:a5:
24:8a:43:3b:89:d8:c4:3b:1b:83:3c:1c:91:7c:d3:
9e:d6:35:d4:ea:59:fe:e1:46:ba:d5:22:be:ef:a3:
4d:76:67:63:a4:63:ac:a8:1d:af:e0:92:c9:08:59:
a1:db:ca:dc:44:3b:9e:11:2b:be:dd:bf:6f:4a:c9:
8c:54:9f:2d:5c:5d:b2:f8:8b:3b:f1:c7:99:15:43:
bc:a0:d7:8e:18:b1:77:80:a9:25:46:67:ed:14:aa:
02:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:BB:CF:6C:65:79:B2:DB:06:A7:81:8F:4A:64:3B:E2:BC:91:88:B3
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/HLvPbGV5stsGp4GPSmQ74ryRiLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.236.183.0/24
84.236.207.0/24
88.148.102.0/24
89.45.242.0/24
176.227.153.0/24
178.156.25.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:29:8b:ba:fa:a6:f1:99:72:49:8b:87:38:34:f6:69:ac:50:
11:c2:2c:07:15:7d:fa:2b:89:0f:54:e4:11:ba:13:3a:92:f6:
f0:5b:18:45:38:1d:9d:ef:2e:48:cf:9c:5e:d6:6b:26:73:91:
d4:3f:d0:19:a6:88:8f:af:35:78:ed:ce:27:18:6e:30:20:25:
ce:12:85:93:20:37:35:0b:36:06:31:d0:aa:84:a2:d7:e2:fe:
b4:11:b8:7d:aa:97:82:22:99:2e:23:29:c9:21:15:91:0a:e5:
c6:04:0f:8d:e9:48:df:98:7c:bc:32:c4:eb:85:2f:7c:1b:87:
a8:c9:da:00:9d:d4:5b:7d:db:d5:43:56:a7:d7:64:05:7e:d9:
86:27:d1:36:8c:11:25:a5:ef:36:5e:38:21:a5:b3:a5:4b:75:
75:14:8c:de:9e:63:ec:9a:0e:0e:58:73:5a:a5:a2:9d:52:7b:
ec:80:e5:0d:e7:69:a3:3e:2e:53:57:fd:11:0d:d2:e4:78:e0:
56:24:67:61:b0:3d:80:a7:79:6f:6f:00:0f:0b:69:4c:47:11:
12:96:0e:57:8d:c2:92:c3:6d:72:08:37:70:4f:26:30:58:29:
09:da:81:86:ea:f6:41:bd:01:d4:e5:6a:51:96:79:06:44:44:
98:1a:2f:6c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVx8PmV5JYdzUN4kPADxA+5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjMwMTAyMTAwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2JiY2Y2YzY1NzliMmRiMDZhNzgxOGY0YTY0M2JlMmJjOTE4OGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSRICPdTTQKL4ZGE4PLclRs6H52V
5j6jIPUvSbw0UE+hlM1FXuNihWZZrXLz82PrEya0Hj7rIhUTJ3i1jhMS9VUzGwVc
uTdOY9I/ldwe943TUc8wtlhJ02vEyO3d4CMfWMabKcb8rvlFQFLN2SJh+Nl+xRYW
aQOSDNllZJWX3Jb2CENYo4isnGCNrSIwfctceAst+jQcLutHKhryZTpMpHy8uaUk
ikM7idjEOxuDPByRfNOe1jXU6ln+4Ua61SK+76NNdmdjpGOsqB2v4JLJCFmh28rc
RDueESu+3b9vSsmMVJ8tXF2y+Is78ceZFUO8oNeOGLF3gKklRmftFKoCMwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBy7z2xlebLbBqeBj0pkO+K8kYizMB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvSEx2UGJHVjVzdHNHcDRHUFNtUTc0cnlSaUxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVOy3AwQA
VOzPAwQAWJRmAwQAWS3yAwQAsOOZAwQAspwZMA0GCSqGSIb3DQEBCwUAA4IBAQAr
KYu6+qbxmXJJi4c4NPZprFARwiwHFX36K4kPVOQRuhM6kvbwWxhFOB2d7y5Iz5xe
1msmc5HUP9AZpoiPrzV47c4nGG4wICXOEoWTIDc1CzYGMdCqhKLX4v60Ebh9qpeC
IpkuIynJIRWRCuXGBA+N6UjfmHy8MsTrhS98G4eoydoAndRbfdvVQ1an12QFftmG
J9E2jBElpe82XjghpbOlS3V1FIzenmPsmg4OWHNapaKdUnvsgOUN52mjPi5TV/0R
DdLkeOBWJGdhsD2Ap3lvbwAPC2lMRxESlg5XjcKSw21yCDdwTyYwWCkJ2oGG6vZB
vQHU5WpRlnkGRESYGi9s
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:50:10 2025 by rpki-client