Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/8e6f08-30f0-46dd-a7a1-a9c384128d42/1/HagVW7cBXCLqbh9OZj5OcjxajTE.roa
File: HagVW7cBXCLqbh9OZj5OcjxajTE.roa (raw, json)
Hash identifier: HbRVJd4Q00PbjW6sgL4/ai/l1402R6ldEB9pRPs7TOw=
Subject key identifier: 1D:A8:15:5B:B7:01:5C:22:EA:6E:1F:4E:66:3E:4E:72:3C:5A:8D:31
Certificate issuer: /CN=a0e381b6e76cb9520e8d8f56776eca0fe176cc40
Certificate serial: 0B60C61D
Authority key identifier: A0:E3:81:B6:E7:6C:B9:52:0E:8D:8F:56:77:6E:CA:0F:E1:76:CC:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oOOBtudsuVIOjY9Wd27KD-F2zEA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/8e6f08-30f0-46dd-a7a1-a9c384128d42/1/HagVW7cBXCLqbh9OZj5OcjxajTE.roa
Signing time: Sat 01 Jan 2022 13:58:31 +0000
ROA not before: Sat 01 Jan 2022 13:58:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24631
IP address blocks: 185.229.29.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 190891549 (0xb60c61d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0e381b6e76cb9520e8d8f56776eca0fe176cc40
Validity
Not Before: Jan 1 13:58:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1da8155bb7015c22ea6e1f4e663e4e723c5a8d31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c8:6f:3f:55:61:a8:91:8f:a8:f7:7c:28:d2:
5e:e5:74:38:41:c8:9c:47:74:bc:86:b4:ee:bd:62:
b0:38:8d:84:67:ce:88:33:7c:5d:96:d2:89:73:f9:
a1:e0:48:54:82:71:5c:18:bc:76:ad:cc:73:d7:02:
56:de:6a:e6:ac:9f:fc:a8:b0:ae:10:99:de:26:67:
f5:9f:5d:a3:12:02:52:4d:28:53:7d:10:66:62:ca:
4d:64:c3:49:77:79:62:c0:d4:f3:6d:e0:97:9f:0b:
88:fc:a1:ca:a9:4a:3b:50:db:2d:a5:ea:47:dc:8b:
27:1f:de:d5:af:f9:e0:bd:db:92:91:fa:31:dd:af:
eb:f9:6f:87:9a:99:d8:3d:0a:fc:70:3e:0e:1a:94:
fa:cd:09:2f:4f:ee:5b:aa:64:92:2f:37:a7:da:9f:
e2:d9:80:fe:f8:e7:ad:4b:4d:67:d2:7c:b3:b2:55:
bb:5b:34:82:cc:d6:ee:b2:e8:7a:93:8e:f4:42:8f:
a5:28:17:bf:05:90:ce:20:b1:38:4f:61:13:eb:b1:
93:1b:d6:55:fa:14:ef:74:b4:8c:29:05:cc:4c:ff:
93:48:90:a0:12:52:f8:27:e8:4d:26:a5:65:36:78:
e0:3b:e9:de:5e:b2:cd:e8:94:bb:3b:94:03:bf:e3:
a0:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:A8:15:5B:B7:01:5C:22:EA:6E:1F:4E:66:3E:4E:72:3C:5A:8D:31
X509v3 Authority Key Identifier:
keyid:A0:E3:81:B6:E7:6C:B9:52:0E:8D:8F:56:77:6E:CA:0F:E1:76:CC:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oOOBtudsuVIOjY9Wd27KD-F2zEA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/8e6f08-30f0-46dd-a7a1-a9c384128d42/1/HagVW7cBXCLqbh9OZj5OcjxajTE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/8e6f08-30f0-46dd-a7a1-a9c384128d42/1/oOOBtudsuVIOjY9Wd27KD-F2zEA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.29.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:12:b9:90:6d:13:ac:3d:f5:c8:73:a6:bd:b4:2b:44:18:f2:
32:e9:0c:f8:36:36:10:94:ea:2f:11:86:15:49:70:da:e5:0e:
3b:2c:df:1e:77:08:57:0d:da:c8:ab:68:43:9f:41:7a:d2:dc:
9a:a0:2a:96:ee:a1:60:9b:a0:5a:d2:da:70:f9:79:98:f7:5f:
aa:9d:3c:b3:13:d4:11:3b:84:f1:de:ab:63:ca:56:b0:b0:aa:
32:de:62:04:89:1f:7f:55:ce:37:47:a1:70:a0:60:77:39:91:
b8:bc:6b:a2:4f:13:dc:c4:5e:a3:c4:3d:01:01:6c:68:24:b4:
da:be:45:15:12:1e:c3:6a:00:42:b0:b8:16:cb:f8:46:e2:8a:
24:bf:fd:8b:81:72:10:72:b1:32:f9:46:4a:a6:41:55:22:bf:
65:fb:b0:fa:8f:03:cd:75:30:dc:ff:ee:31:be:a6:8e:f1:b6:
82:ce:2a:69:f6:a0:f7:55:08:62:70:34:e4:10:b9:9a:c4:19:
6e:03:45:39:92:e0:93:61:45:ab:a0:29:89:df:1e:5d:ae:cb:
55:2d:a9:65:c3:c2:bb:5e:db:16:ea:af:06:0f:1b:11:ca:61:
4e:1a:b9:56:fc:b8:a5:01:9b:49:5c:20:dc:e4:8a:1c:6e:7f:
30:0a:96:93
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEC2DGHTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MGUzODFiNmU3NmNiOTUyMGU4ZDhmNTY3NzZlY2EwZmUxNzZjYzQwMB4XDTIyMDEw
MTEzNTgzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWRhODE1NWJiNzAx
NWMyMmVhNmUxZjRlNjYzZTRlNzIzYzVhOGQzMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALvIbz9VYaiRj6j3fCjSXuV0OEHInEd0vIa07r1isDiNhGfO
iDN8XZbSiXP5oeBIVIJxXBi8dq3Mc9cCVt5q5qyf/KiwrhCZ3iZn9Z9doxICUk0o
U30QZmLKTWTDSXd5YsDU823gl58LiPyhyqlKO1DbLaXqR9yLJx/e1a/54L3bkpH6
Md2v6/lvh5qZ2D0K/HA+DhqU+s0JL0/uW6pkki83p9qf4tmA/vjnrUtNZ9J8s7JV
u1s0gszW7rLoepOO9EKPpSgXvwWQziCxOE9hE+uxkxvWVfoU73S0jCkFzEz/k0iQ
oBJS+CfoTSalZTZ44Dvp3l6yzeiUuzuUA7/joJ8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQdqBVbtwFcIupuH05mPk5yPFqNMTAfBgNVHSMEGDAWgBSg44G252y5Ug6N
j1Z3bsoP4XbMQDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L29PT0J0dWRzdVZJT2pZOVdkMjdLRC1GMnpFQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDkvOGU2ZjA4LTMwZjAtNDZkZC1hN2ExLWE5YzM4NDEyOGQ0Mi8x
L0hhZ1ZXN2NCWENMcWJoOU9aajVPY2p4YWpURS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDkv
OGU2ZjA4LTMwZjAtNDZkZC1hN2ExLWE5YzM4NDEyOGQ0Mi8xL29PT0J0dWRzdVZJ
T2pZOVdkMjdLRC1GMnpFQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnlHTANBgkqhkiG9w0BAQsFAAOC
AQEAGhK5kG0TrD31yHOmvbQrRBjyMukM+DY2EJTqLxGGFUlw2uUOOyzfHncIVw3a
yKtoQ59BetLcmqAqlu6hYJugWtLacPl5mPdfqp08sxPUETuE8d6rY8pWsLCqMt5i
BIkff1XON0ehcKBgdzmRuLxrok8T3MReo8Q9AQFsaCS02r5FFRIew2oAQrC4Fsv4
RuKKJL/9i4FyEHKxMvlGSqZBVSK/Zfuw+o8DzXUw3P/uMb6mjvG2gs4qafag91UI
YnA05BC5msQZbgNFOZLgk2FFq6Apid8eXa7LVS2pZcPCu17bFuqvBg8bEcphThq5
Vvy4pQGbSVwg3OSKHG5/MAqWkw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:21 2025 by rpki-client