Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/43bb94-94c6-4dad-a372-5fcfa421975c/1/hgVtHsO4F1TYBgeoC5hEt8-5-_c.roa
File: hgVtHsO4F1TYBgeoC5hEt8-5-_c.roa (raw, json)
Hash identifier: ArpFWniRkU46ANupw9pqGiE65p97hI1hQ2Rfruhf2sA=
Subject key identifier: 86:05:6D:1E:C3:B8:17:54:D8:06:07:A8:0B:98:44:B7:CF:B9:FB:F7
Certificate issuer: /CN=bbb865fd6dfaaba771249b7ebae8ebd5280a0c97
Certificate serial: 0186E1759EFAE90EDDC28D7D2FFDBE30E38E
Authority key identifier: BB:B8:65:FD:6D:FA:AB:A7:71:24:9B:7E:BA:E8:EB:D5:28:0A:0C:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u7hl_W36q6dxJJt-uujr1SgKDJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/43bb94-94c6-4dad-a372-5fcfa421975c/1/hgVtHsO4F1TYBgeoC5hEt8-5-_c.roa
Signing time: Tue 14 Mar 2023 18:50:27 +0000
ROA not before: Tue 14 Mar 2023 18:50:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34691
IP address blocks: 91.233.252.0/23 maxlen: 23
91.233.254.0/23 maxlen: 23
45.136.110.0/24 maxlen: 24
194.69.60.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e1:75:9e:fa:e9:0e:dd:c2:8d:7d:2f:fd:be:30:e3:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbb865fd6dfaaba771249b7ebae8ebd5280a0c97
Validity
Not Before: Mar 14 18:50:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=86056d1ec3b81754d80607a80b9844b7cfb9fbf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:00:b9:2e:d0:32:e4:e0:95:6a:d4:12:a1:0c:
19:bf:65:c4:d0:1b:2c:a2:88:1a:a2:96:1d:83:af:
7f:68:fe:0a:a0:7c:d8:9b:e6:02:56:16:d4:96:3c:
aa:56:aa:cd:10:cd:76:00:5f:19:ce:56:14:35:31:
7f:50:3c:c8:f8:0a:71:ba:fb:0a:b1:93:8b:76:49:
9a:59:d4:2f:0a:f5:f6:e7:d1:9b:23:cb:49:f6:3f:
5b:9c:eb:f9:b8:c5:41:2b:10:96:99:0c:f2:fc:06:
2c:56:f2:ab:a4:7a:b3:39:43:6f:8a:4b:c0:0d:00:
70:51:1a:c8:54:81:3d:85:d5:1d:26:aa:01:d0:a1:
ae:2c:86:ef:7c:42:c4:02:52:9b:d4:62:a1:e6:13:
f0:24:03:6e:43:b5:72:b1:c5:47:fc:e7:82:10:f1:
63:88:87:f9:9a:a2:fa:39:e1:6d:e3:70:a8:87:b1:
13:e7:9e:bc:60:ef:a5:fa:0a:b5:17:f0:5a:d7:5c:
36:5b:db:52:b5:d0:16:42:c2:f0:5c:41:45:c3:33:
ab:88:86:47:57:b5:96:48:57:62:c2:c0:70:16:ae:
2e:5f:2b:f7:32:35:18:e9:9d:7f:49:50:4c:0e:3d:
29:5a:40:05:8b:bd:eb:4f:71:c7:07:4e:9d:d1:a1:
67:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:05:6D:1E:C3:B8:17:54:D8:06:07:A8:0B:98:44:B7:CF:B9:FB:F7
X509v3 Authority Key Identifier:
keyid:BB:B8:65:FD:6D:FA:AB:A7:71:24:9B:7E:BA:E8:EB:D5:28:0A:0C:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u7hl_W36q6dxJJt-uujr1SgKDJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/43bb94-94c6-4dad-a372-5fcfa421975c/1/hgVtHsO4F1TYBgeoC5hEt8-5-_c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/43bb94-94c6-4dad-a372-5fcfa421975c/1/u7hl_W36q6dxJJt-uujr1SgKDJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.110.0/24
91.233.252.0/22
194.69.60.0/22
Signature Algorithm: sha256WithRSAEncryption
59:9f:22:28:0c:6a:67:e0:2b:8f:55:b5:ef:0a:7f:25:10:73:
4d:cf:fc:7d:08:e2:0b:90:30:12:f1:6d:0e:af:b2:2e:f1:98:
4f:c8:4c:16:8b:47:56:52:b0:72:c2:21:69:1f:e7:5a:48:6f:
af:54:ed:10:16:29:af:30:a3:c5:01:3a:f3:88:57:9a:43:b2:
4e:d1:39:90:b4:b3:8e:b5:53:35:5d:b8:cb:02:c3:79:4a:e2:
57:97:86:5b:b7:58:17:25:17:7f:f4:2e:ec:28:a3:5a:37:69:
d6:2a:bd:3e:21:dc:b3:c2:35:4d:a0:36:c1:ce:d5:68:ce:6b:
c3:56:04:dc:38:0b:35:70:13:54:9a:21:07:33:7a:71:75:93:
3a:76:07:35:f1:ed:9b:9f:c2:9a:bb:39:bc:01:47:f0:3c:76:
46:19:64:73:43:cf:7b:c1:ab:c6:5e:85:5f:26:c4:26:0c:b0:
aa:3d:5b:90:df:df:87:31:f7:e0:72:d6:c9:ef:2b:cc:3c:fb:
42:91:b7:9e:51:38:a1:86:87:fa:05:1d:6c:27:b2:91:52:e5:
81:b4:af:1f:db:51:73:cb:14:b6:47:52:6b:f7:6d:9d:00:ee:
45:51:9c:56:5d:f2:b7:b3:ce:54:15:65:14:ef:cb:d5:11:26:
f0:bc:5c:f3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYbhdZ766Q7dwo19L/2+MOOOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiYjg2NWZkNmRmYWFiYTc3MTI0OWI3ZWJhZThlYmQ1Mjgw
YTBjOTcwHhcNMjMwMzE0MTg1MDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjA1NmQxZWMzYjgxNzU0ZDgwNjA3YTgwYjk4NDRiN2NmYjlmYmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgAC5LtAy5OCVatQSoQwZv2XE0Bss
oogaopYdg69/aP4KoHzYm+YCVhbUljyqVqrNEM12AF8ZzlYUNTF/UDzI+ApxuvsK
sZOLdkmaWdQvCvX259GbI8tJ9j9bnOv5uMVBKxCWmQzy/AYsVvKrpHqzOUNvikvA
DQBwURrIVIE9hdUdJqoB0KGuLIbvfELEAlKb1GKh5hPwJANuQ7VyscVH/OeCEPFj
iIf5mqL6OeFt43Coh7ET5568YO+l+gq1F/Ba11w2W9tStdAWQsLwXEFFwzOriIZH
V7WWSFdiwsBwFq4uXyv3MjUY6Z1/SVBMDj0pWkAFi73rT3HHB06d0aFngQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIYFbR7DuBdU2AYHqAuYRLfPufv3MB8GA1UdIwQY
MBaAFLu4Zf1t+quncSSbfrro69UoCgyXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTdobF9XMzZxNmR4Skp0LXV1anIxU2dLREpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS80M2JiOTQtOTRjNi00ZGFkLWEzNzIt
NWZjZmE0MjE5NzVjLzEvaGdWdEhzTzRGMVRZQmdlb0M1aEV0OC01LV9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS80M2JiOTQtOTRjNi00ZGFkLWEzNzItNWZjZmE0MjE5NzVj
LzEvdTdobF9XMzZxNmR4Skp0LXV1anIxU2dLREpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALYhuAwQC
W+n8AwQCwkU8MA0GCSqGSIb3DQEBCwUAA4IBAQBZnyIoDGpn4CuPVbXvCn8lEHNN
z/x9COILkDAS8W0Or7Iu8ZhPyEwWi0dWUrBywiFpH+daSG+vVO0QFimvMKPFATrz
iFeaQ7JO0TmQtLOOtVM1XbjLAsN5SuJXl4Zbt1gXJRd/9C7sKKNaN2nWKr0+Idyz
wjVNoDbBztVozmvDVgTcOAs1cBNUmiEHM3pxdZM6dgc18e2bn8Kauzm8AUfwPHZG
GWRzQ897wavGXoVfJsQmDLCqPVuQ39+HMffgctbJ7yvMPPtCkbeeUTihhof6BR1s
J7KRUuWBtK8f21FzyxS2R1Jr922dAO5FUZxWXfK3s85UFWUU78vVESbwvFzz
-----END CERTIFICATE-----
Generated at Mon Apr 7 08:24:39 2025 by rpki-client