Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/7b13fe-f62f-4e93-821e-e33ae106b54d/1/HV1Hf-EfTtiWJsCARw3mtZ9MZf0.roa
File: HV1Hf-EfTtiWJsCARw3mtZ9MZf0.roa (raw, json)
Hash identifier: smuFfdn5hN37xLZ3VYaAGJRDwqu4jZNnkPPTiG3zbuU=
Subject key identifier: 1D:5D:47:7F:E1:1F:4E:D8:96:26:C0:80:47:0D:E6:B5:9F:4C:65:FD
Certificate issuer: /CN=d3592aac489522d5db18fd6391e035a9778ea3b1
Certificate serial: 0184396373EE4D87BDB26BB76392DECDB068
Authority key identifier: D3:59:2A:AC:48:95:22:D5:DB:18:FD:63:91:E0:35:A9:77:8E:A3:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/01kqrEiVItXbGP1jkeA1qXeOo7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/7b13fe-f62f-4e93-821e-e33ae106b54d/1/HV1Hf-EfTtiWJsCARw3mtZ9MZf0.roa
Signing time: Wed 02 Nov 2022 17:28:49 +0000
ROA not before: Wed 02 Nov 2022 17:28:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 33876
IP address blocks: 185.76.4.0/22 maxlen: 24
176.111.104.0/22 maxlen: 22
176.111.104.0/24 maxlen: 24
185.12.116.0/22 maxlen: 24
185.11.164.0/22 maxlen: 24
91.198.47.0/24 maxlen: 24
94.126.168.0/21 maxlen: 24
176.61.144.0/21 maxlen: 21
194.8.30.0/24 maxlen: 24
2a03:8bc0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:39:63:73:ee:4d:87:bd:b2:6b:b7:63:92:de:cd:b0:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3592aac489522d5db18fd6391e035a9778ea3b1
Validity
Not Before: Nov 2 17:28:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1d5d477fe11f4ed89626c080470de6b59f4c65fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:bb:5f:a3:3a:be:77:9d:a7:d9:30:fb:a9:72:
cd:ed:7f:38:7e:86:29:ac:d4:87:c0:c2:98:50:32:
43:fb:1b:ea:9b:3c:82:e9:ba:3f:1b:18:15:d7:23:
07:19:60:01:13:c6:1c:a8:b3:9b:49:97:53:25:bb:
41:0a:e8:1b:28:78:ec:46:7b:2a:e2:f1:b6:63:73:
64:c0:e0:ed:33:fe:82:96:15:96:8b:5f:41:43:cd:
cf:4e:28:98:8e:bf:ae:f1:b7:53:64:99:aa:54:4c:
4c:8d:cb:d8:0a:b9:77:b0:84:fe:ea:21:3c:1b:72:
db:2f:7c:b7:0f:93:aa:0c:c8:27:ce:ac:6f:f8:1d:
37:0e:63:97:f0:d8:4f:2a:20:6b:88:c3:3c:28:9f:
9e:f4:63:c9:96:50:7a:e7:ff:9d:c7:93:06:49:f0:
e9:7d:0b:3b:30:48:a7:bd:83:ee:a9:f4:1e:13:8f:
58:59:2d:7f:14:cd:72:f6:b5:87:85:59:57:27:82:
c0:40:a5:b4:da:91:44:0a:a7:bc:b0:6e:6b:72:7c:
7e:f6:00:98:55:58:fc:3e:a6:c4:ce:5d:67:52:1a:
64:54:24:95:14:09:b0:aa:78:d9:82:5a:03:e2:f2:
77:77:13:54:d5:8c:a2:83:c1:45:ad:55:85:53:8b:
e6:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:5D:47:7F:E1:1F:4E:D8:96:26:C0:80:47:0D:E6:B5:9F:4C:65:FD
X509v3 Authority Key Identifier:
keyid:D3:59:2A:AC:48:95:22:D5:DB:18:FD:63:91:E0:35:A9:77:8E:A3:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/01kqrEiVItXbGP1jkeA1qXeOo7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7b13fe-f62f-4e93-821e-e33ae106b54d/1/HV1Hf-EfTtiWJsCARw3mtZ9MZf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7b13fe-f62f-4e93-821e-e33ae106b54d/1/01kqrEiVItXbGP1jkeA1qXeOo7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.47.0/24
94.126.168.0/21
176.61.144.0/21
176.111.104.0/22
185.11.164.0/22
185.12.116.0/22
185.76.4.0/22
194.8.30.0/24
IPv6:
2a03:8bc0::/32
Signature Algorithm: sha256WithRSAEncryption
1d:15:00:9d:72:26:66:1f:1f:13:5f:f7:ce:07:98:fe:b4:24:
ca:cf:19:6e:bf:4f:44:b5:75:c9:3b:56:7a:d5:b9:5a:e8:ed:
87:29:8e:b9:9a:e3:52:35:2f:c1:59:93:5f:1c:c8:77:c7:4c:
ff:99:3e:b7:9c:4a:6c:d4:83:d3:00:f8:ef:cf:e1:6c:a3:8e:
92:b0:2b:c4:8d:30:d3:0c:14:90:4c:be:03:41:0e:4d:ed:c2:
85:3f:ff:e1:17:ba:c5:de:2a:a3:ac:7d:d7:27:6c:59:47:4b:
16:60:fe:cb:7b:bf:c8:f9:ec:42:c7:91:3d:1c:81:1a:ab:19:
6b:3a:b2:75:fe:19:6d:2e:df:15:bb:1c:3b:2f:03:d3:f5:79:
0c:b6:0d:19:10:c7:26:1e:de:1d:71:00:4f:ed:ee:81:15:72:
6b:4a:1f:e0:4b:62:c0:22:7b:db:99:19:fe:0b:0a:fa:f0:da:
25:4b:cc:ca:ee:af:34:ae:04:5d:65:2b:0b:48:ca:5b:1b:a9:
4b:fc:81:32:7e:8c:bc:1a:e9:d6:16:58:bb:f8:97:49:60:50:
30:8d:0b:17:70:62:96:b5:e2:15:2c:43:8a:65:22:34:82:62:
3d:bc:37:2d:8d:93:70:c5:42:b4:70:e9:ac:fe:d3:b9:88:9e:
1c:6c:75:2c
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYQ5Y3PuTYe9smu3Y5LezbBoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNTkyYWFjNDg5NTIyZDVkYjE4ZmQ2MzkxZTAzNWE5Nzc4
ZWEzYjEwHhcNMjIxMTAyMTcyODQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDVkNDc3ZmUxMWY0ZWQ4OTYyNmMwODA0NzBkZTZiNTlmNGM2NWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrtfozq+d52n2TD7qXLN7X84foYp
rNSHwMKYUDJD+xvqmzyC6bo/GxgV1yMHGWABE8YcqLObSZdTJbtBCugbKHjsRnsq
4vG2Y3NkwODtM/6ClhWWi19BQ83PTiiYjr+u8bdTZJmqVExMjcvYCrl3sIT+6iE8
G3LbL3y3D5OqDMgnzqxv+B03DmOX8NhPKiBriMM8KJ+e9GPJllB65/+dx5MGSfDp
fQs7MEinvYPuqfQeE49YWS1/FM1y9rWHhVlXJ4LAQKW02pFECqe8sG5rcnx+9gCY
VVj8PqbEzl1nUhpkVCSVFAmwqnjZgloD4vJ3dxNU1Yyig8FFrVWFU4vm0QIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFB1dR3/hH07YlibAgEcN5rWfTGX9MB8GA1UdIwQY
MBaAFNNZKqxIlSLV2xj9Y5HgNal3jqOxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDFrcXJFaVZJdFhiR1AxamtlQTFxWGVPbzdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC83YjEzZmUtZjYyZi00ZTkzLTgyMWUt
ZTMzYWUxMDZiNTRkLzEvSFYxSGYtRWZUdGlXSnNDQVJ3M210WjlNWmYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC83YjEzZmUtZjYyZi00ZTkzLTgyMWUtZTMzYWUxMDZiNTRk
LzEvMDFrcXJFaVZJdFhiR1AxamtlQTFxWGVPbzdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQAW8YvAwQD
Xn6oAwQDsD2QAwQCsG9oAwQCuQukAwQCuQx0AwQCuUwEAwQAwggeMA0EAgACMAcD
BQAqA4vAMA0GCSqGSIb3DQEBCwUAA4IBAQAdFQCdciZmHx8TX/fOB5j+tCTKzxlu
v09EtXXJO1Z61bla6O2HKY65muNSNS/BWZNfHMh3x0z/mT63nEps1IPTAPjvz+Fs
o46SsCvEjTDTDBSQTL4DQQ5N7cKFP//hF7rF3iqjrH3XJ2xZR0sWYP7Le7/I+exC
x5E9HIEaqxlrOrJ1/hltLt8Vuxw7LwPT9XkMtg0ZEMcmHt4dcQBP7e6BFXJrSh/g
S2LAInvbmRn+Cwr68NolS8zK7q80rgRdZSsLSMpbG6lL/IEyfoy8GunWFli7+JdJ
YFAwjQsXcGKWteIVLEOKZSI0gmI9vDctjZNwxUK0cOms/tO5iJ4cbHUs
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:04:08 2025 by rpki-client