Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/7ed12b-53bd-4df6-aa6e-a2cc96899702/1/HqnG6o2PrOcclVGip0xLcCEwMiI.roa
File: HqnG6o2PrOcclVGip0xLcCEwMiI.roa (raw, json)
Hash identifier: O7F2kdw4YlS7LWGtlgW+7LD+mR5LW8sK6CdBvTTuTGU=
Subject key identifier: 1E:A9:C6:EA:8D:8F:AC:E7:1C:95:51:A2:A7:4C:4B:70:21:30:32:22
Certificate issuer: /CN=374dcfcf67b82b7ca7622fcc709209ecce37570e
Certificate serial: 0185719E62925BB88D3C6A23CC204BE161B8
Authority key identifier: 37:4D:CF:CF:67:B8:2B:7C:A7:62:2F:CC:70:92:09:EC:CE:37:57:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N03Pz2e4K3ynYi_McJIJ7M43Vw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/7ed12b-53bd-4df6-aa6e-a2cc96899702/1/HqnG6o2PrOcclVGip0xLcCEwMiI.roa
Signing time: Mon 02 Jan 2023 08:34:43 +0000
ROA not before: Mon 02 Jan 2023 08:34:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39232
IP address blocks: 178.237.72.0/21 maxlen: 21
185.81.84.0/23 maxlen: 23
185.81.84.0/22 maxlen: 22
185.81.86.0/23 maxlen: 23
178.237.64.0/21 maxlen: 21
178.237.64.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:9e:62:92:5b:b8:8d:3c:6a:23:cc:20:4b:e1:61:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=374dcfcf67b82b7ca7622fcc709209ecce37570e
Validity
Not Before: Jan 2 08:34:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1ea9c6ea8d8face71c9551a2a74c4b7021303222
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:3a:ff:d6:be:06:09:f2:89:4e:6c:c2:f1:03:
79:68:89:cc:68:32:19:ef:db:39:bf:ee:92:57:90:
0e:4e:21:4b:b4:36:24:b3:e3:45:0a:af:3b:fa:5a:
fa:6b:7c:bd:94:c3:b1:a9:fe:8a:54:00:23:b7:34:
35:d3:16:59:90:9e:0f:be:ff:39:26:b9:c7:6d:38:
7e:4d:fa:a2:63:5e:bf:32:ca:49:eb:55:86:6e:dc:
ce:2b:ad:63:87:b8:b3:d6:3b:01:58:1c:20:e6:08:
10:16:aa:84:9b:c5:97:67:8d:96:2d:7b:48:3e:b2:
11:c3:43:b2:d1:97:f2:35:04:88:ac:f0:01:0c:cb:
6a:f8:8e:6c:23:ab:84:ec:bc:88:28:12:c1:de:90:
f4:df:16:6b:bc:75:10:92:ea:cb:43:75:8a:eb:20:
ef:62:47:77:ad:13:e8:bc:3e:33:8c:f2:da:fe:85:
cf:2f:b4:7f:82:95:1a:83:c6:71:59:9d:4b:b8:67:
23:f6:8f:ad:96:b9:34:d0:7a:3b:f5:33:6c:48:a9:
fe:36:a5:3a:1c:da:f2:9c:fa:98:2b:9f:44:df:68:
b4:f5:b8:e5:08:c8:01:eb:eb:fd:e5:e7:e5:74:b4:
61:9b:16:47:c5:77:c1:7d:7c:dd:7e:14:c4:8e:fb:
28:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:A9:C6:EA:8D:8F:AC:E7:1C:95:51:A2:A7:4C:4B:70:21:30:32:22
X509v3 Authority Key Identifier:
keyid:37:4D:CF:CF:67:B8:2B:7C:A7:62:2F:CC:70:92:09:EC:CE:37:57:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N03Pz2e4K3ynYi_McJIJ7M43Vw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/7ed12b-53bd-4df6-aa6e-a2cc96899702/1/HqnG6o2PrOcclVGip0xLcCEwMiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/7ed12b-53bd-4df6-aa6e-a2cc96899702/1/N03Pz2e4K3ynYi_McJIJ7M43Vw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.237.64.0/20
185.81.84.0/22
Signature Algorithm: sha256WithRSAEncryption
af:d6:56:59:16:ce:cd:6c:04:ac:55:05:79:b1:db:f2:59:f6:
fd:6c:1c:7d:be:b0:26:a7:06:97:b8:be:13:e1:68:cb:af:25:
46:b2:4b:29:3c:3b:a9:c0:73:25:18:64:19:78:ec:12:b9:58:
05:c0:06:46:d3:db:3c:92:3f:81:33:87:99:2f:30:1d:89:1a:
47:f2:1c:8d:9f:d9:26:f5:71:b2:e0:80:7b:d9:5e:df:e6:13:
c5:b0:37:03:02:49:35:55:b9:81:a7:90:d5:00:8f:f8:e3:0b:
24:1d:bb:af:c7:20:b0:93:bc:9d:d9:d5:e5:b9:e5:d1:fb:6b:
8a:40:d6:f2:0c:14:2d:3a:d1:66:19:d9:ad:d0:e1:e8:99:06:
fa:ba:95:b8:fc:16:da:72:41:0c:8b:41:c0:c3:57:36:d3:ad:
e6:ad:f4:2a:7d:a1:a6:da:b5:e7:2b:48:cf:7c:e1:c8:41:a7:
a3:4b:18:3a:ff:4e:2a:d7:71:31:60:f3:1b:74:f5:ed:0f:77:
05:82:b2:fa:02:57:02:7d:95:d6:75:24:4d:2d:90:b0:7d:b1:
3a:f6:b4:9e:ce:03:34:fd:69:e8:b0:0f:4d:19:55:2e:8e:4b:
c4:fd:67:49:d3:11:64:87:d3:e1:e9:45:a0:de:08:f9:74:0f:
6d:84:c0:14
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxnmKSW7iNPGojzCBL4WG4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NGRjZmNmNjdiODJiN2NhNzYyMmZjYzcwOTIwOWVjY2Uz
NzU3MGUwHhcNMjMwMTAyMDgzNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWE5YzZlYThkOGZhY2U3MWM5NTUxYTJhNzRjNGI3MDIxMzAzMjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzr/1r4GCfKJTmzC8QN5aInMaDIZ
79s5v+6SV5AOTiFLtDYks+NFCq87+lr6a3y9lMOxqf6KVAAjtzQ10xZZkJ4Pvv85
JrnHbTh+TfqiY16/MspJ61WGbtzOK61jh7iz1jsBWBwg5ggQFqqEm8WXZ42WLXtI
PrIRw0Oy0ZfyNQSIrPABDMtq+I5sI6uE7LyIKBLB3pD03xZrvHUQkurLQ3WK6yDv
Ykd3rRPovD4zjPLa/oXPL7R/gpUag8ZxWZ1LuGcj9o+tlrk00Ho79TNsSKn+NqU6
HNrynPqYK59E32i09bjlCMgB6+v95efldLRhmxZHxXfBfXzdfhTEjvsogQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB6pxuqNj6znHJVRoqdMS3AhMDIiMB8GA1UdIwQY
MBaAFDdNz89nuCt8p2IvzHCSCezON1cOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjAzUHoyZTRLM3luWWlfTWNKSUo3TTQzVnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni83ZWQxMmItNTNiZC00ZGY2LWFhNmUt
YTJjYzk2ODk5NzAyLzEvSHFuRzZvMlByT2NjbFZHaXAweExjQ0V3TWlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni83ZWQxMmItNTNiZC00ZGY2LWFhNmUtYTJjYzk2ODk5NzAy
LzEvTjAzUHoyZTRLM3luWWlfTWNKSUo3TTQzVnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEsu1AAwQC
uVFUMA0GCSqGSIb3DQEBCwUAA4IBAQCv1lZZFs7NbASsVQV5sdvyWfb9bBx9vrAm
pwaXuL4T4WjLryVGskspPDupwHMlGGQZeOwSuVgFwAZG09s8kj+BM4eZLzAdiRpH
8hyNn9km9XGy4IB72V7f5hPFsDcDAkk1VbmBp5DVAI/44wskHbuvxyCwk7yd2dXl
ueXR+2uKQNbyDBQtOtFmGdmt0OHomQb6upW4/BbackEMi0HAw1c2063mrfQqfaGm
2rXnK0jPfOHIQaejSxg6/04q13ExYPMbdPXtD3cFgrL6AlcCfZXWdSRNLZCwfbE6
9rSezgM0/WnosA9NGVUujkvE/WdJ0xFkh9Ph6UWg3gj5dA9thMAU
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:06 2025 by rpki-client