Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/50b082-43c9-4b50-904c-abde7a65e04a/1/Hlev5R_-ARub-gHk6ne5FsclWuA.roa
File: Hlev5R_-ARub-gHk6ne5FsclWuA.roa (raw, json)
Hash identifier: LOp70rn6DWWo+JTR42LaUYpEjI3khhuT+jgf+QoHfUo=
Subject key identifier: 1E:57:AF:E5:1F:FE:01:1B:9B:FA:01:E4:EA:77:B9:16:C7:25:5A:E0
Certificate issuer: /CN=fdc365aafbe0e45a04dd15e9c231121e9eaea8f2
Certificate serial: 01872C9D75121419B568DE315A0442C91AB5
Authority key identifier: FD:C3:65:AA:FB:E0:E4:5A:04:DD:15:E9:C2:31:12:1E:9E:AE:A8:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_cNlqvvg5FoE3RXpwjESHp6uqPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/50b082-43c9-4b50-904c-abde7a65e04a/1/Hlev5R_-ARub-gHk6ne5FsclWuA.roa
Signing time: Wed 29 Mar 2023 09:05:29 +0000
ROA not before: Wed 29 Mar 2023 09:05:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205116
IP address blocks: 212.6.35.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:2c:9d:75:12:14:19:b5:68:de:31:5a:04:42:c9:1a:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fdc365aafbe0e45a04dd15e9c231121e9eaea8f2
Validity
Not Before: Mar 29 09:05:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e57afe51ffe011b9bfa01e4ea77b916c7255ae0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:50:ea:33:ed:0b:5e:f0:38:bc:98:61:d9:f3:
75:dc:06:17:c6:1f:dd:5b:54:52:f3:80:8c:33:09:
a2:a9:96:fd:87:c4:8c:23:20:9d:5c:1b:8b:a7:ec:
3c:8f:fa:dd:95:b3:c8:ab:a4:f0:6f:ae:bb:b4:2a:
2d:26:1f:31:c5:90:04:ea:8f:3a:5e:ed:82:07:6c:
8c:a7:89:76:da:b3:c0:c0:28:03:ea:69:a9:65:f2:
0a:bb:98:f0:f7:1c:5d:10:08:58:bc:88:fa:1f:b4:
7f:f9:29:5d:5c:36:f2:5f:94:da:9d:11:e0:33:4a:
14:02:97:f4:8b:0f:b6:68:03:56:c6:31:d4:b6:1d:
75:9e:02:2e:b7:29:43:1b:c9:88:4b:05:75:47:a3:
0f:ba:03:11:6b:2d:20:a5:a2:30:38:78:4b:d1:1e:
97:a2:ae:c1:e5:86:2e:11:fc:c5:a5:bc:3e:dd:7a:
ea:54:15:f0:ea:dc:53:43:6a:1b:2e:ca:f0:57:34:
db:b3:7d:a4:68:f3:28:0c:03:98:80:79:57:38:23:
a1:b2:ab:98:a1:9c:65:9b:73:0a:e1:16:54:a4:b5:
de:7d:31:06:7f:4d:d4:cb:c6:0d:c4:e0:d5:c2:58:
76:86:be:39:f7:dd:f0:d0:49:08:4b:ff:43:25:8d:
cb:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:57:AF:E5:1F:FE:01:1B:9B:FA:01:E4:EA:77:B9:16:C7:25:5A:E0
X509v3 Authority Key Identifier:
keyid:FD:C3:65:AA:FB:E0:E4:5A:04:DD:15:E9:C2:31:12:1E:9E:AE:A8:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_cNlqvvg5FoE3RXpwjESHp6uqPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/50b082-43c9-4b50-904c-abde7a65e04a/1/Hlev5R_-ARub-gHk6ne5FsclWuA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/50b082-43c9-4b50-904c-abde7a65e04a/1/_cNlqvvg5FoE3RXpwjESHp6uqPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.6.35.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:6a:18:1b:7c:1f:18:08:29:56:62:cc:bc:24:51:7d:64:94:
9b:70:1b:8a:c6:e2:4b:21:de:65:68:52:8a:a3:02:ea:31:b0:
6e:81:86:17:63:67:c5:f0:39:ae:71:93:5f:b1:1f:e0:49:cc:
fc:2e:3f:35:cb:94:12:77:99:ab:98:f6:34:0d:5e:48:9f:d8:
84:8f:9a:de:be:14:4f:0c:8c:3d:98:60:4c:ed:57:9c:b3:6e:
0c:d1:fe:40:5e:36:ea:87:b9:11:1e:59:65:22:dd:f1:18:b9:
ac:53:c7:c0:df:5d:e8:44:ea:f2:56:89:a2:7e:cd:ed:d1:b5:
7c:6c:84:f1:92:d4:92:fc:b4:57:41:03:24:de:01:0f:05:d1:
08:47:f8:6a:4f:33:f1:65:77:27:03:3c:8d:a1:a8:67:75:27:
c7:30:bf:99:82:41:3c:e1:6d:9a:89:74:31:08:22:f8:c5:d9:
ed:d5:0a:1b:3b:51:29:dd:b4:d1:58:4c:24:ee:8d:8d:97:6b:
c3:d5:e7:a6:99:84:96:55:bb:04:49:e4:e8:ce:d0:d8:ee:28:
46:5b:c5:e2:c2:39:38:08:3b:e9:9e:54:34:e6:08:0c:d7:eb:
3b:a2:75:db:49:e4:17:5a:53:83:0e:2d:39:05:40:23:37:e0:
e5:2c:52:b8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcsnXUSFBm1aN4xWgRCyRq1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkYzM2NWFhZmJlMGU0NWEwNGRkMTVlOWMyMzExMjFlOWVh
ZWE4ZjIwHhcNMjMwMzI5MDkwNTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTU3YWZlNTFmZmUwMTFiOWJmYTAxZTRlYTc3YjkxNmM3MjU1YWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi1DqM+0LXvA4vJhh2fN13AYXxh/d
W1RS84CMMwmiqZb9h8SMIyCdXBuLp+w8j/rdlbPIq6Twb667tCotJh8xxZAE6o86
Xu2CB2yMp4l22rPAwCgD6mmpZfIKu5jw9xxdEAhYvIj6H7R/+SldXDbyX5TanRHg
M0oUApf0iw+2aANWxjHUth11ngIutylDG8mISwV1R6MPugMRay0gpaIwOHhL0R6X
oq7B5YYuEfzFpbw+3XrqVBXw6txTQ2obLsrwVzTbs32kaPMoDAOYgHlXOCOhsquY
oZxlm3MK4RZUpLXefTEGf03Uy8YNxODVwlh2hr45993w0EkIS/9DJY3L0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB5Xr+Uf/gEbm/oB5Op3uRbHJVrgMB8GA1UdIwQY
MBaAFP3DZar74ORaBN0V6cIxEh6erqjyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2NObHF2dmc1Rm9FM1JYcHdqRVNIcDZ1cVBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81MGIwODItNDNjOS00YjUwLTkwNGMt
YWJkZTdhNjVlMDRhLzEvSGxldjVSXy1BUnViLWdIazZuZTVGc2NsV3VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81MGIwODItNDNjOS00YjUwLTkwNGMtYWJkZTdhNjVlMDRh
LzEvX2NObHF2dmc1Rm9FM1JYcHdqRVNIcDZ1cVBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1AYjMA0G
CSqGSIb3DQEBCwUAA4IBAQCaahgbfB8YCClWYsy8JFF9ZJSbcBuKxuJLId5laFKK
owLqMbBugYYXY2fF8DmucZNfsR/gScz8Lj81y5QSd5mrmPY0DV5In9iEj5revhRP
DIw9mGBM7Vecs24M0f5AXjbqh7kRHlllIt3xGLmsU8fA313oROryVomifs3t0bV8
bITxktSS/LRXQQMk3gEPBdEIR/hqTzPxZXcnAzyNoahndSfHML+ZgkE84W2aiXQx
CCL4xdnt1QobO1Ep3bTRWEwk7o2Nl2vD1eemmYSWVbsESeToztDY7ihGW8Xiwjk4
CDvpnlQ05ggM1+s7onXbSeQXWlODDi05BUAjN+DlLFK4
-----END CERTIFICATE-----
Generated at Sun Apr 20 05:02:49 2025 by rpki-client