Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/7f8821-1566-43f4-ab26-3d522181a2c4/1/HZ0mqpGINsoDh15KDG1VsjBIsXc.roa
File: HZ0mqpGINsoDh15KDG1VsjBIsXc.roa (raw, json)
Hash identifier: 4Z5d32fNRuayPb8oCX/sceWsCV8+/Qz8qqzb/feCKVs=
Subject key identifier: 1D:9D:26:AA:91:88:36:CA:03:87:5E:4A:0C:6D:55:B2:30:48:B1:77
Certificate issuer: /CN=beba48c7e2c9e05eda546d899146b89f799df85d
Certificate serial: 018A41AC4904E24748C54D89EAF1251E8352
Authority key identifier: BE:BA:48:C7:E2:C9:E0:5E:DA:54:6D:89:91:46:B8:9F:79:9D:F8:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vrpIx-LJ4F7aVG2JkUa4n3md-F0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/7f8821-1566-43f4-ab26-3d522181a2c4/1/HZ0mqpGINsoDh15KDG1VsjBIsXc.roa
Signing time: Tue 29 Aug 2023 14:22:04 +0000
ROA not before: Tue 29 Aug 2023 14:22:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208615
IP address blocks: 91.219.181.0/24 maxlen: 24
80.79.248.80/28 maxlen: 28
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:41:ac:49:04:e2:47:48:c5:4d:89:ea:f1:25:1e:83:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=beba48c7e2c9e05eda546d899146b89f799df85d
Validity
Not Before: Aug 29 14:22:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d9d26aa918836ca03875e4a0c6d55b23048b177
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:92:60:75:03:ea:a0:12:e2:5b:b8:c9:ad:dc:
b3:15:63:b1:af:53:f8:05:3b:5d:ba:83:6f:6f:21:
b1:31:45:f0:1b:c7:69:75:87:73:ba:f6:4a:93:d0:
62:53:90:6d:c4:4d:67:96:1c:53:da:8d:a4:a6:df:
be:42:5e:ca:46:09:de:76:6d:e6:c2:9b:ad:ff:b1:
c0:1a:17:00:aa:44:fa:35:6a:e6:83:b2:86:eb:21:
ab:cc:74:da:17:15:7e:68:b2:01:6e:66:45:40:ed:
f2:9e:cd:e3:12:c7:c4:08:00:10:c4:11:29:ed:c8:
75:de:86:0d:d3:51:f7:f9:35:be:f1:bb:f5:8a:bf:
0a:68:0b:e8:0d:bb:ab:67:e6:6c:70:89:0b:86:55:
09:17:ef:ca:e3:50:bd:32:88:c7:8b:2c:53:87:33:
2f:f4:18:2f:d0:13:61:b7:65:67:5c:8d:86:d0:50:
a4:21:27:9e:2c:ee:40:dd:3c:09:91:66:9e:5b:af:
cb:e7:3b:7e:db:e3:2e:b0:11:ea:cd:1a:d9:fe:6d:
e6:c0:81:b7:5c:1d:28:3e:9f:0a:83:94:5e:a4:94:
b8:01:7e:01:64:d3:40:ea:22:66:09:ff:ea:d6:44:
07:1c:e7:af:0c:08:74:b2:7f:74:55:c2:0f:95:30:
4d:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:9D:26:AA:91:88:36:CA:03:87:5E:4A:0C:6D:55:B2:30:48:B1:77
X509v3 Authority Key Identifier:
keyid:BE:BA:48:C7:E2:C9:E0:5E:DA:54:6D:89:91:46:B8:9F:79:9D:F8:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vrpIx-LJ4F7aVG2JkUa4n3md-F0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/7f8821-1566-43f4-ab26-3d522181a2c4/1/HZ0mqpGINsoDh15KDG1VsjBIsXc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/7f8821-1566-43f4-ab26-3d522181a2c4/1/vrpIx-LJ4F7aVG2JkUa4n3md-F0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.79.248.80/28
91.219.181.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:fc:c1:47:6e:f0:e0:dd:77:16:01:86:28:0a:96:79:7f:37:
9e:ee:4e:0b:18:14:e1:4b:77:9b:d4:db:c5:ad:f5:96:af:34:
86:cf:a9:ae:2a:56:45:3e:6d:01:63:6b:f8:b5:61:d1:a0:ba:
a3:d8:76:67:6e:a9:8a:c2:f5:c2:4d:92:1d:f3:0e:db:b6:ef:
6e:da:93:ab:15:e7:38:e7:35:b3:6a:e4:59:84:cb:51:38:6d:
61:5b:f0:83:8f:f5:d3:9c:1d:33:66:3e:48:cc:bf:1f:48:af:
b7:4d:43:3e:d2:c5:c5:f7:51:26:99:7d:e9:32:13:fc:e9:51:
ae:2e:c0:5e:11:95:f8:6f:38:9b:1d:33:9b:4d:7b:9c:d3:5f:
9e:4a:4e:be:0d:10:dd:0d:25:6a:bd:12:0f:20:2d:e4:2a:6f:
eb:96:7a:61:4b:32:57:b9:5b:09:1a:0b:3d:4f:f9:99:ac:8e:
83:8d:fd:cb:d1:43:df:5f:8f:4a:ac:f6:8e:95:2b:64:fd:11:
43:ac:aa:8a:51:50:ad:7e:af:00:db:2b:85:c4:df:60:29:86:
9f:9e:68:cb:0e:aa:5d:f5:b1:d8:c8:34:9c:c7:8a:30:2c:65:
a0:e1:eb:4f:b0:7c:3b:13:dc:af:e6:df:88:6d:82:89:37:aa:
2e:0b:4d:ab
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYpBrEkE4kdIxU2J6vElHoNSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlYmE0OGM3ZTJjOWUwNWVkYTU0NmQ4OTkxNDZiODlmNzk5
ZGY4NWQwHhcNMjMwODI5MTQyMjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDlkMjZhYTkxODgzNmNhMDM4NzVlNGEwYzZkNTViMjMwNDhiMTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAypJgdQPqoBLiW7jJrdyzFWOxr1P4
BTtduoNvbyGxMUXwG8dpdYdzuvZKk9BiU5BtxE1nlhxT2o2kpt++Ql7KRgnedm3m
wput/7HAGhcAqkT6NWrmg7KG6yGrzHTaFxV+aLIBbmZFQO3yns3jEsfECAAQxBEp
7ch13oYN01H3+TW+8bv1ir8KaAvoDburZ+ZscIkLhlUJF+/K41C9MojHiyxThzMv
9Bgv0BNht2VnXI2G0FCkISeeLO5A3TwJkWaeW6/L5zt+2+MusBHqzRrZ/m3mwIG3
XB0oPp8Kg5RepJS4AX4BZNNA6iJmCf/q1kQHHOevDAh0sn90VcIPlTBNewIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFB2dJqqRiDbKA4deSgxtVbIwSLF3MB8GA1UdIwQY
MBaAFL66SMfiyeBe2lRtiZFGuJ95nfhdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnJwSXgtTEo0RjdhVkcySmtVYTRuM21kLUYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC83Zjg4MjEtMTU2Ni00M2Y0LWFiMjYt
M2Q1MjIxODFhMmM0LzEvSFowbXFwR0lOc29EaDE1S0RHMVZzakJJc1hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC83Zjg4MjEtMTU2Ni00M2Y0LWFiMjYtM2Q1MjIxODFhMmM0
LzEvdnJwSXgtTEo0RjdhVkcySmtVYTRuM21kLUYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANAwUEUE/4UAME
AFvbtTANBgkqhkiG9w0BAQsFAAOCAQEAb/zBR27w4N13FgGGKAqWeX83nu5OCxgU
4Ut3m9Tbxa31lq80hs+pripWRT5tAWNr+LVh0aC6o9h2Z26pisL1wk2SHfMO27bv
btqTqxXnOOc1s2rkWYTLUThtYVvwg4/105wdM2Y+SMy/H0ivt01DPtLFxfdRJpl9
6TIT/OlRri7AXhGV+G84mx0zm017nNNfnkpOvg0Q3Q0lar0SDyAt5Cpv65Z6YUsy
V7lbCRoLPU/5mayOg439y9FD31+PSqz2jpUrZP0RQ6yqilFQrX6vANsrhcTfYCmG
n55oyw6qXfWx2Mg0nMeKMCxloOHrT7B8OxPcr+bfiG2CiTeqLgtNqw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:33 2025 by rpki-client