Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/h1h3dqRDrCZPAT0iMzxnSywxdX0.roa
File: h1h3dqRDrCZPAT0iMzxnSywxdX0.roa (raw, json)
Hash identifier: 1fIIXzyYT+pkphOO2iy/TL9phJ5OXXiYCaxKnyOxC2w=
Subject key identifier: 87:58:77:76:A4:43:AC:26:4F:01:3D:22:33:3C:67:4B:2C:31:75:7D
Certificate issuer: /CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Certificate serial: 08A8CB8F
Authority key identifier: 1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/h1h3dqRDrCZPAT0iMzxnSywxdX0.roa
Signing time: Thu 13 Jan 2022 07:40:23 +0000
ROA not before: Thu 13 Jan 2022 07:40:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209927
IP address blocks: 92.118.133.0/24 maxlen: 24
92.118.132.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 145279887 (0x8a8cb8f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Validity
Not Before: Jan 13 07:40:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=87587776a443ac264f013d22333c674b2c31757d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:0c:b2:7c:54:6d:cb:f4:64:5b:be:ed:9d:80:
c8:e7:a5:64:01:79:08:5d:20:f1:59:93:ad:81:76:
39:90:9c:09:98:18:9d:8a:20:1a:77:3b:4c:b4:cf:
08:0f:e7:18:0a:ea:c3:7a:51:24:b2:f3:a3:22:2a:
81:23:67:ed:58:86:bd:d1:bf:08:99:7a:84:d4:3c:
9f:84:3a:f1:b3:77:59:bd:64:6d:4f:20:85:b8:45:
94:83:80:34:28:81:e3:1c:09:5b:47:39:4c:66:f4:
fb:0c:81:60:60:61:bd:73:89:b6:f5:77:c7:48:17:
76:df:14:32:11:86:9a:e9:68:6b:f5:90:09:0d:35:
00:8a:34:c0:2d:e0:47:7b:19:dd:c1:60:85:ff:22:
70:2b:39:1e:1d:f2:ff:9a:3e:f4:a0:fb:23:96:b2:
3e:f2:ca:f2:43:b3:aa:c9:c1:41:d0:68:38:8b:42:
ab:55:1a:b7:13:7e:ee:b8:50:dc:17:a1:3a:05:05:
7c:33:ff:9e:23:b2:d3:79:3d:2f:e4:7c:a2:10:1f:
b0:84:10:5f:5d:a0:05:60:f6:8e:55:53:a3:d3:dd:
d4:9d:76:84:a7:ff:4d:9c:44:31:cf:4c:72:d5:2c:
97:29:04:1b:8e:66:80:ab:ad:b3:c8:44:a7:c5:7b:
33:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:58:77:76:A4:43:AC:26:4F:01:3D:22:33:3C:67:4B:2C:31:75:7D
X509v3 Authority Key Identifier:
keyid:1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/h1h3dqRDrCZPAT0iMzxnSywxdX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/Hq9cLl7cGXg00H80WWKwdFvuZtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.118.132.0/23
Signature Algorithm: sha256WithRSAEncryption
22:48:24:af:80:90:7f:ea:3e:dc:4c:68:00:d4:72:38:d5:c4:
57:56:e5:ff:ec:af:63:ad:a8:11:77:44:28:a2:0d:ec:be:69:
bc:65:9e:9c:7d:fa:a7:c8:81:55:2b:12:42:9f:bc:73:5f:78:
a9:5f:8a:6e:17:e1:ba:39:7e:01:a4:00:19:bb:e2:2b:d5:33:
75:06:7c:14:47:cd:0b:bc:90:dc:f6:30:d6:5b:ef:18:2c:b7:
aa:a0:fc:fa:c2:a6:e7:c6:0b:15:34:b0:42:85:56:0c:bc:9c:
93:ba:f3:9b:0d:bd:78:e7:44:1c:dc:08:c6:16:5d:3b:26:bd:
b7:df:a1:f4:6c:11:8b:12:c2:a1:9a:2f:0b:3f:7b:e5:e1:20:
55:17:d6:29:02:1e:a8:52:47:56:22:33:92:0c:ab:a6:0e:a5:
f8:5f:c0:9a:f1:49:a4:5d:39:f2:b1:c7:54:b8:4d:14:20:60:
14:4b:44:0b:32:8f:20:67:b6:92:69:01:47:0b:24:81:1f:1f:
68:48:48:b9:20:0d:33:db:e3:05:ea:84:2c:18:d0:e8:4c:87:
48:da:62:a2:9a:3a:5e:d7:b8:e2:ed:f5:65:27:8f:8f:29:5a:
2a:ca:fb:a1:ef:d7:f5:47:66:3a:1a:1e:cf:88:df:63:56:18:
22:3e:19:26
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECKjLjzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZWFmNWMyZTVlZGMxOTc4MzRkMDdmMzQ1OTYyYjA3NDViZWU2NmQ3MB4XDTIyMDEx
MzA3NDAyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODc1ODc3NzZhNDQz
YWMyNjRmMDEzZDIyMzMzYzY3NGIyYzMxNzU3ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALgMsnxUbcv0ZFu+7Z2AyOelZAF5CF0g8VmTrYF2OZCcCZgY
nYogGnc7TLTPCA/nGArqw3pRJLLzoyIqgSNn7ViGvdG/CJl6hNQ8n4Q68bN3Wb1k
bU8ghbhFlIOANCiB4xwJW0c5TGb0+wyBYGBhvXOJtvV3x0gXdt8UMhGGmuloa/WQ
CQ01AIo0wC3gR3sZ3cFghf8icCs5Hh3y/5o+9KD7I5ayPvLK8kOzqsnBQdBoOItC
q1UatxN+7rhQ3BehOgUFfDP/niOy03k9L+R8ohAfsIQQX12gBWD2jlVTo9Pd1J12
hKf/TZxEMc9MctUslykEG45mgKuts8hEp8V7M8kCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSHWHd2pEOsJk8BPSIzPGdLLDF1fTAfBgNVHSMEGDAWgBQer1wuXtwZeDTQ
fzRZYrB0W+5m1zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hxOWNMbDdjR1hnMDBIODBXV0t3ZEZ2dVp0Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzYvMWNmYjkyLTljMzEtNDY0Zi05MzgyLTRhMzRjMWJiYWIyYi8x
L2gxaDNkcVJEckNaUEFUMGlNenhuU3l3eGRYMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzYv
MWNmYjkyLTljMzEtNDY0Zi05MzgyLTRhMzRjMWJiYWIyYi8xL0hxOWNMbDdjR1hn
MDBIODBXV0t3ZEZ2dVp0Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVx2hDANBgkqhkiG9w0BAQsFAAOC
AQEAIkgkr4CQf+o+3ExoANRyONXEV1bl/+yvY62oEXdEKKIN7L5pvGWenH36p8iB
VSsSQp+8c194qV+Kbhfhujl+AaQAGbviK9UzdQZ8FEfNC7yQ3PYw1lvvGCy3qqD8
+sKm58YLFTSwQoVWDLyck7rzmw29eOdEHNwIxhZdOya9t9+h9GwRixLCoZovCz97
5eEgVRfWKQIeqFJHViIzkgyrpg6l+F/AmvFJpF058rHHVLhNFCBgFEtECzKPIGe2
kmkBRwskgR8faEhIuSANM9vjBeqELBjQ6EyHSNpiopo6Xte44u31ZSePjylaKsr7
oe/X9UdmOhoez4jfY1YYIj4ZJg==
-----END CERTIFICATE-----
Generated at Sat Apr 19 03:17:35 2025 by rpki-client