Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/hfx70kXeX5N0wR89GmbjKb34Bfc.roa
File: hfx70kXeX5N0wR89GmbjKb34Bfc.roa (raw, json)
Hash identifier: yQodpgpz6YCbDWzWc0+eIIhpVMHlHgxQBO1+0y0Oijg=
Subject key identifier: 85:FC:7B:D2:45:DE:5F:93:74:C1:1F:3D:1A:66:E3:29:BD:F8:05:F7
Certificate issuer: /CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Certificate serial: 25BAFE
Authority key identifier: A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/hfx70kXeX5N0wR89GmbjKb34Bfc.roa
Signing time: Fri 25 Mar 2022 13:54:49 +0000
ROA not before: Fri 25 Mar 2022 13:54:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42675
IP address blocks: 194.32.144.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2472702 (0x25bafe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Validity
Not Before: Mar 25 13:54:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=85fc7bd245de5f9374c11f3d1a66e329bdf805f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:96:45:e0:96:76:ba:21:21:7c:10:43:67:86:
f6:09:b8:e1:33:fd:59:43:ca:3f:11:35:1f:bd:1b:
9b:7a:30:10:0e:37:04:2f:8d:16:19:54:1f:ff:93:
3a:7e:c0:0a:5d:9a:f8:db:ea:c0:fd:b2:58:7c:57:
5d:94:01:c5:4f:e5:c3:0e:8e:ed:c1:78:17:a5:f0:
b4:d8:f0:87:ef:bc:7d:4c:da:99:eb:f9:80:73:6e:
e1:4e:58:10:9d:8e:7b:d9:40:29:6a:6f:79:ee:31:
f7:24:7e:6d:ef:08:70:55:6a:24:6a:9b:97:75:1f:
e4:98:8d:74:bc:76:f2:b8:e4:00:8b:9d:88:4e:23:
c1:5b:89:94:c2:f7:23:aa:ce:85:6e:c5:36:c9:64:
5b:50:14:c1:af:ac:e7:0c:85:13:58:eb:80:18:e4:
ed:c6:2b:cc:34:89:79:02:b9:22:35:a4:9e:59:dd:
fb:fa:9e:0a:5f:8a:72:58:58:44:c9:65:68:a9:57:
40:74:15:97:37:69:53:e2:17:13:d4:bb:fb:75:14:
8d:1f:e5:13:36:43:d5:13:e8:b4:6b:0c:ef:84:65:
3f:f2:61:da:1f:b7:cd:52:73:35:5e:b4:3e:99:e8:
a0:c0:44:f0:c6:d4:26:6a:78:21:fa:b7:dd:f7:44:
30:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:FC:7B:D2:45:DE:5F:93:74:C1:1F:3D:1A:66:E3:29:BD:F8:05:F7
X509v3 Authority Key Identifier:
keyid:A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/hfx70kXeX5N0wR89GmbjKb34Bfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/p_0_iTNdz4KGZrKPrYrpk71EiHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.32.144.0/22
Signature Algorithm: sha256WithRSAEncryption
8e:1e:1f:04:09:91:15:c3:d9:25:f2:15:05:62:e6:eb:df:55:
41:59:71:d9:87:95:d2:0e:26:84:b9:78:1a:15:c6:91:ec:81:
30:d2:96:98:7c:a2:db:bb:03:fa:c1:96:38:28:21:3c:f4:f2:
36:68:8a:34:8c:7d:03:25:b1:ca:9d:23:00:87:00:42:a5:73:
68:1b:84:72:ee:af:99:27:48:ef:85:e4:76:7f:3b:77:5b:39:
fc:52:03:d5:af:6d:b2:e0:08:a9:f2:0d:00:35:d8:18:06:ea:
6c:39:6d:3d:92:07:16:b2:d3:a4:cb:94:64:68:ce:3a:08:ab:
26:fe:6b:8c:5b:a0:99:26:6a:82:85:56:78:99:4a:cd:d6:f5:
20:34:c6:d6:d3:57:a7:bb:a8:ff:6d:2e:ec:cb:ac:98:1f:20:
c4:e3:f3:f7:cc:55:31:ee:7b:22:ad:17:b6:48:b2:d7:ac:69:
ad:c3:ab:34:6e:b4:89:22:ad:a1:7f:19:b0:08:86:43:c7:3a:
cb:8b:ef:1e:3b:7f:0a:32:83:15:df:a5:b7:cd:91:15:93:0a:
c4:dd:97:ba:64:19:70:c5:e1:55:52:35:76:78:e8:c9:72:f0:
ea:eb:e4:29:ae:63:70:32:f9:67:c7:36:4d:81:39:99:20:8d:
ae:39:bf:38
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDJbr+MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE3
ZmQzZjg5MzM1ZGNmODI4NjY2YjI4ZmFkOGFlOTkzYmQ0NDg4NzgwHhcNMjIwMzI1
MTM1NDQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg4NWZjN2JkMjQ1ZGU1
ZjkzNzRjMTFmM2QxYTY2ZTMyOWJkZjgwNWY3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAm5ZF4JZ2uiEhfBBDZ4b2CbjhM/1ZQ8o/ETUfvRubejAQDjcE
L40WGVQf/5M6fsAKXZr42+rA/bJYfFddlAHFT+XDDo7twXgXpfC02PCH77x9TNqZ
6/mAc27hTlgQnY572UApam957jH3JH5t7whwVWokapuXdR/kmI10vHbyuOQAi52I
TiPBW4mUwvcjqs6FbsU2yWRbUBTBr6znDIUTWOuAGOTtxivMNIl5ArkiNaSeWd37
+p4KX4pyWFhEyWVoqVdAdBWXN2lT4hcT1Lv7dRSNH+UTNkPVE+i0awzvhGU/8mHa
H7fNUnM1XrQ+meigwETwxtQmangh+rfd90QwlwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFIX8e9JF3l+TdMEfPRpm4ym9+AX3MB8GA1UdIwQYMBaAFKf9P4kzXc+Chmay
j62K6ZO9RIh4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
cF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTItYzBiMWFkNDM1Yjk1LzEv
aGZ4NzBrWGVYNU4wd1I4OUdtYmpLYjM0QmZjLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8z
ODhmZDgtYzgxZi00ZTcxLWFmNTItYzBiMWFkNDM1Yjk1LzEvcF8wX2lUTmR6NEtH
WnJLUHJZcnBrNzFFaUhnLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwiCQMA0GCSqGSIb3DQEBCwUAA4IB
AQCOHh8ECZEVw9kl8hUFYubr31VBWXHZh5XSDiaEuXgaFcaR7IEw0paYfKLbuwP6
wZY4KCE89PI2aIo0jH0DJbHKnSMAhwBCpXNoG4Ry7q+ZJ0jvheR2fzt3Wzn8UgPV
r22y4Aip8g0ANdgYBupsOW09kgcWstOky5RkaM46CKsm/muMW6CZJmqChVZ4mUrN
1vUgNMbW01enu6j/bS7sy6yYHyDE4/P3zFUx7nsirRe2SLLXrGmtw6s0brSJIq2h
fxmwCIZDxzrLi+8eO38KMoMV36W3zZEVkwrE3Ze6ZBlwxeFVUjV2eOjJcvDq6+Qp
rmNwMvlnxzZNgTmZII2uOb84
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:13:53 2025 by rpki-client