Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/c6f86d-f795-419f-ad31-ee9c3452cbaf/1/hkwsL2j19YFxl2746wL_Gd7PdJs.roa
File: hkwsL2j19YFxl2746wL_Gd7PdJs.roa (raw, json)
Hash identifier: ZBHlNMjrys6IYznMvXsPAPgLWxVUKyy/EQEDqCXM0ug=
Subject key identifier: 86:4C:2C:2F:68:F5:F5:81:71:97:6E:F8:EB:02:FF:19:DE:CF:74:9B
Certificate issuer: /CN=418df868f7d9e98d4fd41e6da597a283c9141b44
Certificate serial: 01856C0A569A5792258DF9B24BAA2C9A568A
Authority key identifier: 41:8D:F8:68:F7:D9:E9:8D:4F:D4:1E:6D:A5:97:A2:83:C9:14:1B:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QY34aPfZ6Y1P1B5tpZeig8kUG0Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/c6f86d-f795-419f-ad31-ee9c3452cbaf/1/hkwsL2j19YFxl2746wL_Gd7PdJs.roa
Signing time: Sun 01 Jan 2023 06:34:54 +0000
ROA not before: Sun 01 Jan 2023 06:34:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202409
IP address blocks: 185.1.166.0/23 maxlen: 32
2001:7f8:f2::/48 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:0a:56:9a:57:92:25:8d:f9:b2:4b:aa:2c:9a:56:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=418df868f7d9e98d4fd41e6da597a283c9141b44
Validity
Not Before: Jan 1 06:34:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=864c2c2f68f5f58171976ef8eb02ff19decf749b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:e2:81:b4:02:35:96:2c:38:5a:9d:04:d9:52:
dd:80:ab:8f:a5:3a:59:f6:ea:77:57:18:c3:09:de:
d8:05:a9:3e:56:07:37:ec:d7:ff:ea:6c:dd:44:a6:
89:f0:7a:cc:89:6b:bd:b9:59:64:b2:a9:42:9a:e5:
71:6b:56:ed:ba:0f:6f:ef:7f:36:73:b9:6f:f2:ee:
66:dc:07:1a:98:eb:51:a8:a9:2d:8b:e0:dd:6a:d3:
88:ed:31:56:ea:d4:06:23:53:79:95:0d:1c:5b:96:
57:62:69:60:f9:87:35:cb:0a:7e:49:73:7e:db:10:
c9:ab:75:b7:31:29:72:95:58:bd:66:3e:c5:c3:00:
87:42:8c:a7:62:9e:3d:8e:89:1e:79:9c:ce:2d:d9:
78:f5:0e:28:bd:44:4e:09:74:86:b2:a7:17:25:6e:
e8:c6:4c:dc:26:eb:79:20:1b:91:41:6a:b4:df:99:
2a:f3:1a:15:53:15:33:80:62:b4:fa:2f:96:16:f3:
6b:e0:bc:c4:ff:06:6c:7f:87:52:0c:62:e2:66:38:
d2:aa:4e:0c:8d:4f:87:d2:51:76:05:7b:d3:c2:ba:
b2:5a:fe:8c:20:53:10:b6:ec:0b:6d:f8:1c:d5:30:
7c:a3:da:09:10:34:59:6a:d9:e0:81:fc:a9:51:e2:
15:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:4C:2C:2F:68:F5:F5:81:71:97:6E:F8:EB:02:FF:19:DE:CF:74:9B
X509v3 Authority Key Identifier:
keyid:41:8D:F8:68:F7:D9:E9:8D:4F:D4:1E:6D:A5:97:A2:83:C9:14:1B:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QY34aPfZ6Y1P1B5tpZeig8kUG0Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/c6f86d-f795-419f-ad31-ee9c3452cbaf/1/hkwsL2j19YFxl2746wL_Gd7PdJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/c6f86d-f795-419f-ad31-ee9c3452cbaf/1/QY34aPfZ6Y1P1B5tpZeig8kUG0Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.166.0/23
IPv6:
2001:7f8:f2::/48
Signature Algorithm: sha256WithRSAEncryption
4d:8e:14:e2:db:cd:81:24:98:ff:c9:a0:6d:9c:c4:70:0b:d8:
a2:ac:73:23:c1:af:8a:af:1e:ba:37:da:c7:3f:3c:0d:01:e9:
31:61:07:2b:2a:da:95:4e:2a:1e:9f:20:94:2b:fe:9c:75:b2:
67:4d:16:1a:e0:d7:42:3f:0c:27:96:7f:95:79:8b:22:64:29:
b2:f7:f5:60:60:09:5f:1c:30:c5:60:36:30:b9:f4:2a:6d:f4:
d3:51:d2:25:d0:b6:e3:44:ad:79:2a:55:be:06:d6:63:15:aa:
b2:0e:8e:bf:a0:79:bd:35:b1:24:28:67:e9:3d:93:e9:da:11:
2a:51:f1:a8:ed:69:2a:73:e9:a7:c6:27:39:1f:00:1a:40:85:
ae:d7:64:37:44:28:b2:64:6b:d5:d8:c8:b7:45:8d:1c:21:46:
51:ff:72:48:2b:f3:5b:47:df:48:3a:fe:33:59:56:24:cd:67:
92:64:8e:8e:c6:35:f2:75:47:6b:53:8a:c5:2f:9c:a3:1b:15:
04:4d:9d:be:1d:e8:bd:9f:74:00:0b:7c:7e:bb:69:4f:e2:10:
d9:b3:92:45:5f:e9:04:5f:5a:ca:b3:5e:22:0c:4e:ef:d6:2b:
f9:e2:c3:2b:4a:ab:5a:3e:e9:79:65:eb:05:2b:53:49:1a:05:
f5:d5:bf:42
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVsClaaV5IljfmyS6osmlaKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxOGRmODY4ZjdkOWU5OGQ0ZmQ0MWU2ZGE1OTdhMjgzYzkx
NDFiNDQwHhcNMjMwMTAxMDYzNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjRjMmMyZjY4ZjVmNTgxNzE5NzZlZjhlYjAyZmYxOWRlY2Y3NDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAseKBtAI1liw4Wp0E2VLdgKuPpTpZ
9up3VxjDCd7YBak+Vgc37Nf/6mzdRKaJ8HrMiWu9uVlksqlCmuVxa1btug9v7382
c7lv8u5m3AcamOtRqKkti+DdatOI7TFW6tQGI1N5lQ0cW5ZXYmlg+Yc1ywp+SXN+
2xDJq3W3MSlylVi9Zj7FwwCHQoynYp49jokeeZzOLdl49Q4ovUROCXSGsqcXJW7o
xkzcJut5IBuRQWq035kq8xoVUxUzgGK0+i+WFvNr4LzE/wZsf4dSDGLiZjjSqk4M
jU+H0lF2BXvTwrqyWv6MIFMQtuwLbfgc1TB8o9oJEDRZatnggfypUeIVhQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIZMLC9o9fWBcZdu+OsC/xnez3SbMB8GA1UdIwQY
MBaAFEGN+Gj32emNT9QebaWXooPJFBtEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVkzNGFQZlo2WTFQMUI1dHBaZWlnOGtVRzBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9jNmY4NmQtZjc5NS00MTlmLWFkMzEt
ZWU5YzM0NTJjYmFmLzEvaGt3c0wyajE5WUZ4bDI3NDZ3TF9HZDdQZEpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9jNmY4NmQtZjc5NS00MTlmLWFkMzEtZWU5YzM0NTJjYmFm
LzEvUVkzNGFQZlo2WTFQMUI1dHBaZWlnOGtVRzBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBuQGmMA8E
AgACMAkDBwAgAQf4APIwDQYJKoZIhvcNAQELBQADggEBAE2OFOLbzYEkmP/JoG2c
xHAL2KKscyPBr4qvHro32sc/PA0B6TFhBysq2pVOKh6fIJQr/px1smdNFhrg10I/
DCeWf5V5iyJkKbL39WBgCV8cMMVgNjC59Cpt9NNR0iXQtuNErXkqVb4G1mMVqrIO
jr+geb01sSQoZ+k9k+naESpR8ajtaSpz6afGJzkfABpAha7XZDdEKLJka9XYyLdF
jRwhRlH/ckgr81tH30g6/jNZViTNZ5Jkjo7GNfJ1R2tTisUvnKMbFQRNnb4d6L2f
dAALfH67aU/iENmzkkVf6QRfWsqzXiIMTu/WK/niwytKq1o+6Xll6wUrU0kaBfXV
v0I=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:11 2025 by rpki-client