Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/hglGB2_cdvAQTw8NjxK9DkJRvds.roa
File: hglGB2_cdvAQTw8NjxK9DkJRvds.roa (raw, json)
Hash identifier: pjfi8cIf4CgPXi2SLC5xlLNHDnxdVNxhNEovDxURHxY=
Subject key identifier: 86:09:46:07:6F:DC:76:F0:10:4F:0F:0D:8F:12:BD:0E:42:51:BD:DB
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0184F6F9C569B872357DF2C4793A498EDD83
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/hglGB2_cdvAQTw8NjxK9DkJRvds.roa
Signing time: Fri 09 Dec 2022 13:01:14 +0000
ROA not before: Fri 09 Dec 2022 13:01:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211373
IP address blocks: 81.168.117.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f6:f9:c5:69:b8:72:35:7d:f2:c4:79:3a:49:8e:dd:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 9 13:01:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=860946076fdc76f0104f0f0d8f12bd0e4251bddb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:68:2f:06:03:a3:f3:77:fc:9a:b6:df:26:6c:
bd:99:ae:29:ba:d0:15:7a:c5:9c:11:4f:31:1d:25:
90:62:a5:65:b2:23:58:58:2e:d8:9f:fb:5c:29:00:
3c:be:ec:f9:32:9f:2c:c8:96:5d:86:0e:cc:99:f2:
98:4c:d0:57:28:ff:c3:05:14:f5:1c:cb:6f:a3:c5:
e7:9b:0c:65:87:ed:28:e7:0c:a1:9d:4b:37:d3:e5:
f7:1e:6f:53:38:04:a7:b5:c3:87:3e:86:85:6a:6c:
82:a5:ed:81:d7:d7:c5:79:29:01:14:ae:3a:4d:ef:
8d:2d:df:25:e1:e1:d6:37:c3:90:89:b1:16:c6:7e:
02:fa:e2:ae:be:75:83:4c:a8:d7:d0:cc:7b:20:da:
95:9a:73:0d:68:93:6b:0c:2c:65:3e:e9:71:92:fc:
7f:f2:8e:b9:4d:6f:31:c4:1c:ce:fb:71:bd:45:de:
d4:13:4f:00:72:6e:ca:6a:35:f2:20:e8:31:94:e4:
ff:38:45:7e:e5:80:cf:53:4b:eb:72:e2:5c:15:e5:
78:c7:6e:e1:c4:18:40:68:e2:17:30:9c:45:5d:e1:
30:f1:57:dd:fb:12:aa:6c:28:f3:8b:65:b1:a5:72:
8f:3b:28:d8:ea:dc:24:4b:7a:e6:22:e3:64:6f:77:
89:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:09:46:07:6F:DC:76:F0:10:4F:0F:0D:8F:12:BD:0E:42:51:BD:DB
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/hglGB2_cdvAQTw8NjxK9DkJRvds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.117.0/24
Signature Algorithm: sha256WithRSAEncryption
13:53:13:4c:0e:3d:a6:27:bb:a4:06:47:f2:68:f8:f0:c5:22:
d9:5e:42:88:0a:0a:ee:48:06:27:70:d5:44:9a:d9:0d:33:88:
bf:32:5b:c1:0a:02:26:14:35:32:f3:a2:aa:80:5c:fa:44:80:
69:14:06:8b:c5:f5:60:7b:1c:3a:70:8e:6f:9d:3b:88:ca:2c:
d3:8f:21:87:98:f5:63:74:6d:49:00:51:1a:f1:41:49:3d:cd:
fc:8f:83:8b:4a:95:6e:93:02:18:18:2d:37:71:fb:84:89:7a:
eb:ee:7e:7b:c6:e1:6b:2b:04:86:e9:21:57:c9:94:47:01:c7:
3a:59:f6:21:11:36:e8:18:b0:fe:5d:b9:1a:f4:c7:49:39:b8:
a9:49:d1:cc:44:23:d5:1c:c1:8b:24:2f:28:9e:3c:ea:19:b7:
dc:82:42:a4:cf:27:c7:76:a2:05:b8:e0:57:a4:db:20:7b:d9:
b7:88:f3:10:4a:c1:78:53:fc:cf:2d:c6:1d:bf:59:93:97:f4:
ef:0f:51:cb:31:18:7e:2a:22:71:30:61:45:b4:9f:55:f7:97:
96:0e:91:b1:6f:83:f4:cf:dc:7c:7b:2f:9b:f8:fc:ee:a4:46:
21:87:4c:1e:7b:d3:97:c0:9d:5a:d9:e8:a8:88:45:72:bf:e5:
a2:b1:3b:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYT2+cVpuHI1ffLEeTpJjt2DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjIxMjA5MTMwMTE0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjA5NDYwNzZmZGM3NmYwMTA0ZjBmMGQ4ZjEyYmQwZTQyNTFiZGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiWgvBgOj83f8mrbfJmy9ma4putAV
esWcEU8xHSWQYqVlsiNYWC7Yn/tcKQA8vuz5Mp8syJZdhg7MmfKYTNBXKP/DBRT1
HMtvo8Xnmwxlh+0o5wyhnUs30+X3Hm9TOASntcOHPoaFamyCpe2B19fFeSkBFK46
Te+NLd8l4eHWN8OQibEWxn4C+uKuvnWDTKjX0Mx7INqVmnMNaJNrDCxlPulxkvx/
8o65TW8xxBzO+3G9Rd7UE08Acm7KajXyIOgxlOT/OEV+5YDPU0vrcuJcFeV4x27h
xBhAaOIXMJxFXeEw8Vfd+xKqbCjzi2WxpXKPOyjY6twkS3rmIuNkb3eJpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIYJRgdv3HbwEE8PDY8SvQ5CUb3bMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvaGdsR0IyX2NkdkFRVHc4Tmp4SzlEa0pSdmRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUah1MA0G
CSqGSIb3DQEBCwUAA4IBAQATUxNMDj2mJ7ukBkfyaPjwxSLZXkKICgruSAYncNVE
mtkNM4i/MlvBCgImFDUy86KqgFz6RIBpFAaLxfVgexw6cI5vnTuIyizTjyGHmPVj
dG1JAFEa8UFJPc38j4OLSpVukwIYGC03cfuEiXrr7n57xuFrKwSG6SFXyZRHAcc6
WfYhETboGLD+Xbka9MdJObipSdHMRCPVHMGLJC8onjzqGbfcgkKkzyfHdqIFuOBX
pNsge9m3iPMQSsF4U/zPLcYdv1mTl/TvD1HLMRh+KiJxMGFFtJ9V95eWDpGxb4P0
z9x8ey+b+PzupEYhh0wee9OXwJ1a2eioiEVyv+WisTui
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:33:29 2025 by rpki-client