Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/92c8a4-4a95-486d-9993-3f7aa446f7a8/1/hr3HXHR-ul6z8lGCg_ylTnETqOc.roa
File: hr3HXHR-ul6z8lGCg_ylTnETqOc.roa (raw, json)
Hash identifier: 25jWFp3R3tQ1vtT7hTTsUr05GkphJGYECA8Rv24dX74=
Subject key identifier: 86:BD:C7:5C:74:7E:BA:5E:B3:F2:51:82:83:FC:A5:4E:71:13:A8:E7
Certificate issuer: /CN=ea9d376d5441f48b3dd508515b16fe95c5a11782
Certificate serial: 018834269826A8A26F0492251FB3B869BE39
Authority key identifier: EA:9D:37:6D:54:41:F4:8B:3D:D5:08:51:5B:16:FE:95:C5:A1:17:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6p03bVRB9Is91QhRWxb-lcWhF4I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/92c8a4-4a95-486d-9993-3f7aa446f7a8/1/hr3HXHR-ul6z8lGCg_ylTnETqOc.roa
Signing time: Fri 19 May 2023 13:15:24 +0000
ROA not before: Fri 19 May 2023 13:15:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30925
IP address blocks: 194.124.196.0/22 maxlen: 22
185.220.212.0/22 maxlen: 22
185.226.76.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:34:26:98:26:a8:a2:6f:04:92:25:1f:b3:b8:69:be:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea9d376d5441f48b3dd508515b16fe95c5a11782
Validity
Not Before: May 19 13:15:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=86bdc75c747eba5eb3f2518283fca54e7113a8e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:54:58:06:15:35:33:89:e7:34:8d:38:9a:2e:
ec:55:e3:1b:72:95:d4:5e:e9:a5:66:98:52:2e:04:
9b:2c:69:54:c8:6c:07:1a:f3:5d:c0:22:c2:fa:61:
05:26:a5:aa:ba:29:33:fd:ac:02:2b:78:74:c9:99:
08:52:3f:12:8e:08:ee:e9:b6:29:01:c5:5b:75:0f:
29:68:c7:a5:31:9a:0e:48:0e:39:7f:6e:9f:de:da:
df:b9:e1:3b:18:0d:9e:c8:8c:ce:8a:75:77:e8:44:
a4:b2:5c:3e:89:ae:70:d8:82:d7:aa:ea:9f:66:2b:
24:2b:e4:38:3e:0e:d0:c2:ef:ec:51:4d:6d:9e:6a:
90:c2:5e:bc:7a:19:58:04:1a:13:09:8e:41:d5:eb:
ef:11:c9:7f:03:a6:b4:3c:69:c4:24:23:6b:f5:60:
23:5f:5b:16:66:3c:68:41:da:b5:5f:8d:16:2d:de:
c5:37:ac:32:c8:e6:0f:cb:4b:f0:e5:d5:ea:60:3a:
10:a1:38:15:b8:37:cc:a6:62:e4:ca:4b:f4:de:34:
80:7b:63:da:6f:b4:19:01:05:fd:f2:00:8c:af:dd:
94:9e:ce:e4:54:4e:96:f5:51:24:ef:b4:4d:47:82:
c2:f1:13:92:bd:ff:b4:79:b4:de:54:8c:d5:54:4c:
c3:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:BD:C7:5C:74:7E:BA:5E:B3:F2:51:82:83:FC:A5:4E:71:13:A8:E7
X509v3 Authority Key Identifier:
keyid:EA:9D:37:6D:54:41:F4:8B:3D:D5:08:51:5B:16:FE:95:C5:A1:17:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6p03bVRB9Is91QhRWxb-lcWhF4I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/92c8a4-4a95-486d-9993-3f7aa446f7a8/1/hr3HXHR-ul6z8lGCg_ylTnETqOc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/92c8a4-4a95-486d-9993-3f7aa446f7a8/1/6p03bVRB9Is91QhRWxb-lcWhF4I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.212.0/22
185.226.76.0/22
194.124.196.0/22
Signature Algorithm: sha256WithRSAEncryption
51:ed:0e:7f:fe:94:de:b1:f2:63:84:59:b2:e7:3e:90:d8:ce:
14:55:fa:4f:4a:36:e8:6b:29:3c:f3:14:74:36:8b:ed:89:93:
6d:fc:b3:c1:96:96:2d:61:ff:f7:85:a0:e7:6c:c5:98:70:22:
fe:2d:1b:bf:3f:1e:87:42:f9:ed:d4:19:1f:af:d5:0f:c4:e2:
cd:36:78:03:62:63:ce:bb:e1:1e:0c:52:0a:80:e9:e1:0f:2f:
6b:cf:2a:03:f4:a3:88:07:6c:60:b7:8f:de:77:f3:ed:50:9e:
84:16:b2:51:cc:73:50:dd:86:18:9f:88:1e:02:37:71:4b:08:
7c:39:2c:44:60:7e:4b:b9:e9:af:2f:07:ad:fd:7f:dc:28:74:
48:3d:4e:29:69:8e:45:08:e6:b3:c8:4a:5a:fb:ac:76:71:c2:
e7:64:80:67:b6:91:44:f6:c6:52:87:b1:96:7e:fc:ef:c4:63:
77:28:5e:6f:eb:47:a2:4e:c4:98:4f:0e:da:07:04:6d:87:1e:
b1:a5:c7:70:64:c1:a6:3b:51:4b:85:cb:21:ac:c2:88:09:ba:
e8:20:3d:97:8c:d9:8b:35:29:63:9a:64:d0:48:2f:0d:ba:0d:
f3:da:03:bd:26:96:74:91:b0:34:58:1e:e9:22:1b:c5:b2:39:
c8:69:5a:83
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYg0JpgmqKJvBJIlH7O4ab45MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhOWQzNzZkNTQ0MWY0OGIzZGQ1MDg1MTViMTZmZTk1YzVh
MTE3ODIwHhcNMjMwNTE5MTMxNTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmJkYzc1Yzc0N2ViYTVlYjNmMjUxODI4M2ZjYTU0ZTcxMTNhOGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAplRYBhU1M4nnNI04mi7sVeMbcpXU
XumlZphSLgSbLGlUyGwHGvNdwCLC+mEFJqWquikz/awCK3h0yZkIUj8Sjgju6bYp
AcVbdQ8paMelMZoOSA45f26f3trfueE7GA2eyIzOinV36ESkslw+ia5w2ILXquqf
ZiskK+Q4Pg7Qwu/sUU1tnmqQwl68ehlYBBoTCY5B1evvEcl/A6a0PGnEJCNr9WAj
X1sWZjxoQdq1X40WLd7FN6wyyOYPy0vw5dXqYDoQoTgVuDfMpmLkykv03jSAe2Pa
b7QZAQX98gCMr92Uns7kVE6W9VEk77RNR4LC8ROSvf+0ebTeVIzVVEzDywIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIa9x1x0frpes/JRgoP8pU5xE6jnMB8GA1UdIwQY
MBaAFOqdN21UQfSLPdUIUVsW/pXFoReCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnAwM2JWUkI5SXM5MVFoUld4Yi1sY1doRjRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS85MmM4YTQtNGE5NS00ODZkLTk5OTMt
M2Y3YWE0NDZmN2E4LzEvaHIzSFhIUi11bDZ6OGxHQ2dfeWxUbkVUcU9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS85MmM4YTQtNGE5NS00ODZkLTk5OTMtM2Y3YWE0NDZmN2E4
LzEvNnAwM2JWUkI5SXM5MVFoUld4Yi1sY1doRjRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCudzUAwQC
ueJMAwQCwnzEMA0GCSqGSIb3DQEBCwUAA4IBAQBR7Q5//pTesfJjhFmy5z6Q2M4U
VfpPSjboayk88xR0NovtiZNt/LPBlpYtYf/3haDnbMWYcCL+LRu/Px6HQvnt1Bkf
r9UPxOLNNngDYmPOu+EeDFIKgOnhDy9rzyoD9KOIB2xgt4/ed/PtUJ6EFrJRzHNQ
3YYYn4geAjdxSwh8OSxEYH5LuemvLwet/X/cKHRIPU4paY5FCOazyEpa+6x2ccLn
ZIBntpFE9sZSh7GWfvzvxGN3KF5v60eiTsSYTw7aBwRthx6xpcdwZMGmO1FLhcsh
rMKICbroID2XjNmLNSljmmTQSC8Nug3z2gO9JpZ0kbA0WB7pIhvFsjnIaVqD
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:51:26 2025 by rpki-client