Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/821dc2-6766-4988-b777-03532140ef52/1/HeZ5w5je_ns7FApqC2d525vk6SU.roa
File: HeZ5w5je_ns7FApqC2d525vk6SU.roa (raw, json)
Hash identifier: mg9pFP4IyRL2vAeapXdpaJJevAeYYCwXYKKbbk+T/iA=
Subject key identifier: 1D:E6:79:C3:98:DE:FE:7B:3B:14:0A:6A:0B:67:79:DB:9B:E4:E9:25
Certificate issuer: /CN=7d0213e3e7ebe6170a3600a8e3ae64ed962c0e36
Certificate serial: 0185713092E01761258D71407C1BD36008D2
Authority key identifier: 7D:02:13:E3:E7:EB:E6:17:0A:36:00:A8:E3:AE:64:ED:96:2C:0E:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQIT4-fr5hcKNgCo465k7ZYsDjY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/821dc2-6766-4988-b777-03532140ef52/1/HeZ5w5je_ns7FApqC2d525vk6SU.roa
Signing time: Mon 02 Jan 2023 06:34:46 +0000
ROA not before: Mon 02 Jan 2023 06:34:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13026
IP address blocks: 91.222.92.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:30:92:e0:17:61:25:8d:71:40:7c:1b:d3:60:08:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d0213e3e7ebe6170a3600a8e3ae64ed962c0e36
Validity
Not Before: Jan 2 06:34:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1de679c398defe7b3b140a6a0b6779db9be4e925
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:37:bf:95:d7:48:cc:09:cc:e0:8a:91:a8:e3:
1f:7c:4d:f9:ad:c5:ce:be:8d:49:b4:49:a0:a1:9f:
7b:0c:16:83:c5:fd:d6:ae:fd:36:7c:9a:b6:db:ec:
67:b8:ac:d9:9d:f2:38:bf:9d:ff:1f:97:59:e5:8f:
b1:7b:c0:f7:a2:54:d1:dd:98:3c:2b:6d:6c:0b:31:
4f:a7:0b:1f:3b:73:ca:a3:5a:5d:6d:50:f8:a0:8e:
4d:b1:b5:48:fb:d4:ee:ed:62:8f:52:82:f7:0b:58:
ea:53:d3:a6:fe:4a:70:30:2f:bd:04:a0:d2:97:a4:
0f:b9:70:0c:61:1e:60:55:3a:e0:92:40:ec:6a:84:
21:aa:d3:7b:c4:85:c7:62:ed:ba:a5:cc:59:40:1d:
cc:bd:42:fd:26:90:35:97:fa:53:8f:de:70:c7:6a:
b8:8e:a8:48:cc:c1:41:cf:29:3e:64:a4:d9:25:87:
96:c0:64:fe:92:d6:3a:e9:c1:db:5e:d3:9e:c9:11:
65:7a:be:2e:9d:6d:10:c0:8d:88:73:af:21:85:d4:
5a:f8:2a:b9:b2:14:3d:42:b7:9a:75:42:32:e1:e3:
6d:1e:77:cb:68:3b:56:2e:31:37:d7:e5:20:f6:36:
dc:d9:5b:ed:37:a3:cb:78:85:dd:5e:0a:4a:c7:ed:
96:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:E6:79:C3:98:DE:FE:7B:3B:14:0A:6A:0B:67:79:DB:9B:E4:E9:25
X509v3 Authority Key Identifier:
keyid:7D:02:13:E3:E7:EB:E6:17:0A:36:00:A8:E3:AE:64:ED:96:2C:0E:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQIT4-fr5hcKNgCo465k7ZYsDjY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/821dc2-6766-4988-b777-03532140ef52/1/HeZ5w5je_ns7FApqC2d525vk6SU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/821dc2-6766-4988-b777-03532140ef52/1/fQIT4-fr5hcKNgCo465k7ZYsDjY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.222.92.0/22
Signature Algorithm: sha256WithRSAEncryption
10:65:af:91:14:2c:72:21:02:d4:8c:35:b1:79:04:ec:4d:b2:
fe:f7:26:c3:97:b0:0e:80:bb:28:bf:82:cc:9c:c7:bc:ca:b1:
14:e6:53:9e:19:26:25:f7:8d:92:f3:3e:21:36:93:a6:e5:e3:
cb:c7:42:5a:04:e4:a9:d1:f1:aa:41:6a:cd:ae:0d:10:c0:e1:
db:73:09:77:75:c1:27:25:6d:94:bf:fc:7d:33:e3:23:11:08:
41:82:6d:ec:af:6c:eb:d9:20:6b:39:07:cc:80:19:18:61:31:
70:d6:e1:63:a2:96:8f:10:15:13:ce:cb:d1:07:f8:5e:4d:d1:
9f:35:f6:f0:0c:1f:74:03:05:ab:66:2c:4b:fb:0f:70:b9:a5:
08:53:1d:20:3c:7d:29:b6:64:3e:00:08:c5:93:df:7a:d4:04:
72:e2:e6:a9:99:9c:25:64:09:7b:f9:07:3b:dc:1f:6a:40:03:
db:c3:50:d7:13:cb:20:ce:f1:f9:71:10:69:fb:63:b1:5a:cd:
45:62:f2:c3:71:27:d2:89:4c:8b:6b:5f:de:f8:cc:81:1e:85:
f6:72:ac:2c:a1:82:a4:7d:d2:f5:97:1c:42:c4:cb:75:9b:5c:
4f:df:aa:64:ce:3d:dc:66:27:40:a9:f3:04:3c:74:07:b5:1f:
82:2e:fb:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxMJLgF2EljXFAfBvTYAjSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDIxM2UzZTdlYmU2MTcwYTM2MDBhOGUzYWU2NGVkOTYy
YzBlMzYwHhcNMjMwMTAyMDYzNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGU2NzljMzk4ZGVmZTdiM2IxNDBhNmEwYjY3NzlkYjliZTRlOTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Te/lddIzAnM4IqRqOMffE35rcXO
vo1JtEmgoZ97DBaDxf3Wrv02fJq22+xnuKzZnfI4v53/H5dZ5Y+xe8D3olTR3Zg8
K21sCzFPpwsfO3PKo1pdbVD4oI5NsbVI+9Tu7WKPUoL3C1jqU9Om/kpwMC+9BKDS
l6QPuXAMYR5gVTrgkkDsaoQhqtN7xIXHYu26pcxZQB3MvUL9JpA1l/pTj95wx2q4
jqhIzMFBzyk+ZKTZJYeWwGT+ktY66cHbXtOeyRFler4unW0QwI2Ic68hhdRa+Cq5
shQ9QreadUIy4eNtHnfLaDtWLjE31+Ug9jbc2VvtN6PLeIXdXgpKx+2W0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB3mecOY3v57OxQKagtnedub5OklMB8GA1UdIwQY
MBaAFH0CE+Pn6+YXCjYAqOOuZO2WLA42MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFJVDQtZnI1aGNLTmdDbzQ2NWs3WllzRGpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy84MjFkYzItNjc2Ni00OTg4LWI3Nzct
MDM1MzIxNDBlZjUyLzEvSGVaNXc1amVfbnM3RkFwcUMyZDUyNXZrNlNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy84MjFkYzItNjc2Ni00OTg4LWI3NzctMDM1MzIxNDBlZjUy
LzEvZlFJVDQtZnI1aGNLTmdDbzQ2NWs3WllzRGpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW95cMA0G
CSqGSIb3DQEBCwUAA4IBAQAQZa+RFCxyIQLUjDWxeQTsTbL+9ybDl7AOgLsov4LM
nMe8yrEU5lOeGSYl942S8z4hNpOm5ePLx0JaBOSp0fGqQWrNrg0QwOHbcwl3dcEn
JW2Uv/x9M+MjEQhBgm3sr2zr2SBrOQfMgBkYYTFw1uFjopaPEBUTzsvRB/heTdGf
NfbwDB90AwWrZixL+w9wuaUIUx0gPH0ptmQ+AAjFk9961ARy4uapmZwlZAl7+Qc7
3B9qQAPbw1DXE8sgzvH5cRBp+2OxWs1FYvLDcSfSiUyLa1/e+MyBHoX2cqwsoYKk
fdL1lxxCxMt1m1xP36pkzj3cZidAqfMEPHQHtR+CLvuf
-----END CERTIFICATE-----
Generated at Wed Apr 23 07:43:11 2025 by rpki-client