Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/2e8537-36be-498f-8155-cc03bd315ff9/1/HGhqsgfMVzKABVEN5ZrcE1znpzE.roa
File: HGhqsgfMVzKABVEN5ZrcE1znpzE.roa (raw, json)
Hash identifier: hCAqcBbkhOz/2+6S4CbHCm/ymrgJJti+gC0csu+HJw8=
Subject key identifier: 1C:68:6A:B2:07:CC:57:32:80:05:51:0D:E5:9A:DC:13:5C:E7:A7:31
Certificate issuer: /CN=1690970ddbb7619cc82186ddb536eb4e8985d2de
Certificate serial: 3524AF66
Authority key identifier: 16:90:97:0D:DB:B7:61:9C:C8:21:86:DD:B5:36:EB:4E:89:85:D2:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FpCXDdu3YZzIIYbdtTbrTomF0t4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/2e8537-36be-498f-8155-cc03bd315ff9/1/HGhqsgfMVzKABVEN5ZrcE1znpzE.roa
Signing time: Thu 10 Feb 2022 10:27:16 +0000
ROA not before: Thu 10 Feb 2022 10:27:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42697
IP address blocks: 185.29.78.0/23 maxlen: 23
109.200.64.0/20 maxlen: 20
185.29.76.0/24 maxlen: 24
185.29.77.0/24 maxlen: 24
77.243.48.0/20 maxlen: 20
2a03:dc80::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 891596646 (0x3524af66)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1690970ddbb7619cc82186ddb536eb4e8985d2de
Validity
Not Before: Feb 10 10:27:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1c686ab207cc57328005510de59adc135ce7a731
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:93:05:47:7c:70:d1:d6:28:e4:ff:fa:f1:4b:
29:78:25:bc:4a:00:5a:0a:2f:4e:f8:95:35:d8:32:
9d:4b:79:7f:8a:34:6f:ae:d9:61:71:7e:bd:d7:86:
aa:0a:c8:a4:11:69:59:d2:5f:e3:8d:eb:70:66:b5:
aa:a0:e8:eb:1b:b3:18:ed:0c:8c:f8:28:fe:45:7e:
86:e6:3b:ad:71:05:1b:70:af:c5:0a:44:cc:d3:d7:
8f:ca:99:6b:ec:07:56:ed:e3:95:ba:6f:a4:fe:e8:
e8:1d:4b:eb:31:55:ef:d6:16:06:f2:fa:23:3d:e6:
57:95:b5:5c:6e:ba:6c:c5:99:ce:ae:1a:2c:38:f1:
1e:f9:19:59:88:cf:be:3a:6f:dd:1c:6a:5a:6a:7e:
5f:8d:ee:ce:7e:b6:dd:2a:aa:c8:bf:d3:ed:ed:da:
c4:ec:70:5c:a1:f2:b0:5e:32:87:89:e7:7b:79:b9:
9d:d6:1c:53:1a:12:0b:bb:f9:ff:9f:86:6a:22:f1:
e8:54:9c:4d:a5:7a:1c:4f:e5:a5:64:c2:2d:46:39:
cc:2e:9b:79:41:83:8a:31:17:71:8e:1d:62:b6:eb:
89:68:49:28:40:9c:d3:b0:52:43:3e:ae:16:d9:37:
a5:39:38:41:0c:14:df:2a:3b:26:ec:90:be:7a:b4:
b3:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:68:6A:B2:07:CC:57:32:80:05:51:0D:E5:9A:DC:13:5C:E7:A7:31
X509v3 Authority Key Identifier:
keyid:16:90:97:0D:DB:B7:61:9C:C8:21:86:DD:B5:36:EB:4E:89:85:D2:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FpCXDdu3YZzIIYbdtTbrTomF0t4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/2e8537-36be-498f-8155-cc03bd315ff9/1/HGhqsgfMVzKABVEN5ZrcE1znpzE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/2e8537-36be-498f-8155-cc03bd315ff9/1/FpCXDdu3YZzIIYbdtTbrTomF0t4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.243.48.0/20
109.200.64.0/20
185.29.76.0/22
IPv6:
2a03:dc80::/32
Signature Algorithm: sha256WithRSAEncryption
41:18:a7:45:32:b5:aa:19:77:01:24:d5:48:ca:21:b5:27:55:
2c:93:9b:dc:11:bf:29:61:42:d4:a2:ec:b8:f3:5e:2b:a9:07:
4a:69:20:0d:52:51:8f:82:b3:0b:57:bf:c7:50:be:86:00:77:
3e:94:87:c3:7b:32:d2:54:be:bc:81:5a:da:1c:e4:c9:87:bf:
d8:4e:b5:4d:bd:92:05:ea:fc:a9:d9:e2:01:23:eb:04:d1:51:
fc:1a:e1:37:6e:c1:6f:e4:00:09:ae:c6:c1:bd:ee:a6:04:0c:
f9:0f:0c:3d:e3:e3:07:18:cf:b5:65:d6:71:6c:de:4c:91:76:
8b:66:cf:3f:91:1d:7a:12:80:b6:e5:59:52:be:c8:5c:57:e6:
ae:6d:a5:b9:3d:58:d4:50:ac:8d:09:06:a6:c8:6b:da:02:d5:
3c:e3:3f:68:05:93:04:d1:57:7d:69:bf:33:42:5f:ed:0c:fb:
fa:b1:0e:77:09:0e:2a:86:61:6e:05:b9:2f:ce:ca:6f:15:bc:
ac:6a:d0:28:79:dd:9d:1f:f9:b8:7d:6f:74:f6:29:ca:f4:f1:
35:e2:90:82:65:63:a6:db:f9:a9:99:96:cd:b2:83:4c:8a:74:
7d:52:86:9c:12:7d:05:47:ec:f0:65:b0:a1:01:cc:c9:38:bf:
2d:a0:a9:36
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIENSSvZjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NjkwOTcwZGRiYjc2MTljYzgyMTg2ZGRiNTM2ZWI0ZTg5ODVkMmRlMB4XDTIyMDIx
MDEwMjcxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWM2ODZhYjIwN2Nj
NTczMjgwMDU1MTBkZTU5YWRjMTM1Y2U3YTczMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALSTBUd8cNHWKOT/+vFLKXglvEoAWgovTviVNdgynUt5f4o0
b67ZYXF+vdeGqgrIpBFpWdJf443rcGa1qqDo6xuzGO0MjPgo/kV+huY7rXEFG3Cv
xQpEzNPXj8qZa+wHVu3jlbpvpP7o6B1L6zFV79YWBvL6Iz3mV5W1XG66bMWZzq4a
LDjxHvkZWYjPvjpv3RxqWmp+X43uzn623SqqyL/T7e3axOxwXKHysF4yh4nne3m5
ndYcUxoSC7v5/5+GaiLx6FScTaV6HE/lpWTCLUY5zC6beUGDijEXcY4dYrbriWhJ
KECc07BSQz6uFtk3pTk4QQwU3yo7JuyQvnq0s5ECAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBQcaGqyB8xXMoAFUQ3lmtwTXOenMTAfBgNVHSMEGDAWgBQWkJcN27dhnMgh
ht21NutOiYXS3jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ZwQ1hEZHUzWVp6SUlZYmR0VGJyVG9tRjB0NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGQvMmU4NTM3LTM2YmUtNDk4Zi04MTU1LWNjMDNiZDMxNWZmOS8x
L0hHaHFzZ2ZNVnpLQUJWRU41WnJjRTF6bnB6RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGQv
MmU4NTM3LTM2YmUtNDk4Zi04MTU1LWNjMDNiZDMxNWZmOS8xL0ZwQ1hEZHUzWVp6
SUlZYmR0VGJyVG9tRjB0NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEBE3zMAMEBG3IQAMEArkdTDANBAIA
AjAHAwUAKgPcgDANBgkqhkiG9w0BAQsFAAOCAQEAQRinRTK1qhl3ASTVSMohtSdV
LJOb3BG/KWFC1KLsuPNeK6kHSmkgDVJRj4KzC1e/x1C+hgB3PpSHw3sy0lS+vIFa
2hzkyYe/2E61Tb2SBer8qdniASPrBNFR/BrhN27Bb+QACa7Gwb3upgQM+Q8MPePj
BxjPtWXWcWzeTJF2i2bPP5EdehKAtuVZUr7IXFfmrm2luT1Y1FCsjQkGpshr2gLV
POM/aAWTBNFXfWm/M0Jf7Qz7+rEOdwkOKoZhbgW5L87KbxW8rGrQKHndnR/5uH1v
dPYpyvTxNeKQgmVjptv5qZmWzbKDTIp0fVKGnBJ9BUfs8GWwoQHMyTi/LaCpNg==
-----END CERTIFICATE-----
Generated at Sat Apr 19 04:50:08 2025 by rpki-client