Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/416aaf-8602-4196-b51d-41d087b3828b/1/hSH4Ezoc0KcWKfBRZzPv-GI3p14.roa
File: hSH4Ezoc0KcWKfBRZzPv-GI3p14.roa (raw, json)
Hash identifier: RKVcRCrTw/lPCq+FQ7CZNoxRwOArLT/lRdJTgqNeSMw=
Subject key identifier: 85:21:F8:13:3A:1C:D0:A7:16:29:F0:51:67:33:EF:F8:62:37:A7:5E
Certificate issuer: /CN=32c0274bc17f9c75cd3fc10f8b5825a19382ab4f
Certificate serial: 0A41E171
Authority key identifier: 32:C0:27:4B:C1:7F:9C:75:CD:3F:C1:0F:8B:58:25:A1:93:82:AB:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MsAnS8F_nHXNP8EPi1gloZOCq08.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/416aaf-8602-4196-b51d-41d087b3828b/1/hSH4Ezoc0KcWKfBRZzPv-GI3p14.roa
Signing time: Sat 01 Jan 2022 07:53:26 +0000
ROA not before: Sat 01 Jan 2022 07:53:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50163
IP address blocks: 109.71.208.0/21 maxlen: 21
2a03:e00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 172089713 (0xa41e171)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32c0274bc17f9c75cd3fc10f8b5825a19382ab4f
Validity
Not Before: Jan 1 07:53:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8521f8133a1cd0a71629f0516733eff86237a75e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:74:b2:3a:7b:37:34:40:99:d1:ef:ae:6a:f6:
96:4f:54:eb:ab:64:73:4b:44:78:08:d4:78:c6:75:
06:d0:f5:65:54:ed:fb:a3:c5:38:6d:52:ef:79:6e:
bb:1c:69:80:c0:54:29:a9:40:22:32:50:59:36:40:
66:c0:2c:b7:af:c0:c0:b3:fa:3d:97:1e:19:29:8d:
37:5a:c7:aa:ba:67:9b:12:01:e2:de:6c:a9:a8:a3:
a1:03:bd:47:ab:9c:a7:ba:ac:4f:df:b0:3b:02:cd:
40:0a:f6:2e:38:a7:32:7d:d9:dc:29:40:8b:fe:3d:
75:5d:7e:1c:1c:cb:11:56:5e:3f:19:2a:9c:3f:76:
3b:d3:67:87:b5:2d:1a:2e:d5:73:20:bc:97:e4:aa:
88:2b:35:93:08:83:39:c9:26:71:9d:a5:8b:db:ef:
81:5f:7b:c9:67:02:86:72:72:b5:f3:7f:35:a5:9c:
45:29:25:f4:30:3b:7b:d5:29:4e:8f:37:81:e2:f9:
6d:54:72:92:cb:9d:64:49:06:bb:86:43:e7:7f:39:
37:aa:df:bd:52:c2:1f:de:30:7a:50:17:2c:61:a6:
f6:67:0b:2b:01:da:c5:26:50:02:e4:26:7e:9a:30:
9c:ac:ed:2f:82:d7:31:89:78:92:81:96:71:9b:7e:
e8:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:21:F8:13:3A:1C:D0:A7:16:29:F0:51:67:33:EF:F8:62:37:A7:5E
X509v3 Authority Key Identifier:
keyid:32:C0:27:4B:C1:7F:9C:75:CD:3F:C1:0F:8B:58:25:A1:93:82:AB:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MsAnS8F_nHXNP8EPi1gloZOCq08.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/416aaf-8602-4196-b51d-41d087b3828b/1/hSH4Ezoc0KcWKfBRZzPv-GI3p14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/416aaf-8602-4196-b51d-41d087b3828b/1/MsAnS8F_nHXNP8EPi1gloZOCq08.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.71.208.0/21
IPv6:
2a03:e00::/32
Signature Algorithm: sha256WithRSAEncryption
2c:d4:81:7c:b8:4f:68:5d:b4:41:2b:c3:38:c4:5e:04:ab:6b:
32:8c:b3:b6:81:63:eb:37:36:d7:35:00:82:09:a9:19:4e:d0:
15:39:8e:45:23:2b:12:ba:a8:ef:86:53:62:10:61:25:65:72:
c8:ec:03:bc:e0:29:aa:8d:f6:a3:d1:41:20:ab:9e:0f:a4:c5:
3b:24:0d:15:bf:93:c2:ba:49:7f:02:ca:16:b3:6e:3a:82:a1:
29:0b:7f:fd:56:75:c8:90:3a:8b:08:75:ed:3b:17:4b:d2:a7:
b8:6c:9e:ea:3a:93:e4:ed:12:59:b3:59:bc:2c:11:f2:23:e2:
40:e7:c3:21:46:fd:97:7d:dd:69:1b:66:ed:15:ad:ba:e0:bc:
f7:bf:40:9d:69:5c:8c:16:7e:d4:6d:65:1e:d7:af:ed:51:7c:
38:12:77:54:e9:c2:d7:ec:bc:0a:37:7b:9e:5a:5f:c1:8a:6c:
23:29:d9:24:9c:e1:80:6c:77:f8:e0:b5:4b:22:a3:1a:50:4f:
42:39:44:ba:25:33:1b:c3:16:9e:e6:7f:98:67:e8:18:d4:56:
10:43:12:6c:8e:fd:f7:e1:be:89:1e:8d:7f:0d:be:d0:37:5a:
10:c6:8d:b2:f3:92:cb:cd:3d:ef:db:82:78:1d:d6:93:e2:16:
63:51:ad:17
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECkHhcTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MmMwMjc0YmMxN2Y5Yzc1Y2QzZmMxMGY4YjU4MjVhMTkzODJhYjRmMB4XDTIyMDEw
MTA3NTMyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODUyMWY4MTMzYTFj
ZDBhNzE2MjlmMDUxNjczM2VmZjg2MjM3YTc1ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANZ0sjp7NzRAmdHvrmr2lk9U66tkc0tEeAjUeMZ1BtD1ZVTt
+6PFOG1S73luuxxpgMBUKalAIjJQWTZAZsAst6/AwLP6PZceGSmNN1rHqrpnmxIB
4t5sqaijoQO9R6ucp7qsT9+wOwLNQAr2LjinMn3Z3ClAi/49dV1+HBzLEVZePxkq
nD92O9Nnh7UtGi7VcyC8l+SqiCs1kwiDOckmcZ2li9vvgV97yWcChnJytfN/NaWc
RSkl9DA7e9UpTo83geL5bVRyksudZEkGu4ZD5385N6rfvVLCH94welAXLGGm9mcL
KwHaxSZQAuQmfpownKztL4LXMYl4koGWcZt+6P0CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSFIfgTOhzQpxYp8FFnM+/4YjenXjAfBgNVHSMEGDAWgBQywCdLwX+cdc0/
wQ+LWCWhk4KrTzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01zQW5TOEZfbkhYTlA4RVBpMWdsb1pPQ3EwOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGUvNDE2YWFmLTg2MDItNDE5Ni1iNTFkLTQxZDA4N2IzODI4Yi8x
L2hTSDRFem9jMEtjV0tmQlJaelB2LUdJM3AxNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGUv
NDE2YWFmLTg2MDItNDE5Ni1iNTFkLTQxZDA4N2IzODI4Yi8xL01zQW5TOEZfbkhY
TlA4RVBpMWdsb1pPQ3EwOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEA21H0DANBAIAAjAHAwUAKgMOADAN
BgkqhkiG9w0BAQsFAAOCAQEALNSBfLhPaF20QSvDOMReBKtrMoyztoFj6zc21zUA
ggmpGU7QFTmORSMrErqo74ZTYhBhJWVyyOwDvOApqo32o9FBIKueD6TFOyQNFb+T
wrpJfwLKFrNuOoKhKQt//VZ1yJA6iwh17TsXS9KnuGye6jqT5O0SWbNZvCwR8iPi
QOfDIUb9l33daRtm7RWtuuC8979AnWlcjBZ+1G1lHtev7VF8OBJ3VOnC1+y8Cjd7
nlpfwYpsIynZJJzhgGx3+OC1SyKjGlBPQjlEuiUzG8MWnuZ/mGfoGNRWEEMSbI79
9+G+iR6Nfw2+0DdaEMaNsvOSy80979uCeB3Wk+IWY1GtFw==
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:28:05 2025 by rpki-client