Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/caa2b6-87e8-4e24-a446-775888a87194/1/HOu9rhMG3MTOhdNFK94VZyKP9xA.roa
File: HOu9rhMG3MTOhdNFK94VZyKP9xA.roa (raw, json)
Hash identifier: AwIVuHs4l7BoIoFhXfBOIXnAuGNhJ0u0q8DBnFVS0qY=
Subject key identifier: 1C:EB:BD:AE:13:06:DC:C4:CE:85:D3:45:2B:DE:15:67:22:8F:F7:10
Certificate issuer: /CN=3144e609e361913e3c3b0a78d7486aa45b562401
Certificate serial: 18AA03F2
Authority key identifier: 31:44:E6:09:E3:61:91:3E:3C:3B:0A:78:D7:48:6A:A4:5B:56:24:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MUTmCeNhkT48Owp410hqpFtWJAE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/caa2b6-87e8-4e24-a446-775888a87194/1/HOu9rhMG3MTOhdNFK94VZyKP9xA.roa
Signing time: Sat 01 Jan 2022 15:07:12 +0000
ROA not before: Sat 01 Jan 2022 15:07:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39279
IP address blocks: 89.32.224.0/20 maxlen: 20
185.108.180.0/22 maxlen: 24
185.33.105.0/24 maxlen: 24
185.33.104.0/22 maxlen: 22
2a00:c5a0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 413795314 (0x18aa03f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3144e609e361913e3c3b0a78d7486aa45b562401
Validity
Not Before: Jan 1 15:07:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1cebbdae1306dcc4ce85d3452bde1567228ff710
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:70:b1:aa:44:67:a9:05:d2:ef:29:ed:98:12:
9f:88:40:61:fb:3f:bf:f5:af:ef:18:dd:8a:6c:3c:
6d:77:f4:1e:ac:69:84:f3:66:b6:9f:a0:c0:52:7b:
94:94:aa:f6:e7:27:c9:d9:3a:50:37:8e:ff:8d:25:
b8:53:20:bb:69:a9:49:5f:89:47:d8:49:17:32:54:
69:37:df:04:be:93:ba:dc:db:c3:2d:15:70:04:25:
f6:29:ef:41:1d:a9:11:5b:74:ca:8d:42:4a:3e:7b:
64:d5:a8:e5:49:ad:26:af:f6:46:70:a4:fe:81:db:
1a:23:0e:1f:91:fc:bb:f1:e9:e9:6d:b0:5f:84:47:
b9:2d:2a:4c:a7:23:f1:ed:90:5e:88:08:4b:84:2a:
bb:f1:df:08:50:03:a2:15:ba:a7:6f:20:6a:ff:d8:
21:c5:8e:ee:9b:ad:db:a1:76:b2:5d:7b:b0:9b:cf:
39:3a:89:dc:c0:73:85:81:47:8d:df:25:7b:17:ee:
3a:17:2d:00:89:be:26:f3:96:9e:10:95:d7:66:5c:
c3:de:ae:9d:d5:12:ba:c8:08:71:1c:1f:ed:a9:73:
6c:be:63:7f:35:b8:1c:e1:16:8a:fa:57:77:75:21:
da:bc:9d:50:d3:8c:00:40:51:b7:53:67:ad:cf:3b:
25:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:EB:BD:AE:13:06:DC:C4:CE:85:D3:45:2B:DE:15:67:22:8F:F7:10
X509v3 Authority Key Identifier:
keyid:31:44:E6:09:E3:61:91:3E:3C:3B:0A:78:D7:48:6A:A4:5B:56:24:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MUTmCeNhkT48Owp410hqpFtWJAE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/caa2b6-87e8-4e24-a446-775888a87194/1/HOu9rhMG3MTOhdNFK94VZyKP9xA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/caa2b6-87e8-4e24-a446-775888a87194/1/MUTmCeNhkT48Owp410hqpFtWJAE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.32.224.0/20
185.33.104.0/22
185.108.180.0/22
IPv6:
2a00:c5a0::/32
Signature Algorithm: sha256WithRSAEncryption
a7:60:80:0a:5c:84:4f:42:1d:db:42:eb:ed:61:fe:d9:9d:5a:
5f:b8:0a:7e:7e:49:76:83:a2:70:9f:88:42:08:ad:3b:1a:6d:
76:d7:e7:bc:10:6f:98:05:cb:9a:1a:3b:6e:e1:94:80:05:89:
c9:8c:2b:6e:29:04:88:0e:3b:1c:47:30:ec:b4:a5:3d:9f:ba:
26:e0:70:97:f7:76:bd:b8:66:9d:f0:ba:47:0b:9b:81:4b:0b:
28:9c:33:26:52:04:de:78:0b:45:89:20:72:44:1d:cd:98:28:
8a:94:ed:92:ca:5b:6c:31:b1:1f:79:7a:42:97:71:89:6e:0f:
5f:ac:a2:db:c9:ba:72:34:d6:15:ef:21:41:6d:32:10:d9:00:
54:ce:c4:8e:d6:af:c7:9d:42:a9:41:ad:d7:37:eb:a0:8c:c3:
e7:01:57:f4:8f:cb:ba:ad:05:eb:c1:3d:fd:a9:65:d1:c5:f7:
27:d0:6e:ef:eb:7a:bd:53:e7:97:ba:4e:f2:fc:1b:a7:d8:9c:
22:34:c4:6a:1e:b1:5d:05:bc:84:e6:05:c8:89:9d:c8:8d:bd:
c1:ee:f7:ca:11:11:d4:87:f4:5e:50:de:93:41:73:38:6b:7f:
d9:10:f9:02:84:8d:e2:da:24:1d:fc:2c:50:39:5c:c7:ce:35:
ba:ab:30:cf
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEGKoD8jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MTQ0ZTYwOWUzNjE5MTNlM2MzYjBhNzhkNzQ4NmFhNDViNTYyNDAxMB4XDTIyMDEw
MTE1MDcxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWNlYmJkYWUxMzA2
ZGNjNGNlODVkMzQ1MmJkZTE1NjcyMjhmZjcxMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMJwsapEZ6kF0u8p7ZgSn4hAYfs/v/Wv7xjdimw8bXf0Hqxp
hPNmtp+gwFJ7lJSq9ucnydk6UDeO/40luFMgu2mpSV+JR9hJFzJUaTffBL6Tutzb
wy0VcAQl9invQR2pEVt0yo1CSj57ZNWo5UmtJq/2RnCk/oHbGiMOH5H8u/Hp6W2w
X4RHuS0qTKcj8e2QXogIS4Qqu/HfCFADohW6p28gav/YIcWO7put26F2sl17sJvP
OTqJ3MBzhYFHjd8lexfuOhctAIm+JvOWnhCV12Zcw96undUSusgIcRwf7alzbL5j
fzW4HOEWivpXd3Uh2rydUNOMAEBRt1Nnrc87JVcCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBQc672uEwbcxM6F00Ur3hVnIo/3EDAfBgNVHSMEGDAWgBQxROYJ42GRPjw7
CnjXSGqkW1YkATAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01VVG1DZU5oa1Q0OE93cDQxMGhxcEZ0V0pBRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGUvY2FhMmI2LTg3ZTgtNGUyNC1hNDQ2LTc3NTg4OGE4NzE5NC8x
L0hPdTlyaE1HM01UT2hkTkZLOTRWWnlLUDl4QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGUv
Y2FhMmI2LTg3ZTgtNGUyNC1hNDQ2LTc3NTg4OGE4NzE5NC8xL01VVG1DZU5oa1Q0
OE93cDQxMGhxcEZ0V0pBRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEBFkg4AMEArkhaAMEArlstDANBAIA
AjAHAwUAKgDFoDANBgkqhkiG9w0BAQsFAAOCAQEAp2CAClyET0Id20Lr7WH+2Z1a
X7gKfn5JdoOicJ+IQgitOxptdtfnvBBvmAXLmho7buGUgAWJyYwrbikEiA47HEcw
7LSlPZ+6JuBwl/d2vbhmnfC6RwubgUsLKJwzJlIE3ngLRYkgckQdzZgoipTtkspb
bDGxH3l6QpdxiW4PX6yi28m6cjTWFe8hQW0yENkAVM7Ejtavx51CqUGt1zfroIzD
5wFX9I/Luq0F68E9/all0cX3J9Bu7+t6vVPnl7pO8vwbp9icIjTEah6xXQW8hOYF
yImdyI29we73yhER1If0XlDek0FzOGt/2RD5AoSN4tokHfwsUDlcx841uqswzw==
-----END CERTIFICATE-----
Generated at Sat Apr 19 03:46:26 2025 by rpki-client