Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/d2c235-a1f5-4984-aadf-5146f13b71a1/1/hb5V9zKd5AwVBIHUiJxgIboCves.roa
File: hb5V9zKd5AwVBIHUiJxgIboCves.roa (raw, json)
Hash identifier: G0Q/MyAzDWGjCG+3KiVh/0lePKE0aNoHvSMIXC4mtoM=
Subject key identifier: 85:BE:55:F7:32:9D:E4:0C:15:04:81:D4:88:9C:60:21:BA:02:BD:EB
Certificate issuer: /CN=8fe02b7eedffc38ab5eab4416172e7d88e9ad1e2
Certificate serial: 0182802B0EE285BADD86B8AD6B1D68543D81
Authority key identifier: 8F:E0:2B:7E:ED:FF:C3:8A:B5:EA:B4:41:61:72:E7:D8:8E:9A:D1:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j-Arfu3_w4q16rRBYXLn2I6a0eI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/d2c235-a1f5-4984-aadf-5146f13b71a1/1/hb5V9zKd5AwVBIHUiJxgIboCves.roa
Signing time: Tue 09 Aug 2022 01:14:41 +0000
ROA not before: Tue 09 Aug 2022 01:14:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 91.226.224.0/24 maxlen: 24
31.40.3.0/24 maxlen: 24
31.40.4.0/24 maxlen: 24
31.40.5.0/24 maxlen: 24
31.40.6.0/24 maxlen: 24
31.40.7.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:80:2b:0e:e2:85:ba:dd:86:b8:ad:6b:1d:68:54:3d:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8fe02b7eedffc38ab5eab4416172e7d88e9ad1e2
Validity
Not Before: Aug 9 01:14:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=85be55f7329de40c150481d4889c6021ba02bdeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:6e:74:16:70:da:d2:c4:e6:1f:3b:f5:9f:d7:
f8:ee:16:40:06:d9:77:ce:61:e0:5a:3a:d3:e4:f3:
6b:e3:ab:b3:34:33:31:43:fd:b7:44:e6:a5:fc:6a:
20:31:8b:8e:2d:99:18:a3:fe:f8:6f:b6:f6:58:fc:
95:16:18:8e:91:37:28:77:14:5e:2c:f4:5d:91:23:
95:84:26:ad:95:ed:34:e9:89:d1:a5:ce:30:ab:28:
08:de:87:e9:df:69:75:92:ba:53:7e:c4:a1:7d:9b:
c5:39:4f:e7:95:76:1b:f9:10:57:a5:ab:d9:5b:85:
10:2f:c8:f2:2d:a9:c2:4e:a9:1c:8d:1b:ab:78:b1:
b1:c6:f1:b9:be:cf:b2:99:1f:09:64:3b:ba:94:b4:
e4:17:c3:5a:50:c6:a9:86:6b:ca:c6:cd:f8:c2:46:
ad:a8:5e:84:3a:4f:b2:d5:0a:1b:be:ff:d8:67:7c:
60:eb:61:4c:c3:18:52:5e:b9:dd:45:79:d9:9b:9b:
4d:51:55:b3:ed:6f:3e:e8:74:52:cd:3f:6e:f8:b4:
f7:28:4a:0d:71:5b:24:28:5d:70:a0:0b:cf:be:ba:
19:13:e2:0f:19:7f:46:66:d4:e9:f5:e3:37:06:00:
67:0b:15:ef:67:8a:c3:24:50:a2:2b:77:0f:e0:9e:
50:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:BE:55:F7:32:9D:E4:0C:15:04:81:D4:88:9C:60:21:BA:02:BD:EB
X509v3 Authority Key Identifier:
keyid:8F:E0:2B:7E:ED:FF:C3:8A:B5:EA:B4:41:61:72:E7:D8:8E:9A:D1:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j-Arfu3_w4q16rRBYXLn2I6a0eI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d2c235-a1f5-4984-aadf-5146f13b71a1/1/hb5V9zKd5AwVBIHUiJxgIboCves.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d2c235-a1f5-4984-aadf-5146f13b71a1/1/j-Arfu3_w4q16rRBYXLn2I6a0eI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.3.0-31.40.7.255
91.226.224.0/24
Signature Algorithm: sha256WithRSAEncryption
88:e1:fc:25:33:c7:51:4b:8a:3b:8d:7c:35:8a:50:bb:a8:52:
4b:30:81:20:81:24:7a:50:fe:c5:4e:2c:29:10:a6:4b:6a:5f:
46:02:97:44:ca:34:e0:d0:72:5a:e3:0e:2b:71:ca:fd:e7:f0:
ed:4e:d4:8b:9c:31:65:62:75:66:8b:8b:e6:67:95:26:ac:f2:
80:20:31:8a:46:f7:47:8d:85:1c:b4:a5:66:5b:5f:53:95:f9:
0f:0e:cb:75:51:71:e5:08:39:db:9b:c1:e5:44:10:e4:ff:3c:
dd:f4:91:76:b7:29:e4:3d:ca:ec:1c:18:6b:57:17:a0:3a:47:
92:70:0d:0a:36:40:dc:30:b9:db:20:c2:ab:5e:a6:bc:ef:b9:
46:bd:8b:b2:d9:5d:0d:de:89:92:29:25:15:d4:52:b0:c5:94:
b8:0e:d0:c0:1e:e7:af:bf:3e:da:0c:42:cc:35:3e:19:cf:ef:
0a:8b:32:0c:b7:ed:73:62:3f:49:dc:f3:42:8b:65:c4:f6:bd:
21:89:06:06:c7:42:65:43:f1:5e:8b:10:78:0b:3e:c2:fb:b1:
25:5e:f0:03:90:95:da:39:25:0c:61:de:64:0a:12:35:12:f0:
e2:5b:a5:e0:50:ce:b2:a6:0b:8f:c8:95:9a:b3:6a:46:36:79:
a1:a4:13:65
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYKAKw7ihbrdhritax1oVD2BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmZTAyYjdlZWRmZmMzOGFiNWVhYjQ0MTYxNzJlN2Q4OGU5
YWQxZTIwHhcNMjIwODA5MDExNDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWJlNTVmNzMyOWRlNDBjMTUwNDgxZDQ4ODljNjAyMWJhMDJiZGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxm50FnDa0sTmHzv1n9f47hZABtl3
zmHgWjrT5PNr46uzNDMxQ/23ROal/GogMYuOLZkYo/74b7b2WPyVFhiOkTcodxRe
LPRdkSOVhCatle006YnRpc4wqygI3ofp32l1krpTfsShfZvFOU/nlXYb+RBXpavZ
W4UQL8jyLanCTqkcjRureLGxxvG5vs+ymR8JZDu6lLTkF8NaUMaphmvKxs34wkat
qF6EOk+y1Qobvv/YZ3xg62FMwxhSXrndRXnZm5tNUVWz7W8+6HRSzT9u+LT3KEoN
cVskKF1woAvPvroZE+IPGX9GZtTp9eM3BgBnCxXvZ4rDJFCiK3cP4J5QZQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFIW+VfcyneQMFQSB1IicYCG6Ar3rMB8GA1UdIwQY
MBaAFI/gK37t/8OKteq0QWFy59iOmtHiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvai1BcmZ1M193NHExNnJSQllYTG4ySTZhMGVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9kMmMyMzUtYTFmNS00OTg0LWFhZGYt
NTE0NmYxM2I3MWExLzEvaGI1Vjl6S2Q1QXdWQklIVWlKeGdJYm9DdmVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9kMmMyMzUtYTFmNS00OTg0LWFhZGYtNTE0NmYxM2I3MWEx
LzEvai1BcmZ1M193NHExNnJSQllYTG4ySTZhMGVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAAfKAMD
BAMfKAADBABb4uAwDQYJKoZIhvcNAQELBQADggEBAIjh/CUzx1FLijuNfDWKULuo
UkswgSCBJHpQ/sVOLCkQpktqX0YCl0TKNODQclrjDitxyv3n8O1O1IucMWVidWaL
i+ZnlSas8oAgMYpG90eNhRy0pWZbX1OV+Q8Oy3VRceUIOdubweVEEOT/PN30kXa3
KeQ9yuwcGGtXF6A6R5JwDQo2QNwwudsgwqteprzvuUa9i7LZXQ3eiZIpJRXUUrDF
lLgO0MAe56+/PtoMQsw1PhnP7wqLMgy37XNiP0nc80KLZcT2vSGJBgbHQmVD8V6L
EHgLPsL7sSVe8AOQldo5JQxh3mQKEjUS8OJbpeBQzrKmC4/IlZqzakY2eaGkE2U=
-----END CERTIFICATE-----
Generated at Sun Apr 20 17:36:14 2025 by rpki-client