Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/028492-d619-42da-aa64-cb6c674c5a3c/1/hnIqL7nbE63tFX09wtfah9NK-DY.roa
File: hnIqL7nbE63tFX09wtfah9NK-DY.roa (raw, json)
Hash identifier: ToEKRKhxTEscNSromIL3e6s1avrIzkHYf/wq5mvLKUk=
Subject key identifier: 86:72:2A:2F:B9:DB:13:AD:ED:15:7D:3D:C2:D7:DA:87:D3:4A:F8:36
Certificate issuer: /CN=835d37408a225f1a8964f8d72bc99d9bbe533234
Certificate serial: 018C5EAE8ACC8C935962340E45285D1B963C
Authority key identifier: 83:5D:37:40:8A:22:5F:1A:89:64:F8:D7:2B:C9:9D:9B:BE:53:32:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g103QIoiXxqJZPjXK8mdm75TMjQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/028492-d619-42da-aa64-cb6c674c5a3c/1/hnIqL7nbE63tFX09wtfah9NK-DY.roa
Signing time: Tue 12 Dec 2023 15:39:06 +0000
ROA not before: Tue 12 Dec 2023 15:39:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203187
IP address blocks: 185.82.80.0/22 maxlen: 24
185.238.124.0/22 maxlen: 24
2a05:8e00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:5e:ae:8a:cc:8c:93:59:62:34:0e:45:28:5d:1b:96:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=835d37408a225f1a8964f8d72bc99d9bbe533234
Validity
Not Before: Dec 12 15:39:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=86722a2fb9db13aded157d3dc2d7da87d34af836
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:59:7e:2a:8b:b4:b8:a5:db:61:3b:9c:c3:ef:
b3:8b:13:97:72:e9:50:ef:82:42:11:f9:41:90:2a:
ed:8f:a9:59:34:5f:ce:c2:7c:36:7e:d6:44:f4:bd:
6f:ad:e0:3f:50:ef:4c:9b:d2:d6:1a:68:c4:03:0a:
ec:74:45:89:34:81:56:74:5e:1f:ed:4d:b2:75:7f:
7b:e6:ae:db:91:12:7c:44:f8:00:16:c1:e6:7c:70:
8b:34:ac:f1:a8:79:e4:c1:b0:d6:9f:47:01:4d:f0:
03:76:72:eb:66:29:19:af:1d:91:0b:0e:8d:e5:7d:
01:c5:44:af:0f:e0:92:04:2d:db:3d:17:dd:b6:dc:
84:48:05:32:30:f9:1d:ea:1d:18:6e:67:1b:08:14:
19:0c:82:c6:67:61:33:9d:3c:46:24:89:07:af:99:
18:4e:e6:cb:1a:cd:60:a6:18:94:d1:ee:d7:42:15:
4a:9a:3f:4e:91:3d:88:59:1f:d0:29:d7:05:18:81:
f3:d0:b3:23:65:48:eb:74:de:b3:d5:53:bf:5e:5b:
6b:d5:63:6c:12:d9:93:89:5c:d4:81:ee:d4:ca:72:
65:be:d4:37:8c:19:5c:5c:1b:0c:7a:90:59:d0:30:
97:d3:3d:dc:21:82:ed:54:10:7e:51:0a:6d:bd:7b:
82:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:72:2A:2F:B9:DB:13:AD:ED:15:7D:3D:C2:D7:DA:87:D3:4A:F8:36
X509v3 Authority Key Identifier:
keyid:83:5D:37:40:8A:22:5F:1A:89:64:F8:D7:2B:C9:9D:9B:BE:53:32:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g103QIoiXxqJZPjXK8mdm75TMjQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/028492-d619-42da-aa64-cb6c674c5a3c/1/hnIqL7nbE63tFX09wtfah9NK-DY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/028492-d619-42da-aa64-cb6c674c5a3c/1/g103QIoiXxqJZPjXK8mdm75TMjQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.82.80.0/22
185.238.124.0/22
IPv6:
2a05:8e00::/29
Signature Algorithm: sha256WithRSAEncryption
37:63:58:96:34:f0:a9:4f:f2:0f:fc:9b:3f:05:36:42:38:f1:
37:37:b7:73:b9:1b:be:fd:fc:9b:31:ec:8b:3e:21:6b:1a:00:
5f:53:1d:a2:6a:8a:34:30:3f:5f:b7:d4:57:d1:b0:f7:c6:37:
8a:3e:05:ff:f5:87:fb:9b:da:b5:2f:90:fa:45:82:8d:6c:5a:
4d:11:a6:4f:3a:b0:07:46:cb:f0:7c:08:05:8a:78:d9:b9:b4:
27:ae:1f:67:3e:3b:04:05:45:c7:78:cb:17:09:47:da:1a:ae:
ac:16:85:dc:72:01:e6:6e:45:01:62:e6:7b:fd:86:b0:90:2d:
8f:9f:c5:d5:3f:b7:25:f0:cb:46:5f:33:c3:f9:ea:34:01:cc:
08:0c:39:7e:07:24:fd:7a:5c:b3:1f:ad:0d:33:96:3a:ae:38:
ec:2e:c7:6e:d1:9f:38:08:af:e5:8b:db:df:9d:12:90:64:c0:
e0:a9:06:93:5b:09:60:09:5c:64:c9:57:b0:58:25:dd:f3:28:
87:e8:92:ce:d8:40:de:1f:14:c1:49:f9:26:0e:c8:3b:c5:52:
d8:94:14:78:07:12:a0:38:14:b2:93:0c:3c:ac:b1:03:7b:eb:
10:7c:33:20:1b:69:52:7e:e3:ff:39:7c:1d:a5:9e:35:9f:95:
d8:fd:0a:4e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYxerorMjJNZYjQORShdG5Y8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNWQzNzQwOGEyMjVmMWE4OTY0ZjhkNzJiYzk5ZDliYmU1
MzMyMzQwHhcNMjMxMjEyMTUzOTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjcyMmEyZmI5ZGIxM2FkZWQxNTdkM2RjMmQ3ZGE4N2QzNGFmODM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxVl+Kou0uKXbYTucw++zixOXculQ
74JCEflBkCrtj6lZNF/Ownw2ftZE9L1vreA/UO9Mm9LWGmjEAwrsdEWJNIFWdF4f
7U2ydX975q7bkRJ8RPgAFsHmfHCLNKzxqHnkwbDWn0cBTfADdnLrZikZrx2RCw6N
5X0BxUSvD+CSBC3bPRfdttyESAUyMPkd6h0YbmcbCBQZDILGZ2EznTxGJIkHr5kY
TubLGs1gphiU0e7XQhVKmj9OkT2IWR/QKdcFGIHz0LMjZUjrdN6z1VO/Xltr1WNs
EtmTiVzUge7UynJlvtQ3jBlcXBsMepBZ0DCX0z3cIYLtVBB+UQptvXuCWwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIZyKi+52xOt7RV9PcLX2ofTSvg2MB8GA1UdIwQY
MBaAFINdN0CKIl8aiWT41yvJnZu+UzI0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzEwM1FJb2lYeHFKWlBqWEs4bWRtNzVUTWpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8wMjg0OTItZDYxOS00MmRhLWFhNjQt
Y2I2YzY3NGM1YTNjLzEvaG5JcUw3bmJFNjN0RlgwOXd0ZmFoOU5LLURZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8wMjg0OTItZDYxOS00MmRhLWFhNjQtY2I2YzY3NGM1YTNj
LzEvZzEwM1FJb2lYeHFKWlBqWEs4bWRtNzVUTWpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuVJQAwQC
ue58MA0EAgACMAcDBQMqBY4AMA0GCSqGSIb3DQEBCwUAA4IBAQA3Y1iWNPCpT/IP
/Js/BTZCOPE3N7dzuRu+/fybMeyLPiFrGgBfUx2iaoo0MD9ft9RX0bD3xjeKPgX/
9Yf7m9q1L5D6RYKNbFpNEaZPOrAHRsvwfAgFinjZubQnrh9nPjsEBUXHeMsXCUfa
Gq6sFoXccgHmbkUBYuZ7/YawkC2Pn8XVP7cl8MtGXzPD+eo0AcwIDDl+ByT9elyz
H60NM5Y6rjjsLsdu0Z84CK/li9vfnRKQZMDgqQaTWwlgCVxkyVewWCXd8yiH6JLO
2EDeHxTBSfkmDsg7xVLYlBR4BxKgOBSykww8rLEDe+sQfDMgG2lSfuP/OXwdpZ41
n5XY/QpO
-----END CERTIFICATE-----
Generated at Sun Jun 8 11:13:02 2025 by rpki-client