Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/02cccd-0433-4330-981c-c672d673686f/1/hNx4BBAJEolQ7aWqmHgsPuB6ZS8.roa
File: hNx4BBAJEolQ7aWqmHgsPuB6ZS8.roa (raw, json)
Hash identifier: LeiP9XLPfBbPQ28h5qKijKsF8uWkiS2xs5DIOjdoF0c=
Subject key identifier: 84:DC:78:04:10:09:12:89:50:ED:A5:AA:98:78:2C:3E:E0:7A:65:2F
Certificate issuer: /CN=579353cb42e0c4fba5cae253a5768bc1f2465b99
Certificate serial: 01856F0B32A6CB1A42F22C0CD8303342F1F7
Authority key identifier: 57:93:53:CB:42:E0:C4:FB:A5:CA:E2:53:A5:76:8B:C1:F2:46:5B:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V5NTy0LgxPulyuJTpXaLwfJGW5k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/02cccd-0433-4330-981c-c672d673686f/1/hNx4BBAJEolQ7aWqmHgsPuB6ZS8.roa
Signing time: Sun 01 Jan 2023 20:34:42 +0000
ROA not before: Sun 01 Jan 2023 20:34:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211559
IP address blocks: 185.25.14.0/23 maxlen: 23
185.25.12.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:0b:32:a6:cb:1a:42:f2:2c:0c:d8:30:33:42:f1:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=579353cb42e0c4fba5cae253a5768bc1f2465b99
Validity
Not Before: Jan 1 20:34:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=84dc78041009128950eda5aa98782c3ee07a652f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:fc:0a:a1:fb:99:09:f3:0a:da:a9:e6:19:b7:
47:04:86:0a:36:95:8b:a0:e1:ab:b6:fa:a0:2f:75:
73:d1:bd:79:82:06:5c:3c:03:80:53:4a:9f:c1:1c:
89:d6:04:48:aa:30:38:70:bf:cd:65:c3:73:58:01:
af:40:84:4c:2e:cc:15:95:2d:d4:b1:97:ee:a3:f1:
31:90:e0:9f:3a:e3:98:34:f5:97:9d:5c:35:b8:da:
c3:83:c1:37:56:21:2b:53:70:63:ad:af:46:c4:61:
9b:ac:98:b4:2c:a7:cf:d0:96:90:6b:a8:97:92:b0:
b3:6c:6d:40:42:f4:79:e5:96:81:98:e4:12:37:eb:
60:b3:7d:02:b4:ac:97:dd:8e:7c:a5:05:5b:20:6c:
71:78:84:8c:8b:95:b1:00:23:a9:33:8e:5e:bd:a8:
02:af:b0:d6:67:5f:eb:8b:0f:bf:30:fb:aa:85:35:
93:31:73:ca:2b:75:33:3f:10:b4:4d:44:79:20:54:
ac:b3:87:39:c8:51:af:e1:21:8b:48:91:07:9d:83:
b4:dc:b8:8e:d0:b8:4d:dc:b0:6f:93:ad:69:7c:11:
76:f7:dc:2a:e3:9b:3a:f5:28:69:3e:e4:ed:a7:1e:
30:16:7a:03:23:a4:87:10:60:f4:87:ab:6d:3a:c1:
c5:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:DC:78:04:10:09:12:89:50:ED:A5:AA:98:78:2C:3E:E0:7A:65:2F
X509v3 Authority Key Identifier:
keyid:57:93:53:CB:42:E0:C4:FB:A5:CA:E2:53:A5:76:8B:C1:F2:46:5B:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V5NTy0LgxPulyuJTpXaLwfJGW5k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/02cccd-0433-4330-981c-c672d673686f/1/hNx4BBAJEolQ7aWqmHgsPuB6ZS8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/02cccd-0433-4330-981c-c672d673686f/1/V5NTy0LgxPulyuJTpXaLwfJGW5k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.25.12.0/22
Signature Algorithm: sha256WithRSAEncryption
58:88:36:41:26:91:79:3e:1b:a4:89:88:90:1e:5d:bc:bb:33:
0e:b1:76:d0:0f:e9:a7:a4:79:17:ad:5a:cd:4c:74:07:93:9f:
0c:e4:6d:b7:24:8a:bd:48:f1:0b:f6:47:7f:30:b3:7c:a0:40:
19:ad:ed:ff:24:54:21:c8:f6:6f:af:85:59:cc:18:3e:df:87:
25:e9:30:43:d3:c9:d0:c8:d1:49:c8:e9:72:b0:cf:c3:b1:51:
0f:f5:b4:05:0b:a8:ef:20:a4:96:34:04:51:f7:30:ae:4b:31:
53:1d:9e:28:d1:52:a9:3a:39:53:02:48:95:f0:e9:b7:05:a0:
57:1c:bb:09:3e:bc:e9:3a:7d:65:19:65:92:57:a7:71:d1:4d:
3e:9a:ad:f9:5f:a4:83:ce:7b:cf:2c:5c:48:97:4d:86:19:ec:
fa:88:af:df:b6:63:0c:7a:e9:6b:fc:36:dc:14:f2:16:c2:a2:
08:91:2f:5c:c1:76:8f:53:75:42:a8:7a:06:16:60:24:c3:3f:
c6:e9:f9:e4:ea:3c:06:5d:5c:42:0a:3d:04:df:f1:0f:0c:8e:
48:65:50:6f:b4:16:9c:e5:2d:a4:a7:b4:e4:c8:85:9f:34:f2:
8e:ff:2a:68:8b:ae:f3:6c:09:6b:a1:3e:bf:d1:62:de:a3:2a:
40:ca:7a:45
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvCzKmyxpC8iwM2DAzQvH3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3OTM1M2NiNDJlMGM0ZmJhNWNhZTI1M2E1NzY4YmMxZjI0
NjViOTkwHhcNMjMwMTAxMjAzNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGRjNzgwNDEwMDkxMjg5NTBlZGE1YWE5ODc4MmMzZWUwN2E2NTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgvwKofuZCfMK2qnmGbdHBIYKNpWL
oOGrtvqgL3Vz0b15ggZcPAOAU0qfwRyJ1gRIqjA4cL/NZcNzWAGvQIRMLswVlS3U
sZfuo/ExkOCfOuOYNPWXnVw1uNrDg8E3ViErU3Bjra9GxGGbrJi0LKfP0JaQa6iX
krCzbG1AQvR55ZaBmOQSN+tgs30CtKyX3Y58pQVbIGxxeISMi5WxACOpM45evagC
r7DWZ1/riw+/MPuqhTWTMXPKK3UzPxC0TUR5IFSss4c5yFGv4SGLSJEHnYO03LiO
0LhN3LBvk61pfBF299wq45s69ShpPuTtpx4wFnoDI6SHEGD0h6ttOsHFMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFITceAQQCRKJUO2lqph4LD7gemUvMB8GA1UdIwQY
MBaAFFeTU8tC4MT7pcriU6V2i8HyRluZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjVOVHkwTGd4UHVseXVKVHBYYUx3ZkpHVzVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi8wMmNjY2QtMDQzMy00MzMwLTk4MWMt
YzY3MmQ2NzM2ODZmLzEvaE54NEJCQUpFb2xRN2FXcW1IZ3NQdUI2WlM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi8wMmNjY2QtMDQzMy00MzMwLTk4MWMtYzY3MmQ2NzM2ODZm
LzEvVjVOVHkwTGd4UHVseXVKVHBYYUx3ZkpHVzVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuRkMMA0G
CSqGSIb3DQEBCwUAA4IBAQBYiDZBJpF5PhukiYiQHl28uzMOsXbQD+mnpHkXrVrN
THQHk58M5G23JIq9SPEL9kd/MLN8oEAZre3/JFQhyPZvr4VZzBg+34cl6TBD08nQ
yNFJyOlysM/DsVEP9bQFC6jvIKSWNARR9zCuSzFTHZ4o0VKpOjlTAkiV8Om3BaBX
HLsJPrzpOn1lGWWSV6dx0U0+mq35X6SDznvPLFxIl02GGez6iK/ftmMMeulr/Dbc
FPIWwqIIkS9cwXaPU3VCqHoGFmAkwz/G6fnk6jwGXVxCCj0E3/EPDI5IZVBvtBac
5S2kp7TkyIWfNPKO/ypoi67zbAlroT6/0WLeoypAynpF
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:41:44 2025 by rpki-client