Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/44ec43-5935-4ab2-b13d-02eb9a412637/1/HgYpen5tUOYMs6mqBZmCiZGYGOs.roa
File: HgYpen5tUOYMs6mqBZmCiZGYGOs.roa (raw, json)
Hash identifier: XHxh4P1EGg6h1yxo5JW3tXIQC31bq1+SR5I5YKrL9Ys=
Subject key identifier: 1E:06:29:7A:7E:6D:50:E6:0C:B3:A9:AA:05:99:82:89:91:98:18:EB
Certificate issuer: /CN=e2344ba6340961da5eeb4ae239e9a06267793e2e
Certificate serial: 018234DE58907748201D701A7C5F19155100
Authority key identifier: E2:34:4B:A6:34:09:61:DA:5E:EB:4A:E2:39:E9:A0:62:67:79:3E:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4jRLpjQJYdpe60riOemgYmd5Pi4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/44ec43-5935-4ab2-b13d-02eb9a412637/1/HgYpen5tUOYMs6mqBZmCiZGYGOs.roa
Signing time: Mon 25 Jul 2022 10:19:23 +0000
ROA not before: Mon 25 Jul 2022 10:19:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204615
IP address blocks: 185.225.113.0/24 maxlen: 24
185.225.114.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:34:de:58:90:77:48:20:1d:70:1a:7c:5f:19:15:51:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2344ba6340961da5eeb4ae239e9a06267793e2e
Validity
Not Before: Jul 25 10:19:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1e06297a7e6d50e60cb3a9aa05998289919818eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:44:0e:ce:54:71:82:30:c6:3e:b0:67:d8:19:
2d:00:42:44:2c:f4:64:dd:21:78:d8:a1:3b:c2:d5:
09:0a:eb:81:ed:1b:26:7a:0d:a5:e1:9d:e0:6c:f5:
9a:f5:8e:52:a3:1e:4a:53:c5:7a:b6:9d:5d:eb:4a:
4c:b6:c0:bf:5f:7e:14:4a:51:9e:b4:d5:18:81:6e:
b3:68:bb:5f:3a:6d:84:99:6c:6c:44:3d:f3:af:3d:
54:29:46:e0:16:5e:32:e0:32:61:0f:f7:db:91:bd:
75:e1:d6:0a:85:40:a4:18:74:75:a8:0d:59:8f:8b:
ee:f8:ef:07:08:56:7b:dc:97:33:6f:2e:80:c2:1c:
09:e0:68:d3:26:80:f2:1e:d2:68:9d:a8:a3:7b:5a:
a6:4d:d6:a9:20:6c:02:28:a6:44:9e:75:9a:85:94:
18:7e:ca:ca:1b:f2:48:1d:77:ef:62:44:fe:29:73:
62:de:22:2b:46:e3:b8:9b:17:d4:ce:f9:6f:43:b6:
77:9b:8f:83:4f:e9:7b:16:f5:17:2b:ac:83:a6:f7:
44:7f:65:7e:42:17:94:5d:82:e7:b7:04:24:17:b4:
bd:c0:68:36:fe:19:dd:1f:35:40:c7:5c:a8:52:59:
84:9d:74:18:69:28:fc:31:77:71:f6:12:57:7d:71:
76:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:06:29:7A:7E:6D:50:E6:0C:B3:A9:AA:05:99:82:89:91:98:18:EB
X509v3 Authority Key Identifier:
keyid:E2:34:4B:A6:34:09:61:DA:5E:EB:4A:E2:39:E9:A0:62:67:79:3E:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4jRLpjQJYdpe60riOemgYmd5Pi4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/44ec43-5935-4ab2-b13d-02eb9a412637/1/HgYpen5tUOYMs6mqBZmCiZGYGOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/44ec43-5935-4ab2-b13d-02eb9a412637/1/4jRLpjQJYdpe60riOemgYmd5Pi4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.113.0-185.225.115.255
Signature Algorithm: sha256WithRSAEncryption
4c:cf:07:94:e5:50:99:a3:36:64:54:70:f3:2b:08:11:6a:85:
e0:ae:c1:5f:8a:3e:87:66:a8:c2:67:06:48:c0:53:b2:dc:91:
bd:6e:51:8d:6e:f2:11:4e:d4:29:a3:d2:fb:48:db:fa:fe:00:
90:69:0e:f2:7c:9c:04:75:88:7b:da:21:f1:44:c3:6f:c9:c2:
21:e6:53:77:2e:62:02:ae:07:4a:30:2c:fe:6c:2e:0d:a4:ca:
a5:68:d2:db:b9:3e:25:d8:f7:41:81:b9:b7:29:ff:72:00:49:
d3:38:62:de:f0:a4:00:9d:95:b9:1f:17:b5:fa:36:03:ad:82:
6c:d6:2e:f0:91:ca:3f:57:2e:f3:17:66:f9:75:87:e2:a4:00:
02:ac:95:2b:db:fc:10:82:db:07:b5:34:41:2f:13:24:f4:fd:
a4:8d:fa:07:00:ed:a3:ac:25:e0:9a:fa:5d:2b:07:2a:d9:cf:
a5:bb:72:52:7c:f3:9a:01:15:2e:c8:4a:33:06:67:63:5d:38:
6f:73:50:cd:6c:28:ed:10:59:ea:8a:b2:f5:39:6f:1f:f3:b2:
65:25:63:f0:24:23:c7:bf:bc:5a:a7:bd:30:2c:13:59:5a:bc:
e1:3c:a4:89:59:86:c4:af:12:42:41:fb:92:00:a9:23:47:55:
bd:da:fc:c1
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYI03liQd0ggHXAafF8ZFVEAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyMzQ0YmE2MzQwOTYxZGE1ZWViNGFlMjM5ZTlhMDYyNjc3
OTNlMmUwHhcNMjIwNzI1MTAxOTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTA2Mjk3YTdlNmQ1MGU2MGNiM2E5YWEwNTk5ODI4OTkxOTgxOGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtkQOzlRxgjDGPrBn2BktAEJELPRk
3SF42KE7wtUJCuuB7Rsmeg2l4Z3gbPWa9Y5Sox5KU8V6tp1d60pMtsC/X34USlGe
tNUYgW6zaLtfOm2EmWxsRD3zrz1UKUbgFl4y4DJhD/fbkb114dYKhUCkGHR1qA1Z
j4vu+O8HCFZ73Jczby6AwhwJ4GjTJoDyHtJonaije1qmTdapIGwCKKZEnnWahZQY
fsrKG/JIHXfvYkT+KXNi3iIrRuO4mxfUzvlvQ7Z3m4+DT+l7FvUXK6yDpvdEf2V+
QheUXYLntwQkF7S9wGg2/hndHzVAx1yoUlmEnXQYaSj8MXdx9hJXfXF2YQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFB4GKXp+bVDmDLOpqgWZgomRmBjrMB8GA1UdIwQY
MBaAFOI0S6Y0CWHaXutK4jnpoGJneT4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGpSTHBqUUpZZHBlNjByaU9lbWdZbWQ1UGk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NGVjNDMtNTkzNS00YWIyLWIxM2Qt
MDJlYjlhNDEyNjM3LzEvSGdZcGVuNXRVT1lNczZtcUJabUNpWkdZR09zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NGVjNDMtNTkzNS00YWIyLWIxM2QtMDJlYjlhNDEyNjM3
LzEvNGpSTHBqUUpZZHBlNjByaU9lbWdZbWQ1UGk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC54XED
BAK54XAwDQYJKoZIhvcNAQELBQADggEBAEzPB5TlUJmjNmRUcPMrCBFqheCuwV+K
PodmqMJnBkjAU7Lckb1uUY1u8hFO1Cmj0vtI2/r+AJBpDvJ8nAR1iHvaIfFEw2/J
wiHmU3cuYgKuB0owLP5sLg2kyqVo0tu5PiXY90GBubcp/3IASdM4Yt7wpACdlbkf
F7X6NgOtgmzWLvCRyj9XLvMXZvl1h+KkAAKslSvb/BCC2we1NEEvEyT0/aSN+gcA
7aOsJeCa+l0rByrZz6W7clJ885oBFS7ISjMGZ2NdOG9zUM1sKO0QWeqKsvU5bx/z
smUlY/AkI8e/vFqnvTAsE1lavOE8pIlZhsSvEkJB+5IAqSNHVb3a/ME=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:40:24 2025 by rpki-client