Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/d55683-fec2-47fd-ac6e-9e82da7315cf/1/htfHtF1jUkoFD4_GmaUPCvgPszw.roa
File: htfHtF1jUkoFD4_GmaUPCvgPszw.roa (raw, json)
Hash identifier: mQ4c6VBkZacqp0z/gkDLiKm2JKfNg6tMVPbZ9jvTAd8=
Subject key identifier: 86:D7:C7:B4:5D:63:52:4A:05:0F:8F:C6:99:A5:0F:0A:F8:0F:B3:3C
Certificate issuer: /CN=3c1b83888696fc44478c693d6e7803e9516250e6
Certificate serial: 02CDEA
Authority key identifier: 3C:1B:83:88:86:96:FC:44:47:8C:69:3D:6E:78:03:E9:51:62:50:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PBuDiIaW_ERHjGk9bngD6VFiUOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/d55683-fec2-47fd-ac6e-9e82da7315cf/1/htfHtF1jUkoFD4_GmaUPCvgPszw.roa
Signing time: Wed 13 Apr 2022 15:43:09 +0000
ROA not before: Wed 13 Apr 2022 15:43:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39326
IP address blocks: 185.51.172.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 183786 (0x2cdea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c1b83888696fc44478c693d6e7803e9516250e6
Validity
Not Before: Apr 13 15:43:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=86d7c7b45d63524a050f8fc699a50f0af80fb33c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:65:b7:75:31:6a:0e:03:70:bb:fc:9a:7b:f5:
16:eb:33:9d:ce:74:64:11:96:c3:73:5a:b4:20:80:
24:a4:c8:e9:e7:1b:55:88:85:88:03:6f:e5:c9:28:
bc:6d:f2:ab:aa:15:f1:54:f8:5d:1c:29:42:b9:68:
75:a5:db:69:ca:25:d8:77:98:07:60:36:cf:8b:ee:
bc:30:b5:1d:46:d4:3d:72:42:6b:58:8e:d7:49:e5:
1e:0e:dc:d1:a3:12:27:ca:3f:65:61:d0:87:6e:93:
b7:f2:1e:92:44:79:ae:d2:36:00:9e:7a:a3:da:55:
ba:a4:4a:ae:32:e5:29:6a:9d:01:c2:17:fb:58:53:
74:8f:4b:eb:ba:2a:9e:e3:c1:30:f2:2a:15:29:f0:
7f:3c:e7:96:20:72:8b:60:26:23:aa:1c:12:9f:89:
0d:26:13:ed:b9:88:e9:cb:92:2d:3f:c5:55:40:96:
a0:70:10:06:42:0e:5a:52:f4:8f:7f:df:2d:f5:72:
dd:b0:60:14:ae:6d:e8:af:96:40:98:48:ef:9d:39:
47:3b:ed:f4:8c:af:b9:62:68:40:78:46:f7:a1:1a:
f3:6e:c2:b5:52:e3:52:b5:99:a7:5f:fe:61:b2:1e:
d0:fd:3b:09:a4:c9:5a:4e:7a:5b:0e:2b:49:da:a9:
0a:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:D7:C7:B4:5D:63:52:4A:05:0F:8F:C6:99:A5:0F:0A:F8:0F:B3:3C
X509v3 Authority Key Identifier:
keyid:3C:1B:83:88:86:96:FC:44:47:8C:69:3D:6E:78:03:E9:51:62:50:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PBuDiIaW_ERHjGk9bngD6VFiUOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/d55683-fec2-47fd-ac6e-9e82da7315cf/1/htfHtF1jUkoFD4_GmaUPCvgPszw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/d55683-fec2-47fd-ac6e-9e82da7315cf/1/PBuDiIaW_ERHjGk9bngD6VFiUOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.51.172.0/22
Signature Algorithm: sha256WithRSAEncryption
26:1d:1b:ed:07:50:d3:17:48:4f:8a:e6:a9:ad:4a:7a:5b:a8:
12:6d:30:a2:94:43:36:61:a0:9d:29:d8:14:3e:91:97:fa:50:
20:c1:b9:10:1a:df:9b:6f:66:d0:3d:fc:a2:b9:79:59:fa:da:
ee:c5:6d:29:93:9d:33:50:6e:6d:89:c9:d7:89:8d:56:75:e0:
2f:6b:68:99:19:64:ab:42:4f:e1:c8:ed:85:41:a4:38:05:83:
cb:2f:f9:1c:67:ef:90:45:57:ef:d2:ab:8a:8f:e3:69:35:a2:
02:9f:e7:48:76:4c:33:c1:1f:dc:2a:c8:5d:26:f7:0e:f6:89:
31:7c:ab:da:ac:52:e7:eb:c1:72:87:91:6c:3e:d2:f7:33:a9:
a3:08:b7:db:b3:8c:af:aa:50:be:3c:07:65:77:03:95:ff:0d:
cb:25:cb:a2:ad:26:d8:d5:e5:92:6b:26:a6:b4:b1:c2:e6:73:
21:1d:ec:2b:7f:dc:8f:f2:44:10:86:1e:60:29:e3:b3:af:8c:
0f:36:fe:86:63:d2:b7:7b:1c:38:0e:eb:f6:a5:70:98:09:5c:
6f:63:08:3b:de:e5:16:71:08:c5:81:62:2c:94:98:1e:a3:1b:
9c:44:d3:71:88:4a:9b:cc:02:e1:f6:43:e0:62:dd:94:eb:f0:
5c:d0:78:b2
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAs3qMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDNj
MWI4Mzg4ODY5NmZjNDQ0NzhjNjkzZDZlNzgwM2U5NTE2MjUwZTYwHhcNMjIwNDEz
MTU0MzA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg4NmQ3YzdiNDVkNjM1
MjRhMDUwZjhmYzY5OWE1MGYwYWY4MGZiMzNjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAyGW3dTFqDgNwu/yae/UW6zOdznRkEZbDc1q0IIAkpMjp5xtV
iIWIA2/lySi8bfKrqhXxVPhdHClCuWh1pdtpyiXYd5gHYDbPi+68MLUdRtQ9ckJr
WI7XSeUeDtzRoxInyj9lYdCHbpO38h6SRHmu0jYAnnqj2lW6pEquMuUpap0Bwhf7
WFN0j0vruiqe48Ew8ioVKfB/POeWIHKLYCYjqhwSn4kNJhPtuYjpy5ItP8VVQJag
cBAGQg5aUvSPf98t9XLdsGAUrm3or5ZAmEjvnTlHO+30jK+5YmhAeEb3oRrzbsK1
UuNStZmnX/5hsh7Q/TsJpMlaTnpbDitJ2qkKywIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFIbXx7RdY1JKBQ+PxpmlDwr4D7M8MB8GA1UdIwQYMBaAFDwbg4iGlvxER4xp
PW54A+lRYlDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
UEJ1RGlJYVdfRVJIakdrOWJuZ0Q2VkZpVU9ZLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9iNi9kNTU2ODMtZmVjMi00N2ZkLWFjNmUtOWU4MmRhNzMxNWNmLzEv
aHRmSHRGMWpVa29GRDRfR21hVVBDdmdQc3p3LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9k
NTU2ODMtZmVjMi00N2ZkLWFjNmUtOWU4MmRhNzMxNWNmLzEvUEJ1RGlJYVdfRVJI
akdrOWJuZ0Q2VkZpVU9ZLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTOsMA0GCSqGSIb3DQEBCwUAA4IB
AQAmHRvtB1DTF0hPiuaprUp6W6gSbTCilEM2YaCdKdgUPpGX+lAgwbkQGt+bb2bQ
PfyiuXlZ+truxW0pk50zUG5ticnXiY1WdeAva2iZGWSrQk/hyO2FQaQ4BYPLL/kc
Z++QRVfv0quKj+NpNaICn+dIdkwzwR/cKshdJvcO9okxfKvarFLn68Fyh5FsPtL3
M6mjCLfbs4yvqlC+PAdldwOV/w3LJcuirSbY1eWSayamtLHC5nMhHewrf9yP8kQQ
hh5gKeOzr4wPNv6GY9K3exw4Duv2pXCYCVxvYwg73uUWcQjFgWIslJgeoxucRNNx
iEqbzALh9kPgYt2U6/Bc0Hiy
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:32:47 2025 by rpki-client