Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/Hk_cRpGr7Y4Z3XEkhVOiKekqudo.roa
File: Hk_cRpGr7Y4Z3XEkhVOiKekqudo.roa (raw, json)
Hash identifier: 0rafe9OYkUQd9GompEzaciAibRUV038Y3S1S+mJcFeM=
Subject key identifier: 1E:4F:DC:46:91:AB:ED:8E:19:DD:71:24:85:53:A2:29:E9:2A:B9:DA
Certificate issuer: /CN=04a2ae2cd094333018c41daafb474c6cfa80d07d
Certificate serial: 01912BE1
Authority key identifier: 04:A2:AE:2C:D0:94:33:30:18:C4:1D:AA:FB:47:4C:6C:FA:80:D0:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/Hk_cRpGr7Y4Z3XEkhVOiKekqudo.roa
Signing time: Tue 29 Mar 2022 06:52:56 +0000
ROA not before: Tue 29 Mar 2022 06:52:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12426
IP address blocks: 185.28.144.0/22 maxlen: 22
217.145.192.0/20 maxlen: 20
185.69.48.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26291169 (0x1912be1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04a2ae2cd094333018c41daafb474c6cfa80d07d
Validity
Not Before: Mar 29 06:52:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1e4fdc4691abed8e19dd71248553a229e92ab9da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f2:29:a7:d4:58:67:ad:7e:81:6d:ba:a7:d2:
ee:de:ed:4d:46:ce:64:10:da:c9:54:50:a6:ba:7b:
99:d9:75:8c:11:3e:07:7e:13:b4:09:e6:49:42:c4:
c4:ca:19:ba:40:70:a1:16:dd:a2:86:86:36:36:64:
2c:88:21:ba:b8:9a:69:94:bf:9a:c2:43:3e:4f:b6:
57:a1:a7:87:ea:37:0c:80:1d:c8:d8:61:8d:74:29:
cd:37:fd:37:b1:57:db:30:66:cc:32:f0:2a:39:d0:
23:06:55:4a:a6:03:f8:00:2e:81:18:a4:00:12:5f:
ff:9d:38:d1:80:28:6d:26:f9:5f:57:74:c7:cc:9d:
66:64:bb:a9:0c:78:4a:5e:10:ce:cd:e1:a3:f9:18:
a4:7b:1e:7f:eb:89:b8:0a:18:b0:7f:b8:26:bf:12:
91:d2:d5:2e:21:18:cd:27:4d:24:3c:cf:e3:b8:ba:
f5:ab:de:bf:57:34:01:89:3c:c2:c5:fa:92:dd:fb:
21:0c:1f:b0:37:ef:da:96:fc:9e:86:19:e6:14:5f:
dc:92:ce:61:3e:28:bc:e1:d4:73:13:8b:e8:e3:09:
53:65:d2:1d:30:d5:b6:eb:cb:aa:2b:98:ad:cc:e7:
44:2c:25:47:01:37:ac:42:af:03:f4:c8:7d:27:04:
ba:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:4F:DC:46:91:AB:ED:8E:19:DD:71:24:85:53:A2:29:E9:2A:B9:DA
X509v3 Authority Key Identifier:
keyid:04:A2:AE:2C:D0:94:33:30:18:C4:1D:AA:FB:47:4C:6C:FA:80:D0:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/Hk_cRpGr7Y4Z3XEkhVOiKekqudo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/BKKuLNCUMzAYxB2q-0dMbPqA0H0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.28.144.0/22
185.69.48.0/22
217.145.192.0/20
Signature Algorithm: sha256WithRSAEncryption
86:36:e0:6d:66:f5:ae:89:2d:1e:b6:dc:b5:3d:ac:86:78:8e:
7d:ca:2c:56:41:64:95:94:8c:9d:5e:af:dd:59:f3:6d:64:0c:
d8:94:39:69:12:dd:74:76:0c:2e:e9:3c:40:0a:0a:11:59:f0:
9d:bb:43:b2:9d:a4:25:09:a7:f7:58:8c:c6:c8:ea:65:e1:0c:
f0:d3:e2:0d:2d:44:92:11:d0:9d:ee:72:23:d0:23:14:f2:49:
88:56:79:ff:e9:2e:be:3a:a5:f0:cd:a3:57:4d:05:b1:9c:d7:
76:ef:7f:75:87:df:2c:9a:39:b7:ad:a4:ca:94:9f:db:f3:96:
fe:ea:47:72:ea:32:78:37:75:8c:97:73:cf:5f:14:33:0d:dc:
11:ae:77:f7:a1:6a:d0:2e:e5:bb:1e:6c:dc:ea:cd:ad:ec:48:
d4:de:c1:f6:c3:31:e6:bb:65:34:89:6c:22:d0:a6:3c:b6:88:
88:35:77:b7:b0:93:9b:68:5e:d0:f8:a5:eb:60:95:e4:aa:b7:
87:d8:97:8d:5a:fb:ee:c3:27:59:d8:c1:1b:42:ed:2c:c5:b7:
90:a1:1e:65:96:fd:ff:44:26:7e:8a:9a:d3:ab:25:12:33:be:
2c:56:09:7f:3c:63:b1:41:1d:dd:e9:74:1d:70:b4:62:6f:d1:
30:7a:f0:5c
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEAZEr4TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NGEyYWUyY2QwOTQzMzMwMThjNDFkYWFmYjQ3NGM2Y2ZhODBkMDdkMB4XDTIyMDMy
OTA2NTI1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWU0ZmRjNDY5MWFi
ZWQ4ZTE5ZGQ3MTI0ODU1M2EyMjllOTJhYjlkYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALjyKafUWGetfoFtuqfS7t7tTUbOZBDayVRQprp7mdl1jBE+
B34TtAnmSULExMoZukBwoRbdooaGNjZkLIghuriaaZS/msJDPk+2V6Gnh+o3DIAd
yNhhjXQpzTf9N7FX2zBmzDLwKjnQIwZVSqYD+AAugRikABJf/5040YAobSb5X1d0
x8ydZmS7qQx4Sl4Qzs3ho/kYpHsef+uJuAoYsH+4Jr8SkdLVLiEYzSdNJDzP47i6
9avev1c0AYk8wsX6kt37IQwfsDfv2pb8noYZ5hRf3JLOYT4ovOHUcxOL6OMJU2XS
HTDVtuvLqiuYrcznRCwlRwE3rEKvA/TIfScEuiECAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQeT9xGkavtjhndcSSFU6Ip6Sq52jAfBgNVHSMEGDAWgBQEoq4s0JQzMBjE
Har7R0xs+oDQfTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JLS3VMTkNVTXpBWXhCMnEtMGRNYlBxQTBIMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmEvNjM0YTEyLWU1OGMtNDU1Yy04OTMzLTZlNmU4ZDkzMDNlOS8x
L0hrX2NScEdyN1k0WjNYRWtoVk9pS2VrcXVkby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmEv
NjM0YTEyLWU1OGMtNDU1Yy04OTMzLTZlNmU4ZDkzMDNlOS8xL0JLS3VMTkNVTXpB
WXhCMnEtMGRNYlBxQTBIMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEArkckAMEArlFMAMEBNmRwDANBgkq
hkiG9w0BAQsFAAOCAQEAhjbgbWb1roktHrbctT2shniOfcosVkFklZSMnV6v3Vnz
bWQM2JQ5aRLddHYMLuk8QAoKEVnwnbtDsp2kJQmn91iMxsjqZeEM8NPiDS1EkhHQ
ne5yI9AjFPJJiFZ5/+kuvjql8M2jV00FsZzXdu9/dYffLJo5t62kypSf2/OW/upH
cuoyeDd1jJdzz18UMw3cEa5396Fq0C7lux5s3OrNrexI1N7B9sMx5rtlNIlsItCm
PLaIiDV3t7CTm2he0Pil62CV5Kq3h9iXjVr77sMnWdjBG0LtLMW3kKEeZZb9/0Qm
foqa06slEjO+LFYJfzxjsUEd3el0HXC0Ym/RMHrwXA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:17:54 2025 by rpki-client