Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/a3a311-3784-4818-abf9-e5fd6e9842ab/1/HXfGMUb6D1ugSdNBGTVVPv1Cfb8.roa
File: HXfGMUb6D1ugSdNBGTVVPv1Cfb8.roa (raw, json)
Hash identifier: huzDz0zZXSgvHbrode7nTBD/5RSY6DXRDncQ7TLq0jY=
Subject key identifier: 1D:77:C6:31:46:FA:0F:5B:A0:49:D3:41:19:35:55:3E:FD:42:7D:BF
Certificate issuer: /CN=ebfabfa628063f6b8e9888566f5f3fcfa798c621
Certificate serial: 0185701527EFDE764F780E63B3405BD4B0F3
Authority key identifier: EB:FA:BF:A6:28:06:3F:6B:8E:98:88:56:6F:5F:3F:CF:A7:98:C6:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6_q_pigGP2uOmIhWb18_z6eYxiE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/a3a311-3784-4818-abf9-e5fd6e9842ab/1/HXfGMUb6D1ugSdNBGTVVPv1Cfb8.roa
Signing time: Mon 02 Jan 2023 01:25:12 +0000
ROA not before: Mon 02 Jan 2023 01:25:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24634
IP address blocks: 80.79.144.0/20 maxlen: 24
185.125.156.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:15:27:ef:de:76:4f:78:0e:63:b3:40:5b:d4:b0:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebfabfa628063f6b8e9888566f5f3fcfa798c621
Validity
Not Before: Jan 2 01:25:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d77c63146fa0f5ba049d3411935553efd427dbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:aa:cd:2b:d9:fe:f8:15:13:6a:e7:31:4d:a6:
a8:0a:bc:11:eb:5b:45:a8:86:5e:93:94:db:d2:93:
13:16:c5:4f:4a:6d:32:6f:68:a7:57:ee:ae:f8:f8:
4b:cb:a0:bb:ae:a3:4a:4b:b6:ba:44:13:de:85:55:
80:ad:37:9a:57:69:2f:fd:0a:83:5d:39:ed:c9:4d:
e8:7c:2f:b5:4c:44:12:88:1c:c6:a9:a6:a6:df:fc:
bf:89:36:12:b9:a3:8e:d7:a3:75:9d:71:6e:2c:5a:
32:95:cf:72:04:6d:99:e2:dd:a3:f1:0a:bc:6d:0e:
ef:e5:3e:12:a7:b5:99:ea:f6:fb:08:f0:35:4b:ba:
15:59:3f:54:3d:40:b9:d0:ce:66:67:a1:57:f7:49:
f3:70:ce:aa:04:d1:8e:9d:a8:51:14:75:dd:91:09:
23:5f:58:bb:13:a6:cc:6f:04:3f:da:fe:b0:74:78:
22:ba:9f:f7:f9:79:d7:87:06:3e:a4:13:a7:61:57:
98:5b:f0:de:45:7f:70:da:55:25:6b:e3:6d:7a:7c:
b7:78:f9:4f:f7:c7:b5:ec:02:d2:54:b0:f5:35:65:
fb:84:39:47:70:8f:4e:70:e7:54:d0:67:a1:7f:28:
32:16:12:b3:24:f2:17:0e:13:9a:6d:6f:cc:9f:1b:
c8:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:77:C6:31:46:FA:0F:5B:A0:49:D3:41:19:35:55:3E:FD:42:7D:BF
X509v3 Authority Key Identifier:
keyid:EB:FA:BF:A6:28:06:3F:6B:8E:98:88:56:6F:5F:3F:CF:A7:98:C6:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6_q_pigGP2uOmIhWb18_z6eYxiE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a3a311-3784-4818-abf9-e5fd6e9842ab/1/HXfGMUb6D1ugSdNBGTVVPv1Cfb8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a3a311-3784-4818-abf9-e5fd6e9842ab/1/6_q_pigGP2uOmIhWb18_z6eYxiE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.79.144.0/20
185.125.156.0/22
Signature Algorithm: sha256WithRSAEncryption
70:71:97:45:90:90:66:7f:cf:a3:87:58:87:13:aa:e2:a4:36:
37:19:47:0b:79:bd:3c:84:82:42:63:3b:96:09:b6:e4:af:22:
33:58:2b:73:8f:61:79:f4:fa:da:7c:17:f8:1d:22:71:fe:d8:
f5:53:7d:ef:cd:d5:3e:6a:3f:85:78:fb:f8:80:43:6e:1f:4f:
cc:b4:67:8c:b3:f9:2c:23:05:e0:41:12:84:83:9d:97:1c:78:
e2:6f:6d:b3:59:d2:f9:86:79:87:e4:c7:40:d8:b5:9e:52:2d:
6b:2f:75:f9:05:f5:dd:68:cd:54:ec:30:dc:af:16:b7:c2:c4:
48:7b:c6:97:f2:dc:a6:33:ba:09:c9:01:53:43:ef:bd:f4:68:
db:29:f4:3b:d3:c7:a2:dd:21:16:2c:33:7d:e7:73:fb:f1:e1:
31:37:57:81:a9:0a:fb:34:e0:a3:05:f8:c4:5f:69:0a:c4:f3:
71:bf:26:ef:e3:10:24:42:77:6b:ea:68:32:6d:b7:69:dd:41:
08:f7:8f:a5:de:4c:8d:89:c3:25:38:bb:ad:fd:0a:20:5e:65:
7e:af:06:4c:34:1e:1e:f3:3f:be:3f:d4:30:82:aa:be:88:42:
cf:2d:d7:5c:73:6f:36:3a:4b:3d:03:e4:85:50:a2:93:1b:95:
47:17:bf:0b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwFSfv3nZPeA5js0Bb1LDzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZmFiZmE2MjgwNjNmNmI4ZTk4ODg1NjZmNWYzZmNmYTc5
OGM2MjEwHhcNMjMwMTAyMDEyNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDc3YzYzMTQ2ZmEwZjViYTA0OWQzNDExOTM1NTUzZWZkNDI3ZGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAharNK9n++BUTaucxTaaoCrwR61tF
qIZek5Tb0pMTFsVPSm0yb2inV+6u+PhLy6C7rqNKS7a6RBPehVWArTeaV2kv/QqD
XTntyU3ofC+1TEQSiBzGqaam3/y/iTYSuaOO16N1nXFuLFoylc9yBG2Z4t2j8Qq8
bQ7v5T4Sp7WZ6vb7CPA1S7oVWT9UPUC50M5mZ6FX90nzcM6qBNGOnahRFHXdkQkj
X1i7E6bMbwQ/2v6wdHgiup/3+XnXhwY+pBOnYVeYW/DeRX9w2lUla+Nteny3ePlP
98e17ALSVLD1NWX7hDlHcI9OcOdU0GehfygyFhKzJPIXDhOabW/MnxvIfwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB13xjFG+g9boEnTQRk1VT79Qn2/MB8GA1UdIwQY
MBaAFOv6v6YoBj9rjpiIVm9fP8+nmMYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNl9xX3BpZ0dQMnVPbUloV2IxOF96NmVZeGlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9hM2EzMTEtMzc4NC00ODE4LWFiZjkt
ZTVmZDZlOTg0MmFiLzEvSFhmR01VYjZEMXVnU2ROQkdUVlZQdjFDZmI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9hM2EzMTEtMzc4NC00ODE4LWFiZjktZTVmZDZlOTg0MmFi
LzEvNl9xX3BpZ0dQMnVPbUloV2IxOF96NmVZeGlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEUE+QAwQC
uX2cMA0GCSqGSIb3DQEBCwUAA4IBAQBwcZdFkJBmf8+jh1iHE6ripDY3GUcLeb08
hIJCYzuWCbbkryIzWCtzj2F59PrafBf4HSJx/tj1U33vzdU+aj+FePv4gENuH0/M
tGeMs/ksIwXgQRKEg52XHHjib22zWdL5hnmH5MdA2LWeUi1rL3X5BfXdaM1U7DDc
rxa3wsRIe8aX8tymM7oJyQFTQ++99GjbKfQ708ei3SEWLDN953P78eExN1eBqQr7
NOCjBfjEX2kKxPNxvybv4xAkQndr6mgybbdp3UEI94+l3kyNicMlOLut/QogXmV+
rwZMNB4e8z++P9Qwgqq+iELPLddcc282Oks9A+SFUKKTG5VHF78L
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:29:23 2025 by rpki-client