Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/HIXNuA6-K-qj4cVqU1ZK-7N9wss.roa
File: HIXNuA6-K-qj4cVqU1ZK-7N9wss.roa (raw, json)
Hash identifier: Y2LP/ellENpWzz71Mlbggr19rzohSvTs7/nX90LwhX0=
Subject key identifier: 1C:85:CD:B8:0E:BE:2B:EA:A3:E1:C5:6A:53:56:4A:FB:B3:7D:C2:CB
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 01856E41DA895FBF991AB47B0BBCD9B0DAD9
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/HIXNuA6-K-qj4cVqU1ZK-7N9wss.roa
Signing time: Sun 01 Jan 2023 16:54:47 +0000
ROA not before: Sun 01 Jan 2023 16:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44289
IP address blocks: 85.204.68.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:41:da:89:5f:bf:99:1a:b4:7b:0b:bc:d9:b0:da:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jan 1 16:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c85cdb80ebe2beaa3e1c56a53564afbb37dc2cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:29:ed:c1:40:07:2d:9f:8a:f5:9b:a8:3b:42:
b8:17:dc:c2:13:6c:fe:52:ea:c1:72:1f:e2:3f:af:
3b:bd:82:e1:6b:db:cc:ce:7b:3a:27:bf:c9:07:0e:
1f:be:59:a4:ef:34:19:4e:53:18:a4:46:67:7b:81:
3a:8c:17:e0:36:db:cd:eb:34:a2:c0:4c:a4:8f:b8:
64:b9:99:73:86:0a:fc:83:61:2f:6f:dc:40:58:03:
35:dd:ed:29:63:2f:f1:78:23:e2:24:ee:03:8b:90:
9c:44:7e:c1:a2:9e:18:0e:3d:d5:8b:2d:b1:38:40:
c4:27:18:11:ee:45:46:b6:65:de:68:5d:79:8e:b1:
fa:10:63:a6:1e:cc:e0:60:3d:ed:d3:cb:36:20:2a:
ee:4b:2c:0f:97:e3:97:18:ff:b1:17:21:6d:42:f7:
e2:f8:b7:64:be:ef:5d:72:71:08:ec:34:c0:23:e4:
16:7d:86:54:d2:fd:fe:69:46:34:a7:2a:86:1a:c8:
f5:7f:b8:c0:95:cb:d5:57:18:2c:a6:b0:fb:1a:4c:
16:ba:3a:0a:bc:a2:ca:9b:dd:59:47:26:21:19:5a:
a0:67:c7:ca:7a:b3:bf:47:4a:7d:bc:f5:5a:f2:ac:
e4:95:28:91:23:9c:2a:0c:08:d2:0f:cb:d9:bc:99:
8c:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:85:CD:B8:0E:BE:2B:EA:A3:E1:C5:6A:53:56:4A:FB:B3:7D:C2:CB
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/HIXNuA6-K-qj4cVqU1ZK-7N9wss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.68.0/24
Signature Algorithm: sha256WithRSAEncryption
44:88:60:5c:3c:a1:61:0c:ce:5f:b2:91:e3:89:24:77:08:67:
90:ab:7f:a4:da:9e:82:98:37:58:26:3f:75:be:fb:13:4c:82:
bc:15:c2:ec:8a:79:48:b0:df:ea:38:5d:ee:2b:80:5c:d7:05:
7f:f1:c9:d2:28:4e:d1:f8:54:85:06:04:83:d7:44:0b:2a:bc:
1c:aa:74:0d:4a:f1:59:da:95:30:7c:12:9b:78:b6:0e:17:29:
af:8b:e0:4f:14:63:86:d7:2f:fc:43:ef:f2:ba:7d:6d:50:06:
93:fc:6c:d1:14:72:a7:07:7d:26:96:2b:bf:d6:4b:e5:88:1c:
9f:dd:cd:90:d1:44:73:c4:a5:73:c7:4c:4e:eb:9b:e5:4c:da:
04:02:e1:38:b1:f0:df:78:e2:1b:7b:0e:d2:4f:be:42:32:05:
5f:0f:c6:f9:21:33:c4:97:59:d9:4a:96:71:16:95:0c:46:ef:
26:ba:e9:f6:e8:c6:42:8f:5e:5d:3f:6e:59:ec:2d:53:0c:21:
19:29:e3:16:02:f5:40:9d:92:19:c4:13:9b:fa:ef:00:d5:8e:
e3:db:9b:33:c2:bf:eb:82:ab:26:05:1e:83:9b:d4:7c:b1:ba:
4a:a5:92:3e:91:43:83:75:47:1f:a5:08:93:ec:a2:fa:a4:63:
56:b0:8a:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuQdqJX7+ZGrR7C7zZsNrZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjMwMTAxMTY1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzg1Y2RiODBlYmUyYmVhYTNlMWM1NmE1MzU2NGFmYmIzN2RjMmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhSntwUAHLZ+K9ZuoO0K4F9zCE2z+
UurBch/iP687vYLha9vMzns6J7/JBw4fvlmk7zQZTlMYpEZne4E6jBfgNtvN6zSi
wEykj7hkuZlzhgr8g2Evb9xAWAM13e0pYy/xeCPiJO4Di5CcRH7Bop4YDj3Viy2x
OEDEJxgR7kVGtmXeaF15jrH6EGOmHszgYD3t08s2ICruSywPl+OXGP+xFyFtQvfi
+Ldkvu9dcnEI7DTAI+QWfYZU0v3+aUY0pyqGGsj1f7jAlcvVVxgsprD7GkwWujoK
vKLKm91ZRyYhGVqgZ8fKerO/R0p9vPVa8qzklSiRI5wqDAjSD8vZvJmMxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFByFzbgOvivqo+HFalNWSvuzfcLLMB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvSElYTnVBNi1LLXFqNGNWcVUxWkstN045d3NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVcxEMA0G
CSqGSIb3DQEBCwUAA4IBAQBEiGBcPKFhDM5fspHjiSR3CGeQq3+k2p6CmDdYJj91
vvsTTIK8FcLsinlIsN/qOF3uK4Bc1wV/8cnSKE7R+FSFBgSD10QLKrwcqnQNSvFZ
2pUwfBKbeLYOFymvi+BPFGOG1y/8Q+/yun1tUAaT/GzRFHKnB30mliu/1kvliByf
3c2Q0URzxKVzx0xO65vlTNoEAuE4sfDfeOIbew7ST75CMgVfD8b5ITPEl1nZSpZx
FpUMRu8muun26MZCj15dP25Z7C1TDCEZKeMWAvVAnZIZxBOb+u8A1Y7j25szwr/r
gqsmBR6Dm9R8sbpKpZI+kUODdUcfpQiT7KL6pGNWsIq6
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:20 2025 by rpki-client