Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/HXUI2r6wyhgEfbjlXMyLEKPX3uA.roa
File: HXUI2r6wyhgEfbjlXMyLEKPX3uA.roa (raw, json)
Hash identifier: xR6REjN1ZyfSB76r5TvNN0zYHiXW8IFqtOnJkYQp7Rs=
Subject key identifier: 1D:75:08:DA:BE:B0:CA:18:04:7D:B8:E5:5C:CC:8B:10:A3:D7:DE:E0
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 17412801
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/HXUI2r6wyhgEfbjlXMyLEKPX3uA.roa
Signing time: Sat 01 Jan 2022 16:03:44 +0000
ROA not before: Sat 01 Jan 2022 16:03:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31609
IP address blocks: 94.176.166.0/23 maxlen: 23
89.33.243.0/24 maxlen: 24
89.37.108.0/22 maxlen: 22
86.106.168.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 390146049 (0x17412801)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jan 1 16:03:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1d7508dabeb0ca18047db8e55ccc8b10a3d7dee0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:fc:46:00:12:77:2a:34:e9:ec:39:62:a5:e7:
01:d2:87:33:4f:e2:07:72:5c:94:bf:88:40:32:dc:
dc:3c:3b:99:d7:f5:ff:79:2f:50:5f:d6:fe:76:51:
06:0d:ab:31:66:af:23:b8:0b:16:39:08:47:21:39:
2c:7b:fb:b8:e2:c3:6d:d6:9d:e5:7e:24:46:14:48:
7e:e2:b5:6b:64:31:67:99:3d:ae:b2:9c:58:85:73:
e6:0b:60:2e:e9:47:3a:dd:b2:94:dc:ac:b6:72:b7:
a3:79:99:3f:25:96:3a:66:9e:33:cb:0c:8b:ef:25:
29:37:eb:cc:39:71:16:ab:95:95:e1:d7:fe:93:0e:
54:c2:71:35:0b:f9:32:b7:f8:6a:5e:e8:d6:ff:5b:
23:e8:3b:a1:82:4b:32:39:a1:aa:ec:74:f3:91:f6:
62:d7:7b:7c:3c:93:77:0b:aa:05:4b:b1:c2:fa:78:
3a:07:3f:7c:c0:3f:c8:76:72:a9:fc:89:29:80:13:
59:98:c2:30:60:67:38:8d:d1:f5:1d:da:d0:9e:0c:
37:96:9c:2a:4e:ab:72:51:5a:9f:3f:a3:c4:3a:5d:
89:a6:f5:b2:45:f7:ff:ff:af:70:14:0b:cf:6c:77:
62:9a:27:fd:08:d0:52:5b:3d:c2:7e:72:9a:e3:2a:
8d:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:75:08:DA:BE:B0:CA:18:04:7D:B8:E5:5C:CC:8B:10:A3:D7:DE:E0
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/HXUI2r6wyhgEfbjlXMyLEKPX3uA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.106.168.0/24
89.33.243.0/24
89.37.108.0/22
94.176.166.0/23
Signature Algorithm: sha256WithRSAEncryption
7d:fc:e6:af:a0:4e:ea:35:84:96:39:47:a6:c3:1a:07:6f:57:
bd:bf:7f:94:8d:46:8f:94:4c:3a:29:cb:ef:a2:56:48:d6:77:
99:20:fd:16:04:f1:c4:27:5d:f7:d3:42:ed:a3:18:7e:fd:75:
60:c9:b5:43:7b:60:17:98:27:dc:11:66:e1:da:e7:4f:d2:31:
26:44:cd:85:36:0f:97:41:1a:04:fb:29:b1:b9:31:f5:2a:6d:
d3:00:42:30:ff:e2:ae:83:bd:c9:a6:33:ef:00:0b:9c:72:02:
e4:7e:17:22:43:5c:ab:4e:8d:52:d3:fe:a5:18:1d:fa:58:d1:
23:e9:4d:87:2a:d0:fe:71:54:2f:67:a0:f1:c5:7a:7d:5e:8a:
be:f6:29:fc:08:ce:d8:92:55:91:01:ae:a9:e2:c7:aa:16:15:
5f:f5:09:a4:7a:04:41:e1:ca:30:19:9f:c9:02:ab:95:94:7d:
b0:b0:e9:7a:8b:cb:c5:e0:58:4f:de:68:87:a3:1b:78:17:99:
60:cd:5e:9f:dd:c7:16:7e:87:a1:78:a2:e9:41:08:ea:b5:5a:
21:0c:84:df:b2:8f:8b:a7:27:17:ee:a1:11:ee:4e:08:d3:12:
19:d5:fc:65:ee:31:90:62:1e:d1:d9:cd:97:5b:9c:69:4c:a3:
7c:01:e2:26
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEF0EoATANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZGYxMzJkZjEzZTRiZTUzZDgyNTBjOGM0ODQyMDI2NGVlZjZjMTRjMB4XDTIyMDEw
MTE2MDM0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWQ3NTA4ZGFiZWIw
Y2ExODA0N2RiOGU1NWNjYzhiMTBhM2Q3ZGVlMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALr8RgASdyo06ew5YqXnAdKHM0/iB3JclL+IQDLc3Dw7mdf1
/3kvUF/W/nZRBg2rMWavI7gLFjkIRyE5LHv7uOLDbdad5X4kRhRIfuK1a2QxZ5k9
rrKcWIVz5gtgLulHOt2ylNystnK3o3mZPyWWOmaeM8sMi+8lKTfrzDlxFquVleHX
/pMOVMJxNQv5Mrf4al7o1v9bI+g7oYJLMjmhqux085H2Ytd7fDyTdwuqBUuxwvp4
Ogc/fMA/yHZyqfyJKYATWZjCMGBnOI3R9R3a0J4MN5acKk6rclFanz+jxDpdiab1
skX3//+vcBQLz2x3Ypon/QjQUls9wn5ymuMqjV0CAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBQddQjavrDKGAR9uOVczIsQo9fe4DAfBgNVHSMEGDAWgBR98TLfE+S+U9gl
DIxIQgJk7vbBTDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZmRXkzeFBrdmxQWUpReU1TRUlDWk83MndVdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvYzM3NDk3LTYzNzYtNDYxZS05M2M2LTk3Nzg2NzRlZGM5Ny8x
L0hYVUkycjZ3eWhnRWZiamxYTXlMRUtQWDN1QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
YzM3NDk3LTYzNzYtNDYxZS05M2M2LTk3Nzg2NzRlZGM5Ny8xL2ZmRXkzeFBrdmxQ
WUpReU1TRUlDWk83MndVdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAFZqqAMEAFkh8wMEAlklbAMEAV6w
pjANBgkqhkiG9w0BAQsFAAOCAQEAffzmr6BO6jWEljlHpsMaB29Xvb9/lI1Gj5RM
OinL76JWSNZ3mSD9FgTxxCdd99NC7aMYfv11YMm1Q3tgF5gn3BFm4drnT9IxJkTN
hTYPl0EaBPspsbkx9Spt0wBCMP/iroO9yaYz7wALnHIC5H4XIkNcq06NUtP+pRgd
+ljRI+lNhyrQ/nFUL2eg8cV6fV6KvvYp/AjO2JJVkQGuqeLHqhYVX/UJpHoEQeHK
MBmfyQKrlZR9sLDpeovLxeBYT95oh6MbeBeZYM1en93HFn6HoXii6UEI6rVaIQyE
37KPi6cnF+6hEe5OCNMSGdX8Ze4xkGIe0dnNl1ucaUyjfAHiJg==
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:36:30 2025 by rpki-client