Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/h2ar-j63OiOaBl00AirqjrqHj2c.roa
File: h2ar-j63OiOaBl00AirqjrqHj2c.roa (raw, json)
Hash identifier: krHvJqe7GDUXBqDHEk+gXLaZyidyDJ9WqfcgqhiIvkQ=
Subject key identifier: 87:66:AB:FA:3E:B7:3A:23:9A:06:5D:34:02:2A:EA:8E:BA:87:8F:67
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 1757667F
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/h2ar-j63OiOaBl00AirqjrqHj2c.roa
Signing time: Sat 01 Jan 2022 16:03:56 +0000
ROA not before: Sat 01 Jan 2022 16:03:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61059
IP address blocks: 89.44.88.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 391603839 (0x1757667f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jan 1 16:03:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8766abfa3eb73a239a065d34022aea8eba878f67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:0c:eb:93:b9:73:39:6b:2a:3d:d7:b9:f6:5b:
b5:cb:92:97:be:46:dc:f2:3f:51:6c:1e:3c:94:ba:
da:a3:15:97:0a:2d:29:73:b6:c5:b0:95:7d:33:29:
b5:0d:47:6c:97:7c:5e:39:69:2a:81:a5:d8:8a:c8:
cf:05:4b:62:81:85:01:d1:92:db:4f:32:7a:f8:fd:
ac:98:60:19:fe:fc:a8:af:aa:4d:0c:4a:51:c7:73:
25:d5:64:32:4f:76:55:b8:d2:ef:48:59:2d:a9:5d:
af:74:c3:b4:c2:cc:b6:7c:0d:b4:6f:3b:fc:23:40:
a9:96:c5:8b:52:6d:2e:33:32:db:37:3b:11:59:96:
79:71:2d:9a:2b:3e:cb:f9:e6:9e:23:4d:38:c1:4c:
dd:a5:f1:34:9a:37:86:f3:52:67:7c:14:8b:c6:47:
92:b2:c0:39:24:dd:03:7d:e4:02:f0:ff:be:4b:b0:
c9:dc:ae:5a:99:02:6a:20:1f:23:f0:51:c2:c1:a6:
f4:78:c2:ea:98:e2:b4:fb:1d:63:60:0b:c2:b2:39:
82:17:4f:27:75:ad:e9:ce:f6:b0:c9:97:44:54:d1:
aa:4d:f5:f9:07:03:73:7e:10:05:72:a9:66:11:dc:
66:f4:61:df:5d:11:eb:16:2c:c7:84:34:1c:7e:5b:
ce:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:66:AB:FA:3E:B7:3A:23:9A:06:5D:34:02:2A:EA:8E:BA:87:8F:67
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/h2ar-j63OiOaBl00AirqjrqHj2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.44.88.0/22
Signature Algorithm: sha256WithRSAEncryption
19:0c:36:25:4e:dc:e7:6b:0d:b0:45:b9:09:e3:1c:57:6f:ed:
52:2c:39:54:ab:74:57:a1:c1:e5:2f:a9:f9:9e:fe:1a:86:46:
a0:cb:7b:ce:c4:ab:63:49:3e:fc:52:e3:d9:fa:40:5d:41:da:
c8:17:11:e2:e8:d4:b5:2a:f6:c8:85:e1:45:27:a1:8d:ef:96:
a5:0d:dc:a9:82:2e:40:6f:98:ed:58:0c:e4:ab:6d:6b:80:a5:
11:13:95:d5:df:4d:eb:f7:1c:ec:42:26:61:46:d5:42:b9:33:
3f:2b:5a:52:cf:49:34:c9:67:63:dc:ad:5e:11:1b:d2:ed:8b:
a0:5f:d8:a8:9d:0e:b2:f0:96:4e:6e:aa:30:7f:e4:0c:91:c6:
92:3e:e2:47:73:bc:80:f4:71:4d:bd:00:30:58:af:05:b3:a7:
44:85:a2:8b:3a:0f:6c:8c:12:1e:46:ac:c8:fc:29:8e:68:5a:
20:2b:68:12:de:64:4d:95:69:40:c2:e5:08:5c:c2:4c:15:8d:
27:c6:c5:e4:08:ff:a9:b0:ca:a4:c7:40:42:bf:f7:e6:1a:aa:
f4:b1:53:58:73:e4:af:18:14:c0:3e:0b:a5:0d:4b:ba:9e:f2:
17:ee:d5:e8:f5:42:55:26:dd:69:62:e8:eb:63:2c:9a:72:b9:
85:e9:ed:42
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEF1dmfzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZGYxMzJkZjEzZTRiZTUzZDgyNTBjOGM0ODQyMDI2NGVlZjZjMTRjMB4XDTIyMDEw
MTE2MDM1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODc2NmFiZmEzZWI3
M2EyMzlhMDY1ZDM0MDIyYWVhOGViYTg3OGY2NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMAM65O5czlrKj3XufZbtcuSl75G3PI/UWwePJS62qMVlwot
KXO2xbCVfTMptQ1HbJd8XjlpKoGl2IrIzwVLYoGFAdGS208yevj9rJhgGf78qK+q
TQxKUcdzJdVkMk92VbjS70hZLaldr3TDtMLMtnwNtG87/CNAqZbFi1JtLjMy2zc7
EVmWeXEtmis+y/nmniNNOMFM3aXxNJo3hvNSZ3wUi8ZHkrLAOSTdA33kAvD/vkuw
ydyuWpkCaiAfI/BRwsGm9HjC6pjitPsdY2ALwrI5ghdPJ3Wt6c72sMmXRFTRqk31
+QcDc34QBXKpZhHcZvRh310R6xYsx4Q0HH5bzjcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSHZqv6Prc6I5oGXTQCKuqOuoePZzAfBgNVHSMEGDAWgBR98TLfE+S+U9gl
DIxIQgJk7vbBTDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZmRXkzeFBrdmxQWUpReU1TRUlDWk83MndVdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvYzM3NDk3LTYzNzYtNDYxZS05M2M2LTk3Nzg2NzRlZGM5Ny8x
L2gyYXItajYzT2lPYUJsMDBBaXJxanJxSGoyYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
YzM3NDk3LTYzNzYtNDYxZS05M2M2LTk3Nzg2NzRlZGM5Ny8xL2ZmRXkzeFBrdmxQ
WUpReU1TRUlDWk83MndVdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlksWDANBgkqhkiG9w0BAQsFAAOC
AQEAGQw2JU7c52sNsEW5CeMcV2/tUiw5VKt0V6HB5S+p+Z7+GoZGoMt7zsSrY0k+
/FLj2fpAXUHayBcR4ujUtSr2yIXhRSehje+WpQ3cqYIuQG+Y7VgM5Ktta4ClEROV
1d9N6/cc7EImYUbVQrkzPytaUs9JNMlnY9ytXhEb0u2LoF/YqJ0OsvCWTm6qMH/k
DJHGkj7iR3O8gPRxTb0AMFivBbOnRIWiizoPbIwSHkasyPwpjmhaICtoEt5kTZVp
QMLlCFzCTBWNJ8bF5Aj/qbDKpMdAQr/35hqq9LFTWHPkrxgUwD4LpQ1Lup7yF+7V
6PVCVSbdaWLo62MsmnK5hentQg==
-----END CERTIFICATE-----
Generated at Thu Apr 17 14:56:27 2025 by rpki-client