Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/hsZk3EX9L6KkMvJo8ERS2OI250Y.roa
File: hsZk3EX9L6KkMvJo8ERS2OI250Y.roa (raw, json)
Hash identifier: 9w5+OE75jcQGTUOqMeNNS7DUvfxPM2p80C18GWx1avU=
Subject key identifier: 86:C6:64:DC:45:FD:2F:A2:A4:32:F2:68:F0:44:52:D8:E2:36:E7:46
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 01856E41D38C2D4EC0E03992CE03B7DE29E9
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/hsZk3EX9L6KkMvJo8ERS2OI250Y.roa
Signing time: Sun 01 Jan 2023 16:54:45 +0000
ROA not before: Sun 01 Jan 2023 16:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39277
IP address blocks: 188.210.224.0/21 maxlen: 21
89.32.216.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:41:d3:8c:2d:4e:c0:e0:39:92:ce:03:b7:de:29:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jan 1 16:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=86c664dc45fd2fa2a432f268f04452d8e236e746
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:3b:88:a0:57:83:06:39:ff:e2:b1:31:ac:86:
2e:29:35:cd:e4:cb:d3:69:6c:e0:87:41:e2:0b:4e:
82:da:88:3d:40:a9:a0:ff:60:89:2e:1f:16:68:88:
15:4f:73:10:26:ee:b3:55:9a:83:46:3b:65:b3:b5:
4e:11:96:c7:a0:8c:46:6c:14:c1:2e:86:6b:a1:47:
b6:4c:fa:e5:47:c8:43:67:09:6d:fd:32:05:29:f5:
cf:ca:c1:67:61:94:f6:e0:f2:04:74:6c:fa:79:11:
fc:46:71:8f:52:f3:1e:ee:02:13:73:e5:c5:8f:e9:
40:1b:f9:0d:36:b1:22:e5:0c:9c:ee:78:12:06:4d:
59:5d:15:c3:5c:93:b1:a2:0f:ed:f2:d6:d2:93:17:
77:9d:25:47:b4:e8:4f:29:a5:99:4c:3a:85:f7:6b:
b1:29:ec:6f:7e:06:37:1a:fc:45:06:dc:d6:b8:70:
64:47:d5:ed:dd:81:bc:62:71:b2:25:d3:93:d0:f8:
a1:18:f3:ac:eb:1d:53:81:cf:75:92:41:69:54:eb:
82:c1:f9:e0:17:8d:9f:2f:e2:60:af:18:2d:9d:fe:
82:d2:29:13:5e:96:8c:23:39:1b:8f:40:ff:6d:10:
72:4f:bc:96:7c:38:97:ba:a9:b5:e5:22:45:06:72:
c9:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:C6:64:DC:45:FD:2F:A2:A4:32:F2:68:F0:44:52:D8:E2:36:E7:46
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/hsZk3EX9L6KkMvJo8ERS2OI250Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.32.216.0/21
188.210.224.0/21
Signature Algorithm: sha256WithRSAEncryption
66:ee:11:e7:34:d8:e5:fe:ad:0b:c8:60:0b:2f:73:34:d3:51:
cf:27:c6:d2:fd:83:a2:a0:b6:b7:95:82:36:0b:4e:0c:16:65:
a2:32:11:d4:bb:11:95:75:a7:23:41:9e:0d:c9:24:0d:06:dc:
ef:b8:07:6e:fa:9b:77:be:fc:aa:ad:17:b1:62:9e:80:68:77:
80:4e:f7:02:23:b8:24:9d:b3:90:9d:54:ce:1a:a4:b3:74:8e:
e2:b4:44:6b:11:ab:b9:99:bb:07:7c:49:38:9b:61:63:4e:f6:
b9:10:e3:46:68:fb:e9:d9:9b:14:de:5e:90:0a:d0:41:ac:25:
96:0b:d5:3a:91:40:aa:0f:ac:2d:58:36:21:72:99:04:56:b7:
ad:c0:06:77:3d:e3:6c:32:c3:8a:5c:be:0f:00:47:69:a1:36:
00:08:a6:9f:30:12:43:ec:35:58:61:59:52:5b:c4:5e:2e:0d:
84:78:ef:61:4e:bd:fd:70:de:7d:7c:93:83:57:6d:b7:ae:f1:
9d:b1:98:e1:2b:9d:bd:66:91:4e:58:b1:26:3c:c8:25:26:91:
fc:13:c3:4c:8a:ba:7f:10:66:16:05:26:b1:0f:b0:ff:b7:4e:
af:e3:20:ad:94:c6:56:4f:b9:e1:79:73:7e:38:da:40:66:ec:
b0:ff:de:bc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVuQdOMLU7A4DmSzgO33inpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjMwMTAxMTY1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmM2NjRkYzQ1ZmQyZmEyYTQzMmYyNjhmMDQ0NTJkOGUyMzZlNzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgzuIoFeDBjn/4rExrIYuKTXN5MvT
aWzgh0HiC06C2og9QKmg/2CJLh8WaIgVT3MQJu6zVZqDRjtls7VOEZbHoIxGbBTB
LoZroUe2TPrlR8hDZwlt/TIFKfXPysFnYZT24PIEdGz6eRH8RnGPUvMe7gITc+XF
j+lAG/kNNrEi5Qyc7ngSBk1ZXRXDXJOxog/t8tbSkxd3nSVHtOhPKaWZTDqF92ux
KexvfgY3GvxFBtzWuHBkR9Xt3YG8YnGyJdOT0PihGPOs6x1Tgc91kkFpVOuCwfng
F42fL+Jgrxgtnf6C0ikTXpaMIzkbj0D/bRByT7yWfDiXuqm15SJFBnLJzQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIbGZNxF/S+ipDLyaPBEUtjiNudGMB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvaHNaazNFWDlMNktrTXZKbzhFUlMyT0kyNTBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDWSDYAwQD
vNLgMA0GCSqGSIb3DQEBCwUAA4IBAQBm7hHnNNjl/q0LyGALL3M001HPJ8bS/YOi
oLa3lYI2C04MFmWiMhHUuxGVdacjQZ4NySQNBtzvuAdu+pt3vvyqrRexYp6AaHeA
TvcCI7gknbOQnVTOGqSzdI7itERrEau5mbsHfEk4m2FjTva5EONGaPvp2ZsU3l6Q
CtBBrCWWC9U6kUCqD6wtWDYhcpkEVretwAZ3PeNsMsOKXL4PAEdpoTYACKafMBJD
7DVYYVlSW8ReLg2EeO9hTr39cN59fJODV223rvGdsZjhK529ZpFOWLEmPMglJpH8
E8NMirp/EGYWBSaxD7D/t06v4yCtlMZWT7nheXN+ONpAZuyw/968
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:26:41 2025 by rpki-client