Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/H9Nmh_Hu0KSY1XvmQOV-hPOT060.roa
File: H9Nmh_Hu0KSY1XvmQOV-hPOT060.roa (raw, json)
Hash identifier: pxwDu7XXjCrc0bb/OHrz1xTav6yGIkP35a4N7AUHwok=
Subject key identifier: 1F:D3:66:87:F1:EE:D0:A4:98:D5:7B:E6:40:E5:7E:84:F3:93:D3:AD
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 01841DAFCD7D298576BC6C2D5F672233E458
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/H9Nmh_Hu0KSY1XvmQOV-hPOT060.roa
Signing time: Fri 28 Oct 2022 08:22:51 +0000
ROA not before: Fri 28 Oct 2022 08:22:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206179
IP address blocks: 185.68.144.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:1d:af:cd:7d:29:85:76:bc:6c:2d:5f:67:22:33:e4:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Oct 28 08:22:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1fd36687f1eed0a498d57be640e57e84f393d3ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:2c:8d:51:96:0e:1c:10:03:a2:36:af:72:4d:
16:49:95:72:e0:c6:70:15:17:a0:8c:10:18:42:a4:
4e:4a:a4:97:65:44:f0:4d:fc:4c:ff:c5:32:2d:d5:
22:f9:17:98:a4:43:ac:f2:e5:ed:a0:62:ba:f7:b0:
bb:65:4f:a8:2d:ad:bd:05:39:2c:05:32:e2:b0:31:
7d:98:4c:d6:c9:e9:f6:33:85:07:38:88:02:cb:75:
23:3a:37:88:dc:f0:26:a5:73:4a:f8:c0:fc:db:59:
c1:76:54:1f:7e:53:9b:03:98:98:e2:90:29:4d:ec:
07:35:98:83:f4:2a:18:9e:e2:85:08:83:bd:f5:7d:
cd:a0:ad:c9:be:e6:d7:d9:16:0a:4a:6b:37:de:0c:
fc:ed:90:35:17:46:a3:e7:d5:2b:97:33:20:d8:f3:
ba:f9:ba:cd:ba:ad:6e:c8:1e:4f:f2:d4:ba:5c:59:
2e:57:34:e6:f3:7c:24:1a:e9:4a:b9:95:98:47:b7:
57:b8:91:00:d1:44:eb:fb:76:2c:da:39:3e:18:25:
00:f6:35:24:57:28:84:4d:66:3a:5e:c6:f5:5f:83:
d4:3a:04:66:e7:be:ed:dd:42:08:88:b5:81:13:c4:
5d:da:04:2e:0f:46:d3:94:21:b5:da:2a:37:5f:90:
f5:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:D3:66:87:F1:EE:D0:A4:98:D5:7B:E6:40:E5:7E:84:F3:93:D3:AD
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/H9Nmh_Hu0KSY1XvmQOV-hPOT060.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.68.144.0/24
Signature Algorithm: sha256WithRSAEncryption
37:92:c2:67:1a:23:30:07:e8:07:72:2e:50:b1:79:8c:93:7c:
cb:4b:2f:63:94:55:86:46:62:16:90:bc:46:91:4d:6a:17:a6:
fd:fc:77:c7:18:d4:40:0b:80:cc:5e:4d:d7:83:20:cc:d9:12:
39:49:9e:bc:cf:87:71:2c:14:dc:e8:6c:95:72:c4:33:48:9f:
43:4a:e9:96:d6:99:ae:6c:0b:bd:82:bd:f6:f6:9d:5d:b4:be:
2d:bc:53:67:21:06:97:9a:11:c6:4f:bc:2e:62:8c:a2:bd:8a:
9e:66:b3:1e:b4:07:88:d9:44:0e:81:71:f8:97:24:b9:c5:48:
d9:4c:6b:55:25:19:84:0f:87:22:5f:2a:02:ce:a3:b8:a7:af:
40:4d:83:28:97:14:52:ae:50:a2:22:3c:e7:d3:a2:26:3f:c9:
0b:32:e5:8b:9a:5d:ea:e7:45:a6:67:65:e7:d0:1d:98:1e:85:
19:6e:26:b0:10:7b:a0:c1:73:a1:17:28:63:e4:07:dc:7c:24:
ec:af:99:c5:b8:aa:6b:18:bc:45:ca:9a:f3:b3:34:5f:4f:3c:
f9:1c:85:54:dd:1e:85:99:6c:27:e4:04:1d:60:d5:17:0d:fa:
53:a3:05:1f:08:05:ae:33:b3:fb:18:06:f0:43:1e:6f:02:c7:
08:2f:f6:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQdr819KYV2vGwtX2ciM+RYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMDI4MDgyMjUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmQzNjY4N2YxZWVkMGE0OThkNTdiZTY0MGU1N2U4NGYzOTNkM2FkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkiyNUZYOHBADojavck0WSZVy4MZw
FRegjBAYQqROSqSXZUTwTfxM/8UyLdUi+ReYpEOs8uXtoGK697C7ZU+oLa29BTks
BTLisDF9mEzWyen2M4UHOIgCy3UjOjeI3PAmpXNK+MD821nBdlQfflObA5iY4pAp
TewHNZiD9CoYnuKFCIO99X3NoK3JvubX2RYKSms33gz87ZA1F0aj59UrlzMg2PO6
+brNuq1uyB5P8tS6XFkuVzTm83wkGulKuZWYR7dXuJEA0UTr+3Ys2jk+GCUA9jUk
VyiETWY6Xsb1X4PUOgRm577t3UIIiLWBE8Rd2gQuD0bTlCG12io3X5D1fwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB/TZofx7tCkmNV75kDlfoTzk9OtMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvSDlObWhfSHUwS1NZMVh2bVFPVi1oUE9UMDYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuUSQMA0G
CSqGSIb3DQEBCwUAA4IBAQA3ksJnGiMwB+gHci5QsXmMk3zLSy9jlFWGRmIWkLxG
kU1qF6b9/HfHGNRAC4DMXk3XgyDM2RI5SZ68z4dxLBTc6GyVcsQzSJ9DSumW1pmu
bAu9gr329p1dtL4tvFNnIQaXmhHGT7wuYoyivYqeZrMetAeI2UQOgXH4lyS5xUjZ
TGtVJRmED4ciXyoCzqO4p69ATYMolxRSrlCiIjzn06ImP8kLMuWLml3q50WmZ2Xn
0B2YHoUZbiawEHugwXOhFyhj5AfcfCTsr5nFuKprGLxFyprzszRfTzz5HIVU3R6F
mWwn5AQdYNUXDfpTowUfCAWuM7P7GAbwQx5vAscIL/Y9
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:16:59 2025 by rpki-client