Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/HXvBw1j3GGjHcmwSUQwwuKku7EE.roa
File: HXvBw1j3GGjHcmwSUQwwuKku7EE.roa (raw, json)
Hash identifier: QZyIdU65Y4BGeCjE0R0yMKbAtYt2xGnDYU3EjAiWRBQ=
Subject key identifier: 1D:7B:C1:C3:58:F7:18:68:C7:72:6C:12:51:0C:30:B8:A9:2E:EC:41
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018505AE3F02E5277839BBF29C7D1230A369
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/HXvBw1j3GGjHcmwSUQwwuKku7EE.roa
Signing time: Mon 12 Dec 2022 09:33:03 +0000
ROA not before: Mon 12 Dec 2022 09:33:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35298
IP address blocks: 31.173.176.0/20 maxlen: 20
193.201.228.0/22 maxlen: 24
37.29.76.0/22 maxlen: 22
188.162.0.0/16 maxlen: 24
195.16.96.0/19 maxlen: 24
195.5.128.0/19 maxlen: 24
78.41.100.0/22 maxlen: 22
178.176.154.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:05:ae:3f:02:e5:27:78:39:bb:f2:9c:7d:12:30:a3:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 12 09:33:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1d7bc1c358f71868c7726c12510c30b8a92eec41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:20:fd:cc:01:f4:65:6d:d7:98:61:53:16:ae:
90:21:01:f0:3f:9e:e9:b4:06:ca:78:04:db:c9:70:
a8:db:8c:c4:f5:f6:69:a8:bf:db:5c:6a:52:bb:8f:
27:e1:de:ab:4c:ac:a9:24:42:83:03:f9:6c:23:fc:
ec:ad:bb:e2:d1:66:da:d3:81:f2:52:02:f5:e4:50:
36:1e:a5:a6:0d:40:7e:58:8a:dd:94:78:87:eb:b9:
ba:3e:b5:e0:06:44:19:0e:0d:d1:46:3f:55:f2:cf:
de:24:f0:c0:87:e4:a4:d0:83:bc:06:ce:f8:09:cc:
24:1d:fe:a6:31:79:8e:26:cc:ee:20:be:f7:71:1f:
92:ad:7b:b1:45:b3:0b:ac:51:67:7b:2c:3b:e6:68:
9e:80:49:52:b4:8e:19:16:e0:40:f9:a2:da:93:b7:
be:32:c7:47:19:90:d0:18:8e:5e:11:5a:c0:14:60:
47:60:7d:97:b2:50:4b:db:57:90:33:6c:7e:70:71:
ac:c0:ec:a9:52:65:22:35:9d:3d:e4:78:00:52:ff:
f8:78:ad:68:74:bb:45:d0:ac:72:e6:81:e8:e4:2a:
18:a6:3d:69:fb:b7:df:0e:6c:ff:c4:4e:42:5d:5c:
61:34:01:37:5d:ed:f2:f9:2c:14:4f:ee:68:f7:f9:
74:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:7B:C1:C3:58:F7:18:68:C7:72:6C:12:51:0C:30:B8:A9:2E:EC:41
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/HXvBw1j3GGjHcmwSUQwwuKku7EE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.176.0/20
37.29.76.0/22
78.41.100.0/22
178.176.154.0/23
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
Signature Algorithm: sha256WithRSAEncryption
51:77:59:b3:c6:47:c3:a2:06:2b:25:3b:d1:2f:15:ee:9f:ca:
a4:5b:b6:7f:23:e7:47:2f:b3:eb:4c:6b:f1:52:92:47:4f:f3:
5b:df:18:35:5d:e1:10:57:73:22:3a:3f:6f:69:fe:29:95:e1:
6a:c5:5b:e0:77:8c:cd:48:70:fa:ca:f5:25:75:7f:b1:f2:da:
68:bf:a4:c7:8a:f0:6f:e4:8e:f0:d0:6f:b0:ae:4b:62:59:4a:
38:61:28:f5:a5:97:53:fc:d1:ea:6e:94:bd:a8:4e:32:85:1a:
b9:28:6a:0d:a8:70:fe:b9:a0:db:32:54:b7:02:93:89:85:76:
60:f0:e2:cc:3c:c1:4e:31:15:18:b8:ce:60:df:d3:45:bd:1e:
79:a4:2b:29:de:ef:ac:7d:34:03:03:86:d7:b7:03:4e:3b:30:
de:61:71:7b:37:c1:7b:81:8f:d8:9b:ba:de:3d:11:0e:7f:64:
ea:44:6d:9a:5c:30:f9:bc:b3:10:79:58:87:05:4e:dd:1e:35:
43:81:47:40:fd:b0:32:b0:4b:f0:32:38:c0:d9:b9:69:b9:e1:
95:08:34:16:1c:80:1f:5d:a4:13:51:fe:eb:6f:a6:5d:d3:a5:
08:9b:5f:2c:4e:35:02:3c:8f:40:c5:63:f9:67:67:a7:94:a7:
a5:dc:b8:94
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYUFrj8C5Sd4ObvynH0SMKNpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjEyMDkzMzAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDdiYzFjMzU4ZjcxODY4Yzc3MjZjMTI1MTBjMzBiOGE5MmVlYzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5CD9zAH0ZW3XmGFTFq6QIQHwP57p
tAbKeATbyXCo24zE9fZpqL/bXGpSu48n4d6rTKypJEKDA/lsI/zsrbvi0Wba04Hy
UgL15FA2HqWmDUB+WIrdlHiH67m6PrXgBkQZDg3RRj9V8s/eJPDAh+Sk0IO8Bs74
CcwkHf6mMXmOJszuIL73cR+SrXuxRbMLrFFneyw75miegElStI4ZFuBA+aLak7e+
MsdHGZDQGI5eEVrAFGBHYH2XslBL21eQM2x+cHGswOypUmUiNZ095HgAUv/4eK1o
dLtF0Kxy5oHo5CoYpj1p+7ffDmz/xE5CXVxhNAE3Xe3y+SwUT+5o9/l0DQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFB17wcNY9xhox3JsElEMMLipLuxBMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvSFh2QncxajNHR2pIY213U1VRd3d1S2t1N0VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzA1BAIAATAvAwQEH62wAwQC
JR1MAwQCTilkAwQBsrCaAwMAvKIDBALByeQDBAXDBYADBAXDEGAwDQYJKoZIhvcN
AQELBQADggEBAFF3WbPGR8OiBislO9EvFe6fyqRbtn8j50cvs+tMa/FSkkdP81vf
GDVd4RBXcyI6P29p/imV4WrFW+B3jM1IcPrK9SV1f7Hy2mi/pMeK8G/kjvDQb7Cu
S2JZSjhhKPWll1P80epulL2oTjKFGrkoag2ocP65oNsyVLcCk4mFdmDw4sw8wU4x
FRi4zmDf00W9HnmkKyne76x9NAMDhte3A047MN5hcXs3wXuBj9ibut49EQ5/ZOpE
bZpcMPm8sxB5WIcFTt0eNUOBR0D9sDKwS/AyOMDZuWm54ZUINBYcgB9dpBNR/utv
pl3TpQibXyxONQI8j0DFY/lnZ6eUp6XcuJQ=
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:38:31 2025 by rpki-client