Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/0c0f61-b69c-4657-9867-7e74a6a98ecd/1/HQVEtZCYKsCfIoJIYwldzUMu8XY.roa
File: HQVEtZCYKsCfIoJIYwldzUMu8XY.roa (raw, json)
Hash identifier: Y3K6QECUO9hCw/Im+eL9Nzi+KxKdgGdCiCZkodv/A/0=
Subject key identifier: 1D:05:44:B5:90:98:2A:C0:9F:22:82:48:63:09:5D:CD:43:2E:F1:76
Certificate issuer: /CN=91e6d3242257b2965b6278ff8c17e16ff3f08b21
Certificate serial: 092DF9CA
Authority key identifier: 91:E6:D3:24:22:57:B2:96:5B:62:78:FF:8C:17:E1:6F:F3:F0:8B:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kebTJCJXspZbYnj_jBfhb_PwiyE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/0c0f61-b69c-4657-9867-7e74a6a98ecd/1/HQVEtZCYKsCfIoJIYwldzUMu8XY.roa
Signing time: Sat 01 Jan 2022 13:54:46 +0000
ROA not before: Sat 01 Jan 2022 13:54:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204732
IP address blocks: 185.242.70.0/24 maxlen: 24
185.242.70.0/23 maxlen: 23
185.242.68.0/23 maxlen: 23
185.242.68.0/24 maxlen: 24
185.242.68.0/22 maxlen: 22
185.242.71.0/24 maxlen: 24
185.242.69.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 154008010 (0x92df9ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91e6d3242257b2965b6278ff8c17e16ff3f08b21
Validity
Not Before: Jan 1 13:54:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1d0544b590982ac09f22824863095dcd432ef176
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:4a:8a:08:84:7e:b7:40:c0:c1:90:ad:f3:43:
1c:c6:63:71:36:1a:9a:a3:c9:45:bd:2e:52:c0:0c:
d5:f0:fd:df:69:17:ac:0c:e1:68:b3:03:17:c1:b5:
a6:58:af:94:c3:e7:35:e3:30:8e:14:91:da:e2:b0:
e3:ca:67:b4:46:f5:8d:bd:25:3d:13:ac:ae:dd:a1:
fe:a4:fd:da:50:5c:12:c8:a2:1c:69:14:ff:af:ca:
50:7a:bb:91:9b:d7:d7:c1:fd:86:ee:04:e7:5f:46:
ed:67:c0:e0:78:16:21:8a:2e:ec:a9:f7:a7:93:4f:
d3:21:3e:45:01:a6:17:ff:ee:51:e9:18:ae:46:7d:
62:b7:0b:01:82:61:22:a8:17:6f:19:d5:51:b5:90:
2a:4f:dd:27:cc:91:55:19:c9:43:70:ba:d1:23:10:
b1:99:c3:62:ba:fb:46:48:f8:6e:bf:ca:fb:e2:fc:
5f:62:69:84:47:80:bd:8d:fb:86:b9:f7:25:f6:a7:
6f:1e:47:cf:88:3d:a0:91:83:d0:e5:40:eb:76:46:
d0:6e:73:8e:26:fe:bc:3f:88:7f:e1:d9:b3:05:b8:
73:16:fc:12:07:02:d5:0e:59:4b:16:e2:ac:ae:3a:
70:c0:1c:e2:91:27:c6:1b:0d:34:b2:c6:88:43:88:
02:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:05:44:B5:90:98:2A:C0:9F:22:82:48:63:09:5D:CD:43:2E:F1:76
X509v3 Authority Key Identifier:
keyid:91:E6:D3:24:22:57:B2:96:5B:62:78:FF:8C:17:E1:6F:F3:F0:8B:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kebTJCJXspZbYnj_jBfhb_PwiyE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/0c0f61-b69c-4657-9867-7e74a6a98ecd/1/HQVEtZCYKsCfIoJIYwldzUMu8XY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/0c0f61-b69c-4657-9867-7e74a6a98ecd/1/kebTJCJXspZbYnj_jBfhb_PwiyE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.242.68.0/22
Signature Algorithm: sha256WithRSAEncryption
6e:a4:6f:0f:6c:7c:35:9a:12:71:c0:7a:78:55:fc:34:8f:88:
28:8f:f4:73:39:2f:36:ea:65:5f:06:49:13:08:c6:ed:19:9b:
af:52:c5:5c:0a:09:4b:55:9f:4f:37:0e:db:be:1c:06:26:e1:
f5:c6:ad:71:8b:5e:e5:90:e6:52:2f:ee:2e:75:72:bd:0b:e6:
f8:1f:f2:54:63:71:c8:a4:74:c0:12:4c:0c:56:e9:c8:4b:bf:
b7:d8:8c:29:c1:67:4c:0e:1f:8d:e4:e2:c9:8c:9d:30:60:a3:
98:5c:86:2b:e0:b3:62:16:a3:5b:7c:3b:58:dd:01:a2:1f:e1:
3b:08:fa:2d:65:25:9e:3f:0c:df:50:f3:80:b8:84:39:d1:75:
a1:f3:5f:8b:6a:63:e2:7d:4f:8f:ef:44:41:77:fb:50:5e:f4:
e2:ad:27:a6:27:7a:a2:43:b4:87:b2:57:69:5e:19:8b:c5:4a:
d3:30:66:bf:8c:d4:50:4e:cf:20:37:0b:03:80:80:19:58:26:
29:f2:7c:06:d9:a0:22:7a:23:84:9e:bf:17:f4:ec:ee:a8:af:
28:97:49:97:e3:4a:ba:de:01:11:f2:64:47:7c:79:91:ac:8c:
93:40:b3:04:4b:fd:2e:0c:54:fc:cd:03:bd:68:c9:26:64:9c:
da:9d:e0:b7
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECS35yjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MWU2ZDMyNDIyNTdiMjk2NWI2Mjc4ZmY4YzE3ZTE2ZmYzZjA4YjIxMB4XDTIyMDEw
MTEzNTQ0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWQwNTQ0YjU5MDk4
MmFjMDlmMjI4MjQ4NjMwOTVkY2Q0MzJlZjE3NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMZKigiEfrdAwMGQrfNDHMZjcTYamqPJRb0uUsAM1fD932kX
rAzhaLMDF8G1plivlMPnNeMwjhSR2uKw48pntEb1jb0lPROsrt2h/qT92lBcEsii
HGkU/6/KUHq7kZvX18H9hu4E519G7WfA4HgWIYou7Kn3p5NP0yE+RQGmF//uUekY
rkZ9YrcLAYJhIqgXbxnVUbWQKk/dJ8yRVRnJQ3C60SMQsZnDYrr7Rkj4br/K++L8
X2JphEeAvY37hrn3Jfanbx5Hz4g9oJGD0OVA63ZG0G5zjib+vD+If+HZswW4cxb8
EgcC1Q5ZSxbirK46cMAc4pEnxhsNNLLGiEOIAtMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQdBUS1kJgqwJ8igkhjCV3NQy7xdjAfBgNVHSMEGDAWgBSR5tMkIleyllti
eP+MF+Fv8/CLITAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tlYlRKQ0pYc3BaYllual9qQmZoYl9Qd2l5RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzkvMGMwZjYxLWI2OWMtNDY1Ny05ODY3LTdlNzRhNmE5OGVjZC8x
L0hRVkV0WkNZS3NDZklvSklZd2xkelVNdThYWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzkv
MGMwZjYxLWI2OWMtNDY1Ny05ODY3LTdlNzRhNmE5OGVjZC8xL2tlYlRKQ0pYc3Ba
Yllual9qQmZoYl9Qd2l5RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArnyRDANBgkqhkiG9w0BAQsFAAOC
AQEAbqRvD2x8NZoSccB6eFX8NI+IKI/0czkvNuplXwZJEwjG7Rmbr1LFXAoJS1Wf
TzcO274cBibh9catcYte5ZDmUi/uLnVyvQvm+B/yVGNxyKR0wBJMDFbpyEu/t9iM
KcFnTA4fjeTiyYydMGCjmFyGK+CzYhajW3w7WN0Boh/hOwj6LWUlnj8M31DzgLiE
OdF1ofNfi2pj4n1Pj+9EQXf7UF704q0npid6okO0h7JXaV4Zi8VK0zBmv4zUUE7P
IDcLA4CAGVgmKfJ8BtmgInojhJ6/F/Ts7qivKJdJl+NKut4BEfJkR3x5kayMk0Cz
BEv9LgxU/M0DvWjJJmSc2p3gtw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:19 2025 by rpki-client