Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/351113-ed85-42b2-b64f-9ea64862a9ab/1/HJHM1UtmmOB9h0V6gRxwMbRUfNI.roa
File: HJHM1UtmmOB9h0V6gRxwMbRUfNI.roa (raw, json)
Hash identifier: 0cw7zfXdm+8K/UM9IO+oz3R8bGoiDi3qrT7YAA9twYg=
Subject key identifier: 1C:91:CC:D5:4B:66:98:E0:7D:87:45:7A:81:1C:70:31:B4:54:7C:D2
Certificate issuer: /CN=94dec641051b026b95c8459150ca47ddaec89668
Certificate serial: 01857343A5368C450B4D06C96692E60FB07B
Authority key identifier: 94:DE:C6:41:05:1B:02:6B:95:C8:45:91:50:CA:47:DD:AE:C8:96:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lN7GQQUbAmuVyEWRUMpH3a7Ilmg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/351113-ed85-42b2-b64f-9ea64862a9ab/1/HJHM1UtmmOB9h0V6gRxwMbRUfNI.roa
Signing time: Mon 02 Jan 2023 16:14:51 +0000
ROA not before: Mon 02 Jan 2023 16:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206768
IP address blocks: 185.79.212.0/24 maxlen: 24
2a01:7640:9000::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:43:a5:36:8c:45:0b:4d:06:c9:66:92:e6:0f:b0:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94dec641051b026b95c8459150ca47ddaec89668
Validity
Not Before: Jan 2 16:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c91ccd54b6698e07d87457a811c7031b4547cd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:0c:2b:d0:3d:c9:7a:8a:64:ab:de:d7:9f:61:
9c:d9:48:9a:0a:0f:79:f5:80:67:0b:88:c1:88:9c:
9a:1c:d1:bb:01:2c:4c:38:9a:ac:9b:28:39:18:a0:
aa:7c:53:da:4d:cc:09:42:8e:7b:c0:e6:07:a2:53:
2d:2a:b3:d3:a1:1b:4e:0a:9e:e9:2d:71:a6:0f:37:
3f:c1:09:3e:85:8a:33:27:e9:3c:16:a2:01:92:93:
27:8e:12:ec:28:cd:68:43:dc:b0:20:0e:85:8c:f0:
38:5b:4f:12:8e:06:96:a9:d1:31:0e:fb:d8:42:19:
30:f7:68:2c:fc:b1:07:c8:25:c6:e7:92:28:f9:9b:
60:1b:ef:7e:98:91:87:9f:13:8c:92:34:88:03:b1:
48:a7:b4:fb:1b:d0:fb:45:ff:d8:1f:61:d2:82:cf:
3f:55:bf:9e:d6:59:ce:51:d6:f3:c0:16:fd:b6:a7:
20:4e:c4:39:cc:c7:44:94:5f:0e:da:76:58:f5:74:
de:b5:86:87:71:2e:d7:dc:44:bc:cc:f5:6e:92:36:
05:35:dc:5c:40:75:d7:9e:ee:55:86:f0:15:4a:3d:
08:42:1f:67:b6:2a:ff:ef:a1:5b:3e:c3:ab:43:ea:
9e:f5:6e:69:83:ed:cb:04:4e:8a:58:24:aa:20:06:
0f:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:91:CC:D5:4B:66:98:E0:7D:87:45:7A:81:1C:70:31:B4:54:7C:D2
X509v3 Authority Key Identifier:
keyid:94:DE:C6:41:05:1B:02:6B:95:C8:45:91:50:CA:47:DD:AE:C8:96:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lN7GQQUbAmuVyEWRUMpH3a7Ilmg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/351113-ed85-42b2-b64f-9ea64862a9ab/1/HJHM1UtmmOB9h0V6gRxwMbRUfNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/351113-ed85-42b2-b64f-9ea64862a9ab/1/lN7GQQUbAmuVyEWRUMpH3a7Ilmg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.79.212.0/24
IPv6:
2a01:7640:9000::/48
Signature Algorithm: sha256WithRSAEncryption
30:c5:ba:fc:bb:9a:3e:f7:20:ca:0e:30:86:48:13:54:66:d1:
26:ae:74:e4:f8:da:0c:b9:0c:28:57:27:58:11:8a:07:cf:46:
8a:1b:82:8a:4a:7f:71:38:37:ed:a7:26:cb:00:ca:9b:67:ac:
0c:58:ed:6b:4b:05:b0:7c:7b:04:dd:9c:fa:05:88:a2:97:82:
0b:f5:bc:4f:39:a6:77:b2:41:36:71:6f:34:69:ae:6b:06:82:
6c:6c:7f:bc:9f:56:c0:d1:f7:a9:62:07:3f:0a:05:8d:48:d3:
e1:c2:be:25:45:aa:a8:0e:93:9a:ca:42:76:72:c6:df:7f:26:
41:dd:84:90:76:0c:4c:86:49:35:d7:8e:25:a2:e9:6f:d2:60:
13:a7:d4:dc:39:58:2a:22:f7:89:9c:19:ef:9f:db:3d:fb:3c:
46:c9:f6:d3:a9:ad:24:88:5b:d0:11:87:02:19:1a:6c:27:a5:
63:47:e7:3e:a0:a3:c9:ac:d0:90:f8:7f:8a:4e:fd:1d:c7:c5:
56:c2:5e:d3:2b:44:2e:9a:ae:86:0a:3d:60:c7:ab:c8:ff:5b:
05:67:d9:a2:cd:2f:cb:08:a0:1b:33:d6:b1:54:64:ec:f8:4a:
47:c9:b5:82:d7:e1:57:86:7c:33:a9:32:8e:6a:76:0e:4f:01:
67:c9:21:b9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVzQ6U2jEULTQbJZpLmD7B7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZGVjNjQxMDUxYjAyNmI5NWM4NDU5MTUwY2E0N2RkYWVj
ODk2NjgwHhcNMjMwMTAyMTYxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzkxY2NkNTRiNjY5OGUwN2Q4NzQ1N2E4MTFjNzAzMWI0NTQ3Y2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAwr0D3Jeopkq97Xn2Gc2UiaCg95
9YBnC4jBiJyaHNG7ASxMOJqsmyg5GKCqfFPaTcwJQo57wOYHolMtKrPToRtOCp7p
LXGmDzc/wQk+hYozJ+k8FqIBkpMnjhLsKM1oQ9ywIA6FjPA4W08SjgaWqdExDvvY
Qhkw92gs/LEHyCXG55Io+ZtgG+9+mJGHnxOMkjSIA7FIp7T7G9D7Rf/YH2HSgs8/
Vb+e1lnOUdbzwBb9tqcgTsQ5zMdElF8O2nZY9XTetYaHcS7X3ES8zPVukjYFNdxc
QHXXnu5VhvAVSj0IQh9ntir/76FbPsOrQ+qe9W5pg+3LBE6KWCSqIAYPswIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFByRzNVLZpjgfYdFeoEccDG0VHzSMB8GA1UdIwQY
MBaAFJTexkEFGwJrlchFkVDKR92uyJZoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE43R1FRVWJBbXVWeUVXUlVNcEgzYTdJbG1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi8zNTExMTMtZWQ4NS00MmIyLWI2NGYt
OWVhNjQ4NjJhOWFiLzEvSEpITTFVdG1tT0I5aDBWNmdSeHdNYlJVZk5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi8zNTExMTMtZWQ4NS00MmIyLWI2NGYtOWVhNjQ4NjJhOWFi
LzEvbE43R1FRVWJBbXVWeUVXUlVNcEgzYTdJbG1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuU/UMA8E
AgACMAkDBwAqAXZAkAAwDQYJKoZIhvcNAQELBQADggEBADDFuvy7mj73IMoOMIZI
E1Rm0SaudOT42gy5DChXJ1gRigfPRoobgopKf3E4N+2nJssAyptnrAxY7WtLBbB8
ewTdnPoFiKKXggv1vE85pneyQTZxbzRprmsGgmxsf7yfVsDR96liBz8KBY1I0+HC
viVFqqgOk5rKQnZyxt9/JkHdhJB2DEyGSTXXjiWi6W/SYBOn1Nw5WCoi94mcGe+f
2z37PEbJ9tOprSSIW9ARhwIZGmwnpWNH5z6go8ms0JD4f4pO/R3HxVbCXtMrRC6a
roYKPWDHq8j/WwVn2aLNL8sIoBsz1rFUZOz4SkfJtYLX4VeGfDOpMo5qdg5PAWfJ
Ibk=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:26:33 2025 by rpki-client