Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/621edd-1b5a-46ac-ba13-04f9e616af60/1/hx55T59SOqlktzck9DLOGo5LuoU.roa
File: hx55T59SOqlktzck9DLOGo5LuoU.roa (raw, json)
Hash identifier: a9KBGsA0qRABhT1U9Dew/l8jrUaXbjWccUarKjiA8tQ=
Subject key identifier: 87:1E:79:4F:9F:52:3A:A9:64:B7:37:24:F4:32:CE:1A:8E:4B:BA:85
Certificate issuer: /CN=3f39dd7bd73c3e1ba27d178d55c26f8a96cdb4a9
Certificate serial: 01852B224EA8B42B84239BADE736FC023F3D
Authority key identifier: 3F:39:DD:7B:D7:3C:3E:1B:A2:7D:17:8D:55:C2:6F:8A:96:CD:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pznde9c8PhuifReNVcJvipbNtKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/621edd-1b5a-46ac-ba13-04f9e616af60/1/hx55T59SOqlktzck9DLOGo5LuoU.roa
Signing time: Mon 19 Dec 2022 16:05:46 +0000
ROA not before: Mon 19 Dec 2022 16:05:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48362
IP address blocks: 92.249.20.0/22 maxlen: 24
2a13:62c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2b:22:4e:a8:b4:2b:84:23:9b:ad:e7:36:fc:02:3f:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f39dd7bd73c3e1ba27d178d55c26f8a96cdb4a9
Validity
Not Before: Dec 19 16:05:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=871e794f9f523aa964b73724f432ce1a8e4bba85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:75:ae:d9:2d:80:f2:ca:97:4a:80:b3:07:55:
54:7c:a2:93:29:a1:6e:6d:a5:73:66:03:e1:81:c4:
aa:82:3a:da:f9:0f:e9:89:55:db:6f:d3:78:52:36:
72:9d:27:cd:26:d4:3f:d3:f4:42:9f:b0:c9:71:12:
77:39:8e:b0:95:8e:e6:40:3e:0e:9a:0a:4a:96:64:
6b:ff:98:40:c4:5d:99:43:ca:91:32:b3:9f:6d:1f:
80:dd:73:23:be:55:0c:db:1e:3e:0c:19:48:98:c9:
51:b5:06:77:84:3e:85:d2:35:fc:a7:e0:71:e7:e7:
25:2c:fb:17:a9:50:4d:ae:05:21:d3:64:8d:5c:ee:
4e:ae:b2:e1:5e:fc:48:cf:ca:32:92:9c:fc:94:f3:
f4:c0:2d:f0:81:1c:19:2c:78:d0:f8:91:15:c3:37:
67:3e:86:12:f7:97:84:30:98:e0:46:e0:3e:de:fd:
25:4d:85:d4:2b:e9:b6:c8:10:f7:e3:ed:e1:93:1d:
73:92:ec:82:21:80:a5:89:cb:4a:ac:8b:4b:54:a4:
6c:3f:3c:98:6b:9a:ad:05:60:40:55:56:76:7a:80:
b5:a0:7f:40:9e:c9:50:05:11:7b:3f:02:8b:d9:c0:
c0:36:24:1f:c9:1c:d3:65:51:af:d7:f6:62:33:8b:
60:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:1E:79:4F:9F:52:3A:A9:64:B7:37:24:F4:32:CE:1A:8E:4B:BA:85
X509v3 Authority Key Identifier:
keyid:3F:39:DD:7B:D7:3C:3E:1B:A2:7D:17:8D:55:C2:6F:8A:96:CD:B4:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pznde9c8PhuifReNVcJvipbNtKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/621edd-1b5a-46ac-ba13-04f9e616af60/1/hx55T59SOqlktzck9DLOGo5LuoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/621edd-1b5a-46ac-ba13-04f9e616af60/1/Pznde9c8PhuifReNVcJvipbNtKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.249.20.0/22
IPv6:
2a13:62c0::/32
Signature Algorithm: sha256WithRSAEncryption
bd:64:bd:00:93:0b:81:30:91:64:f5:ad:e9:c2:37:cb:b9:32:
f6:70:37:b5:e4:85:4e:68:31:2a:62:8e:45:3b:7f:93:a4:dc:
0b:d0:b9:ea:ca:99:90:78:a6:90:79:f3:fd:27:80:3e:68:ce:
6d:85:68:fb:2d:e1:d2:d9:2b:e0:d7:e9:fc:83:4f:16:96:0a:
40:5d:cd:69:4f:4d:c3:8f:ba:cb:73:70:56:8a:32:da:f4:67:
d1:d1:7f:47:76:77:15:bb:76:96:71:b8:60:ed:0c:e2:b9:8d:
c2:cf:81:1e:9a:eb:b5:cf:7a:41:19:95:a7:ad:0f:a8:dd:69:
ed:b3:b1:72:c7:73:ef:b0:a2:e8:62:5a:77:da:31:2f:eb:ce:
d8:97:d6:56:00:31:b0:63:f0:cb:7d:50:5f:79:1b:68:b8:ee:
75:89:f8:0d:4c:8f:2f:be:d7:79:63:3b:6a:34:5d:12:a9:ba:
46:23:c0:8c:b3:96:f8:66:08:83:78:40:cb:ba:b8:3e:c7:f3:
ba:66:a6:1e:cb:c3:5c:d6:0c:00:c1:f8:a2:4b:aa:1e:eb:20:
b1:fe:ce:2c:9e:6d:4a:f6:23:1e:64:d1:b1:6d:67:2e:d8:ef:
23:56:8e:f7:b1:8f:fa:21:65:ca:67:14:47:49:75:28:09:d4:
91:03:fd:cf
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYUrIk6otCuEI5ut5zb8Aj89MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmMzlkZDdiZDczYzNlMWJhMjdkMTc4ZDU1YzI2ZjhhOTZj
ZGI0YTkwHhcNMjIxMjE5MTYwNTQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzFlNzk0ZjlmNTIzYWE5NjRiNzM3MjRmNDMyY2UxYThlNGJiYTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5XWu2S2A8sqXSoCzB1VUfKKTKaFu
baVzZgPhgcSqgjra+Q/piVXbb9N4UjZynSfNJtQ/0/RCn7DJcRJ3OY6wlY7mQD4O
mgpKlmRr/5hAxF2ZQ8qRMrOfbR+A3XMjvlUM2x4+DBlImMlRtQZ3hD6F0jX8p+Bx
5+clLPsXqVBNrgUh02SNXO5OrrLhXvxIz8oykpz8lPP0wC3wgRwZLHjQ+JEVwzdn
PoYS95eEMJjgRuA+3v0lTYXUK+m2yBD34+3hkx1zkuyCIYClictKrItLVKRsPzyY
a5qtBWBAVVZ2eoC1oH9AnslQBRF7PwKL2cDANiQfyRzTZVGv1/ZiM4tggQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIceeU+fUjqpZLc3JPQyzhqOS7qFMB8GA1UdIwQY
MBaAFD853XvXPD4bon0XjVXCb4qWzbSpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHpuZGU5YzhQaHVpZlJlTlZjSnZpcGJOdEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi82MjFlZGQtMWI1YS00NmFjLWJhMTMt
MDRmOWU2MTZhZjYwLzEvaHg1NVQ1OVNPcWxrdHpjazlETE9HbzVMdW9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi82MjFlZGQtMWI1YS00NmFjLWJhMTMtMDRmOWU2MTZhZjYw
LzEvUHpuZGU5YzhQaHVpZlJlTlZjSnZpcGJOdEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCXPkUMA0E
AgACMAcDBQAqE2LAMA0GCSqGSIb3DQEBCwUAA4IBAQC9ZL0AkwuBMJFk9a3pwjfL
uTL2cDe15IVOaDEqYo5FO3+TpNwL0LnqypmQeKaQefP9J4A+aM5thWj7LeHS2Svg
1+n8g08WlgpAXc1pT03Dj7rLc3BWijLa9GfR0X9HdncVu3aWcbhg7QziuY3Cz4Ee
muu1z3pBGZWnrQ+o3Wnts7Fyx3PvsKLoYlp32jEv687Yl9ZWADGwY/DLfVBfeRto
uO51ifgNTI8vvtd5YztqNF0SqbpGI8CMs5b4ZgiDeEDLurg+x/O6ZqYey8Nc1gwA
wfiiS6oe6yCx/s4snm1K9iMeZNGxbWcu2O8jVo73sY/6IWXKZxRHSXUoCdSRA/3P
-----END CERTIFICATE-----
Generated at Tue Apr 22 04:15:36 2025 by rpki-client