Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/bf4a44-bb8a-4651-a0aa-38d292d0f7ec/1/HJnha3nXXQM4q51YV-8PvZSEqnc.roa
File: HJnha3nXXQM4q51YV-8PvZSEqnc.roa (raw, json)
Hash identifier: OBB5M0Bzkq8RVGBGLiM0lEasgl/3snqz1YZAYS6RQyw=
Subject key identifier: 1C:99:E1:6B:79:D7:5D:03:38:AB:9D:58:57:EF:0F:BD:94:84:AA:77
Certificate issuer: /CN=c1e3a44ae8cf0243f1dffe2684e3dd5a8fc85d79
Certificate serial: 01856F39304DFCC1C213B0B8D05D841305F8
Authority key identifier: C1:E3:A4:4A:E8:CF:02:43:F1:DF:FE:26:84:E3:DD:5A:8F:C8:5D:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/weOkSujPAkPx3_4mhOPdWo_IXXk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/bf4a44-bb8a-4651-a0aa-38d292d0f7ec/1/HJnha3nXXQM4q51YV-8PvZSEqnc.roa
Signing time: Sun 01 Jan 2023 21:24:56 +0000
ROA not before: Sun 01 Jan 2023 21:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202240
IP address blocks: 79.98.188.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:39:30:4d:fc:c1:c2:13:b0:b8:d0:5d:84:13:05:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1e3a44ae8cf0243f1dffe2684e3dd5a8fc85d79
Validity
Not Before: Jan 1 21:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c99e16b79d75d0338ab9d5857ef0fbd9484aa77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:8c:a6:99:73:e9:55:0a:e5:a1:0b:6f:e4:9a:
04:05:94:e9:80:59:1a:6b:76:1e:82:2b:a1:1b:eb:
0f:26:2f:93:30:52:5f:92:26:38:bd:98:49:44:89:
32:44:c3:02:c9:12:96:43:ae:bc:ec:f9:96:b2:2f:
55:fc:96:ad:0e:d0:a1:f4:28:d1:db:26:4c:76:c1:
6d:bb:96:ac:07:06:98:92:14:e3:5e:b0:64:1e:c8:
95:41:12:38:a9:11:5a:3f:e3:60:bb:cc:f3:7c:55:
5b:18:5b:83:c5:c4:c8:f2:33:4c:65:1e:d0:6e:24:
30:6a:6d:25:10:8f:cc:dc:9a:a3:58:44:72:b3:d0:
72:e5:43:e4:42:b6:49:7e:ef:fd:ed:7b:34:1e:af:
9a:d8:76:a5:1d:9b:42:e0:93:cf:93:c7:a1:e7:0b:
0f:89:05:a4:72:34:ee:b5:d1:8b:0f:0e:ec:a5:c0:
6e:40:7e:d7:3a:a4:73:ae:6b:db:5b:21:fd:57:ac:
37:4f:83:04:3c:f0:f4:70:79:f0:95:64:43:6c:6f:
46:0b:78:5e:f8:59:e6:29:20:79:1a:ab:28:fc:fa:
f9:f9:c1:dd:90:58:b5:a6:2b:a7:49:9d:9d:aa:58:
cb:6c:ba:67:7b:ca:e7:ab:6c:e5:81:0d:3c:5b:80:
92:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:99:E1:6B:79:D7:5D:03:38:AB:9D:58:57:EF:0F:BD:94:84:AA:77
X509v3 Authority Key Identifier:
keyid:C1:E3:A4:4A:E8:CF:02:43:F1:DF:FE:26:84:E3:DD:5A:8F:C8:5D:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/weOkSujPAkPx3_4mhOPdWo_IXXk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/bf4a44-bb8a-4651-a0aa-38d292d0f7ec/1/HJnha3nXXQM4q51YV-8PvZSEqnc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/bf4a44-bb8a-4651-a0aa-38d292d0f7ec/1/weOkSujPAkPx3_4mhOPdWo_IXXk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.188.0/22
Signature Algorithm: sha256WithRSAEncryption
5a:c8:4f:10:9f:85:f8:5b:f7:92:10:c5:cd:67:2f:2d:af:e2:
ff:b0:7c:04:d2:e5:92:72:c1:5a:54:fd:3f:67:1c:6c:ce:8b:
02:93:52:bb:0b:0b:4b:d7:dd:b9:e8:db:58:45:c7:5f:9f:81:
bc:cd:ac:b5:9f:7d:af:ce:c4:77:b9:0b:78:4c:25:07:dd:c7:
52:19:4e:2d:29:02:7e:50:34:9d:40:8e:8f:4f:13:a7:de:de:
3a:fc:2e:b8:df:5a:32:d7:95:f0:f1:48:38:eb:a7:04:6f:20:
64:6b:90:e1:3b:b5:79:da:12:1d:dc:34:1a:e9:93:3e:75:a1:
ed:ed:0f:d6:19:b5:e0:c2:80:ab:da:e0:d8:67:99:e4:62:8a:
d0:b4:80:50:80:44:9a:d3:fe:c9:34:6c:ee:19:1f:2f:df:9f:
78:b3:a3:1f:49:25:d3:0b:14:87:7f:72:ec:7b:cc:ca:16:ea:
f5:f7:ca:1e:94:cb:0f:bf:57:52:be:57:ad:19:0d:34:3c:d2:
ab:32:a2:b9:02:1e:95:86:a8:f8:ee:e1:14:30:90:a4:94:4b:
b6:cf:c1:98:b6:dd:13:82:ef:f4:48:89:bf:69:3f:f0:53:de:
db:fb:84:97:de:c8:fa:8c:03:43:ff:91:da:27:0b:1a:fc:13:
8e:6d:04:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvOTBN/MHCE7C40F2EEwX4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxZTNhNDRhZThjZjAyNDNmMWRmZmUyNjg0ZTNkZDVhOGZj
ODVkNzkwHhcNMjMwMTAxMjEyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzk5ZTE2Yjc5ZDc1ZDAzMzhhYjlkNTg1N2VmMGZiZDk0ODRhYTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4ymmXPpVQrloQtv5JoEBZTpgFka
a3YegiuhG+sPJi+TMFJfkiY4vZhJRIkyRMMCyRKWQ6687PmWsi9V/JatDtCh9CjR
2yZMdsFtu5asBwaYkhTjXrBkHsiVQRI4qRFaP+Ngu8zzfFVbGFuDxcTI8jNMZR7Q
biQwam0lEI/M3JqjWERys9By5UPkQrZJfu/97Xs0Hq+a2HalHZtC4JPPk8eh5wsP
iQWkcjTutdGLDw7spcBuQH7XOqRzrmvbWyH9V6w3T4MEPPD0cHnwlWRDbG9GC3he
+FnmKSB5Gqso/Pr5+cHdkFi1piunSZ2dqljLbLpne8rnq2zlgQ08W4CSLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFByZ4Wt5110DOKudWFfvD72UhKp3MB8GA1UdIwQY
MBaAFMHjpErozwJD8d/+JoTj3VqPyF15MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2VPa1N1alBBa1B4M180bWhPUGRXb19JWFhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9iZjRhNDQtYmI4YS00NjUxLWEwYWEt
MzhkMjkyZDBmN2VjLzEvSEpuaGEzblhYUU00cTUxWVYtOFB2WlNFcW5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9iZjRhNDQtYmI4YS00NjUxLWEwYWEtMzhkMjkyZDBmN2Vj
LzEvd2VPa1N1alBBa1B4M180bWhPUGRXb19JWFhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCT2K8MA0G
CSqGSIb3DQEBCwUAA4IBAQBayE8Qn4X4W/eSEMXNZy8tr+L/sHwE0uWScsFaVP0/
ZxxszosCk1K7CwtL19256NtYRcdfn4G8zay1n32vzsR3uQt4TCUH3cdSGU4tKQJ+
UDSdQI6PTxOn3t46/C6431oy15Xw8Ug466cEbyBka5DhO7V52hId3DQa6ZM+daHt
7Q/WGbXgwoCr2uDYZ5nkYorQtIBQgESa0/7JNGzuGR8v3594s6MfSSXTCxSHf3Ls
e8zKFur198oelMsPv1dSvletGQ00PNKrMqK5Ah6Vhqj47uEUMJCklEu2z8GYtt0T
gu/0SIm/aT/wU97b+4SX3sj6jAND/5HaJwsa/BOObQQ3
-----END CERTIFICATE-----
Generated at Tue Apr 22 18:33:32 2025 by rpki-client