Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/685aa1-ef22-48a5-b70a-5ea8f53ab491/1/hbYepa0YmOqIgOlvxfBwGhTMJI8.roa
File: hbYepa0YmOqIgOlvxfBwGhTMJI8.roa (raw, json)
Hash identifier: li6Bt0mAK5Zj8o6wsqQljo4QYISyIbCyN+ncATs2ue8=
Subject key identifier: 85:B6:1E:A5:AD:18:98:EA:88:80:E9:6F:C5:F0:70:1A:14:CC:24:8F
Certificate issuer: /CN=44af4b76312680e9d40a23b3ca2f19abf2f6c73b
Certificate serial: 01876FE8EC0A8BB278092C5266129071FC03
Authority key identifier: 44:AF:4B:76:31:26:80:E9:D4:0A:23:B3:CA:2F:19:AB:F2:F6:C7:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RK9LdjEmgOnUCiOzyi8Zq_L2xzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/685aa1-ef22-48a5-b70a-5ea8f53ab491/1/hbYepa0YmOqIgOlvxfBwGhTMJI8.roa
Signing time: Tue 11 Apr 2023 10:42:28 +0000
ROA not before: Tue 11 Apr 2023 10:42:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 185.70.97.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:6f:e8:ec:0a:8b:b2:78:09:2c:52:66:12:90:71:fc:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44af4b76312680e9d40a23b3ca2f19abf2f6c73b
Validity
Not Before: Apr 11 10:42:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85b61ea5ad1898ea8880e96fc5f0701a14cc248f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:1f:91:30:cd:4b:a3:e3:21:ea:72:08:b3:d9:
3a:43:49:fb:bb:98:d7:3a:19:b5:fa:b7:6a:4b:0b:
86:89:f5:8f:a8:1c:66:51:0e:01:9c:92:a2:56:c0:
8b:81:e6:5c:56:70:ab:08:7a:cd:c0:60:68:4c:c4:
32:51:f7:ce:bc:bc:38:08:bc:3a:6e:eb:c5:d6:ac:
50:5b:3a:38:be:8e:c7:19:26:6e:9f:29:be:16:8e:
49:9e:45:0f:38:38:aa:e5:d3:e1:a8:9b:ae:37:06:
c6:cf:0f:52:59:2a:a5:4a:33:e2:22:11:77:e9:9f:
81:08:c3:cb:24:91:b2:6f:e8:0c:5c:3d:87:28:05:
a5:4e:bb:62:94:02:8f:f0:96:5d:65:32:45:89:d6:
1f:9e:2b:f8:01:56:e1:fa:83:67:60:a9:11:3e:2e:
94:b2:96:40:1c:c6:ac:37:dc:ce:c1:ac:27:af:cb:
7e:81:f1:9f:67:8e:5d:36:93:e8:fe:f3:2f:76:bd:
79:7a:cc:e9:49:35:2d:e0:eb:ba:94:d4:98:f5:4f:
7a:72:29:ab:3d:55:ee:88:6b:0f:df:b1:0e:ab:b8:
3b:b9:e8:c7:0b:f8:17:e3:2b:6e:e6:63:5e:e0:f9:
9a:0c:0f:3a:bf:d5:aa:d2:0f:32:57:ec:c7:62:5a:
c5:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:B6:1E:A5:AD:18:98:EA:88:80:E9:6F:C5:F0:70:1A:14:CC:24:8F
X509v3 Authority Key Identifier:
keyid:44:AF:4B:76:31:26:80:E9:D4:0A:23:B3:CA:2F:19:AB:F2:F6:C7:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RK9LdjEmgOnUCiOzyi8Zq_L2xzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/685aa1-ef22-48a5-b70a-5ea8f53ab491/1/hbYepa0YmOqIgOlvxfBwGhTMJI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/685aa1-ef22-48a5-b70a-5ea8f53ab491/1/RK9LdjEmgOnUCiOzyi8Zq_L2xzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.70.97.0/24
Signature Algorithm: sha256WithRSAEncryption
17:c0:11:aa:e8:c7:e0:df:07:08:b4:0b:a4:36:cc:b8:cf:20:
a0:07:a6:73:32:e2:14:01:2f:1e:d9:81:78:6e:df:ff:e1:60:
29:f6:66:96:28:3b:97:83:37:ff:02:39:17:e9:a4:c1:57:dc:
f2:f6:db:b6:4c:3d:bf:1b:39:35:5b:81:15:a4:ef:05:39:e5:
0b:73:e3:81:0e:fb:09:5d:03:21:d2:d3:19:c5:9e:d1:c3:ac:
76:87:ca:bd:e1:cd:e8:c2:89:1c:d2:5d:03:b3:4f:9d:14:3c:
fd:19:bd:ef:9c:67:3f:64:37:17:cc:ee:d5:20:9d:ec:81:e9:
a6:59:6f:5f:7f:d3:35:df:29:e3:57:ff:02:92:64:89:ac:62:
79:e0:c3:8d:ff:bb:9f:ba:66:16:9d:4f:59:db:a6:04:bf:1a:
82:e5:3e:c6:3b:1c:0b:29:37:9c:ac:e4:95:0a:d2:47:1b:3c:
36:5f:14:9a:11:66:a1:40:60:cc:b9:26:8b:c1:4f:81:44:1b:
5a:75:26:a6:c5:75:01:71:48:77:97:82:6a:83:7b:0d:b0:f8:
b3:21:57:a3:9e:95:36:49:3b:c0:81:9a:ea:4b:2a:78:c4:3c:
fe:29:a9:1e:cb:bc:07:2c:2f:4d:6b:9a:30:1a:8e:58:b8:fb:
46:dd:ef:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdv6OwKi7J4CSxSZhKQcfwDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0YWY0Yjc2MzEyNjgwZTlkNDBhMjNiM2NhMmYxOWFiZjJm
NmM3M2IwHhcNMjMwNDExMTA0MjI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWI2MWVhNWFkMTg5OGVhODg4MGU5NmZjNWYwNzAxYTE0Y2MyNDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjh+RMM1Lo+Mh6nIIs9k6Q0n7u5jX
Ohm1+rdqSwuGifWPqBxmUQ4BnJKiVsCLgeZcVnCrCHrNwGBoTMQyUffOvLw4CLw6
buvF1qxQWzo4vo7HGSZunym+Fo5JnkUPODiq5dPhqJuuNwbGzw9SWSqlSjPiIhF3
6Z+BCMPLJJGyb+gMXD2HKAWlTrtilAKP8JZdZTJFidYfniv4AVbh+oNnYKkRPi6U
spZAHMasN9zOwawnr8t+gfGfZ45dNpPo/vMvdr15eszpSTUt4Ou6lNSY9U96cimr
PVXuiGsP37EOq7g7uejHC/gX4ytu5mNe4PmaDA86v9Wq0g8yV+zHYlrFAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIW2HqWtGJjqiIDpb8XwcBoUzCSPMB8GA1UdIwQY
MBaAFESvS3YxJoDp1Aojs8ovGavy9sc7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUks5TGRqRW1nT25VQ2lPenlpOFpxX0wyeHpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi82ODVhYTEtZWYyMi00OGE1LWI3MGEt
NWVhOGY1M2FiNDkxLzEvaGJZZXBhMFltT3FJZ09sdnhmQndHaFRNSkk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi82ODVhYTEtZWYyMi00OGE1LWI3MGEtNWVhOGY1M2FiNDkx
LzEvUks5TGRqRW1nT25VQ2lPenlpOFpxX0wyeHpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuUZhMA0G
CSqGSIb3DQEBCwUAA4IBAQAXwBGq6Mfg3wcItAukNsy4zyCgB6ZzMuIUAS8e2YF4
bt//4WAp9maWKDuXgzf/AjkX6aTBV9zy9tu2TD2/Gzk1W4EVpO8FOeULc+OBDvsJ
XQMh0tMZxZ7Rw6x2h8q94c3owokc0l0Ds0+dFDz9Gb3vnGc/ZDcXzO7VIJ3sgemm
WW9ff9M13ynjV/8CkmSJrGJ54MON/7ufumYWnU9Z26YEvxqC5T7GOxwLKTecrOSV
CtJHGzw2XxSaEWahQGDMuSaLwU+BRBtadSamxXUBcUh3l4Jqg3sNsPizIVejnpU2
STvAgZrqSyp4xDz+Kakey7wHLC9Na5owGo5YuPtG3e9C
-----END CERTIFICATE-----
Generated at Mon Jun 9 00:18:41 2025 by rpki-client