Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/hrkjgac2OONr5iMRcjph0ouBa4w.roa
File: hrkjgac2OONr5iMRcjph0ouBa4w.roa (raw, json)
Hash identifier: 2PdL+CqW7/MIbQ3bQP8eT3ym5+mTVgTjZ2uL/df6C08=
Subject key identifier: 86:B9:23:81:A7:36:38:E3:6B:E6:23:11:72:3A:61:D2:8B:81:6B:8C
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 07C67940
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/hrkjgac2OONr5iMRcjph0ouBa4w.roa
Signing time: Fri 25 Feb 2022 14:12:46 +0000
ROA not before: Fri 25 Feb 2022 14:12:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209737
IP address blocks: 5.180.106.0/24 maxlen: 24
45.141.150.0/24 maxlen: 24
194.116.229.0/24 maxlen: 24
194.116.237.0/24 maxlen: 24
194.116.236.0/24 maxlen: 24
77.83.201.0/24 maxlen: 24
77.83.202.0/24 maxlen: 24
77.83.200.0/24 maxlen: 24
77.83.203.0/24 maxlen: 24
194.146.36.0/24 maxlen: 24
45.136.6.0/24 maxlen: 24
45.136.7.0/24 maxlen: 24
45.131.0.0/24 maxlen: 24
194.146.47.0/24 maxlen: 24
2a09:8780::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 130447680 (0x7c67940)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Feb 25 14:12:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=86b92381a73638e36be62311723a61d28b816b8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:54:bd:29:42:e6:72:e5:58:43:23:13:5a:54:
e2:44:7d:70:48:63:61:cb:c1:ed:58:ef:cf:75:dc:
24:e6:29:53:55:9c:b7:c2:ab:79:0c:ea:41:fb:b4:
dd:f2:ae:20:50:ce:22:4f:ce:3a:ce:46:f9:2c:30:
0a:1d:9d:14:75:cb:e7:ac:dd:51:b0:75:ef:d8:0c:
fc:dd:43:ae:ad:85:5c:ff:df:72:a6:ce:5d:9b:ff:
47:c7:dc:32:79:ba:16:46:45:16:25:21:9b:cc:58:
ee:42:ea:8e:6c:e6:a7:a4:0c:c4:03:62:2a:67:b4:
56:a8:c2:8a:05:45:32:b6:0e:cf:ee:2b:f3:2d:d0:
1f:ab:3b:fb:7b:90:2f:2e:64:52:67:4d:28:d1:a5:
c7:9d:f1:54:37:8a:bf:da:86:fe:b6:69:c5:08:32:
b2:ca:2d:09:b0:0d:92:6b:4e:e0:af:8c:6a:0a:9e:
2e:3d:cd:cf:c5:58:02:91:18:a5:cc:9a:e4:50:b7:
44:d2:ad:90:87:15:01:f2:ca:53:da:e2:45:6f:b6:
16:05:59:32:43:5f:1a:03:40:7c:aa:04:c5:bd:21:
9d:26:79:03:8c:28:35:fb:8e:42:e5:08:ef:7f:14:
97:49:0b:c1:2f:ed:70:1f:45:88:c8:95:7a:09:05:
a7:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:B9:23:81:A7:36:38:E3:6B:E6:23:11:72:3A:61:D2:8B:81:6B:8C
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/hrkjgac2OONr5iMRcjph0ouBa4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.106.0/24
45.131.0.0/24
45.136.6.0/23
45.141.150.0/24
77.83.200.0/22
194.116.229.0/24
194.116.236.0/23
194.146.36.0/24
194.146.47.0/24
IPv6:
2a09:8780::/29
Signature Algorithm: sha256WithRSAEncryption
a8:19:1c:91:a9:d7:84:36:f5:88:9d:2a:ff:5b:05:c9:a6:35:
2f:cb:36:28:2e:4b:02:5d:70:47:4a:03:ef:11:ba:ea:e8:5e:
a7:93:3b:4e:c6:65:d3:e2:f8:8e:1d:3f:09:50:6d:b4:a9:b7:
62:81:b4:e2:9c:ff:1e:0f:1b:67:6a:ec:92:48:96:ef:47:51:
ca:21:82:09:c9:95:ee:2c:82:8f:8c:40:1f:90:6c:3f:59:0d:
ec:bf:83:9a:a2:5d:c2:ac:9b:a2:ba:67:bd:c9:02:7a:dd:db:
be:68:6f:93:ee:0f:d8:ef:83:35:67:ac:21:21:06:73:2f:83:
21:a5:37:99:8e:44:95:b4:9c:00:86:6a:59:4e:8f:2f:b7:c4:
19:71:ea:a4:5a:64:80:85:80:68:fd:d4:c0:4d:67:3a:4e:22:
ab:14:b2:3c:11:3d:23:48:94:64:cf:bd:98:8e:aa:95:6c:54:
e6:8d:05:ec:3c:57:a1:6e:af:0e:c4:66:ca:cc:4c:0c:42:56:
8d:11:5e:11:b0:f6:1d:ca:93:0d:62:d1:db:74:6c:db:a0:24:
11:30:2c:3b:f0:97:ff:d2:09:f1:af:42:7c:db:d2:2e:c1:29:
c6:b6:24:37:db:13:fc:52:8b:84:a6:2e:3d:a0:1f:3f:be:e0:
58:7a:85:e4
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgIEB8Z5QDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ODA1ZjE3YzJkNzEzM2QyZGFkM2E4ZGY3ZTM1MzE1ZTM3ZWY1ZGFmMB4XDTIyMDIy
NTE0MTI0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODZiOTIzODFhNzM2
MzhlMzZiZTYyMzExNzIzYTYxZDI4YjgxNmI4YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALFUvSlC5nLlWEMjE1pU4kR9cEhjYcvB7Vjvz3XcJOYpU1Wc
t8KreQzqQfu03fKuIFDOIk/OOs5G+SwwCh2dFHXL56zdUbB179gM/N1Drq2FXP/f
cqbOXZv/R8fcMnm6FkZFFiUhm8xY7kLqjmzmp6QMxANiKme0VqjCigVFMrYOz+4r
8y3QH6s7+3uQLy5kUmdNKNGlx53xVDeKv9qG/rZpxQgyssotCbANkmtO4K+Magqe
Lj3Nz8VYApEYpcya5FC3RNKtkIcVAfLKU9riRW+2FgVZMkNfGgNAfKoExb0hnSZ5
A4woNfuOQuUI738Ul0kLwS/tcB9FiMiVegkFpw8CAwEAAaOCAkgwggJEMB0GA1Ud
DgQWBBSGuSOBpzY442vmIxFyOmHSi4FrjDAfBgNVHSMEGDAWgBRIBfF8LXEz0trT
qN9+NTFeN+9drzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1NBWHhmQzF4TTlMYTA2amZmalV4WGpmdlhhOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGIvOGUwN2RkLTRmZTUtNDgyMC1iY2JlLTVkZDZlMjJlYmFiMC8x
L2hya2pnYWMyT09OcjVpTVJjanBoMG91QmE0dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGIv
OGUwN2RkLTRmZTUtNDgyMC1iY2JlLTVkZDZlMjJlYmFiMC8xL1NBWHhmQzF4TTlM
YTA2amZmalV4WGpmdlhhOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBe
BggrBgEFBQcBBwEB/wRPME0wPAQCAAEwNgMEAAW0agMEAC2DAAMEAS2IBgMEAC2N
lgMEAk1TyAMEAMJ05QMEAcJ07AMEAMKSJAMEAMKSLzANBAIAAjAHAwUDKgmHgDAN
BgkqhkiG9w0BAQsFAAOCAQEAqBkckanXhDb1iJ0q/1sFyaY1L8s2KC5LAl1wR0oD
7xG66uhep5M7TsZl0+L4jh0/CVBttKm3YoG04pz/Hg8bZ2rskkiW70dRyiGCCcmV
7iyCj4xAH5BsP1kN7L+DmqJdwqyborpnvckCet3bvmhvk+4P2O+DNWesISEGcy+D
IaU3mY5ElbScAIZqWU6PL7fEGXHqpFpkgIWAaP3UwE1nOk4iqxSyPBE9I0iUZM+9
mI6qlWxU5o0F7DxXoW6vDsRmysxMDEJWjRFeEbD2HcqTDWLR23Rs26AkETAsO/CX
/9IJ8a9CfNvSLsEpxrYkN9sT/FKLhKYuPaAfP77gWHqF5A==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:19 2025 by rpki-client