Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/HkZSSU6_VRQKw5yLMM7re0Fnf0k.roa
File: HkZSSU6_VRQKw5yLMM7re0Fnf0k.roa (raw, json)
Hash identifier: y/WYA2t9Un1/QY5+jiNsG/ti9BFZat42ObiGmHaoaV0=
Subject key identifier: 1E:46:52:49:4E:BF:55:14:0A:C3:9C:8B:30:CE:EB:7B:41:67:7F:49
Certificate issuer: /CN=081b7a22e51cfb9cf84205e4449998ad55d8f065
Certificate serial: 018281A26D17E364424B19C680D9AF3BDB13
Authority key identifier: 08:1B:7A:22:E5:1C:FB:9C:F8:42:05:E4:44:99:98:AD:55:D8:F0:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/HkZSSU6_VRQKw5yLMM7re0Fnf0k.roa
Signing time: Tue 09 Aug 2022 08:04:41 +0000
ROA not before: Tue 09 Aug 2022 08:04:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209638
IP address blocks: 80.249.112.0/24 maxlen: 24
80.249.114.0/24 maxlen: 24
80.249.113.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:81:a2:6d:17:e3:64:42:4b:19:c6:80:d9:af:3b:db:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=081b7a22e51cfb9cf84205e4449998ad55d8f065
Validity
Not Before: Aug 9 08:04:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1e4652494ebf55140ac39c8b30ceeb7b41677f49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:32:3c:1c:ed:70:31:7d:37:48:a6:7c:72:5b:
44:88:31:9f:a7:5d:4b:a2:69:06:82:fe:bf:b1:9a:
42:d1:d3:2e:be:f8:81:c0:9b:9d:80:36:81:b8:38:
aa:f7:68:76:05:70:92:f6:bb:4f:10:c7:25:c6:ce:
b6:6b:b8:85:fe:72:e1:9f:5f:a3:67:3b:10:91:cf:
4f:af:12:33:8d:b8:6d:08:ce:73:a0:f1:8d:4b:8f:
46:1b:7f:4b:4d:1c:23:2e:c5:ea:0e:56:39:9f:b4:
a2:27:cb:da:6d:75:7c:01:20:bd:b3:04:aa:cc:60:
03:1b:73:98:7b:e9:a3:55:ac:84:06:e5:13:04:a6:
ee:04:70:b0:f2:a8:a0:98:7b:dd:27:91:a7:24:11:
f9:93:64:28:23:7b:f2:b9:67:fb:1d:9e:9f:4f:1c:
7e:6c:b4:9c:e3:a4:e8:1f:b6:ec:0e:02:1a:6d:1f:
ab:7c:2e:e9:3b:5c:d8:12:8b:ce:af:8a:0e:93:d5:
88:14:92:c0:78:e7:a8:fc:46:12:db:1d:9b:14:cb:
67:1d:a9:8d:d2:d5:d6:63:24:4d:ce:15:5b:10:62:
45:c7:18:81:53:57:41:2c:0d:45:71:37:2d:73:b8:
16:84:45:3a:2d:a5:93:c3:f6:a3:f9:4d:4e:99:c4:
9e:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:46:52:49:4E:BF:55:14:0A:C3:9C:8B:30:CE:EB:7B:41:67:7F:49
X509v3 Authority Key Identifier:
keyid:08:1B:7A:22:E5:1C:FB:9C:F8:42:05:E4:44:99:98:AD:55:D8:F0:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/HkZSSU6_VRQKw5yLMM7re0Fnf0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/CBt6IuUc-5z4QgXkRJmYrVXY8GU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.249.112.0-80.249.114.255
Signature Algorithm: sha256WithRSAEncryption
18:95:a0:82:b4:e2:fd:81:ab:35:67:36:59:68:7b:99:39:f4:
0a:d7:d4:d5:13:5c:6c:45:a0:05:a3:7e:98:9f:3f:cc:3d:32:
cb:31:ea:58:18:61:3b:23:f1:2f:f0:80:96:13:ad:b6:d2:ac:
2e:32:ce:cc:84:05:ce:89:61:f7:06:0e:4e:a1:1f:2e:8e:82:
e7:33:9d:30:12:9d:67:38:99:ed:46:49:e6:d1:63:08:25:73:
3c:50:4f:d8:cc:ce:d7:3d:a9:51:8b:a3:16:4e:91:9a:93:02:
16:61:d4:7b:67:bc:be:f9:aa:72:96:20:30:22:ad:2c:6e:4a:
11:38:be:7d:68:ef:8d:c5:0e:c5:01:27:52:47:74:e9:0d:3c:
3f:0d:a6:27:0f:62:d8:60:a5:ec:a4:7e:c2:6e:e0:38:d5:49:
cf:08:42:32:96:39:67:da:a0:3b:ec:e9:b5:e3:6f:bf:39:df:
d5:3b:f3:31:4d:d5:20:d8:34:14:42:85:a4:70:b0:d8:09:a6:
e4:01:22:c7:63:54:e1:01:f1:ad:f0:cf:9e:b4:1b:7c:a9:8f:
d9:1f:09:05:7e:8d:de:ac:69:64:d6:1b:ee:66:2f:e5:64:06:
f7:32:79:e3:c6:91:73:4f:d8:f2:51:81:77:ca:48:9a:6c:6e:
14:a2:d4:47
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYKBom0X42RCSxnGgNmvO9sTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MWI3YTIyZTUxY2ZiOWNmODQyMDVlNDQ0OTk5OGFkNTVk
OGYwNjUwHhcNMjIwODA5MDgwNDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTQ2NTI0OTRlYmY1NTE0MGFjMzljOGIzMGNlZWI3YjQxNjc3ZjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAijI8HO1wMX03SKZ8cltEiDGfp11L
omkGgv6/sZpC0dMuvviBwJudgDaBuDiq92h2BXCS9rtPEMclxs62a7iF/nLhn1+j
ZzsQkc9PrxIzjbhtCM5zoPGNS49GG39LTRwjLsXqDlY5n7SiJ8vabXV8ASC9swSq
zGADG3OYe+mjVayEBuUTBKbuBHCw8qigmHvdJ5GnJBH5k2QoI3vyuWf7HZ6fTxx+
bLSc46ToH7bsDgIabR+rfC7pO1zYEovOr4oOk9WIFJLAeOeo/EYS2x2bFMtnHamN
0tXWYyRNzhVbEGJFxxiBU1dBLA1FcTctc7gWhEU6LaWTw/aj+U1OmcSeoQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFB5GUklOv1UUCsOcizDO63tBZ39JMB8GA1UdIwQY
MBaAFAgbeiLlHPuc+EIF5ESZmK1V2PBlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0J0Nkl1VWMtNXo0UWdYa1JKbVlyVlhZOEdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9jNTE1YzktZGYwOC00MjZjLTgwZTYt
MDM2NzI2OGZmODcxLzEvSGtaU1NVNl9WUlFLdzV5TE1NN3JlMEZuZjBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9jNTE1YzktZGYwOC00MjZjLTgwZTYtMDM2NzI2OGZmODcx
LzEvQ0J0Nkl1VWMtNXo0UWdYa1JKbVlyVlhZOEdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBARQ+XAD
BABQ+XIwDQYJKoZIhvcNAQELBQADggEBABiVoIK04v2BqzVnNlloe5k59ArX1NUT
XGxFoAWjfpifP8w9Mssx6lgYYTsj8S/wgJYTrbbSrC4yzsyEBc6JYfcGDk6hHy6O
gucznTASnWc4me1GSebRYwglczxQT9jMztc9qVGLoxZOkZqTAhZh1HtnvL75qnKW
IDAirSxuShE4vn1o743FDsUBJ1JHdOkNPD8NpicPYthgpeykfsJu4DjVSc8IQjKW
OWfaoDvs6bXjb78539U78zFN1SDYNBRChaRwsNgJpuQBIsdjVOEB8a3wz560G3yp
j9kfCQV+jd6saWTWG+5mL+VkBvcyeePGkXNP2PJRgXfKSJpsbhSi1Ec=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:28 2025 by rpki-client