Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/9391a6-dd3f-4933-9da2-9b8d68ee87fc/1/1hbwDxXx_U5Wad6g08H0jymMjZo.roa
File: 1hbwDxXx_U5Wad6g08H0jymMjZo.roa (raw, json)
Hash identifier: 4ETtMaHaF2DsZic+0nbc86CDvRQ2AwLO2uTQjmF5uCk=
Subject key identifier: D6:16:F0:0F:15:F1:FD:4E:56:69:DE:A0:D3:C1:F4:8F:29:8C:8D:9A
Certificate issuer: /CN=f2d593b1c87b81739ec41910295bf385f2c9a992
Certificate serial: 01847FE634166A7F0B171FFF259DD5E05EEB
Authority key identifier: F2:D5:93:B1:C8:7B:81:73:9E:C4:19:10:29:5B:F3:85:F2:C9:A9:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8tWTsch7gXOexBkQKVvzhfLJqZI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/9391a6-dd3f-4933-9da2-9b8d68ee87fc/1/1hbwDxXx_U5Wad6g08H0jymMjZo.roa
Signing time: Wed 16 Nov 2022 10:05:03 +0000
ROA not before: Wed 16 Nov 2022 10:05:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210892
IP address blocks: 79.135.124.0/24 maxlen: 24
79.135.126.0/24 maxlen: 24
5.1.45.0/24 maxlen: 24
109.224.223.0/24 maxlen: 24
2a11:2b07:f003::/48 maxlen: 48
2a11:2b07:f000::/48 maxlen: 48
2a11:2b07:f002::/48 maxlen: 48
2a11:2b07:f001::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7f:e6:34:16:6a:7f:0b:17:1f:ff:25:9d:d5:e0:5e:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f2d593b1c87b81739ec41910295bf385f2c9a992
Validity
Not Before: Nov 16 10:05:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d616f00f15f1fd4e5669dea0d3c1f48f298c8d9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:f1:f8:e9:a4:c1:2e:d3:f8:f6:c5:80:e7:51:
0c:2f:1b:2e:11:99:1c:b9:bf:ca:76:e0:83:77:b0:
49:4a:90:5f:bc:71:90:21:bc:d8:17:37:32:09:a5:
24:6b:90:f0:26:fd:19:7d:31:72:83:e8:1e:47:54:
96:03:da:65:36:b6:d6:e6:0d:1c:8e:ef:7c:95:3f:
fb:20:f6:8e:62:b0:1b:b2:99:84:3b:4b:a1:2c:53:
8c:f5:1b:9a:95:30:94:d8:a9:97:6b:4a:70:ec:ca:
b8:5c:96:ae:bc:23:97:70:39:35:da:5b:df:fe:15:
ee:53:cd:03:83:11:c2:9c:e3:47:92:ae:1f:2a:5f:
12:55:d9:3e:d4:e2:46:f9:92:55:4c:03:e5:d9:7c:
07:f9:a0:a2:2a:cb:79:d2:b3:69:10:55:4c:5c:4e:
5b:98:c5:11:c7:46:6b:3f:09:89:8e:27:4b:6a:db:
61:89:bb:da:e6:87:44:ef:4e:4d:a9:06:df:fb:7a:
f0:4f:70:dc:62:4d:b3:6b:d9:4b:01:96:2c:35:35:
34:e2:c2:d7:db:4b:c4:2f:a3:8e:f0:2f:3b:a5:d9:
a5:be:ad:3b:aa:3f:f0:54:8c:e1:fb:81:3f:29:9f:
ce:73:f4:37:00:cf:4f:e3:9e:a4:00:d7:81:0b:be:
a4:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:16:F0:0F:15:F1:FD:4E:56:69:DE:A0:D3:C1:F4:8F:29:8C:8D:9A
X509v3 Authority Key Identifier:
keyid:F2:D5:93:B1:C8:7B:81:73:9E:C4:19:10:29:5B:F3:85:F2:C9:A9:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8tWTsch7gXOexBkQKVvzhfLJqZI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/9391a6-dd3f-4933-9da2-9b8d68ee87fc/1/1hbwDxXx_U5Wad6g08H0jymMjZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/9391a6-dd3f-4933-9da2-9b8d68ee87fc/1/8tWTsch7gXOexBkQKVvzhfLJqZI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.45.0/24
79.135.124.0/24
79.135.126.0/24
109.224.223.0/24
IPv6:
2a11:2b07:f000::/46
Signature Algorithm: sha256WithRSAEncryption
50:9a:90:99:f3:7f:0a:ca:a0:84:04:fe:a2:ea:0f:fa:d0:1a:
45:49:dd:d4:96:40:b0:37:43:5e:e4:0f:d7:2a:30:4a:3c:42:
23:2d:fc:6c:f7:8d:78:06:a3:9d:b0:ef:96:7f:3e:50:09:b2:
63:89:8f:8b:da:f5:0b:d5:4c:86:99:23:a8:a0:15:10:0e:50:
68:b3:09:6e:f6:cb:2e:dd:e3:77:a0:0d:e5:3f:6b:c3:2c:63:
00:2a:0f:d0:3d:d7:cd:87:18:a8:b1:8f:af:52:57:50:af:95:
57:34:ef:15:57:c3:4a:6c:d7:3e:a6:50:a0:4d:4a:72:ee:33:
f6:46:16:42:f0:7f:5f:00:77:6e:fa:88:44:66:09:a6:db:f9:
95:0b:6c:93:5a:f0:0d:47:11:ed:5c:e5:90:6f:bb:d7:84:38:
6e:e8:50:82:b2:5a:c0:87:ba:4d:1a:24:a8:64:60:36:74:b0:
30:f6:72:c5:d4:35:c7:00:34:d5:a3:54:42:09:33:32:67:b0:
d2:02:2d:a9:7f:31:4b:ec:38:21:7f:9e:a4:b5:23:0f:7b:3b:
0b:5f:71:b9:a3:a6:0d:b2:52:2a:36:3c:74:27:54:80:79:52:
4a:4c:34:54:77:ac:c8:dd:8d:c5:d9:9a:a8:6a:2e:29:5b:a8:
aa:bc:38:06
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYR/5jQWan8LFx//JZ3V4F7rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyZDU5M2IxYzg3YjgxNzM5ZWM0MTkxMDI5NWJmMzg1ZjJj
OWE5OTIwHhcNMjIxMTE2MTAwNTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjE2ZjAwZjE1ZjFmZDRlNTY2OWRlYTBkM2MxZjQ4ZjI5OGM4ZDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjvH46aTBLtP49sWA51EMLxsuEZkc
ub/KduCDd7BJSpBfvHGQIbzYFzcyCaUka5DwJv0ZfTFyg+geR1SWA9plNrbW5g0c
ju98lT/7IPaOYrAbspmEO0uhLFOM9RualTCU2KmXa0pw7Mq4XJauvCOXcDk12lvf
/hXuU80DgxHCnONHkq4fKl8SVdk+1OJG+ZJVTAPl2XwH+aCiKst50rNpEFVMXE5b
mMURx0ZrPwmJjidLatthibva5odE705NqQbf+3rwT3DcYk2za9lLAZYsNTU04sLX
20vEL6OO8C87pdmlvq07qj/wVIzh+4E/KZ/Oc/Q3AM9P456kANeBC76k6wIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFNYW8A8V8f1OVmneoNPB9I8pjI2aMB8GA1UdIwQY
MBaAFPLVk7HIe4FznsQZEClb84XyyamSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHRXVHNjaDdnWE9leEJrUUtWdnpoZkxKcVpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS85MzkxYTYtZGQzZi00OTMzLTlkYTIt
OWI4ZDY4ZWU4N2ZjLzEvMWhid0R4WHhfVTVXYWQ2ZzA4SDBqeW1NalpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS85MzkxYTYtZGQzZi00OTMzLTlkYTItOWI4ZDY4ZWU4N2Zj
LzEvOHRXVHNjaDdnWE9leEJrUUtWdnpoZkxKcVpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQABQEtAwQA
T4d8AwQAT4d+AwQAbeDfMA8EAgACMAkDBwIqESsH8AAwDQYJKoZIhvcNAQELBQAD
ggEBAFCakJnzfwrKoIQE/qLqD/rQGkVJ3dSWQLA3Q17kD9cqMEo8QiMt/Gz3jXgG
o52w75Z/PlAJsmOJj4va9QvVTIaZI6igFRAOUGizCW72yy7d43egDeU/a8MsYwAq
D9A9182HGKixj69SV1CvlVc07xVXw0ps1z6mUKBNSnLuM/ZGFkLwf18Ad276iERm
Cabb+ZULbJNa8A1HEe1c5ZBvu9eEOG7oUIKyWsCHuk0aJKhkYDZ0sDD2csXUNccA
NNWjVEIJMzJnsNICLal/MUvsOCF/nqS1Iw97Owtfcbmjpg2yUio2PHQnVIB5UkpM
NFR3rMjdjcXZmqhqLilbqKq8OAY=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:49:23 2025 by rpki-client