Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/be1171-1202-4df8-8c30-d36935ebc6ad/1/hiwSI2DzDtV7kzwC952rDGAH6ok.roa
File: hiwSI2DzDtV7kzwC952rDGAH6ok.roa (raw, json)
Hash identifier: kHy0szV3reXTKhLQSiz8kP7k+RgJhFPKytfQSoJdHx0=
Subject key identifier: 86:2C:12:23:60:F3:0E:D5:7B:93:3C:02:F7:9D:AB:0C:60:07:EA:89
Certificate issuer: /CN=1462a497efe0bc92b7ed92529ebbe39cb19d330a
Certificate serial: 01858882A6D1A677BCA489DC131D582BBFF8
Authority key identifier: 14:62:A4:97:EF:E0:BC:92:B7:ED:92:52:9E:BB:E3:9C:B1:9D:33:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FGKkl-_gvJK37ZJSnrvjnLGdMwo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/be1171-1202-4df8-8c30-d36935ebc6ad/1/hiwSI2DzDtV7kzwC952rDGAH6ok.roa
Signing time: Fri 06 Jan 2023 19:15:41 +0000
ROA not before: Fri 06 Jan 2023 19:15:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34767
IP address blocks: 185.53.180.0/22 maxlen: 22
80.75.240.0/20 maxlen: 20
2a00:7a80::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:88:82:a6:d1:a6:77:bc:a4:89:dc:13:1d:58:2b:bf:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1462a497efe0bc92b7ed92529ebbe39cb19d330a
Validity
Not Before: Jan 6 19:15:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=862c122360f30ed57b933c02f79dab0c6007ea89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:15:c3:1b:fa:c6:20:44:f7:e9:76:48:a6:a2:
f3:d3:db:f3:fd:1f:ab:6c:fd:8c:49:f8:40:01:02:
11:59:b0:01:98:65:2a:4a:6f:c5:7d:69:04:72:d9:
68:3f:83:58:28:dc:39:eb:b5:cb:4e:94:28:9e:9e:
e1:9c:4e:32:cc:bd:bd:2b:fd:ed:23:47:c3:10:5f:
be:65:af:29:e7:16:6c:06:66:15:99:6c:a2:22:df:
01:bf:3b:55:dd:0b:fc:bd:05:21:00:0e:67:7e:9b:
a4:95:d1:90:85:69:16:0c:9b:da:4c:39:fe:b5:c1:
34:78:b0:ea:87:18:de:d1:5d:8a:bb:22:a6:aa:81:
d4:3c:ae:fa:6b:c9:c1:06:71:d3:d6:1e:9d:71:70:
7b:b9:dd:77:e6:fa:4d:76:72:a9:e9:39:6a:87:8f:
7a:b4:0e:23:2d:16:9f:ee:3c:c0:8d:71:98:8e:01:
6d:e8:7b:40:6f:56:6e:3f:be:98:cc:ce:79:0c:f3:
9d:d5:b9:40:8b:91:a7:4e:69:b6:fa:e1:bf:e7:b7:
78:1e:a1:d8:71:3e:da:98:98:ce:a4:7c:79:f0:01:
50:5f:55:d2:d6:79:ec:95:fa:9e:17:57:0b:ca:55:
f5:8d:d1:40:a8:7f:d3:23:0a:1d:b8:7e:74:50:b9:
f8:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:2C:12:23:60:F3:0E:D5:7B:93:3C:02:F7:9D:AB:0C:60:07:EA:89
X509v3 Authority Key Identifier:
keyid:14:62:A4:97:EF:E0:BC:92:B7:ED:92:52:9E:BB:E3:9C:B1:9D:33:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FGKkl-_gvJK37ZJSnrvjnLGdMwo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/be1171-1202-4df8-8c30-d36935ebc6ad/1/hiwSI2DzDtV7kzwC952rDGAH6ok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/be1171-1202-4df8-8c30-d36935ebc6ad/1/FGKkl-_gvJK37ZJSnrvjnLGdMwo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.75.240.0/20
185.53.180.0/22
IPv6:
2a00:7a80::/32
Signature Algorithm: sha256WithRSAEncryption
aa:ca:59:cc:a1:8e:d9:bd:df:09:8c:fb:d2:ec:31:b5:22:9c:
66:96:a6:3d:5a:26:b9:93:9a:0f:ee:6c:0a:e1:76:15:50:1b:
1e:1b:a9:7c:ae:5a:58:11:88:80:f0:9d:4e:c9:e5:ab:08:fd:
2b:6f:66:1c:79:e3:3e:4f:fb:d6:42:76:52:bd:7d:2d:87:8a:
3a:bb:ba:f1:b7:e7:f1:3c:05:bf:1d:ba:fc:eb:28:0f:01:d5:
10:8d:50:3b:26:38:c9:89:68:cf:36:48:2f:b9:de:e0:3d:8c:
08:70:4b:35:85:38:35:6a:0a:91:fa:f6:9a:ff:b0:6b:87:20:
43:5d:19:0f:a9:c4:c3:b9:b0:7a:ab:eb:01:1c:7c:d7:68:86:
e9:b0:6a:e2:49:23:09:45:26:52:27:da:97:92:57:5a:05:83:
cc:36:86:74:fd:54:94:1a:a3:57:55:59:ad:d1:86:73:ce:2c:
b4:dd:c8:82:4b:83:f4:3b:ec:bd:a0:6b:bc:d5:00:a0:c8:54:
5b:a6:2c:8d:b4:b6:6b:4d:45:75:a3:55:7e:f8:1c:1d:57:35:
ce:af:52:c6:40:4a:61:b9:24:b2:5f:42:c0:ab:ce:2a:49:57:
87:06:55:8d:dd:b4:02:5e:9e:56:88:e9:aa:1e:73:34:db:19:
5d:aa:b2:16
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYWIgqbRpne8pIncEx1YK7/4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0NjJhNDk3ZWZlMGJjOTJiN2VkOTI1MjllYmJlMzljYjE5
ZDMzMGEwHhcNMjMwMTA2MTkxNTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjJjMTIyMzYwZjMwZWQ1N2I5MzNjMDJmNzlkYWIwYzYwMDdlYTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxXDG/rGIET36XZIpqLz09vz/R+r
bP2MSfhAAQIRWbABmGUqSm/FfWkEctloP4NYKNw567XLTpQonp7hnE4yzL29K/3t
I0fDEF++Za8p5xZsBmYVmWyiIt8BvztV3Qv8vQUhAA5nfpukldGQhWkWDJvaTDn+
tcE0eLDqhxje0V2KuyKmqoHUPK76a8nBBnHT1h6dcXB7ud135vpNdnKp6Tlqh496
tA4jLRaf7jzAjXGYjgFt6HtAb1ZuP76YzM55DPOd1blAi5GnTmm2+uG/57d4HqHY
cT7amJjOpHx58AFQX1XS1nnslfqeF1cLylX1jdFAqH/TIwoduH50ULn4uwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIYsEiNg8w7Ve5M8AvedqwxgB+qJMB8GA1UdIwQY
MBaAFBRipJfv4LySt+2SUp6745yxnTMKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkdLa2wtX2d2SkszN1pKU25ydmpuTEdkTXdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC9iZTExNzEtMTIwMi00ZGY4LThjMzAt
ZDM2OTM1ZWJjNmFkLzEvaGl3U0kyRHpEdFY3a3p3Qzk1MnJER0FINm9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC9iZTExNzEtMTIwMi00ZGY4LThjMzAtZDM2OTM1ZWJjNmFk
LzEvRkdLa2wtX2d2SkszN1pKU25ydmpuTEdkTXdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEUEvwAwQC
uTW0MA0EAgACMAcDBQAqAHqAMA0GCSqGSIb3DQEBCwUAA4IBAQCqylnMoY7Zvd8J
jPvS7DG1IpxmlqY9Wia5k5oP7mwK4XYVUBseG6l8rlpYEYiA8J1OyeWrCP0rb2Yc
eeM+T/vWQnZSvX0th4o6u7rxt+fxPAW/Hbr86ygPAdUQjVA7JjjJiWjPNkgvud7g
PYwIcEs1hTg1agqR+vaa/7BrhyBDXRkPqcTDubB6q+sBHHzXaIbpsGriSSMJRSZS
J9qXkldaBYPMNoZ0/VSUGqNXVVmt0YZzziy03ciCS4P0O+y9oGu81QCgyFRbpiyN
tLZrTUV1o1V++BwdVzXOr1LGQEphuSSyX0LAq84qSVeHBlWN3bQCXp5WiOmqHnM0
2xldqrIW
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:22:21 2025 by rpki-client