Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/d6088c-3110-41e1-b996-32d4ad8f56de/1/Hc_zDXXIju_-_hZAaCv-rshHPq0.roa
File: Hc_zDXXIju_-_hZAaCv-rshHPq0.roa (raw, json)
Hash identifier: EAbPBP9juuBmvR0nZ4+0hO5wDEYHEVoAbxZeVcbPSqA=
Subject key identifier: 1D:CF:F3:0D:75:C8:8E:EF:FE:FE:16:40:68:2B:FE:AE:C8:47:3E:AD
Certificate issuer: /CN=4fa5cde524f7810d5868bc49ab0bf6621f44dc21
Certificate serial: 01856C8A67108F39EF5810CBF77D1C94871E
Authority key identifier: 4F:A5:CD:E5:24:F7:81:0D:58:68:BC:49:AB:0B:F6:62:1F:44:DC:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T6XN5ST3gQ1YaLxJqwv2Yh9E3CE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/d6088c-3110-41e1-b996-32d4ad8f56de/1/Hc_zDXXIju_-_hZAaCv-rshHPq0.roa
Signing time: Sun 01 Jan 2023 08:54:47 +0000
ROA not before: Sun 01 Jan 2023 08:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213052
IP address blocks: 185.244.162.0/24 maxlen: 24
2a12:4440::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:8a:67:10:8f:39:ef:58:10:cb:f7:7d:1c:94:87:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fa5cde524f7810d5868bc49ab0bf6621f44dc21
Validity
Not Before: Jan 1 08:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1dcff30d75c88eeffefe1640682bfeaec8473ead
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:5c:aa:c7:8a:32:f6:94:0b:0c:56:e8:eb:e5:
78:82:73:6d:0f:b9:9d:75:3a:f2:52:12:60:9e:0b:
72:f4:0c:ff:dc:65:2d:19:00:91:79:f2:ea:2e:52:
d3:7d:b3:31:05:1b:6b:ca:8c:91:61:d8:d8:14:92:
b4:29:a9:e8:50:51:f2:17:d2:fd:db:dd:5d:de:8a:
05:01:7e:38:1a:17:02:72:49:a4:18:9e:0f:aa:49:
34:3a:c5:b5:08:1d:8a:93:10:8f:5f:6c:dd:77:b3:
0e:60:7f:4a:0d:37:c7:21:33:6f:f0:f8:c2:23:43:
85:e7:74:23:45:7a:1d:63:50:0f:c5:b8:6d:b5:d5:
e9:93:da:bd:c2:80:95:c6:a4:c5:f1:5d:79:e2:74:
3f:ae:a3:4b:22:85:7c:e2:a6:ed:82:7e:02:02:b4:
0b:94:02:fa:8f:6b:5c:f4:ee:83:c6:aa:43:90:23:
ec:bf:b7:37:f5:a0:0d:74:22:6e:5e:b7:84:95:47:
36:86:45:4a:53:2d:05:a4:6e:7a:60:7c:5e:01:6c:
0d:73:be:bc:84:a1:b6:d4:59:4f:77:cf:32:85:5e:
31:15:6f:4c:1a:19:aa:0d:8b:32:fe:fa:0a:13:a1:
9e:66:db:94:dd:60:5b:a1:8c:74:d9:9e:f0:da:d4:
f6:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:CF:F3:0D:75:C8:8E:EF:FE:FE:16:40:68:2B:FE:AE:C8:47:3E:AD
X509v3 Authority Key Identifier:
keyid:4F:A5:CD:E5:24:F7:81:0D:58:68:BC:49:AB:0B:F6:62:1F:44:DC:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T6XN5ST3gQ1YaLxJqwv2Yh9E3CE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/d6088c-3110-41e1-b996-32d4ad8f56de/1/Hc_zDXXIju_-_hZAaCv-rshHPq0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/d6088c-3110-41e1-b996-32d4ad8f56de/1/T6XN5ST3gQ1YaLxJqwv2Yh9E3CE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.244.162.0/24
IPv6:
2a12:4440::/32
Signature Algorithm: sha256WithRSAEncryption
28:6f:25:02:86:c4:d1:05:93:67:b6:8c:38:d1:b0:13:fd:d9:
4c:53:5b:54:f3:f3:a7:a6:07:ad:c2:5b:b6:6d:31:32:9b:27:
b2:81:8b:e0:14:f3:df:c4:d6:1c:b9:b7:33:6e:60:65:5d:e1:
2a:2d:33:2f:3b:74:bd:50:41:96:17:1c:5b:7f:3c:a9:db:de:
a2:a5:e0:5a:38:2b:52:2d:5c:b0:c2:e8:ad:15:a2:05:cc:3c:
e6:64:53:4f:9d:13:50:74:7b:6a:d9:24:62:83:ab:96:aa:5c:
83:73:c1:4a:9c:9e:c4:2b:54:51:25:4d:40:fa:48:11:16:68:
02:43:8b:4c:33:1a:38:90:cb:ef:39:56:77:01:50:4b:78:a0:
b0:04:2b:dd:fc:f9:6e:6f:31:0c:dc:a0:b6:ff:66:93:ff:30:
40:d2:df:21:b8:e8:46:22:4d:9e:63:01:69:75:43:81:a5:62:
df:fd:3f:74:e8:ef:82:e0:a7:5d:4c:ee:01:40:3f:01:27:b4:
e3:8c:ce:de:ac:3e:f8:a1:a2:8d:58:ca:f4:96:6a:1f:1c:59:
a0:e8:b8:ea:f6:49:ee:0c:59:51:c3:8d:2e:45:20:41:6e:f2:
51:48:8e:cb:80:09:ba:10:d1:4d:12:e4:3a:0a:13:eb:ea:c2:
b1:1d:3e:30
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsimcQjznvWBDL930clIceMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYTVjZGU1MjRmNzgxMGQ1ODY4YmM0OWFiMGJmNjYyMWY0
NGRjMjEwHhcNMjMwMTAxMDg1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGNmZjMwZDc1Yzg4ZWVmZmVmZTE2NDA2ODJiZmVhZWM4NDczZWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVyqx4oy9pQLDFbo6+V4gnNtD7md
dTryUhJgngty9Az/3GUtGQCRefLqLlLTfbMxBRtryoyRYdjYFJK0KanoUFHyF9L9
291d3ooFAX44GhcCckmkGJ4Pqkk0OsW1CB2KkxCPX2zdd7MOYH9KDTfHITNv8PjC
I0OF53QjRXodY1APxbhttdXpk9q9woCVxqTF8V154nQ/rqNLIoV84qbtgn4CArQL
lAL6j2tc9O6DxqpDkCPsv7c39aANdCJuXreElUc2hkVKUy0FpG56YHxeAWwNc768
hKG21FlPd88yhV4xFW9MGhmqDYsy/voKE6GeZtuU3WBboYx02Z7w2tT2MwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFB3P8w11yI7v/v4WQGgr/q7IRz6tMB8GA1UdIwQY
MBaAFE+lzeUk94ENWGi8SasL9mIfRNwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDZYTjVTVDNnUTFZYUx4SnF3djJZaDlFM0NFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9kNjA4OGMtMzExMC00MWUxLWI5OTYt
MzJkNGFkOGY1NmRlLzEvSGNfekRYWElqdV8tX2haQWFDdi1yc2hIUHEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9kNjA4OGMtMzExMC00MWUxLWI5OTYtMzJkNGFkOGY1NmRl
LzEvVDZYTjVTVDNnUTFZYUx4SnF3djJZaDlFM0NFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAufSiMA0E
AgACMAcDBQAqEkRAMA0GCSqGSIb3DQEBCwUAA4IBAQAobyUChsTRBZNntow40bAT
/dlMU1tU8/Onpgetwlu2bTEymyeygYvgFPPfxNYcubczbmBlXeEqLTMvO3S9UEGW
Fxxbfzyp296ipeBaOCtSLVywwuitFaIFzDzmZFNPnRNQdHtq2SRig6uWqlyDc8FK
nJ7EK1RRJU1A+kgRFmgCQ4tMMxo4kMvvOVZ3AVBLeKCwBCvd/PlubzEM3KC2/2aT
/zBA0t8huOhGIk2eYwFpdUOBpWLf/T906O+C4KddTO4BQD8BJ7TjjM7erD74oaKN
WMr0lmofHFmg6Ljq9knuDFlRw40uRSBBbvJRSI7LgAm6ENFNEuQ6ChPr6sKxHT4w
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:54:59 2025 by rpki-client