Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/4c2b68-818b-4902-b42f-6fcaf2729be5/1/HKBEAq35DJ1FGzgZDWm6l-i4wgY.roa
File: HKBEAq35DJ1FGzgZDWm6l-i4wgY.roa (raw, json)
Hash identifier: IEj5aVklQRKsl9o4wnMYBHSnAvE6HgXVyNjjTXmXWP4=
Subject key identifier: 1C:A0:44:02:AD:F9:0C:9D:45:1B:38:19:0D:69:BA:97:E8:B8:C2:06
Certificate issuer: /CN=a097d6a2cf42880dbebf42a3251907a21c91a4a5
Certificate serial: 018572E80390ACDA59A3C9DC7E95233D2419
Authority key identifier: A0:97:D6:A2:CF:42:88:0D:BE:BF:42:A3:25:19:07:A2:1C:91:A4:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oJfWos9CiA2-v0KjJRkHohyRpKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/4c2b68-818b-4902-b42f-6fcaf2729be5/1/HKBEAq35DJ1FGzgZDWm6l-i4wgY.roa
Signing time: Mon 02 Jan 2023 14:34:45 +0000
ROA not before: Mon 02 Jan 2023 14:34:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50563
IP address blocks: 45.8.77.0/24 maxlen: 24
45.8.78.0/24 maxlen: 24
45.8.78.0/23 maxlen: 23
45.8.76.0/24 maxlen: 24
45.8.76.0/23 maxlen: 23
45.8.76.0/22 maxlen: 22
45.8.79.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:e8:03:90:ac:da:59:a3:c9:dc:7e:95:23:3d:24:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a097d6a2cf42880dbebf42a3251907a21c91a4a5
Validity
Not Before: Jan 2 14:34:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1ca04402adf90c9d451b38190d69ba97e8b8c206
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c5:0f:dc:9f:a6:30:b6:54:47:cd:a8:4a:04:
96:10:18:fd:e4:28:ed:35:0a:d2:cc:27:1e:fa:ac:
47:c6:66:07:91:fc:3d:ef:86:63:71:9c:4b:dd:e8:
1c:3d:54:0d:23:fe:a8:fe:f1:e6:24:71:2b:3c:ca:
bb:18:b2:03:2e:85:a9:a3:bd:81:91:9d:e0:69:4e:
76:55:43:8c:3f:0e:e4:f9:09:8f:f7:a6:b4:bb:75:
48:61:c6:d5:95:1a:19:4f:02:b8:7c:e6:9b:f2:68:
ec:26:55:4a:e7:09:76:89:c3:dc:e4:2f:05:2f:92:
10:21:2e:4e:03:b6:c3:83:46:5f:4b:27:23:52:46:
54:ec:fc:f3:d0:62:78:a4:0e:a4:a2:0c:d7:cb:87:
e3:d4:e5:0e:8e:4a:56:6f:62:0e:fb:96:2f:0b:08:
e7:45:13:63:4f:28:eb:1c:7a:c5:9f:db:5e:d5:47:
18:e4:fb:6a:39:18:01:a3:ba:f5:f5:65:1b:f1:43:
bf:56:64:05:3c:90:b7:22:c1:ec:9a:3c:53:50:30:
e6:4a:e3:3e:47:19:0a:98:21:ac:ca:a4:06:6b:e3:
8f:4c:1f:54:b0:03:f3:49:01:d0:93:59:58:a0:b4:
ea:39:31:5c:98:35:f0:03:9d:8c:32:5c:13:00:a6:
47:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:A0:44:02:AD:F9:0C:9D:45:1B:38:19:0D:69:BA:97:E8:B8:C2:06
X509v3 Authority Key Identifier:
keyid:A0:97:D6:A2:CF:42:88:0D:BE:BF:42:A3:25:19:07:A2:1C:91:A4:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oJfWos9CiA2-v0KjJRkHohyRpKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/4c2b68-818b-4902-b42f-6fcaf2729be5/1/HKBEAq35DJ1FGzgZDWm6l-i4wgY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/4c2b68-818b-4902-b42f-6fcaf2729be5/1/oJfWos9CiA2-v0KjJRkHohyRpKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.76.0/22
Signature Algorithm: sha256WithRSAEncryption
68:c9:61:81:85:eb:22:14:e0:7d:a9:8a:ac:36:30:55:3f:3a:
39:3e:02:86:0b:b8:63:41:2f:ba:85:29:4a:fe:ff:e9:9f:e2:
4e:5c:62:ef:0f:be:25:de:dc:d9:1a:c3:4a:de:41:2d:c1:f6:
64:df:9d:66:ca:5f:95:25:90:4c:2d:7f:f8:5f:f1:c9:ba:13:
4c:94:ff:7a:a5:a4:60:7d:d5:8e:28:9d:58:1c:67:e2:4c:aa:
00:46:44:9d:09:c3:d2:84:29:99:e7:0b:bd:9a:bf:af:5c:96:
c0:86:d6:bb:23:e4:57:8f:91:ee:34:8e:5e:a2:fa:5f:ef:8d:
88:c3:3b:eb:0a:4c:cd:45:00:44:27:79:8d:83:d7:b6:fe:bd:
5f:7e:df:a1:00:9b:16:4b:a3:4d:5a:39:54:84:da:6d:8b:e8:
e1:88:4d:0a:38:e8:6a:33:71:db:bd:a3:42:d4:d7:e0:97:08:
21:4a:df:b3:4e:f0:62:19:d2:c5:f4:15:6f:a6:c6:eb:45:77:
44:a7:80:9f:9f:ca:bf:f1:36:65:16:b0:a5:d3:ee:9a:a6:ae:
87:bd:92:c6:e1:8b:b9:55:cd:35:a9:95:b2:00:cd:4b:18:9e:
65:af:41:a8:11:8c:e4:a2:4f:68:88:af:31:5b:21:1b:11:2d:
ec:90:94:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVy6AOQrNpZo8ncfpUjPSQZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwOTdkNmEyY2Y0Mjg4MGRiZWJmNDJhMzI1MTkwN2EyMWM5
MWE0YTUwHhcNMjMwMTAyMTQzNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2EwNDQwMmFkZjkwYzlkNDUxYjM4MTkwZDY5YmE5N2U4YjhjMjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMUP3J+mMLZUR82oSgSWEBj95Cjt
NQrSzCce+qxHxmYHkfw974ZjcZxL3egcPVQNI/6o/vHmJHErPMq7GLIDLoWpo72B
kZ3gaU52VUOMPw7k+QmP96a0u3VIYcbVlRoZTwK4fOab8mjsJlVK5wl2icPc5C8F
L5IQIS5OA7bDg0ZfSycjUkZU7Pzz0GJ4pA6kogzXy4fj1OUOjkpWb2IO+5YvCwjn
RRNjTyjrHHrFn9te1UcY5PtqORgBo7r19WUb8UO/VmQFPJC3IsHsmjxTUDDmSuM+
RxkKmCGsyqQGa+OPTB9UsAPzSQHQk1lYoLTqOTFcmDXwA52MMlwTAKZHPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBygRAKt+QydRRs4GQ1pupfouMIGMB8GA1UdIwQY
MBaAFKCX1qLPQogNvr9CoyUZB6IckaSlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0pmV29zOUNpQTItdjBLakpSa0hvaHlScEtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS80YzJiNjgtODE4Yi00OTAyLWI0MmYt
NmZjYWYyNzI5YmU1LzEvSEtCRUFxMzVESjFGR3pnWkRXbTZsLWk0d2dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS80YzJiNjgtODE4Yi00OTAyLWI0MmYtNmZjYWYyNzI5YmU1
LzEvb0pmV29zOUNpQTItdjBLakpSa0hvaHlScEtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQhMMA0G
CSqGSIb3DQEBCwUAA4IBAQBoyWGBhesiFOB9qYqsNjBVPzo5PgKGC7hjQS+6hSlK
/v/pn+JOXGLvD74l3tzZGsNK3kEtwfZk351myl+VJZBMLX/4X/HJuhNMlP96paRg
fdWOKJ1YHGfiTKoARkSdCcPShCmZ5wu9mr+vXJbAhta7I+RXj5HuNI5eovpf742I
wzvrCkzNRQBEJ3mNg9e2/r1fft+hAJsWS6NNWjlUhNpti+jhiE0KOOhqM3HbvaNC
1NfglwghSt+zTvBiGdLF9BVvpsbrRXdEp4Cfn8q/8TZlFrCl0+6apq6HvZLG4Yu5
Vc01qZWyAM1LGJ5lr0GoEYzkok9oiK8xWyEbES3skJT+
-----END CERTIFICATE-----
Generated at Sat Apr 19 01:34:13 2025 by rpki-client