Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/HEJZV3ywoHoD0hfWI0wWaddVMzM.roa
File: HEJZV3ywoHoD0hfWI0wWaddVMzM.roa (raw, json)
Hash identifier: sHKW2kfJBexmif1JCTOXKcH96JYyZ+PczFGZaFwjt6E=
Subject key identifier: 1C:42:59:57:7C:B0:A0:7A:03:D2:17:D6:23:4C:16:69:D7:55:33:33
Certificate issuer: /CN=d3d56f07be184cba52f6fdc049e8114d2616c32a
Certificate serial: 0A43491D
Authority key identifier: D3:D5:6F:07:BE:18:4C:BA:52:F6:FD:C0:49:E8:11:4D:26:16:C3:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/09VvB74YTLpS9v3ASegRTSYWwyo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/HEJZV3ywoHoD0hfWI0wWaddVMzM.roa
Signing time: Sat 01 Jan 2022 15:03:26 +0000
ROA not before: Sat 01 Jan 2022 15:03:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62047
IP address blocks: 176.126.57.0/24 maxlen: 24
176.126.59.0/24 maxlen: 24
178.216.40.0/21 maxlen: 21
2001:7f8:5b::/48 maxlen: 48
2001:67c:778::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 172181789 (0xa43491d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3d56f07be184cba52f6fdc049e8114d2616c32a
Validity
Not Before: Jan 1 15:03:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1c4259577cb0a07a03d217d6234c1669d7553333
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:93:67:c6:88:50:3c:4f:f3:9d:ae:e8:ca:c3:
40:90:da:6e:7d:25:75:00:de:73:1d:fc:52:ce:5b:
40:95:3a:15:6c:8d:7c:56:89:8d:61:31:61:0b:af:
36:92:19:9f:20:d0:70:c4:8d:9e:53:66:58:ee:d9:
e5:ad:b8:4c:33:f9:22:e8:fe:7e:57:e0:e8:40:f0:
ef:09:de:8d:87:db:bc:71:2a:74:c7:78:45:21:6e:
56:9d:11:4b:c3:b8:74:6b:ec:03:67:d8:a1:f1:12:
ac:40:73:c6:1c:91:ae:13:5f:98:0d:ee:2f:b6:5c:
ce:47:6b:72:de:45:2d:7e:a9:78:5c:41:31:3b:6a:
02:e0:aa:21:e2:5d:fb:2f:b6:c4:51:be:3b:da:04:
bb:5f:03:d8:1a:ea:e1:77:32:e8:87:db:01:f6:cf:
76:2f:7a:8a:0e:31:96:ed:1f:09:0d:46:26:81:9d:
08:0b:f2:32:fa:d5:e3:62:df:70:74:d3:46:68:2c:
e5:db:56:ff:05:5e:8d:fb:90:8b:85:19:dd:76:0e:
35:e8:ee:ca:18:51:b1:73:62:9b:8e:5d:b8:b3:f8:
39:34:9f:1f:5b:5d:55:28:1b:a8:ea:49:97:25:21:
8b:d5:a0:c0:28:83:39:0c:ad:48:73:24:83:cf:48:
08:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:42:59:57:7C:B0:A0:7A:03:D2:17:D6:23:4C:16:69:D7:55:33:33
X509v3 Authority Key Identifier:
keyid:D3:D5:6F:07:BE:18:4C:BA:52:F6:FD:C0:49:E8:11:4D:26:16:C3:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/09VvB74YTLpS9v3ASegRTSYWwyo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/HEJZV3ywoHoD0hfWI0wWaddVMzM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/09VvB74YTLpS9v3ASegRTSYWwyo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.126.57.0/24
176.126.59.0/24
178.216.40.0/21
IPv6:
2001:67c:778::/48
2001:7f8:5b::/48
Signature Algorithm: sha256WithRSAEncryption
46:5f:fb:4c:84:70:3c:d7:49:48:a8:a4:2b:94:1f:a5:7c:7e:
9e:cc:64:a4:05:97:2b:0b:29:70:7d:50:cf:a4:cc:40:d0:d1:
a3:8c:40:ca:0a:02:dc:d8:f3:59:29:ef:b3:ee:74:cd:e4:4a:
a8:00:35:69:0b:ea:36:e4:ca:98:2e:fd:c8:98:89:c9:93:e7:
a8:09:ee:4e:d1:3b:dd:a7:2e:db:6e:42:eb:65:90:e5:61:bd:
14:5c:59:c0:14:c5:95:7f:53:f0:e7:13:06:aa:dc:d2:f8:0a:
7b:a9:23:dc:3f:3d:61:3a:16:77:32:ec:b5:2c:78:b7:8e:98:
54:3e:94:c9:4b:bc:8b:9a:75:4c:7b:66:15:b1:2a:8f:c4:a5:
9b:c5:cf:90:07:aa:48:38:35:48:f9:c3:e7:bf:c6:e8:2e:22:
ab:e9:dc:0c:6b:a5:a8:f2:a4:ef:55:b1:27:2c:3e:ab:37:f0:
35:af:36:a3:00:87:33:c7:47:18:f1:89:30:3c:c8:e9:ba:fb:
25:12:01:13:13:99:c2:d1:33:12:89:06:af:a4:80:1b:69:32:
7a:03:ca:b2:3c:e2:38:af:04:b3:dd:0e:89:68:cd:9a:28:6d:
f6:85:97:06:5f:d4:6f:7e:84:12:c7:7e:58:3d:ad:fe:b5:db:
21:24:5e:be
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgIECkNJHTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
M2Q1NmYwN2JlMTg0Y2JhNTJmNmZkYzA0OWU4MTE0ZDI2MTZjMzJhMB4XDTIyMDEw
MTE1MDMyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWM0MjU5NTc3Y2Iw
YTA3YTAzZDIxN2Q2MjM0YzE2NjlkNzU1MzMzMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI+TZ8aIUDxP852u6MrDQJDabn0ldQDecx38Us5bQJU6FWyN
fFaJjWExYQuvNpIZnyDQcMSNnlNmWO7Z5a24TDP5Iuj+flfg6EDw7wnejYfbvHEq
dMd4RSFuVp0RS8O4dGvsA2fYofESrEBzxhyRrhNfmA3uL7Zczkdrct5FLX6peFxB
MTtqAuCqIeJd+y+2xFG+O9oEu18D2Brq4Xcy6IfbAfbPdi96ig4xlu0fCQ1GJoGd
CAvyMvrV42LfcHTTRmgs5dtW/wVejfuQi4UZ3XYONejuyhhRsXNim45duLP4OTSf
H1tdVSgbqOpJlyUhi9WgwCiDOQytSHMkg89ICDsCAwEAAaOCAi8wggIrMB0GA1Ud
DgQWBBQcQllXfLCgegPSF9YjTBZp11UzMzAfBgNVHSMEGDAWgBTT1W8HvhhMulL2
/cBJ6BFNJhbDKjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzA5VnZCNzRZVExwUzl2M0FTZWdSVFNZV3d5by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmQvNTc4NmFiLTA2N2UtNDQwYy1iMjc2LTFiMDZkMWM3MDRjMS8x
L0hFSlpWM3l3b0hvRDBoZldJMHdXYWRkVk16TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmQv
NTc4NmFiLTA2N2UtNDQwYy1iMjc2LTFiMDZkMWM3MDRjMS8xLzA5VnZCNzRZVExw
Uzl2M0FTZWdSVFNZV3d5by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBF
BggrBgEFBQcBBwEB/wQ2MDQwGAQCAAEwEgMEALB+OQMEALB+OwMEA7LYKDAYBAIA
AjASAwcAIAEGfAd4AwcAIAEH+ABbMA0GCSqGSIb3DQEBCwUAA4IBAQBGX/tMhHA8
10lIqKQrlB+lfH6ezGSkBZcrCylwfVDPpMxA0NGjjEDKCgLc2PNZKe+z7nTN5Eqo
ADVpC+o25MqYLv3ImInJk+eoCe5O0Tvdpy7bbkLrZZDlYb0UXFnAFMWVf1Pw5xMG
qtzS+Ap7qSPcPz1hOhZ3Muy1LHi3jphUPpTJS7yLmnVMe2YVsSqPxKWbxc+QB6pI
ODVI+cPnv8boLiKr6dwMa6Wo8qTvVbEnLD6rN/A1rzajAIczx0cY8YkwPMjpuvsl
EgETE5nC0TMSiQavpIAbaTJ6A8qyPOI4rwSz3Q6JaM2aKG32hZcGX9RvfoQSx35Y
Pa3+tdshJF6+
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:58:30 2025 by rpki-client