Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/H9HkSYiLzx01voV0ZuRnGdfUjSM.roa
File: H9HkSYiLzx01voV0ZuRnGdfUjSM.roa (raw, json)
Hash identifier: 5wCxIzIo831mUc6Rb9VIbgnMgaHVt0fSV3Ltwi3lyTY=
Subject key identifier: 1F:D1:E4:49:88:8B:CF:1D:35:BE:85:74:66:E4:67:19:D7:D4:8D:23
Certificate issuer: /CN=d5637692ff5c45486d1053b149dc1420026cd733
Certificate serial: 018B850E1BAF6B881C8C744FBF31B191E4C8
Authority key identifier: D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/H9HkSYiLzx01voV0ZuRnGdfUjSM.roa
Signing time: Tue 31 Oct 2023 09:26:16 +0000
ROA not before: Tue 31 Oct 2023 09:26:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.149.92.0/23 maxlen: 24
80.246.229.0/24 maxlen: 24
80.246.231.0/24 maxlen: 24
80.246.232.0/24 maxlen: 24
80.246.233.0/24 maxlen: 24
80.246.236.0/24 maxlen: 24
80.246.236.0/22 maxlen: 24
80.246.237.0/24 maxlen: 24
80.246.238.0/24 maxlen: 24
80.246.239.0/24 maxlen: 24
80.246.234.0/24 maxlen: 24
80.246.235.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:85:0e:1b:af:6b:88:1c:8c:74:4f:bf:31:b1:91:e4:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5637692ff5c45486d1053b149dc1420026cd733
Validity
Not Before: Oct 31 09:26:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1fd1e449888bcf1d35be857466e46719d7d48d23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:bf:3f:93:33:33:7a:af:37:35:2d:8d:9e:08:
67:4c:b8:e2:19:86:38:a9:03:bf:c0:d6:65:f5:4a:
29:78:a0:a8:6a:b1:fc:32:5e:55:32:12:ff:be:b9:
7f:85:2c:b5:fe:fd:96:7d:f8:0e:98:67:7d:f5:4a:
e5:33:4a:b5:0d:0e:cb:90:8e:0d:5d:e4:0c:56:00:
0b:31:8d:15:87:e8:dd:89:3d:aa:72:77:c2:c0:13:
50:f0:e6:5c:80:31:0d:94:5b:b6:79:71:89:b8:1f:
07:59:15:3a:8f:9b:25:4b:5c:a8:c0:08:1c:04:c9:
46:55:0d:b1:49:35:57:b3:50:dc:c4:9a:84:81:d6:
7b:fc:ff:e1:17:9f:48:09:bd:24:89:d1:a8:1e:71:
59:f4:e8:ff:31:35:24:2b:f9:2c:f9:1f:cf:7e:0b:
29:9d:b7:2b:77:42:46:82:09:11:07:d4:d9:5e:80:
7c:e7:03:0e:ba:29:48:94:42:de:1a:e1:3c:ad:ee:
33:61:80:6c:8a:a3:dc:f8:74:bb:6b:31:0a:54:1c:
94:6d:ba:81:ee:b0:61:c2:61:59:90:1a:29:e3:bc:
f8:cb:19:7c:ba:e3:6f:82:12:a5:ef:3a:31:9d:3f:
0f:07:e1:33:e0:75:dc:45:93:30:a4:c8:a7:f3:90:
11:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:D1:E4:49:88:8B:CF:1D:35:BE:85:74:66:E4:67:19:D7:D4:8D:23
X509v3 Authority Key Identifier:
keyid:D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/H9HkSYiLzx01voV0ZuRnGdfUjSM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/1WN2kv9cRUhtEFOxSdwUIAJs1zM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.92.0/23
80.246.229.0/24
80.246.231.0-80.246.239.255
Signature Algorithm: sha256WithRSAEncryption
39:0d:55:6e:9e:20:5b:2a:c1:ef:6b:c7:96:ee:88:3c:fd:84:
8c:29:6f:49:c2:c9:30:0a:d8:dc:03:48:f5:5a:2e:4b:62:76:
4a:26:7d:39:87:5a:36:22:b2:37:b0:9b:83:eb:db:7b:a8:2b:
91:af:36:79:ff:ed:59:97:c7:ca:0b:13:c3:48:02:5f:5a:31:
bc:40:f1:07:1a:a9:7f:8a:eb:29:e3:fa:04:c4:e4:63:c8:ca:
a2:a6:9a:0b:bf:dd:ba:90:52:ab:89:cb:5f:6d:d2:4e:8c:70:
51:3c:a2:1d:99:71:11:fc:47:cc:a1:92:80:fe:97:30:f6:68:
f2:e0:d3:fb:62:78:71:19:3f:6c:9f:50:64:d9:a0:f8:b5:0b:
b6:d3:7b:47:d9:8f:e1:30:2c:93:50:38:4b:e9:51:bf:ff:a4:
a2:74:9d:94:9a:bd:fd:c6:f1:24:03:6d:2f:43:1b:36:85:c0:
c3:cf:6e:bc:77:b1:2d:25:fc:5b:84:2e:4b:3a:12:c8:80:ee:
35:69:67:ec:ed:25:87:58:ee:ac:3c:2a:34:41:10:1f:e7:ed:
e1:11:df:22:c9:85:36:3d:70:12:4a:64:ad:b6:49:29:ec:a9:
ca:fe:c9:19:60:5e:fc:28:32:87:2b:b8:5a:ba:76:34:db:60:
b5:f8:a3:f9
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYuFDhuva4gcjHRPvzGxkeTIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NjM3NjkyZmY1YzQ1NDg2ZDEwNTNiMTQ5ZGMxNDIwMDI2
Y2Q3MzMwHhcNMjMxMDMxMDkyNjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmQxZTQ0OTg4OGJjZjFkMzViZTg1NzQ2NmU0NjcxOWQ3ZDQ4ZDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr78/kzMzeq83NS2NnghnTLjiGYY4
qQO/wNZl9UopeKCoarH8Ml5VMhL/vrl/hSy1/v2WffgOmGd99UrlM0q1DQ7LkI4N
XeQMVgALMY0Vh+jdiT2qcnfCwBNQ8OZcgDENlFu2eXGJuB8HWRU6j5slS1yowAgc
BMlGVQ2xSTVXs1DcxJqEgdZ7/P/hF59ICb0kidGoHnFZ9Oj/MTUkK/ks+R/Pfgsp
nbcrd0JGggkRB9TZXoB85wMOuilIlELeGuE8re4zYYBsiqPc+HS7azEKVByUbbqB
7rBhwmFZkBop47z4yxl8uuNvghKl7zoxnT8PB+Ez4HXcRZMwpMin85ARzQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFB/R5EmIi88dNb6FdGbkZxnX1I0jMB8GA1UdIwQY
MBaAFNVjdpL/XEVIbRBTsUncFCACbNczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDkt
YWRlYWRlMjg2NWMxLzEvSDlIa1NZaUx6eDAxdm9WMFp1Um5HZGZValNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDktYWRlYWRlMjg2NWMx
LzEvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBLZVcAwQA
UPblMAwDBABQ9ucDBARQ9uAwDQYJKoZIhvcNAQELBQADggEBADkNVW6eIFsqwe9r
x5buiDz9hIwpb0nCyTAK2NwDSPVaLktidkomfTmHWjYisjewm4Pr23uoK5GvNnn/
7VmXx8oLE8NIAl9aMbxA8QcaqX+K6ynj+gTE5GPIyqKmmgu/3bqQUquJy19t0k6M
cFE8oh2ZcRH8R8yhkoD+lzD2aPLg0/tieHEZP2yfUGTZoPi1C7bTe0fZj+EwLJNQ
OEvpUb//pKJ0nZSavf3G8SQDbS9DGzaFwMPPbrx3sS0l/FuELks6EsiA7jVpZ+zt
JYdY7qw8KjRBEB/n7eER3yLJhTY9cBJKZK22SSnsqcr+yRlgXvwoMocruFq6djTb
YLX4o/k=
-----END CERTIFICATE-----
Generated at Fri May 2 17:19:34 2025 by rpki-client