Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/c5bef7-25b3-4463-b3bf-57a951f49930/1/xzuhzlmBN3-oIR9mWF98AxJHytI.roa
File: xzuhzlmBN3-oIR9mWF98AxJHytI.roa (raw, json)
Hash identifier: dUgfwC93eCBd69B9+hLXokzQuh9qtOjpElw0dFWcP1g=
Subject key identifier: C7:3B:A1:CE:59:81:37:7F:A8:21:1F:66:58:5F:7C:03:12:47:CA:D2
Certificate issuer: /CN=1c233eee624c192c6c7dada1432de0b9e78b09ba
Certificate serial: 0DD6EE53
Authority key identifier: 1C:23:3E:EE:62:4C:19:2C:6C:7D:AD:A1:43:2D:E0:B9:E7:8B:09:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HCM-7mJMGSxsfa2hQy3gueeLCbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/c5bef7-25b3-4463-b3bf-57a951f49930/1/xzuhzlmBN3-oIR9mWF98AxJHytI.roa
Signing time: Sat 01 Jan 2022 09:01:51 +0000
ROA not before: Sat 01 Jan 2022 09:01:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1299
IP address blocks: 185.146.204.0/22 maxlen: 32
185.74.216.0/22 maxlen: 32
5.154.160.0/22 maxlen: 32
5.154.160.0/21 maxlen: 32
185.192.28.0/22 maxlen: 32
5.154.164.0/22 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 232189523 (0xdd6ee53)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c233eee624c192c6c7dada1432de0b9e78b09ba
Validity
Not Before: Jan 1 09:01:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c73ba1ce5981377fa8211f66585f7c031247cad2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:7a:23:f5:dd:af:02:e7:87:8b:c8:7b:ee:68:
00:0a:44:62:cb:97:6c:4f:06:b2:0f:e0:24:8a:84:
f0:11:a6:ae:34:b8:85:c8:a9:f6:63:9d:92:c8:ef:
e9:64:f5:f6:ec:6c:cd:e0:20:d1:26:be:73:50:51:
c3:72:df:5b:e3:0a:3d:67:e9:5d:2c:06:38:70:39:
94:a7:20:57:72:71:ef:4b:cf:02:c3:75:31:b1:d9:
51:a3:03:91:de:a9:16:ee:44:fd:82:87:bf:12:91:
8a:85:a3:38:f3:fb:9f:b0:60:75:50:d6:a0:d6:5b:
1d:bd:9c:b7:e3:28:4c:1b:1a:22:2c:84:2a:39:e4:
95:1b:a4:c6:f5:cc:b5:6c:2b:1a:50:b2:ff:b9:e6:
5e:6a:e7:ea:13:73:08:36:14:59:19:43:4b:24:07:
bf:cf:86:39:a3:ef:9b:4d:25:cb:35:e1:fc:43:f2:
37:9a:5b:8d:a6:fd:a3:50:9b:62:e8:9a:85:00:1f:
7e:24:d9:04:6f:c5:3f:d8:43:15:fa:01:ad:8d:b7:
24:f2:11:24:3f:80:bf:70:67:e9:a9:9f:4c:0e:9e:
a8:aa:3e:d3:7e:87:5c:67:25:92:6f:b8:93:2f:4e:
c1:5d:86:c4:15:10:79:4b:a4:8f:55:95:8e:23:a2:
f6:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:3B:A1:CE:59:81:37:7F:A8:21:1F:66:58:5F:7C:03:12:47:CA:D2
X509v3 Authority Key Identifier:
keyid:1C:23:3E:EE:62:4C:19:2C:6C:7D:AD:A1:43:2D:E0:B9:E7:8B:09:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HCM-7mJMGSxsfa2hQy3gueeLCbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/c5bef7-25b3-4463-b3bf-57a951f49930/1/xzuhzlmBN3-oIR9mWF98AxJHytI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/c5bef7-25b3-4463-b3bf-57a951f49930/1/HCM-7mJMGSxsfa2hQy3gueeLCbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.160.0/21
185.74.216.0/22
185.146.204.0/22
185.192.28.0/22
Signature Algorithm: sha256WithRSAEncryption
50:61:2f:10:80:bf:e3:55:dc:c4:3e:86:53:da:cb:65:e5:e8:
bc:59:c6:15:c3:05:4e:b2:3e:77:d0:ac:ec:d4:9c:12:18:9e:
22:93:6e:a4:aa:a6:2b:40:60:a8:6c:11:d9:c3:89:6b:64:46:
fb:58:44:c2:00:41:2b:59:b6:52:f6:f7:55:f9:a0:a4:c8:7e:
46:c4:1f:78:a3:f8:d5:ab:a9:58:ee:bf:ed:fa:96:58:8e:ba:
a8:7b:53:86:16:8d:39:04:34:f2:88:d3:fb:45:24:94:21:c4:
e8:a5:a7:d7:0a:c8:c9:c5:fb:03:fb:23:1e:88:d9:78:aa:c2:
49:7e:94:1a:39:88:37:ea:41:ca:fe:58:c1:f1:12:4b:60:8c:
da:91:9e:6f:14:4f:1d:fa:ff:11:11:d9:73:d6:fb:55:11:a3:
c0:00:6f:fa:25:2e:3b:d5:79:ec:09:a7:d6:e7:50:df:17:65:
52:00:35:d8:11:ae:ac:c1:c6:cd:34:65:06:b5:f4:e9:43:ca:
c3:a4:49:63:7a:3e:e0:99:ec:a6:a9:a1:e4:42:37:eb:5c:2a:
11:fe:5e:ec:35:d5:48:c7:b5:b9:29:58:c4:d1:05:2c:41:a0:
71:80:9f:13:72:e8:be:cb:a6:6d:34:f4:36:4c:c4:02:a7:a5:
51:e6:9c:a0
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEDdbuUzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YzIzM2VlZTYyNGMxOTJjNmM3ZGFkYTE0MzJkZTBiOWU3OGIwOWJhMB4XDTIyMDEw
MTA5MDE1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzczYmExY2U1OTgx
Mzc3ZmE4MjExZjY2NTg1ZjdjMDMxMjQ3Y2FkMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK56I/XdrwLnh4vIe+5oAApEYsuXbE8Gsg/gJIqE8BGmrjS4
hcip9mOdksjv6WT19uxszeAg0Sa+c1BRw3LfW+MKPWfpXSwGOHA5lKcgV3Jx70vP
AsN1MbHZUaMDkd6pFu5E/YKHvxKRioWjOPP7n7BgdVDWoNZbHb2ct+MoTBsaIiyE
KjnklRukxvXMtWwrGlCy/7nmXmrn6hNzCDYUWRlDSyQHv8+GOaPvm00lyzXh/EPy
N5pbjab9o1CbYuiahQAffiTZBG/FP9hDFfoBrY23JPIRJD+Av3Bn6amfTA6eqKo+
036HXGclkm+4ky9OwV2GxBUQeUukj1WVjiOi9iMCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBTHO6HOWYE3f6ghH2ZYX3wDEkfK0jAfBgNVHSMEGDAWgBQcIz7uYkwZLGx9
raFDLeC554sJujAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hDTS03bUpNR1N4c2ZhMmhReTNndWVlTENiby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTYvYzViZWY3LTI1YjMtNDQ2My1iM2JmLTU3YTk1MWY0OTkzMC8x
L3h6dWh6bG1CTjMtb0lSOW1XRjk4QXhKSHl0SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTYv
YzViZWY3LTI1YjMtNDQ2My1iM2JmLTU3YTk1MWY0OTkzMC8xL0hDTS03bUpNR1N4
c2ZhMmhReTNndWVlTENiby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAwWaoAMEArlK2AMEArmSzAMEArnA
HDANBgkqhkiG9w0BAQsFAAOCAQEAUGEvEIC/41XcxD6GU9rLZeXovFnGFcMFTrI+
d9Cs7NScEhieIpNupKqmK0BgqGwR2cOJa2RG+1hEwgBBK1m2Uvb3VfmgpMh+RsQf
eKP41aupWO6/7fqWWI66qHtThhaNOQQ08ojT+0UklCHE6KWn1wrIycX7A/sjHojZ
eKrCSX6UGjmIN+pByv5YwfESS2CM2pGebxRPHfr/ERHZc9b7VRGjwABv+iUuO9V5
7Amn1udQ3xdlUgA12BGurMHGzTRlBrX06UPKw6RJY3o+4Jnspqmh5EI361wqEf5e
7DXVSMe1uSlYxNEFLEGgcYCfE3LovsumbTT0NkzEAqelUeacoA==
-----END CERTIFICATE-----
Generated at Wed Apr 30 11:48:28 2025 by rpki-client