Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Hf75yUAKveaZwUibsAsPU1p1T7M.roa
File: Hf75yUAKveaZwUibsAsPU1p1T7M.roa (raw, json)
Hash identifier: 1vTn1wH++IOGinJEuSf92CZNUx7axklyWyEv9xraX9A=
Subject key identifier: 1D:FE:F9:C9:40:0A:BD:E6:99:C1:48:9B:B0:0B:0F:53:5A:75:4F:B3
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018C243A7DB1DE9934087AB9BF4A7E804E7E
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Hf75yUAKveaZwUibsAsPU1p1T7M.roa
Signing time: Fri 01 Dec 2023 07:14:22 +0000
ROA not before: Fri 01 Dec 2023 07:14:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211760
IP address blocks: 185.221.67.0/24 maxlen: 24
95.214.26.0/24 maxlen: 24
95.214.25.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:24:3a:7d:b1:de:99:34:08:7a:b9:bf:4a:7e:80:4e:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 1 07:14:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1dfef9c9400abde699c1489bb00b0f535a754fb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:00:e1:6f:5a:9b:7f:44:29:19:1b:7c:d8:43:
09:ee:36:58:c7:c7:b2:c4:81:d5:2f:4f:d4:f1:a6:
04:4e:9f:e3:a2:5d:51:e6:46:d1:94:e2:d0:b4:82:
bf:bf:f9:8e:82:ef:81:9a:44:33:03:b1:b5:7f:3e:
32:5e:07:f3:77:bc:90:aa:48:39:62:88:c9:35:30:
84:0e:9f:23:e8:0f:cd:44:ff:c5:91:01:3e:90:c3:
d8:c3:09:ef:6c:b6:03:96:30:cd:c2:ed:92:70:27:
03:84:db:42:5c:43:7f:28:d3:b0:5d:8c:b0:86:db:
29:8d:85:5c:e0:cb:ee:99:7f:39:cf:b6:9f:ca:67:
76:85:7d:8c:77:e3:1d:28:78:3f:57:5f:0e:17:47:
98:b5:5b:74:e7:d7:3b:98:28:45:b2:33:e6:32:73:
1f:f9:cc:af:73:42:c8:63:5f:2a:ba:cb:b0:59:f2:
a6:61:3b:26:d0:3c:a3:69:aa:10:fa:d9:34:a8:93:
8a:bf:60:d6:d9:23:18:ae:d7:0a:de:29:ed:18:14:
36:d8:c8:b5:47:73:55:ea:11:98:16:d6:4d:f7:11:
ab:26:81:80:9a:34:8f:78:6d:ca:85:04:1f:e3:c7:
4f:82:c6:68:29:15:0c:5a:3f:00:aa:c4:a6:c3:16:
66:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:FE:F9:C9:40:0A:BD:E6:99:C1:48:9B:B0:0B:0F:53:5A:75:4F:B3
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Hf75yUAKveaZwUibsAsPU1p1T7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.25.0-95.214.26.255
185.221.67.0/24
Signature Algorithm: sha256WithRSAEncryption
20:f9:ab:9b:4b:58:b7:a2:02:d5:16:1f:54:e1:dc:b1:dc:11:
b1:43:3e:17:cc:e3:17:41:43:ad:a7:6d:51:88:fb:1f:14:26:
6d:8a:07:3b:7a:dc:e6:11:01:dc:02:db:c8:89:af:1f:bb:20:
3c:b0:86:f9:58:70:0e:b8:e7:8b:16:4b:e9:6c:6d:0b:1b:75:
72:82:25:21:45:d3:54:90:35:40:dc:3d:08:93:1f:7d:6e:42:
52:55:2d:bb:80:dc:7a:a8:2f:6f:98:5c:2e:91:46:fa:33:60:
f1:df:cd:49:a2:37:99:b6:03:9b:7c:59:de:73:51:a4:c1:3c:
d7:83:d8:6d:60:4b:ff:e2:32:41:e2:65:18:76:1f:cf:5d:e4:
d8:fd:2a:c9:48:6a:f1:64:c0:79:89:a5:bc:78:12:0d:cc:e8:
66:2e:9f:ea:6e:bc:75:81:f2:35:b6:b1:3a:34:bb:80:44:02:
84:e3:89:27:92:3e:17:50:9e:d4:ec:eb:2b:67:4e:83:b7:a9:
51:af:41:72:52:4d:64:be:3a:3c:66:d5:b6:95:5b:1a:fe:e4:
b3:c9:dc:28:e5:c8:c3:b4:71:bd:76:53:b2:1c:10:92:8d:cf:
00:eb:b4:18:83:a3:35:78:f1:7a:f1:98:21:ed:09:21:bf:fa:
ba:88:46:22
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYwkOn2x3pk0CHq5v0p+gE5+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMjAxMDcxNDIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGZlZjljOTQwMGFiZGU2OTljMTQ4OWJiMDBiMGY1MzVhNzU0ZmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogDhb1qbf0QpGRt82EMJ7jZYx8ey
xIHVL0/U8aYETp/jol1R5kbRlOLQtIK/v/mOgu+BmkQzA7G1fz4yXgfzd7yQqkg5
YojJNTCEDp8j6A/NRP/FkQE+kMPYwwnvbLYDljDNwu2ScCcDhNtCXEN/KNOwXYyw
htspjYVc4MvumX85z7afymd2hX2Md+MdKHg/V18OF0eYtVt059c7mChFsjPmMnMf
+cyvc0LIY18qusuwWfKmYTsm0DyjaaoQ+tk0qJOKv2DW2SMYrtcK3intGBQ22Mi1
R3NV6hGYFtZN9xGrJoGAmjSPeG3KhQQf48dPgsZoKRUMWj8AqsSmwxZmAwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFB3++clACr3mmcFIm7ALD1NadU+zMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvSGY3NXlVQUt2ZWFad1VpYnNBc1BVMXAxVDdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABf1hkD
BABf1hoDBAC53UMwDQYJKoZIhvcNAQELBQADggEBACD5q5tLWLeiAtUWH1Th3LHc
EbFDPhfM4xdBQ62nbVGI+x8UJm2KBzt63OYRAdwC28iJrx+7IDywhvlYcA6454sW
S+lsbQsbdXKCJSFF01SQNUDcPQiTH31uQlJVLbuA3HqoL2+YXC6RRvozYPHfzUmi
N5m2A5t8Wd5zUaTBPNeD2G1gS//iMkHiZRh2H89d5Nj9KslIavFkwHmJpbx4Eg3M
6GYun+puvHWB8jW2sTo0u4BEAoTjiSeSPhdQntTs6ytnToO3qVGvQXJSTWS+Ojxm
1baVWxr+5LPJ3CjlyMO0cb12U7IcEJKNzwDrtBiDozV48XrxmCHtCSG/+rqIRiI=
-----END CERTIFICATE-----
Generated at Tue May 13 19:05:43 2025 by rpki-client