Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/d5df03-b5ee-4bf7-aedf-8d8e9ea14325/1/grHANOVycYy3GbLbe41zRt9_hds.roa
File: grHANOVycYy3GbLbe41zRt9_hds.roa (raw, json)
Hash identifier: frOZrf0LcQSB28vD6ZFcZzf675O4UvDxpil5lgC6ewM=
Subject key identifier: 82:B1:C0:34:E5:72:71:8C:B7:19:B2:DB:7B:8D:73:46:DF:7F:85:DB
Certificate issuer: /CN=d2ae5e338794e60d5d8b523bdb2b68ec4ac762ce
Certificate serial: 01856B37A58E812EC93AB6DB0329EEC686F8
Authority key identifier: D2:AE:5E:33:87:94:E6:0D:5D:8B:52:3B:DB:2B:68:EC:4A:C7:62:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0q5eM4eU5g1di1I72yto7ErHYs4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/d5df03-b5ee-4bf7-aedf-8d8e9ea14325/1/grHANOVycYy3GbLbe41zRt9_hds.roa
Signing time: Sun 01 Jan 2023 02:44:47 +0000
ROA not before: Sun 01 Jan 2023 02:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35499
IP address blocks: 45.66.124.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:37:a5:8e:81:2e:c9:3a:b6:db:03:29:ee:c6:86:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2ae5e338794e60d5d8b523bdb2b68ec4ac762ce
Validity
Not Before: Jan 1 02:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=82b1c034e572718cb719b2db7b8d7346df7f85db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:48:80:ec:42:f3:94:e7:61:4f:97:fa:93:ba:
f9:d4:f8:9e:8a:f6:76:25:a3:a0:74:8f:43:08:d4:
7c:7e:cd:78:71:7a:57:1f:12:02:2d:08:67:1d:5a:
42:10:e9:d5:07:40:a3:05:f3:14:3a:31:ca:c8:94:
08:d4:5f:29:99:47:02:cf:7a:65:e1:6d:c5:66:59:
c9:e5:96:c7:61:e9:f4:6a:79:70:c8:c7:1b:c7:c1:
7c:b1:02:25:21:50:91:1d:75:96:65:bb:f1:a3:da:
0e:a8:cf:5a:94:53:e8:35:74:04:db:7c:78:51:1a:
ee:93:b9:ae:6b:8d:e6:e1:bf:65:d3:21:89:82:a7:
b8:31:4d:28:86:13:1b:50:42:6c:25:2e:7c:b8:9f:
d5:bd:34:cb:d2:32:4f:fd:c8:e8:10:d2:18:09:02:
d0:32:b0:d3:a4:20:c6:a8:39:67:e8:e6:db:e1:ad:
9a:ed:ea:20:ad:79:a6:ef:4a:d0:a1:be:3d:18:89:
7d:b0:4b:ae:2f:ed:5b:cd:bc:26:33:6b:fc:b3:b3:
23:76:78:3f:c8:8c:43:ec:e1:b3:e7:42:37:e9:88:
36:a2:0c:15:b4:7b:38:c0:a4:81:ac:62:90:77:0f:
fe:e9:ea:c9:49:00:2d:27:9e:e4:5d:23:19:69:26:
f9:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:B1:C0:34:E5:72:71:8C:B7:19:B2:DB:7B:8D:73:46:DF:7F:85:DB
X509v3 Authority Key Identifier:
keyid:D2:AE:5E:33:87:94:E6:0D:5D:8B:52:3B:DB:2B:68:EC:4A:C7:62:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0q5eM4eU5g1di1I72yto7ErHYs4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/d5df03-b5ee-4bf7-aedf-8d8e9ea14325/1/grHANOVycYy3GbLbe41zRt9_hds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/d5df03-b5ee-4bf7-aedf-8d8e9ea14325/1/0q5eM4eU5g1di1I72yto7ErHYs4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.124.0/22
Signature Algorithm: sha256WithRSAEncryption
03:8d:0b:65:fd:3b:9c:23:20:d5:2b:3b:ab:d5:ad:85:02:22:
b6:25:dc:29:45:3f:e3:4c:9d:59:b6:88:53:b4:af:d8:ba:d4:
22:52:f7:79:b8:20:bc:b4:99:d8:02:0d:7c:8a:7a:40:88:b2:
ba:7a:15:3f:1e:ad:65:89:44:10:7f:6b:57:e8:e9:1f:40:82:
4b:15:fc:e2:82:06:a0:7f:e9:e0:e2:31:46:6e:ad:ef:49:58:
76:d9:43:13:64:47:33:cc:6c:b9:db:fa:01:df:3b:38:bb:12:
83:de:97:4d:a4:50:9f:ef:43:ae:44:a6:9f:99:79:ac:13:ae:
34:22:00:ce:ba:5b:bf:39:ee:98:df:35:d9:0f:1f:5e:34:64:
db:4f:ff:60:21:f8:30:7d:18:82:7a:17:4c:aa:e0:73:c3:23:
78:3a:ef:af:9e:10:cd:82:fe:eb:43:01:01:76:54:6c:a9:5b:
37:7d:84:72:08:44:06:67:4a:f8:29:ae:ac:08:f8:67:83:f1:
aa:7d:fe:af:3b:12:99:90:67:1b:56:f2:c9:8e:22:99:53:c5:
c7:58:0b:02:27:13:92:46:5e:d8:23:99:2a:8f:79:50:20:52:
90:b5:8f:e2:fc:cb:8a:7b:e7:15:a2:29:57:b9:c9:3c:24:a0:
68:35:fc:07
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrN6WOgS7JOrbbAynuxob4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYWU1ZTMzODc5NGU2MGQ1ZDhiNTIzYmRiMmI2OGVjNGFj
NzYyY2UwHhcNMjMwMTAxMDI0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmIxYzAzNGU1NzI3MThjYjcxOWIyZGI3YjhkNzM0NmRmN2Y4NWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgkiA7ELzlOdhT5f6k7r51PieivZ2
JaOgdI9DCNR8fs14cXpXHxICLQhnHVpCEOnVB0CjBfMUOjHKyJQI1F8pmUcCz3pl
4W3FZlnJ5ZbHYen0anlwyMcbx8F8sQIlIVCRHXWWZbvxo9oOqM9alFPoNXQE23x4
URruk7mua43m4b9l0yGJgqe4MU0ohhMbUEJsJS58uJ/VvTTL0jJP/cjoENIYCQLQ
MrDTpCDGqDln6Obb4a2a7eogrXmm70rQob49GIl9sEuuL+1bzbwmM2v8s7Mjdng/
yIxD7OGz50I36Yg2ogwVtHs4wKSBrGKQdw/+6erJSQAtJ57kXSMZaSb54wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIKxwDTlcnGMtxmy23uNc0bff4XbMB8GA1UdIwQY
MBaAFNKuXjOHlOYNXYtSO9sraOxKx2LOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHE1ZU00ZVU1ZzFkaTFJNzJ5dG83RXJIWXM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9kNWRmMDMtYjVlZS00YmY3LWFlZGYt
OGQ4ZTllYTE0MzI1LzEvZ3JIQU5PVnljWXkzR2JMYmU0MXpSdDlfaGRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi9kNWRmMDMtYjVlZS00YmY3LWFlZGYtOGQ4ZTllYTE0MzI1
LzEvMHE1ZU00ZVU1ZzFkaTFJNzJ5dG83RXJIWXM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLUJ8MA0G
CSqGSIb3DQEBCwUAA4IBAQADjQtl/TucIyDVKzur1a2FAiK2JdwpRT/jTJ1ZtohT
tK/YutQiUvd5uCC8tJnYAg18inpAiLK6ehU/Hq1liUQQf2tX6OkfQIJLFfziggag
f+ng4jFGbq3vSVh22UMTZEczzGy52/oB3zs4uxKD3pdNpFCf70OuRKafmXmsE640
IgDOulu/Oe6Y3zXZDx9eNGTbT/9gIfgwfRiCehdMquBzwyN4Ou+vnhDNgv7rQwEB
dlRsqVs3fYRyCEQGZ0r4Ka6sCPhng/Gqff6vOxKZkGcbVvLJjiKZU8XHWAsCJxOS
Rl7YI5kqj3lQIFKQtY/i/MuKe+cVoilXuck8JKBoNfwH
-----END CERTIFICATE-----
Generated at Wed May 7 23:01:13 2025 by rpki-client