Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/hzVYizRBfKN-wwrOKgu8TfSSX44.roa
File: hzVYizRBfKN-wwrOKgu8TfSSX44.roa (raw, json)
Hash identifier: qNDbjhNUoxz/bo1CotZ6TW47aeiMC1Ue3AfGWT81e/g=
Subject key identifier: 87:35:58:8B:34:41:7C:A3:7E:C3:0A:CE:2A:0B:BC:4D:F4:92:5F:8E
Certificate issuer: /CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Certificate serial: 0A19D808
Authority key identifier: 81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/hzVYizRBfKN-wwrOKgu8TfSSX44.roa
Signing time: Wed 30 Mar 2022 06:06:29 +0000
ROA not before: Wed 30 Mar 2022 06:06:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2043
IP address blocks: 185.2.174.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 169465864 (0xa19d808)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Validity
Not Before: Mar 30 06:06:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8735588b34417ca37ec30ace2a0bbc4df4925f8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:b2:37:d8:fd:af:69:63:17:dd:5c:c4:df:9b:
eb:46:c4:2c:a0:60:af:fc:23:a4:22:23:75:a3:63:
f2:8d:ec:83:1f:72:21:f7:a7:c6:8e:8f:ec:30:00:
0a:90:03:3f:31:9f:a4:d2:c0:e9:fe:a3:82:73:e0:
a6:4f:6f:3a:a7:a8:16:8f:03:f0:e5:e6:10:a1:4b:
e8:43:68:ab:49:04:7b:c7:5f:44:f0:2e:e7:ff:82:
7c:f0:46:bf:1f:12:a8:e2:6d:61:fe:1c:c5:54:46:
57:cc:ff:a5:78:00:18:96:f4:eb:b2:13:5c:85:6e:
f4:63:7f:46:67:5b:ee:f0:fd:cb:f3:44:be:3d:a3:
45:07:e1:06:0b:6c:c0:06:49:4b:36:59:57:ed:ed:
f2:12:ac:d5:8a:21:9e:6b:4a:0a:6c:74:d2:22:25:
d5:f0:39:a3:f8:65:13:6a:11:cc:cd:23:ba:48:1d:
a9:44:f4:63:0c:dc:05:3f:78:25:a1:cb:5a:84:58:
ed:fc:48:3f:f2:a6:33:98:d3:e7:8a:36:91:72:03:
64:77:34:93:c9:28:ef:77:6e:f8:14:11:eb:2a:b1:
98:34:f2:9a:50:3c:9a:cc:96:2b:37:50:ae:ae:e8:
f0:d2:50:8a:b4:2b:2d:38:1e:69:2e:79:15:0c:df:
ab:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:35:58:8B:34:41:7C:A3:7E:C3:0A:CE:2A:0B:BC:4D:F4:92:5F:8E
X509v3 Authority Key Identifier:
keyid:81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/hzVYizRBfKN-wwrOKgu8TfSSX44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.2.174.0/23
Signature Algorithm: sha256WithRSAEncryption
09:29:60:6e:c5:65:ef:e1:82:61:e8:bc:8a:af:42:10:6a:c7:
70:d2:fd:e5:b3:73:3e:5c:82:79:2e:d3:8e:f1:e1:64:3f:cd:
b9:84:04:e5:12:0a:ab:59:33:5d:d5:ca:7d:23:d9:ac:01:98:
98:3c:07:bf:c6:86:6e:98:4d:e6:7b:db:56:2e:6d:bc:b4:9a:
62:2e:7e:cc:65:b9:84:c1:b1:4e:20:13:b7:30:8f:16:ca:59:
90:82:00:7b:d7:98:f3:46:c0:58:d3:00:81:e4:8c:41:89:8f:
9e:7f:fb:a1:77:59:04:9b:47:d0:51:8a:1e:b3:e7:7b:8b:22:
79:09:89:ff:c0:ca:aa:c2:d5:22:8a:b2:e5:47:cf:04:36:ea:
db:84:61:a7:79:e3:81:f6:53:d8:c9:8b:c9:ad:eb:52:52:2a:
be:62:b9:40:56:1e:1c:7e:ca:d2:56:2d:17:45:06:bb:82:90:
da:11:78:3e:84:4e:cb:2e:6a:08:90:70:de:4b:e7:5f:df:bf:
f0:02:fe:5b:aa:48:01:41:b1:84:b8:8b:a5:12:41:4b:6b:eb:
63:74:2a:a5:e5:3b:a2:72:d1:1a:06:7b:66:5e:11:36:3e:fb:
1b:b9:ef:b3:bb:65:26:6c:de:a0:a8:66:15:65:49:c5:1f:38:
46:ac:cd:d5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEChnYCDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MWVlZDQwOTEzODNkOWVkNDA1NmQ5ZjRlZmY3ZDI2MjJkZGNlMjA1MB4XDTIyMDMz
MDA2MDYyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODczNTU4OGIzNDQx
N2NhMzdlYzMwYWNlMmEwYmJjNGRmNDkyNWY4ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMWyN9j9r2ljF91cxN+b60bELKBgr/wjpCIjdaNj8o3sgx9y
Ifenxo6P7DAACpADPzGfpNLA6f6jgnPgpk9vOqeoFo8D8OXmEKFL6ENoq0kEe8df
RPAu5/+CfPBGvx8SqOJtYf4cxVRGV8z/pXgAGJb067ITXIVu9GN/Rmdb7vD9y/NE
vj2jRQfhBgtswAZJSzZZV+3t8hKs1YohnmtKCmx00iIl1fA5o/hlE2oRzM0jukgd
qUT0YwzcBT94JaHLWoRY7fxIP/KmM5jT54o2kXIDZHc0k8ko73du+BQR6yqxmDTy
mlA8msyWKzdQrq7o8NJQirQrLTgeaS55FQzfq4cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSHNViLNEF8o37DCs4qC7xN9JJfjjAfBgNVHSMEGDAWgBSB7tQJE4PZ7UBW
2fTv99JiLdziBTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dlN1VDUk9EMmUxQVZ0bjA3X2ZTWWkzYzRnVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2EvNGE5Y2M0LTJiOWEtNGVmMi1hMzNhLTg3MmIzNzEwYzJhMS8x
L2h6VllpelJCZktOLXd3ck9LZ3U4VGZTU1g0NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Ev
NGE5Y2M0LTJiOWEtNGVmMi1hMzNhLTg3MmIzNzEwYzJhMS8xL2dlN1VDUk9EMmUx
QVZ0bjA3X2ZTWWkzYzRnVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbkCrjANBgkqhkiG9w0BAQsFAAOC
AQEACSlgbsVl7+GCYei8iq9CEGrHcNL95bNzPlyCeS7TjvHhZD/NuYQE5RIKq1kz
XdXKfSPZrAGYmDwHv8aGbphN5nvbVi5tvLSaYi5+zGW5hMGxTiATtzCPFspZkIIA
e9eY80bAWNMAgeSMQYmPnn/7oXdZBJtH0FGKHrPne4sieQmJ/8DKqsLVIoqy5UfP
BDbq24Rhp3njgfZT2MmLya3rUlIqvmK5QFYeHH7K0lYtF0UGu4KQ2hF4PoROyy5q
CJBw3kvnX9+/8AL+W6pIAUGxhLiLpRJBS2vrY3QqpeU7onLRGgZ7Zl4RNj77G7nv
s7tlJmzeoKhmFWVJxR84RqzN1Q==
-----END CERTIFICATE-----
Generated at Sat May 10 20:18:14 2025 by rpki-client