Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/d0a0a0-d25a-4746-9139-a71456df9997/1/HQF8JFX0PflsVFYyvCheeez-jPI.roa
File: HQF8JFX0PflsVFYyvCheeez-jPI.roa (raw, json)
Hash identifier: Dc07CrZKXUXMcrR1SuJ/xaYtt4tNpyOWIxx4S7cza2Y=
Subject key identifier: 1D:01:7C:24:55:F4:3D:F9:6C:54:56:32:BC:28:5E:79:EC:FE:8C:F2
Certificate issuer: /CN=35135b81b6c1edd2f6f5bc1c608a5fc9fe926474
Certificate serial: 109C9243
Authority key identifier: 35:13:5B:81:B6:C1:ED:D2:F6:F5:BC:1C:60:8A:5F:C9:FE:92:64:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRNbgbbB7dL29bwcYIpfyf6SZHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/d0a0a0-d25a-4746-9139-a71456df9997/1/HQF8JFX0PflsVFYyvCheeez-jPI.roa
Signing time: Sat 01 Jan 2022 13:06:15 +0000
ROA not before: Sat 01 Jan 2022 13:06:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51241
IP address blocks: 91.207.139.0/24 maxlen: 24
91.207.138.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 278696515 (0x109c9243)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35135b81b6c1edd2f6f5bc1c608a5fc9fe926474
Validity
Not Before: Jan 1 13:06:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1d017c2455f43df96c545632bc285e79ecfe8cf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:55:a6:71:38:49:7e:d2:6f:1e:32:c6:68:33:
53:ab:45:f4:2e:a6:74:16:54:30:41:1b:b8:df:7e:
fe:b4:a0:36:51:46:91:55:28:e4:10:39:98:d2:2b:
0e:14:ce:1f:e6:4f:bb:5c:df:ca:ea:5b:77:01:95:
1c:f4:84:e7:cf:db:59:d7:f1:7d:99:c1:c3:c3:10:
68:bc:48:bf:42:c1:51:7b:28:1e:8c:65:69:46:c0:
97:4a:cc:28:25:87:08:56:10:95:97:84:d4:53:06:
20:3f:1d:f9:7e:0d:b2:db:80:ed:86:cc:06:1d:a8:
a8:9b:c9:f3:bb:8b:ca:fe:79:fe:a7:6d:36:16:2b:
fc:b4:56:fe:ec:ac:97:9c:31:ab:87:7d:ad:2e:3f:
e5:98:90:d7:83:f9:01:16:93:84:2a:b3:53:c7:6c:
2b:a4:42:69:e1:9b:57:e8:47:f4:40:47:cc:a7:2f:
5a:11:73:40:00:59:e0:ef:b0:3c:d4:db:8d:4d:6f:
c1:e3:d3:11:a6:af:0b:8c:3b:0e:b0:cf:c6:b6:2a:
9a:c5:02:88:4a:8b:72:ae:aa:08:fb:da:69:72:ea:
55:da:82:69:8c:2b:20:df:8b:df:14:d7:0d:ad:2d:
e3:68:a6:9c:8f:12:e2:8e:43:33:85:0c:df:e8:e0:
8e:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:01:7C:24:55:F4:3D:F9:6C:54:56:32:BC:28:5E:79:EC:FE:8C:F2
X509v3 Authority Key Identifier:
keyid:35:13:5B:81:B6:C1:ED:D2:F6:F5:BC:1C:60:8A:5F:C9:FE:92:64:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRNbgbbB7dL29bwcYIpfyf6SZHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/d0a0a0-d25a-4746-9139-a71456df9997/1/HQF8JFX0PflsVFYyvCheeez-jPI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/d0a0a0-d25a-4746-9139-a71456df9997/1/NRNbgbbB7dL29bwcYIpfyf6SZHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.138.0/23
Signature Algorithm: sha256WithRSAEncryption
80:bb:f2:be:b8:b1:6a:0d:11:98:5e:ba:95:ac:dd:7c:71:a8:
ce:d3:cc:d3:c5:39:e5:7d:9f:50:1d:13:fc:dc:69:1e:8d:e5:
48:67:1b:08:0e:79:67:3f:e2:5a:dd:03:44:64:a3:91:27:04:
05:04:f2:8a:b9:9c:05:01:e3:db:be:ca:4f:53:b8:c5:2d:ce:
6d:1c:f5:c8:1b:a4:7a:c1:be:16:83:dc:72:2f:ab:7b:21:6d:
5e:76:a5:f2:b2:74:87:d1:00:b7:65:08:1b:87:20:a0:48:aa:
96:17:bd:38:2e:6c:62:ab:91:39:81:7b:0a:c1:61:96:48:ce:
55:bd:c0:f4:70:4c:42:14:c8:11:5f:af:48:ba:05:2e:21:a9:
47:0a:62:52:a5:3c:e9:02:ea:86:44:39:2a:30:6c:fb:3d:53:
92:ca:35:d1:08:4e:c7:69:08:8b:94:d4:a3:8b:a0:77:82:3b:
55:14:79:7a:4c:0c:14:c9:b3:4a:f7:0a:90:a3:18:7f:ec:1c:
8f:99:fb:d3:36:a6:60:d4:0d:6d:d6:f1:37:56:f2:dc:16:24:
f1:bc:43:65:e8:5f:07:ae:6c:a7:b7:88:4a:9c:14:f6:ea:41:
1c:ab:8c:fe:ac:b4:41:96:96:98:b9:a7:f7:ed:75:9b:f2:dc:
b9:5a:ef:45
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEJySQzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTEzNWI4MWI2YzFlZGQyZjZmNWJjMWM2MDhhNWZjOWZlOTI2NDc0MB4XDTIyMDEw
MTEzMDYxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWQwMTdjMjQ1NWY0
M2RmOTZjNTQ1NjMyYmMyODVlNzllY2ZlOGNmMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANJVpnE4SX7Sbx4yxmgzU6tF9C6mdBZUMEEbuN9+/rSgNlFG
kVUo5BA5mNIrDhTOH+ZPu1zfyupbdwGVHPSE58/bWdfxfZnBw8MQaLxIv0LBUXso
HoxlaUbAl0rMKCWHCFYQlZeE1FMGID8d+X4NstuA7YbMBh2oqJvJ87uLyv55/qdt
NhYr/LRW/uysl5wxq4d9rS4/5ZiQ14P5ARaThCqzU8dsK6RCaeGbV+hH9EBHzKcv
WhFzQABZ4O+wPNTbjU1vwePTEaavC4w7DrDPxrYqmsUCiEqLcq6qCPvaaXLqVdqC
aYwrIN+L3xTXDa0t42imnI8S4o5DM4UM3+jgjvUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQdAXwkVfQ9+WxUVjK8KF557P6M8jAfBgNVHSMEGDAWgBQ1E1uBtsHt0vb1
vBxgil/J/pJkdDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05STmJnYmJCN2RMMjlid2NZSXBmeWY2U1pIUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWIvZDBhMGEwLWQyNWEtNDc0Ni05MTM5LWE3MTQ1NmRmOTk5Ny8x
L0hRRjhKRlgwUGZsc1ZGWXl2Q2hlZWV6LWpQSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWIv
ZDBhMGEwLWQyNWEtNDc0Ni05MTM5LWE3MTQ1NmRmOTk5Ny8xL05STmJnYmJCN2RM
Mjlid2NZSXBmeWY2U1pIUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVvPijANBgkqhkiG9w0BAQsFAAOC
AQEAgLvyvrixag0RmF66lazdfHGoztPM08U55X2fUB0T/NxpHo3lSGcbCA55Zz/i
Wt0DRGSjkScEBQTyirmcBQHj277KT1O4xS3ObRz1yBukesG+FoPcci+reyFtXnal
8rJ0h9EAt2UIG4cgoEiqlhe9OC5sYquROYF7CsFhlkjOVb3A9HBMQhTIEV+vSLoF
LiGpRwpiUqU86QLqhkQ5KjBs+z1Tkso10QhOx2kIi5TUo4ugd4I7VRR5ekwMFMmz
SvcKkKMYf+wcj5n70zamYNQNbdbxN1by3BYk8bxDZehfB65sp7eISpwU9upBHKuM
/qy0QZaWmLmn9+11m/LcuVrvRQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:10 2024 by rpki-client on console-fra.rpki-client.org