Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/hzLpezTLF1s4j3_xib2xOMCKmM0.roa
File: hzLpezTLF1s4j3_xib2xOMCKmM0.roa (raw, json)
Hash identifier: dGMkOJ9SU6il6w2QaQwu0D1xtjZ8VPCGt6wiualS/8E=
Subject key identifier: 87:32:E9:7B:34:CB:17:5B:38:8F:7F:F1:89:BD:B1:38:C0:8A:98:CD
Certificate issuer: /CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Certificate serial: 0182F94BACF83BD57281623EDD46ACC2E10A
Authority key identifier: 35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/hzLpezTLF1s4j3_xib2xOMCKmM0.roa
Signing time: Thu 01 Sep 2022 13:44:22 +0000
ROA not before: Thu 01 Sep 2022 13:44:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197177
IP address blocks: 94.240.39.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:f9:4b:ac:f8:3b:d5:72:81:62:3e:dd:46:ac:c2:e1:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Validity
Not Before: Sep 1 13:44:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8732e97b34cb175b388f7ff189bdb138c08a98cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:cc:05:11:f0:88:a8:d5:9f:90:01:48:30:e3:
40:66:93:5f:b5:fc:e2:a1:79:cc:7f:37:a9:f4:03:
ac:5f:67:c8:17:1e:c3:e9:3d:8b:21:76:a8:f6:a1:
5e:de:fd:d8:d5:82:09:50:a6:28:53:e5:a7:5f:31:
52:f7:df:71:31:9b:f4:fb:8c:d3:69:fb:cf:5e:54:
43:ca:bc:23:c2:34:0e:fb:60:ce:1a:48:01:89:5b:
0f:6e:ff:fe:59:e8:36:34:a1:81:fa:00:78:bb:94:
a1:9b:57:77:c6:2d:f2:79:1b:90:3b:2f:fa:80:f4:
67:0f:44:61:16:bb:61:67:15:9e:f3:d5:f0:87:ef:
fa:b1:54:b7:89:ba:8e:bc:ff:1b:4f:b8:85:2b:89:
38:f5:03:8b:fd:00:32:de:0c:2a:cb:66:70:97:b3:
e0:06:85:55:2b:bd:dc:7c:84:4a:d9:57:a4:b6:b5:
d1:c0:e7:53:95:ed:e4:2e:be:7b:6f:a0:c1:3c:5d:
cf:ce:0a:9a:95:d1:cf:e2:a0:80:75:cf:48:47:6a:
d7:7d:79:8b:3b:68:ae:c8:c4:84:57:d0:f7:c7:a2:
23:98:69:55:db:82:2b:2e:82:d1:9c:5e:5a:8f:9d:
2f:32:15:49:dd:ce:a8:cf:e5:3d:a6:e0:8a:71:e1:
e9:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:32:E9:7B:34:CB:17:5B:38:8F:7F:F1:89:BD:B1:38:C0:8A:98:CD
X509v3 Authority Key Identifier:
keyid:35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/hzLpezTLF1s4j3_xib2xOMCKmM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/NRov1vXlr4fVzqCVBm-8w9PlRqQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.240.39.0/24
Signature Algorithm: sha256WithRSAEncryption
46:28:ab:cf:17:c4:5a:a8:14:d7:a0:17:ac:0e:2f:7f:1e:c3:
9b:6d:aa:18:50:da:71:47:e3:32:bf:db:6d:2e:4b:33:9e:02:
03:73:3a:59:a9:44:c8:ad:b2:4b:8f:7e:4b:b6:95:00:7a:06:
de:53:2e:c1:46:77:c1:ba:f0:25:b4:02:92:5c:fc:71:0a:0e:
94:50:d7:6f:80:bf:1f:e8:14:6a:9d:fb:58:0d:6d:e5:ed:6a:
a9:d9:dd:31:07:5c:c4:6d:dd:e3:57:ba:f0:1f:20:98:7e:79:
1e:3d:7d:90:12:f9:0e:05:5c:1a:92:ca:10:db:08:e8:2a:91:
27:a7:74:ef:d7:fb:f6:ee:a2:c6:05:1c:23:0d:92:e7:4e:18:
db:fd:90:fb:8c:cc:fe:94:f4:46:ca:61:2b:f9:45:7b:ee:89:
d1:27:b5:0d:0d:f1:07:a3:7c:b0:1e:5f:6c:8f:e9:d3:4d:8b:
fc:df:27:ed:e1:98:64:8f:30:ec:d3:36:44:0d:e3:e6:7e:83:
d1:42:5c:ee:c4:dd:1b:6c:01:25:80:30:95:35:c5:39:f5:3e:
79:cc:85:f3:ed:c6:8e:e9:b1:e2:e7:8a:6e:27:33:97:3f:b3:
32:ba:f7:ed:7d:8e:eb:32:f1:63:5f:4a:5a:1c:f4:48:00:a6:
47:34:c0:4e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYL5S6z4O9VygWI+3UaswuEKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MWEyZmQ2ZjVlNWFmODdkNWNlYTA5NTA2NmZiY2MzZDNl
NTQ2YTQwHhcNMjIwOTAxMTM0NDIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzMyZTk3YjM0Y2IxNzViMzg4ZjdmZjE4OWJkYjEzOGMwOGE5OGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhswFEfCIqNWfkAFIMONAZpNftfzi
oXnMfzep9AOsX2fIFx7D6T2LIXao9qFe3v3Y1YIJUKYoU+WnXzFS999xMZv0+4zT
afvPXlRDyrwjwjQO+2DOGkgBiVsPbv/+Weg2NKGB+gB4u5Shm1d3xi3yeRuQOy/6
gPRnD0RhFrthZxWe89Xwh+/6sVS3ibqOvP8bT7iFK4k49QOL/QAy3gwqy2Zwl7Pg
BoVVK73cfIRK2VektrXRwOdTle3kLr57b6DBPF3PzgqaldHP4qCAdc9IR2rXfXmL
O2iuyMSEV9D3x6IjmGlV24IrLoLRnF5aj50vMhVJ3c6oz+U9puCKceHpbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIcy6Xs0yxdbOI9/8Ym9sTjAipjNMB8GA1UdIwQY
MBaAFDUaL9b15a+H1c6glQZvvMPT5UakMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJvdjF2WGxyNGZWenFDVkJtLTh3OVBsUnFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9jZGRkZDUtODE3YS00MTEzLThiODIt
MjMwNDllNGQyZjEyLzEvaHpMcGV6VExGMXM0ajNfeGliMnhPTUNLbU0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9jZGRkZDUtODE3YS00MTEzLThiODItMjMwNDllNGQyZjEy
LzEvTlJvdjF2WGxyNGZWenFDVkJtLTh3OVBsUnFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXvAnMA0G
CSqGSIb3DQEBCwUAA4IBAQBGKKvPF8RaqBTXoBesDi9/HsObbaoYUNpxR+Myv9tt
LkszngIDczpZqUTIrbJLj35LtpUAegbeUy7BRnfBuvAltAKSXPxxCg6UUNdvgL8f
6BRqnftYDW3l7Wqp2d0xB1zEbd3jV7rwHyCYfnkePX2QEvkOBVwaksoQ2wjoKpEn
p3Tv1/v27qLGBRwjDZLnThjb/ZD7jMz+lPRGymEr+UV77onRJ7UNDfEHo3ywHl9s
j+nTTYv83yft4ZhkjzDs0zZEDePmfoPRQlzuxN0bbAElgDCVNcU59T55zIXz7caO
6bHi54puJzOXP7MyuvftfY7rMvFjX0paHPRIAKZHNMBO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:18 2024 by rpki-client on console-fra.rpki-client.org