Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/236610-2448-423b-9bca-268ced8435b5/1/hxwzlEnUVQtZnxwztfEqivlBTI8.roa
File: hxwzlEnUVQtZnxwztfEqivlBTI8.roa (raw, json)
Hash identifier: 53HHWdiIGRgHItRVd0gCqMj5cViL+dJafiDV68U14ew=
Subject key identifier: 87:1C:33:94:49:D4:55:0B:59:9F:1C:33:B5:F1:2A:8A:F9:41:4C:8F
Certificate issuer: /CN=ec4d0394084f7e4062609728f4d4d57b06455a56
Certificate serial: 0F3E842D
Authority key identifier: EC:4D:03:94:08:4F:7E:40:62:60:97:28:F4:D4:D5:7B:06:45:5A:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7E0DlAhPfkBiYJco9NTVewZFWlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/236610-2448-423b-9bca-268ced8435b5/1/hxwzlEnUVQtZnxwztfEqivlBTI8.roa
Signing time: Sat 01 Jan 2022 03:59:45 +0000
ROA not before: Sat 01 Jan 2022 03:59:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2635
IP address blocks: 185.138.28.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 255755309 (0xf3e842d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec4d0394084f7e4062609728f4d4d57b06455a56
Validity
Not Before: Jan 1 03:59:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=871c339449d4550b599f1c33b5f12a8af9414c8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:c0:8e:ca:c8:b1:56:05:49:ab:cf:33:0b:f1:
de:c1:71:ab:ba:cc:65:ba:ed:7e:39:3d:c6:4d:5e:
14:6f:ac:1b:01:e7:ea:48:0a:5e:7e:bf:72:4c:20:
40:f7:9f:f0:8b:b6:b1:96:c9:4e:77:58:f9:f0:dc:
a9:98:9e:21:d2:3e:4d:05:81:70:68:8d:cc:d0:d9:
05:de:f6:42:d7:64:14:e0:42:fe:6b:5b:d6:35:1a:
49:d6:30:6f:93:88:4b:55:e6:5a:58:d3:f1:3a:db:
98:2f:56:64:3e:c7:55:c9:85:a6:59:6d:0f:81:ab:
65:e9:ce:9f:a8:4e:3a:5d:e6:5a:ab:45:8d:58:2a:
87:76:1f:6d:8e:d1:d6:3e:b0:9d:be:1d:42:a2:d6:
1a:4a:96:22:c6:3f:eb:1f:2f:f2:39:02:13:b7:c2:
ba:b5:e8:43:34:59:87:52:ea:c3:29:a9:db:a9:40:
f5:d6:76:b4:02:03:33:48:70:4e:bb:c3:ee:fb:58:
b6:e1:9c:2b:9d:03:f6:75:c8:75:40:7e:ee:ea:59:
20:c6:1d:cd:45:82:76:fd:c2:8a:12:d9:3a:8f:31:
ea:ea:d4:c0:4b:76:a9:76:fe:d4:91:30:1b:8c:a5:
48:4a:be:24:c7:69:95:a4:a7:6b:9c:ea:a6:de:4f:
26:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:1C:33:94:49:D4:55:0B:59:9F:1C:33:B5:F1:2A:8A:F9:41:4C:8F
X509v3 Authority Key Identifier:
keyid:EC:4D:03:94:08:4F:7E:40:62:60:97:28:F4:D4:D5:7B:06:45:5A:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7E0DlAhPfkBiYJco9NTVewZFWlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/236610-2448-423b-9bca-268ced8435b5/1/hxwzlEnUVQtZnxwztfEqivlBTI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/236610-2448-423b-9bca-268ced8435b5/1/7E0DlAhPfkBiYJco9NTVewZFWlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.138.28.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:b3:9b:53:b5:21:98:a7:8e:ed:4f:21:66:6f:7e:c5:13:56:
0e:1b:dd:11:a4:71:f5:91:e0:a8:c0:d9:1e:64:64:e0:0f:35:
0e:ab:fc:ff:5c:5c:2e:13:d2:d0:5f:6c:f0:b7:b6:55:1b:3b:
84:48:4d:5d:e0:d4:cb:5e:52:69:80:1f:33:64:b0:3b:13:9f:
40:ca:dc:3d:e0:7e:a3:a9:c3:3b:07:12:00:3b:05:aa:c2:a8:
fc:eb:5a:35:9b:93:63:6d:a6:3a:82:78:c3:6d:84:e7:b6:bb:
3e:86:1b:fe:c2:cb:00:94:91:f3:a3:c4:27:60:81:38:bb:38:
6a:7d:55:2f:2b:18:93:da:62:45:6f:26:20:ea:51:03:b3:f4:
59:3d:4d:85:d3:c0:81:c5:ed:af:7d:dc:23:e9:41:d8:3d:b9:
7b:37:cf:51:a5:9d:4e:e9:0b:f0:42:9f:a1:06:1a:67:94:5b:
eb:68:82:86:cc:d6:46:6c:9d:6c:7f:ad:9f:2f:20:76:e9:9a:
d6:f0:e4:7b:ba:ce:af:3d:a1:81:fa:14:d2:e1:aa:ac:12:68:
82:d6:07:e4:c9:e7:6c:50:fe:95:79:97:b7:3f:ad:e1:f0:20:
70:6a:dd:9a:eb:6d:5c:02:67:69:59:24:2c:71:54:8b:dc:b8:
40:c1:7f:7b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDz6ELTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YzRkMDM5NDA4NGY3ZTQwNjI2MDk3MjhmNGQ0ZDU3YjA2NDU1YTU2MB4XDTIyMDEw
MTAzNTk0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODcxYzMzOTQ0OWQ0
NTUwYjU5OWYxYzMzYjVmMTJhOGFmOTQxNGM4ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANDAjsrIsVYFSavPMwvx3sFxq7rMZbrtfjk9xk1eFG+sGwHn
6kgKXn6/ckwgQPef8Iu2sZbJTndY+fDcqZieIdI+TQWBcGiNzNDZBd72QtdkFOBC
/mtb1jUaSdYwb5OIS1XmWljT8TrbmC9WZD7HVcmFplltD4GrZenOn6hOOl3mWqtF
jVgqh3YfbY7R1j6wnb4dQqLWGkqWIsY/6x8v8jkCE7fCurXoQzRZh1Lqwymp26lA
9dZ2tAIDM0hwTrvD7vtYtuGcK50D9nXIdUB+7upZIMYdzUWCdv3CihLZOo8x6urU
wEt2qXb+1JEwG4ylSEq+JMdplaSna5zqpt5PJtkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSHHDOUSdRVC1mfHDO18SqK+UFMjzAfBgNVHSMEGDAWgBTsTQOUCE9+QGJg
lyj01NV7BkVaVjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdFMERsQWhQZmtCaVlKY285TlRWZXdaRldsWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmYvMjM2NjEwLTI0NDgtNDIzYi05YmNhLTI2OGNlZDg0MzViNS8x
L2h4d3psRW5VVlF0Wm54d3p0ZkVxaXZsQlRJOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmYv
MjM2NjEwLTI0NDgtNDIzYi05YmNhLTI2OGNlZDg0MzViNS8xLzdFMERsQWhQZmtC
aVlKY285TlRWZXdaRldsWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmKHDANBgkqhkiG9w0BAQsFAAOC
AQEAX7ObU7UhmKeO7U8hZm9+xRNWDhvdEaRx9ZHgqMDZHmRk4A81Dqv8/1xcLhPS
0F9s8Le2VRs7hEhNXeDUy15SaYAfM2SwOxOfQMrcPeB+o6nDOwcSADsFqsKo/Ota
NZuTY22mOoJ4w22E57a7PoYb/sLLAJSR86PEJ2CBOLs4an1VLysYk9piRW8mIOpR
A7P0WT1NhdPAgcXtr33cI+lB2D25ezfPUaWdTukL8EKfoQYaZ5Rb62iChszWRmyd
bH+tny8gduma1vDke7rOrz2hgfoU0uGqrBJogtYH5MnnbFD+lXmXtz+t4fAgcGrd
muttXAJnaVkkLHFUi9y4QMF/ew==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:10 2024 by rpki-client on console-fra.rpki-client.org