Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/HPdmtKB5v0xhCAexXU8RGEMChJ8.roa
File: HPdmtKB5v0xhCAexXU8RGEMChJ8.roa (raw, json)
Hash identifier: K3N4OLN/vCTvNie0wVtqPE5o29hLwNkrJ4YESIwZDU0=
Subject key identifier: 1C:F7:66:B4:A0:79:BF:4C:61:08:07:B1:5D:4F:11:18:43:02:84:9F
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0E28F2F9
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/HPdmtKB5v0xhCAexXU8RGEMChJ8.roa
Signing time: Sat 01 Jan 2022 01:58:27 +0000
ROA not before: Sat 01 Jan 2022 01:58:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 398373
IP address blocks: 212.192.208.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 237564665 (0xe28f2f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 1 01:58:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1cf766b4a079bf4c610807b15d4f11184302849f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:1f:57:2b:31:8d:b0:54:dd:24:35:b8:5f:96:
a8:e7:c0:f2:c5:71:99:71:de:ef:39:20:a6:e5:b4:
4d:dd:f1:9c:1d:38:4d:13:71:7a:f7:7c:86:4b:47:
dd:aa:32:e3:8b:9e:d6:4d:39:2e:06:c9:aa:f5:dc:
a2:c2:7d:fa:79:74:21:5a:e6:96:e6:56:e9:f4:e2:
32:fe:18:b5:a4:f5:a2:e8:5a:f4:3a:27:fd:6f:34:
fb:90:97:e6:70:70:eb:68:04:ab:77:ef:27:2b:49:
02:81:7f:65:99:4a:fe:cc:e9:0b:77:8b:8a:62:6e:
d6:5a:3a:7b:b9:43:fe:ef:f3:65:34:ea:3c:d2:43:
1f:a5:a3:f5:09:0f:9e:cd:5a:9e:48:9c:bd:0f:c5:
d0:b0:dc:de:ba:a2:4d:11:bd:a3:9a:e5:a8:69:f9:
eb:de:8f:48:2e:d0:62:28:46:e7:98:13:b4:c6:dd:
89:42:ce:9a:d6:4f:c3:2f:ed:2c:fb:d9:d3:62:eb:
8b:a6:98:0e:69:bd:cb:ad:18:d5:dc:25:57:77:34:
33:8a:84:54:a6:7a:dd:73:e0:b1:2f:52:06:eb:cb:
49:05:50:aa:3b:20:b4:c7:42:fc:26:92:ba:64:5e:
98:9a:c6:ba:cc:6e:8f:b7:e8:5d:15:53:57:5b:5e:
50:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:F7:66:B4:A0:79:BF:4C:61:08:07:B1:5D:4F:11:18:43:02:84:9F
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/HPdmtKB5v0xhCAexXU8RGEMChJ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.192.208.0/22
Signature Algorithm: sha256WithRSAEncryption
76:63:f9:c8:2c:36:2a:72:d4:59:09:bc:67:76:26:d0:19:3b:
9e:49:5c:47:50:a0:aa:b6:4a:c7:89:2f:12:2e:3d:55:31:56:
66:86:53:1c:15:7d:3b:00:6a:aa:61:bc:03:98:34:9b:26:c3:
1a:1d:62:3c:91:73:e8:23:ab:6e:71:c9:92:fe:6d:9b:b9:c4:
16:29:19:05:77:c8:c0:58:a2:27:2a:cc:41:94:c4:c7:3a:14:
ec:70:ad:22:68:fd:50:46:5f:44:4c:f3:42:a8:be:97:cb:38:
99:ef:db:67:bb:cf:f1:2b:c3:cd:57:a5:35:e8:a1:60:3b:6c:
7a:ca:77:de:3e:df:a9:11:a8:7d:da:ab:97:3b:85:80:91:d0:
86:f6:b2:ce:28:dc:3d:dd:c8:47:7f:f6:80:a9:34:1f:a7:71:
50:9f:ef:dd:aa:49:aa:a0:79:65:f5:97:38:98:b2:5d:4d:a4:
64:4f:38:3c:fc:09:87:2f:5a:fa:60:fb:00:73:d5:d6:df:cb:
6d:b8:2b:57:ec:e7:49:d5:9e:9e:39:1f:c4:02:64:1a:9c:32:
42:d1:25:1c:ff:bb:2b:ab:bd:ba:05:b2:1f:62:08:9f:b7:18:
9f:8b:26:21:9e:38:cf:ad:4f:4e:8a:1f:dc:69:d5:3e:a0:c3:
b9:bb:3d:f1
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDijy+TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTY5MGY1ZTMyZDVjODZhZjFlMTM0OWRmZDRlOGNlZWI3MGUxYWM3MB4XDTIyMDEw
MTAxNTgyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWNmNzY2YjRhMDc5
YmY0YzYxMDgwN2IxNWQ0ZjExMTg0MzAyODQ5ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMQfVysxjbBU3SQ1uF+WqOfA8sVxmXHe7zkgpuW0Td3xnB04
TRNxevd8hktH3aoy44ue1k05LgbJqvXcosJ9+nl0IVrmluZW6fTiMv4YtaT1ouha
9Don/W80+5CX5nBw62gEq3fvJytJAoF/ZZlK/szpC3eLimJu1lo6e7lD/u/zZTTq
PNJDH6Wj9QkPns1ankicvQ/F0LDc3rqiTRG9o5rlqGn5696PSC7QYihG55gTtMbd
iULOmtZPwy/tLPvZ02Lri6aYDmm9y60Y1dwlV3c0M4qEVKZ63XPgsS9SBuvLSQVQ
qjsgtMdC/CaSumRemJrGusxuj7foXRVTV1teUNECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQc92a0oHm/TGEIB7FdTxEYQwKEnzAfBgNVHSMEGDAWgBQ1aQ9eMtXIavHh
NJ39Tozutw4axzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05Xa1BYakxWeUdyeDRUU2RfVTZNN3JjT0dzYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8x
L0hQZG10S0I1djB4aENBZXhYVThSR0VNQ2hKOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
ZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8xL05Xa1BYakxWeUdy
eDRUU2RfVTZNN3JjT0dzYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAtTA0DANBgkqhkiG9w0BAQsFAAOC
AQEAdmP5yCw2KnLUWQm8Z3Ym0Bk7nklcR1CgqrZKx4kvEi49VTFWZoZTHBV9OwBq
qmG8A5g0mybDGh1iPJFz6COrbnHJkv5tm7nEFikZBXfIwFiiJyrMQZTExzoU7HCt
Imj9UEZfREzzQqi+l8s4me/bZ7vP8SvDzVelNeihYDtsesp33j7fqRGofdqrlzuF
gJHQhvayzijcPd3IR3/2gKk0H6dxUJ/v3apJqqB5ZfWXOJiyXU2kZE84PPwJhy9a
+mD7AHPV1t/LbbgrV+znSdWenjkfxAJkGpwyQtElHP+7K6u9ugWyH2IIn7cYn4sm
IZ44z61PToof3GnVPqDDubs98Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:54 2023 by rpki-client on console-ams.rpki-client.org