Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/HEBIE8GRjG5Y1m02E-Hu5lSi-Ss.roa
File: HEBIE8GRjG5Y1m02E-Hu5lSi-Ss.roa (raw, json)
Hash identifier: yD9yeEySNkTsFE50MIj9bj2uVPVQqeLkA58Q3oqMd8c=
Subject key identifier: 1C:40:48:13:C1:91:8C:6E:58:D6:6D:36:13:E1:EE:E6:54:A2:F9:2B
Certificate issuer: /CN=5da432a4ec3b0ac4ca4e4ecec0e9f4d46b497af0
Certificate serial: 10A8A84E
Authority key identifier: 5D:A4:32:A4:EC:3B:0A:C4:CA:4E:4E:CE:C0:E9:F4:D4:6B:49:7A:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaQypOw7CsTKTk7OwOn01GtJevA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/HEBIE8GRjG5Y1m02E-Hu5lSi-Ss.roa
Signing time: Sat 01 Jan 2022 13:00:40 +0000
ROA not before: Sat 01 Jan 2022 13:00:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202532
IP address blocks: 91.107.84.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 279488590 (0x10a8a84e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da432a4ec3b0ac4ca4e4ecec0e9f4d46b497af0
Validity
Not Before: Jan 1 13:00:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1c404813c1918c6e58d66d3613e1eee654a2f92b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:f6:ad:08:3a:33:d6:25:a7:25:78:48:cd:0e:
64:97:5b:66:35:b9:75:13:d2:cc:8b:96:f9:e3:59:
d7:3d:a6:02:58:1d:84:2c:75:43:64:97:03:3a:4d:
e9:66:e6:c6:af:09:c8:1d:49:8e:d6:c4:d5:f0:3d:
be:bb:3a:f2:c8:94:72:a8:5e:fc:ef:2b:cc:3d:f7:
a7:c8:7e:64:f7:d3:4a:56:fe:86:8e:a4:16:1d:bb:
5b:4e:71:b9:fe:63:62:52:1a:c3:89:8c:b0:be:2a:
aa:47:32:94:a1:cc:54:81:e1:16:7f:48:3e:82:8f:
a1:c5:04:db:6d:34:56:05:c8:5e:81:0d:53:ab:f9:
24:4c:59:f2:2b:df:46:27:60:27:68:2a:c3:94:fc:
db:83:50:b8:73:2f:43:c5:de:34:a5:3e:2c:ad:35:
73:2e:ad:a7:2e:dc:f8:ff:2a:2c:58:6e:98:c4:f9:
04:dc:fe:1f:83:ad:ab:54:31:96:d6:c0:74:1d:55:
3d:cb:bf:f1:83:ee:4c:dc:a0:d1:3c:4f:91:6e:ab:
f4:ac:86:65:2d:63:a9:b4:db:44:da:a0:c9:a4:4a:
5e:df:74:92:e6:27:51:c4:28:77:14:e1:cd:ea:b5:
a9:72:59:2d:65:1b:cf:0e:41:7b:3c:90:a4:40:4b:
fa:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:40:48:13:C1:91:8C:6E:58:D6:6D:36:13:E1:EE:E6:54:A2:F9:2B
X509v3 Authority Key Identifier:
keyid:5D:A4:32:A4:EC:3B:0A:C4:CA:4E:4E:CE:C0:E9:F4:D4:6B:49:7A:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaQypOw7CsTKTk7OwOn01GtJevA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/HEBIE8GRjG5Y1m02E-Hu5lSi-Ss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/XaQypOw7CsTKTk7OwOn01GtJevA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.107.84.0/24
Signature Algorithm: sha256WithRSAEncryption
90:56:cd:92:dc:92:05:28:78:81:34:82:00:a1:29:7f:16:e1:
f7:81:74:a4:2a:ac:f9:62:b4:7a:f1:c0:54:41:80:95:00:6f:
d5:64:b8:dc:96:4a:d0:5b:0e:66:ac:5d:97:b8:56:27:5a:84:
fb:0b:31:76:a5:7d:ea:e5:e5:4e:cf:a6:99:af:01:9f:e7:0f:
c6:74:24:f7:3a:0b:9b:3b:2d:0b:c1:dc:35:47:f4:c7:79:b7:
57:30:07:b6:dc:ae:19:54:49:c8:47:df:30:5d:00:5d:06:42:
68:d4:6f:53:6c:f1:ac:c7:62:aa:b4:ea:67:c9:b8:af:8a:be:
df:6d:5c:5a:ae:9e:41:f7:6e:10:20:39:cc:6b:9a:ad:02:2e:
be:35:c4:72:f7:f6:5a:8f:11:3a:91:a4:ed:4e:31:25:a8:54:
8a:fb:d6:60:d8:fa:4f:4c:77:c5:90:f9:11:3c:f2:56:21:fc:
68:e4:81:6c:df:db:aa:15:6c:2f:af:4c:f1:96:80:f8:21:43:
cd:10:c3:12:09:d9:4f:ab:7b:97:9f:07:33:07:2d:24:9b:a5:
1f:e3:a9:e8:a6:e2:2f:9f:fe:a4:bb:a8:2f:68:45:28:60:18:
bd:9e:4c:49:36:69:ac:b3:e0:80:57:aa:e3:80:8b:bc:14:41:
62:53:37:11
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEKioTjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZGE0MzJhNGVjM2IwYWM0Y2E0ZTRlY2VjMGU5ZjRkNDZiNDk3YWYwMB4XDTIyMDEw
MTEzMDA0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWM0MDQ4MTNjMTkx
OGM2ZTU4ZDY2ZDM2MTNlMWVlZTY1NGEyZjkyYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMv2rQg6M9YlpyV4SM0OZJdbZjW5dRPSzIuW+eNZ1z2mAlgd
hCx1Q2SXAzpN6Wbmxq8JyB1JjtbE1fA9vrs68siUcqhe/O8rzD33p8h+ZPfTSlb+
ho6kFh27W05xuf5jYlIaw4mMsL4qqkcylKHMVIHhFn9IPoKPocUE2200VgXIXoEN
U6v5JExZ8ivfRidgJ2gqw5T824NQuHMvQ8XeNKU+LK01cy6tpy7c+P8qLFhumMT5
BNz+H4Otq1QxltbAdB1VPcu/8YPuTNyg0TxPkW6r9KyGZS1jqbTbRNqgyaRKXt90
kuYnUcQodxThzeq1qXJZLWUbzw5BezyQpEBL+mMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQcQEgTwZGMbljWbTYT4e7mVKL5KzAfBgNVHSMEGDAWgBRdpDKk7DsKxMpO
Ts7A6fTUa0l68DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hhUXlwT3c3Q3NUS1RrN093T24wMUd0SmV2QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOWU4NDdmLTQxNDYtNDU2Ni04YzNlLTFiYTU0M2VlYWVkNy8x
L0hFQklFOEdSakc1WTFtMDJFLUh1NWxTaS1Tcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OWU4NDdmLTQxNDYtNDU2Ni04YzNlLTFiYTU0M2VlYWVkNy8xL1hhUXlwT3c3Q3NU
S1RrN093T24wMUd0SmV2QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFtrVDANBgkqhkiG9w0BAQsFAAOC
AQEAkFbNktySBSh4gTSCAKEpfxbh94F0pCqs+WK0evHAVEGAlQBv1WS43JZK0FsO
Zqxdl7hWJ1qE+wsxdqV96uXlTs+mma8Bn+cPxnQk9zoLmzstC8HcNUf0x3m3VzAH
ttyuGVRJyEffMF0AXQZCaNRvU2zxrMdiqrTqZ8m4r4q+321cWq6eQfduECA5zGua
rQIuvjXEcvf2Wo8ROpGk7U4xJahUivvWYNj6T0x3xZD5ETzyViH8aOSBbN/bqhVs
L69M8ZaA+CFDzRDDEgnZT6t7l58HMwctJJulH+Op6KbiL5/+pLuoL2hFKGAYvZ5M
STZprLPggFeq44CLvBRBYlM3EQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:59 2025 by rpki-client