Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/HvC4nP48GKyGrt9GNGlUFimIk2g.roa
File: HvC4nP48GKyGrt9GNGlUFimIk2g.roa (raw, json)
Hash identifier: R6UL1wEwUOdndtz7tAY9xkof0Eu9ibdvtxCIT8IElZs=
Subject key identifier: 1E:F0:B8:9C:FE:3C:18:AC:86:AE:DF:46:34:69:54:16:29:88:93:68
Certificate issuer: /CN=0bf543e23e29fb03748d0939726f30fe9affa19e
Certificate serial: 0184CD7FE12CE97F4E2C4FC68D459AFB1CF2
Authority key identifier: 0B:F5:43:E2:3E:29:FB:03:74:8D:09:39:72:6F:30:FE:9A:FF:A1:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/HvC4nP48GKyGrt9GNGlUFimIk2g.roa
Signing time: Thu 01 Dec 2022 11:43:40 +0000
ROA not before: Thu 01 Dec 2022 11:43:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 19318
IP address blocks: 152.89.168.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:cd:7f:e1:2c:e9:7f:4e:2c:4f:c6:8d:45:9a:fb:1c:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bf543e23e29fb03748d0939726f30fe9affa19e
Validity
Not Before: Dec 1 11:43:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1ef0b89cfe3c18ac86aedf463469541629889368
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:80:cc:dc:2b:b3:51:0c:2d:75:c2:49:84:b5:
75:61:a3:db:a7:b3:68:07:5c:42:61:b0:a5:f6:11:
d3:75:c5:e2:ba:55:5e:c9:68:53:a6:7d:8a:04:d0:
65:4d:f7:5a:46:cb:05:a2:68:58:06:06:5d:6c:c7:
b3:d6:99:e9:f8:b1:97:b3:f8:19:2c:4c:c7:cc:e1:
52:2c:f9:dd:77:68:5d:0b:95:32:b3:8c:d6:57:82:
92:e3:48:91:99:3d:01:50:90:9f:d7:2b:24:0b:bb:
a0:dc:91:31:87:ea:69:81:31:ed:7b:75:ae:ad:56:
0b:e5:08:b6:ff:65:61:0a:56:0b:a4:af:fc:d0:7f:
db:63:8c:82:ba:25:8b:56:ea:41:d8:61:b0:fa:9e:
3f:3b:96:0b:ed:b3:77:7f:6b:19:a5:a5:3c:b4:0d:
6d:fe:73:28:7f:60:46:fc:c6:03:39:4e:14:0f:07:
b4:ee:69:f8:fe:01:dc:e5:36:b4:b6:94:8a:eb:32:
c6:5b:eb:09:68:d7:07:a6:42:5e:ca:78:fc:56:09:
0a:59:05:65:7b:9c:03:df:08:2e:5b:ba:b9:ac:77:
78:9a:73:2e:58:21:f1:4b:c3:8e:a3:27:33:ce:01:
25:af:fb:98:57:d2:9d:50:de:b1:9d:5c:1f:ea:54:
11:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:F0:B8:9C:FE:3C:18:AC:86:AE:DF:46:34:69:54:16:29:88:93:68
X509v3 Authority Key Identifier:
keyid:0B:F5:43:E2:3E:29:FB:03:74:8D:09:39:72:6F:30:FE:9A:FF:A1:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/HvC4nP48GKyGrt9GNGlUFimIk2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.168.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:95:6c:9d:73:5f:ef:22:a5:0b:f4:fa:c6:6a:bb:2b:3b:32:
7c:22:30:27:3a:42:57:06:08:ee:3e:a3:e0:bd:12:d6:94:d1:
73:01:7e:b9:1b:21:d1:e2:75:53:31:14:d6:8b:a9:dc:e9:3d:
03:ae:dc:55:31:b5:e3:a9:e9:13:8a:60:8d:ca:fa:47:82:a3:
ef:dc:cf:4d:6d:5d:1c:d2:58:f8:4c:84:a4:8c:ec:c6:3e:69:
d9:a1:f1:53:f3:d3:89:c6:2b:71:2a:dd:e5:63:b2:e8:4a:ad:
fa:16:06:22:40:13:eb:b8:69:f0:e1:23:95:1b:f8:9e:b1:6b:
f2:81:67:41:4b:1f:a4:dc:f7:95:84:24:97:ea:b8:1a:5a:dc:
60:1f:0b:4a:f8:d0:8c:93:4d:3c:5d:0d:44:a8:05:b8:36:73:
25:23:3c:6c:a4:e2:62:5a:52:53:2e:f3:a7:ff:6d:e0:6e:4c:
ee:af:c1:84:a6:2a:94:b5:02:74:52:a7:3c:8d:f3:17:aa:fa:
22:f9:23:47:87:cd:bb:03:5e:2d:3a:15:6e:18:7d:2a:dd:f8:
0c:26:9e:2a:46:60:d4:82:64:64:9b:44:42:30:c3:fa:01:75:
65:1a:13:4d:11:6f:4b:b6:6e:77:f7:95:6a:64:c6:36:aa:7c:
f7:18:bd:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTNf+Es6X9OLE/GjUWa+xzyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiZjU0M2UyM2UyOWZiMDM3NDhkMDkzOTcyNmYzMGZlOWFm
ZmExOWUwHhcNMjIxMjAxMTE0MzQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWYwYjg5Y2ZlM2MxOGFjODZhZWRmNDYzNDY5NTQxNjI5ODg5MzY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxoDM3CuzUQwtdcJJhLV1YaPbp7No
B1xCYbCl9hHTdcXiulVeyWhTpn2KBNBlTfdaRssFomhYBgZdbMez1pnp+LGXs/gZ
LEzHzOFSLPndd2hdC5Uys4zWV4KS40iRmT0BUJCf1yskC7ug3JExh+ppgTHte3Wu
rVYL5Qi2/2VhClYLpK/80H/bY4yCuiWLVupB2GGw+p4/O5YL7bN3f2sZpaU8tA1t
/nMof2BG/MYDOU4UDwe07mn4/gHc5Ta0tpSK6zLGW+sJaNcHpkJeynj8VgkKWQVl
e5wD3wguW7q5rHd4mnMuWCHxS8OOoyczzgElr/uYV9KdUN6xnVwf6lQRbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB7wuJz+PBishq7fRjRpVBYpiJNoMB8GA1UdIwQY
MBaAFAv1Q+I+KfsDdI0JOXJvMP6a/6GeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ19WRDRqNHAtd04walFrNWNtOHdfcHJfb1o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9hZmEzNGMtZjNmMC00MDVjLWIwODMt
YTM1ZmM0MzhkNGNhLzEvSHZDNG5QNDhHS3lHcnQ5R05HbFVGaW1JazJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9hZmEzNGMtZjNmMC00MDVjLWIwODMtYTM1ZmM0MzhkNGNh
LzEvQ19WRDRqNHAtd04walFrNWNtOHdfcHJfb1o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmFmoMA0G
CSqGSIb3DQEBCwUAA4IBAQArlWydc1/vIqUL9PrGarsrOzJ8IjAnOkJXBgjuPqPg
vRLWlNFzAX65GyHR4nVTMRTWi6nc6T0DrtxVMbXjqekTimCNyvpHgqPv3M9NbV0c
0lj4TISkjOzGPmnZofFT89OJxitxKt3lY7LoSq36FgYiQBPruGnw4SOVG/iesWvy
gWdBSx+k3PeVhCSX6rgaWtxgHwtK+NCMk008XQ1EqAW4NnMlIzxspOJiWlJTLvOn
/23gbkzur8GEpiqUtQJ0Uqc8jfMXqvoi+SNHh827A14tOhVuGH0q3fgMJp4qRmDU
gmRkm0RCMMP6AXVlGhNNEW9Ltm5395VqZMY2qnz3GL0Z
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:53 2023 by rpki-client on console-ams.rpki-client.org