Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/ad6f5f-53b5-4e07-94b4-70f94d5ee5fc/1/HmfxAIIRePz0SMgbW0dNC05mxas.roa
File: HmfxAIIRePz0SMgbW0dNC05mxas.roa (raw, json)
Hash identifier: 3HBk3DBPV9EY80zti7zOjrikEnlkXmt/rW+jM99cJgk=
Subject key identifier: 1E:67:F1:00:82:11:78:FC:F4:48:C8:1B:5B:47:4D:0B:4E:66:C5:AB
Certificate issuer: /CN=f4e018fddfd422517c3069e75658657b40e73601
Certificate serial: 165B8592
Authority key identifier: F4:E0:18:FD:DF:D4:22:51:7C:30:69:E7:56:58:65:7B:40:E7:36:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9OAY_d_UIlF8MGnnVlhle0DnNgE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/ad6f5f-53b5-4e07-94b4-70f94d5ee5fc/1/HmfxAIIRePz0SMgbW0dNC05mxas.roa
Signing time: Sat 01 Jan 2022 10:01:22 +0000
ROA not before: Sat 01 Jan 2022 10:01:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207291
IP address blocks: 195.191.140.0/24 maxlen: 24
195.191.176.0/24 maxlen: 24
141.136.38.0/24 maxlen: 24
141.136.40.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 375096722 (0x165b8592)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4e018fddfd422517c3069e75658657b40e73601
Validity
Not Before: Jan 1 10:01:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1e67f100821178fcf448c81b5b474d0b4e66c5ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:04:a0:67:9e:e8:ba:e7:30:ea:98:7c:09:93:
aa:d9:0f:fa:e8:17:a3:26:1a:b2:ec:27:01:19:54:
37:75:6b:2a:84:2b:31:29:dd:57:6d:d4:01:cd:19:
0f:a3:45:e5:6c:0c:73:91:0b:49:94:87:a3:15:29:
a8:45:b0:2b:83:db:e0:25:c9:5e:3c:f4:b4:c0:14:
fd:11:c1:97:2c:6d:ba:a9:7b:38:ce:d9:91:e0:dd:
0c:32:3a:bb:67:c7:36:0a:41:58:56:02:c2:45:b6:
11:3f:b4:a9:b3:90:48:29:0a:d3:e9:72:2a:11:f6:
df:57:b6:7d:94:43:ac:1f:9f:84:c2:b8:f2:5d:eb:
18:69:73:cd:48:e0:38:d6:63:d1:df:67:b3:69:a8:
25:d5:8e:45:d7:2d:fe:9b:cd:7b:4e:45:e3:b8:ef:
dd:df:fc:3a:e5:eb:3d:b6:f9:4d:98:b6:c2:97:d7:
11:4f:1c:9d:9b:12:bc:9f:44:90:e3:90:b0:14:c5:
0a:6c:02:5e:e5:1d:98:cb:d3:ec:17:53:08:4e:c3:
e9:79:ee:e4:ac:ce:f4:83:4a:0f:0a:2d:7c:6f:d1:
a4:89:f6:a8:cd:99:03:40:28:61:58:aa:6e:98:b4:
2b:de:ae:0c:0d:89:3f:52:4a:df:68:7b:7c:c3:a2:
b3:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:67:F1:00:82:11:78:FC:F4:48:C8:1B:5B:47:4D:0B:4E:66:C5:AB
X509v3 Authority Key Identifier:
keyid:F4:E0:18:FD:DF:D4:22:51:7C:30:69:E7:56:58:65:7B:40:E7:36:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9OAY_d_UIlF8MGnnVlhle0DnNgE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/ad6f5f-53b5-4e07-94b4-70f94d5ee5fc/1/HmfxAIIRePz0SMgbW0dNC05mxas.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/ad6f5f-53b5-4e07-94b4-70f94d5ee5fc/1/9OAY_d_UIlF8MGnnVlhle0DnNgE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.136.38.0/24
141.136.40.0/24
195.191.140.0/24
195.191.176.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:6c:0c:bf:74:a2:77:a5:13:5a:42:97:58:b6:13:70:13:60:
ee:88:cb:b9:be:a9:92:0a:00:71:b5:de:d4:8f:d6:20:54:70:
eb:80:ba:99:8a:f7:9a:f1:26:aa:e9:ac:a1:0e:65:45:8d:27:
96:13:54:1c:1d:7e:37:4f:e7:73:66:c6:2d:90:4b:ec:22:69:
8b:2e:27:93:fd:f5:0c:94:37:20:6a:9d:1a:1b:1d:3c:60:fd:
c8:af:7a:e2:3c:a6:29:c4:6e:a3:03:b5:07:aa:22:51:a5:1a:
7f:64:ec:52:a7:a1:87:9a:60:bf:82:63:b6:c3:ff:00:91:e0:
29:61:ff:e1:19:2f:c0:dc:48:8e:f2:e6:0a:d9:aa:64:10:20:
54:ae:f5:a3:ee:c8:4c:55:4a:7f:f5:93:85:40:0a:7e:d6:20:
48:6d:fb:70:a9:c3:49:59:fa:4a:19:93:26:67:50:08:cc:90:
86:58:40:00:91:b9:2c:e2:52:89:82:71:1f:d9:a1:c5:25:e7:
60:3a:d1:74:5f:e6:0b:6f:89:d6:61:10:85:c4:ab:df:37:bc:
39:7e:4a:83:cd:0f:32:7d:fe:a0:88:22:6c:78:37:4b:f5:2b:
12:33:b4:78:d8:83:82:26:93:6d:24:79:cb:53:69:1f:6d:6b:
5d:95:24:b6
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEFluFkjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NGUwMThmZGRmZDQyMjUxN2MzMDY5ZTc1NjU4NjU3YjQwZTczNjAxMB4XDTIyMDEw
MTEwMDEyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWU2N2YxMDA4MjEx
NzhmY2Y0NDhjODFiNWI0NzRkMGI0ZTY2YzVhYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALwEoGee6LrnMOqYfAmTqtkP+ugXoyYasuwnARlUN3VrKoQr
MSndV23UAc0ZD6NF5WwMc5ELSZSHoxUpqEWwK4Pb4CXJXjz0tMAU/RHBlyxtuql7
OM7ZkeDdDDI6u2fHNgpBWFYCwkW2ET+0qbOQSCkK0+lyKhH231e2fZRDrB+fhMK4
8l3rGGlzzUjgONZj0d9ns2moJdWORdct/pvNe05F47jv3d/8OuXrPbb5TZi2wpfX
EU8cnZsSvJ9EkOOQsBTFCmwCXuUdmMvT7BdTCE7D6Xnu5KzO9INKDwotfG/RpIn2
qM2ZA0AoYViqbpi0K96uDA2JP1JK32h7fMOis80CAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBQeZ/EAghF4/PRIyBtbR00LTmbFqzAfBgNVHSMEGDAWgBT04Bj939QiUXww
aedWWGV7QOc2ATAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlPQVlfZF9VSWxGOE1Hbm5WbGhsZTBEbk5nRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTIvYWQ2ZjVmLTUzYjUtNGUwNy05NGI0LTcwZjk0ZDVlZTVmYy8x
L0htZnhBSUlSZVB6MFNNZ2JXMGROQzA1bXhhcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTIv
YWQ2ZjVmLTUzYjUtNGUwNy05NGI0LTcwZjk0ZDVlZTVmYy8xLzlPQVlfZF9VSWxG
OE1Hbm5WbGhsZTBEbk5nRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAI2IJgMEAI2IKAMEAMO/jAMEAMO/
sDANBgkqhkiG9w0BAQsFAAOCAQEATGwMv3Sid6UTWkKXWLYTcBNg7ojLub6pkgoA
cbXe1I/WIFRw64C6mYr3mvEmqumsoQ5lRY0nlhNUHB1+N0/nc2bGLZBL7CJpiy4n
k/31DJQ3IGqdGhsdPGD9yK964jymKcRuowO1B6oiUaUaf2TsUqehh5pgv4JjtsP/
AJHgKWH/4RkvwNxIjvLmCtmqZBAgVK71o+7ITFVKf/WThUAKftYgSG37cKnDSVn6
ShmTJmdQCMyQhlhAAJG5LOJSiYJxH9mhxSXnYDrRdF/mC2+J1mEQhcSr3ze8OX5K
g80PMn3+oIgibHg3S/UrEjO0eNiDgiaTbSR5y1NpH21rXZUktg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:16 2023 by rpki-client on console-fra.rpki-client.org