Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/HgCwhle2KDkttX2OE1kGmerTgLs.roa
File: HgCwhle2KDkttX2OE1kGmerTgLs.roa (raw, json)
Hash identifier: 3n/hoBpG9gLHnlY7hnNUKNWNJSS862kPbQh9dydKUGE=
Subject key identifier: 1E:00:B0:86:57:B6:28:39:2D:B5:7D:8E:13:59:06:99:EA:D3:80:BB
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0184003E44EC5DDE395224F9A218F532E023
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/HgCwhle2KDkttX2OE1kGmerTgLs.roa
Signing time: Sat 22 Oct 2022 15:09:51 +0000
ROA not before: Sat 22 Oct 2022 15:09:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 45.94.168.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:00:3e:44:ec:5d:de:39:52:24:f9:a2:18:f5:32:e0:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Oct 22 15:09:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1e00b08657b628392db57d8e13590699ead380bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:f9:35:a3:e5:8d:67:6f:a1:1c:37:77:79:ff:
61:2f:8e:73:fd:1e:e9:96:10:75:8a:9d:fe:96:03:
94:04:0e:e6:e0:1d:ff:ff:ef:2c:2c:7a:99:29:fd:
ff:65:ba:6a:12:ca:15:76:20:b9:06:e4:50:3d:0a:
63:d0:9f:0b:2b:c4:c8:93:ec:a9:c5:95:3d:b7:41:
45:53:33:ef:47:0c:05:56:0d:20:9d:58:51:89:7b:
6a:02:0d:34:ef:4b:53:70:af:c1:1a:f7:c2:60:50:
3e:67:6d:e6:d6:95:96:45:93:a8:a3:97:25:00:e7:
ca:7e:0f:ec:85:7d:ce:33:fa:87:1f:b4:a6:8b:e4:
f6:bf:25:c8:44:53:55:4c:17:e5:ea:99:b9:fc:fc:
34:1a:dd:04:15:49:a7:20:26:81:81:c7:7e:62:da:
a6:45:10:f8:dc:17:60:13:82:42:af:8c:00:85:66:
21:91:26:b8:34:45:51:cf:9e:15:fd:70:b8:03:63:
e9:7a:5c:f1:c4:1b:f8:20:cb:09:da:17:b5:6a:64:
88:33:cf:8a:82:ee:9c:3c:26:b9:a3:a5:6b:b4:be:
c0:c4:c6:1e:3e:fa:89:79:19:c3:87:0a:79:26:24:
ea:ad:12:88:3b:3d:8a:28:0f:e7:e9:23:cb:c9:10:
b5:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:00:B0:86:57:B6:28:39:2D:B5:7D:8E:13:59:06:99:EA:D3:80:BB
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/HgCwhle2KDkttX2OE1kGmerTgLs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.168.0/22
Signature Algorithm: sha256WithRSAEncryption
a4:d1:7b:5e:4e:a2:fb:8b:24:cd:bf:a5:b6:1a:29:c4:ac:b0:
95:1a:5d:6d:ea:ea:0d:ed:4a:57:e6:87:0f:51:7b:f1:e6:fc:
54:ab:ed:97:4a:1e:4b:d6:c1:a3:37:2e:c8:0d:3a:51:90:29:
1d:77:83:69:26:12:eb:be:1e:ea:a4:9e:d5:00:6e:e2:5a:c5:
cb:f9:3d:9d:41:60:b4:08:52:a4:dc:e2:9e:67:35:da:dc:58:
a0:91:a9:fb:42:99:e0:a6:75:df:7b:3a:87:45:48:0f:1b:cd:
14:3d:08:7c:73:5f:4f:4e:f7:c0:5c:01:f6:27:16:5a:4c:6f:
47:de:ad:ff:bc:8b:3d:13:d6:d5:6e:86:ad:fc:03:f3:1e:64:
f6:bd:62:54:7b:1a:5f:51:df:bd:bb:f3:55:6a:fd:5c:b7:28:
81:8a:9c:88:64:58:33:43:86:3d:f0:a4:dd:60:56:a1:0f:82:
a1:0a:a4:85:6c:0d:bd:2a:03:7d:aa:20:5d:3c:57:b4:a0:18:
b5:3e:18:56:cc:8b:e5:16:4a:da:ab:1d:c0:b1:ac:63:e3:85:
eb:04:8e:2e:7a:46:b3:08:c5:c4:e2:7d:1d:a2:05:45:8b:8c:
c9:0b:15:94:3d:1b:1a:ed:9e:82:3c:b5:03:42:87:3a:fc:38:
34:70:34:c3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQAPkTsXd45UiT5ohj1MuAjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjIxMDIyMTUwOTUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTAwYjA4NjU3YjYyODM5MmRiNTdkOGUxMzU5MDY5OWVhZDM4MGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnfk1o+WNZ2+hHDd3ef9hL45z/R7p
lhB1ip3+lgOUBA7m4B3//+8sLHqZKf3/ZbpqEsoVdiC5BuRQPQpj0J8LK8TIk+yp
xZU9t0FFUzPvRwwFVg0gnVhRiXtqAg0070tTcK/BGvfCYFA+Z23m1pWWRZOoo5cl
AOfKfg/shX3OM/qHH7Smi+T2vyXIRFNVTBfl6pm5/Pw0Gt0EFUmnICaBgcd+Ytqm
RRD43BdgE4JCr4wAhWYhkSa4NEVRz54V/XC4A2PpelzxxBv4IMsJ2he1amSIM8+K
gu6cPCa5o6VrtL7AxMYePvqJeRnDhwp5JiTqrRKIOz2KKA/n6SPLyRC1iwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB4AsIZXtig5LbV9jhNZBpnq04C7MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvSGdDd2hsZTJLRGt0dFgyT0Uxa0dtZXJUZ0xzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLV6oMA0G
CSqGSIb3DQEBCwUAA4IBAQCk0XteTqL7iyTNv6W2GinErLCVGl1t6uoN7UpX5ocP
UXvx5vxUq+2XSh5L1sGjNy7IDTpRkCkdd4NpJhLrvh7qpJ7VAG7iWsXL+T2dQWC0
CFKk3OKeZzXa3Figkan7QpngpnXfezqHRUgPG80UPQh8c19PTvfAXAH2JxZaTG9H
3q3/vIs9E9bVboat/APzHmT2vWJUexpfUd+9u/NVav1ctyiBipyIZFgzQ4Y98KTd
YFahD4KhCqSFbA29KgN9qiBdPFe0oBi1PhhWzIvlFkraqx3Asaxj44XrBI4uekaz
CMXE4n0dogVFi4zJCxWUPRsa7Z6CPLUDQoc6/Dg0cDTD
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:20 2023 by rpki-client on console-ams.rpki-client.org