Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/eda8ef-36d3-45d4-911e-5fa90c13e1b7/1/hzaZWqq2MzL-V-CgTm5kKsxl-h0.roa
File: hzaZWqq2MzL-V-CgTm5kKsxl-h0.roa (raw, json)
Hash identifier: cMoQvBPMqt+SH0cPF5NE7fyfKehl9qC9QZz5SCdQCBs=
Subject key identifier: 87:36:99:5A:AA:B6:33:32:FE:57:E0:A0:4E:6E:64:2A:CC:65:FA:1D
Certificate issuer: /CN=f8cfdc0e5edb1cc323f9344fe2827c793e95ac6f
Certificate serial: 024B099B
Authority key identifier: F8:CF:DC:0E:5E:DB:1C:C3:23:F9:34:4F:E2:82:7C:79:3E:95:AC:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-M_cDl7bHMMj-TRP4oJ8eT6VrG8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/eda8ef-36d3-45d4-911e-5fa90c13e1b7/1/hzaZWqq2MzL-V-CgTm5kKsxl-h0.roa
Signing time: Sat 01 Jan 2022 15:00:52 +0000
ROA not before: Sat 01 Jan 2022 15:00:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43292
IP address blocks: 194.113.20.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 38472091 (0x24b099b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8cfdc0e5edb1cc323f9344fe2827c793e95ac6f
Validity
Not Before: Jan 1 15:00:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8736995aaab63332fe57e0a04e6e642acc65fa1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:9b:bb:b6:8b:bc:8e:a4:fa:81:60:43:d6:e7:
8f:40:f8:88:1f:4e:d4:00:85:43:4d:4d:36:89:42:
f1:29:df:46:a1:7f:b7:21:2d:a5:35:12:20:6b:9b:
76:e5:0d:6e:ea:2f:74:27:5a:5f:66:54:1f:07:2b:
db:ba:52:f8:c6:30:03:47:29:b7:ec:65:bf:70:7d:
a7:05:2f:2b:c3:4f:91:10:91:91:d5:2a:d2:73:71:
54:69:35:a1:c8:ee:49:c5:da:b8:19:15:3c:ed:a5:
32:d2:91:3b:33:7d:5d:97:43:79:21:2c:9a:6d:52:
0e:79:f8:4b:98:46:c6:06:d4:bd:6b:06:a3:13:d7:
a4:ec:07:e7:29:f9:a2:f4:14:46:7b:27:cc:7f:83:
b3:49:d8:ca:f4:3b:d9:56:4d:ca:e1:ff:40:23:7e:
d2:cf:87:d4:dc:b7:22:8f:b8:81:b7:24:05:d9:ae:
46:60:40:52:27:9d:74:36:e3:6b:99:32:08:76:a0:
69:83:9f:7a:60:2f:00:b8:61:e9:d3:cf:8d:e2:01:
bc:f2:55:8c:0e:dd:bc:b4:9c:b5:69:d0:ad:2a:43:
87:13:36:81:23:2f:53:95:a3:96:af:42:03:66:21:
c5:1a:59:6f:15:2a:1a:46:92:e0:9d:80:64:b8:98:
63:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:36:99:5A:AA:B6:33:32:FE:57:E0:A0:4E:6E:64:2A:CC:65:FA:1D
X509v3 Authority Key Identifier:
keyid:F8:CF:DC:0E:5E:DB:1C:C3:23:F9:34:4F:E2:82:7C:79:3E:95:AC:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-M_cDl7bHMMj-TRP4oJ8eT6VrG8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/eda8ef-36d3-45d4-911e-5fa90c13e1b7/1/hzaZWqq2MzL-V-CgTm5kKsxl-h0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/eda8ef-36d3-45d4-911e-5fa90c13e1b7/1/1-M_cDl7bHMMj-TRP4oJ8eT6VrG8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.113.20.0/23
Signature Algorithm: sha256WithRSAEncryption
8b:4f:45:cd:6e:b3:ab:dd:99:79:14:18:93:75:33:45:ad:c1:
92:5e:3f:03:88:a8:61:8e:e6:4f:da:29:9e:b2:4f:c7:83:d9:
dd:1c:aa:db:f0:d3:c1:ea:f2:17:47:69:fc:15:92:3d:7c:19:
e3:15:cf:ac:d9:3c:a6:85:ce:ac:8e:28:a7:0f:ed:80:66:1d:
41:09:51:a8:9e:fe:d2:a4:70:85:c1:7b:b9:62:b7:4c:c7:b2:
31:66:16:ad:da:fe:92:0c:d6:ca:0a:ef:89:3f:f4:a4:e2:ba:
5d:cc:a2:28:fd:ab:51:75:c2:3d:c8:99:f8:8d:20:ca:18:65:
f0:c0:7d:4d:9c:f5:f2:21:e4:e3:42:e9:3a:d9:89:40:b9:96:
23:98:f0:b4:a7:1b:c0:2a:2e:46:d2:31:ef:fb:c5:3a:33:f4:
47:85:4b:85:60:32:93:3a:1e:cb:14:20:b5:ca:39:3c:c0:10:
82:03:8d:00:9f:47:19:56:25:a7:30:2a:1f:dd:d5:4a:d7:57:
83:1b:cc:59:a8:5d:76:b5:97:01:01:14:17:7e:e7:63:6b:0c:
ee:eb:67:ac:ec:f9:73:61:85:49:d8:5c:d5:de:43:bb:09:f8:
de:2e:4e:53:8a:a0:ee:62:ed:48:8a:e4:71:92:a6:9c:6e:60:
87:f5:09:97
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEAksJmzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
OGNmZGMwZTVlZGIxY2MzMjNmOTM0NGZlMjgyN2M3OTNlOTVhYzZmMB4XDTIyMDEw
MTE1MDA1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODczNjk5NWFhYWI2
MzMzMmZlNTdlMGEwNGU2ZTY0MmFjYzY1ZmExZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALSbu7aLvI6k+oFgQ9bnj0D4iB9O1ACFQ01NNolC8SnfRqF/
tyEtpTUSIGubduUNbuovdCdaX2ZUHwcr27pS+MYwA0cpt+xlv3B9pwUvK8NPkRCR
kdUq0nNxVGk1ocjuScXauBkVPO2lMtKROzN9XZdDeSEsmm1SDnn4S5hGxgbUvWsG
oxPXpOwH5yn5ovQURnsnzH+Ds0nYyvQ72VZNyuH/QCN+0s+H1Ny3Io+4gbckBdmu
RmBAUieddDbja5kyCHagaYOfemAvALhh6dPPjeIBvPJVjA7dvLSctWnQrSpDhxM2
gSMvU5Wjlq9CA2YhxRpZbxUqGkaS4J2AZLiYY3MCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBSHNplaqrYzMv5X4KBObmQqzGX6HTAfBgNVHSMEGDAWgBT4z9wOXtscwyP5
NE/ignx5PpWsbzAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtTV9jRGw3YkhNTWotVFJQNG9KOGVUNlZyRzguY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzE3L2VkYThlZi0zNmQzLTQ1ZDQtOTExZS01ZmE5MGMxM2UxYjcv
MS9oemFaV3FxMk16TC1WLUNnVG01a0tzeGwtaDAucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzE3
L2VkYThlZi0zNmQzLTQ1ZDQtOTExZS01ZmE5MGMxM2UxYjcvMS8xLU1fY0RsN2JI
TU1qLVRSUDRvSjhlVDZWckc4LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwnEUMA0GCSqGSIb3DQEBCwUA
A4IBAQCLT0XNbrOr3Zl5FBiTdTNFrcGSXj8DiKhhjuZP2imesk/Hg9ndHKrb8NPB
6vIXR2n8FZI9fBnjFc+s2Tymhc6sjiinD+2AZh1BCVGonv7SpHCFwXu5YrdMx7Ix
Zhat2v6SDNbKCu+JP/Sk4rpdzKIo/atRdcI9yJn4jSDKGGXwwH1NnPXyIeTjQuk6
2YlAuZYjmPC0pxvAKi5G0jHv+8U6M/RHhUuFYDKTOh7LFCC1yjk8wBCCA40An0cZ
ViWnMCof3dVK11eDG8xZqF12tZcBARQXfudjawzu62es7PlzYYVJ2FzV3kO7Cfje
Lk5TiqDuYu1IiuRxkqacbmCH9QmX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:48 2024 by rpki-client on console-fra.rpki-client.org