Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/HXCEldbR-4WE_213v9CjQVULT0U.roa
File: HXCEldbR-4WE_213v9CjQVULT0U.roa (raw, json)
Hash identifier: TQAuqGITd9P1rlKP3jAaRRFgiAofNgWjwUquQRIRv5g=
Subject key identifier: 1D:70:84:95:D6:D1:FB:85:84:FF:6D:77:BF:D0:A3:41:55:0B:4F:45
Certificate issuer: /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial: 01849C070318B375291D7C515B83994CA294
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/HXCEldbR-4WE_213v9CjQVULT0U.roa
Signing time: Mon 21 Nov 2022 21:10:16 +0000
ROA not before: Mon 21 Nov 2022 21:10:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44094
IP address blocks: 45.150.64.0/24 maxlen: 32
45.144.31.0/24 maxlen: 32
45.144.30.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9c:07:03:18:b3:75:29:1d:7c:51:5b:83:99:4c:a2:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
Validity
Not Before: Nov 21 21:10:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1d708495d6d1fb8584ff6d77bfd0a341550b4f45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:2e:db:5a:8e:08:86:14:69:fa:02:70:50:8b:
ba:b2:94:2b:45:c9:17:4e:af:c8:15:1d:2f:ea:63:
79:62:88:5b:e3:c5:2c:ce:2c:6b:d0:4b:f5:ee:1d:
be:67:0d:ee:17:0c:42:27:b9:1f:bf:46:13:db:34:
ea:19:4c:0c:97:0d:23:4b:7d:7e:b9:e5:72:f0:33:
bc:4e:4f:8f:2c:a3:7a:9c:a9:90:67:d3:98:f6:7c:
15:18:42:c7:96:40:62:2d:a9:08:7c:ef:be:16:ca:
dd:fc:1a:ee:8f:e5:ce:48:62:56:ff:73:05:b2:da:
1d:e8:8e:7b:06:d3:b1:dd:dc:de:b1:8b:51:4d:0f:
97:dc:8e:b6:9c:d3:3e:2d:89:0b:67:24:fb:d4:a3:
b5:74:21:a9:d1:70:67:a8:cb:c6:bf:70:28:27:10:
39:bc:63:c0:b4:d3:14:e3:91:af:b1:5b:c2:b4:fe:
af:39:8d:e9:f9:9a:22:90:db:54:4f:8e:76:cc:1b:
2d:fd:fb:89:9f:d6:0e:c9:f9:44:11:59:40:b6:52:
c8:5d:eb:03:2a:6e:d0:9c:b4:1d:e5:17:f3:e4:6c:
8f:33:04:98:8b:60:20:77:6b:dc:3a:1d:ab:f3:81:
a4:a3:3d:ab:21:53:9c:8d:48:5f:fa:ac:bd:80:1c:
0f:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:70:84:95:D6:D1:FB:85:84:FF:6D:77:BF:D0:A3:41:55:0B:4F:45
X509v3 Authority Key Identifier:
keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/HXCEldbR-4WE_213v9CjQVULT0U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.30.0/23
45.150.64.0/24
Signature Algorithm: sha256WithRSAEncryption
50:56:9e:d1:98:8d:f0:7e:21:9a:84:28:c1:1f:c3:dc:65:a9:
a1:d9:ee:c7:6d:4b:bf:bc:9d:f0:87:17:48:7f:0f:e5:74:8a:
96:21:67:88:88:34:cc:a7:22:69:3d:7f:3a:29:0d:9f:67:3d:
98:b7:bc:23:b1:4a:5d:57:f6:48:9b:c2:60:91:52:2f:82:c9:
62:31:25:2e:ba:97:f3:de:e7:92:80:87:6b:f9:74:5f:db:97:
71:c6:53:f3:02:c6:53:63:27:e4:b6:64:3f:b6:44:ea:1d:b9:
e3:8a:7c:6c:70:91:ad:dc:15:8a:50:cd:7f:b0:a1:59:68:57:
83:43:03:d2:e2:40:8c:e8:f2:1e:d3:5c:c6:37:2a:0f:2d:83:
dd:57:ee:f3:6b:97:17:bf:25:8d:04:cf:10:6d:51:f7:33:7e:
1a:cd:33:6f:c1:ce:b3:31:14:44:bd:ac:3e:0e:99:af:73:e1:
97:f5:ba:b7:a7:60:d6:54:c3:93:3f:db:42:b2:50:73:b2:34:
9c:59:04:61:1a:04:61:b3:8f:45:dc:7f:c3:03:4a:80:04:3e:
13:7b:f1:18:ab:7b:d6:9c:da:62:45:7c:d7:59:56:3f:4f:32:
62:8e:75:57:04:ce:85:5d:15:78:7d:18:41:78:bf:4d:a0:bf:
b4:c4:fc:62
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYScBwMYs3UpHXxRW4OZTKKUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODQxMTM1NDVkOTAwMDc2MGY2NjA2MmE0MjIxOTMzYTJl
OTU5ZDgwHhcNMjIxMTIxMjExMDE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDcwODQ5NWQ2ZDFmYjg1ODRmZjZkNzdiZmQwYTM0MTU1MGI0ZjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAti7bWo4IhhRp+gJwUIu6spQrRckX
Tq/IFR0v6mN5Yohb48Uszixr0Ev17h2+Zw3uFwxCJ7kfv0YT2zTqGUwMlw0jS31+
ueVy8DO8Tk+PLKN6nKmQZ9OY9nwVGELHlkBiLakIfO++Fsrd/Bruj+XOSGJW/3MF
stod6I57BtOx3dzesYtRTQ+X3I62nNM+LYkLZyT71KO1dCGp0XBnqMvGv3AoJxA5
vGPAtNMU45GvsVvCtP6vOY3p+ZoikNtUT452zBst/fuJn9YOyflEEVlAtlLIXesD
Km7QnLQd5Rfz5GyPMwSYi2Agd2vcOh2r84Gkoz2rIVOcjUhf+qy9gBwPvQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB1whJXW0fuFhP9td7/Qo0FVC09FMB8GA1UdIwQY
MBaAFL+EETVF2QAHYPZgYqQiGTOi6VnYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEt
NGJkNjNhZGM3MzU0LzEvSFhDRWxkYlItNFdFXzIxM3Y5Q2pRVlVMVDBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEtNGJkNjNhZGM3MzU0
LzEvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLZAeAwQA
LZZAMA0GCSqGSIb3DQEBCwUAA4IBAQBQVp7RmI3wfiGahCjBH8PcZamh2e7HbUu/
vJ3whxdIfw/ldIqWIWeIiDTMpyJpPX86KQ2fZz2Yt7wjsUpdV/ZIm8JgkVIvgsli
MSUuupfz3ueSgIdr+XRf25dxxlPzAsZTYyfktmQ/tkTqHbnjinxscJGt3BWKUM1/
sKFZaFeDQwPS4kCM6PIe01zGNyoPLYPdV+7za5cXvyWNBM8QbVH3M34azTNvwc6z
MRREvaw+Dpmvc+GX9bq3p2DWVMOTP9tCslBzsjScWQRhGgRhs49F3H/DA0qABD4T
e/EYq3vWnNpiRXzXWVY/TzJijnVXBM6FXRV4fRhBeL9NoL+0xPxi
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:23 2023 by rpki-client on console-fra.rpki-client.org