Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/d8e184-e79b-47fe-96dc-5ba4235ce619/1/HDxEHd194jCvhvahKHV4T8NT01U.roa
File: HDxEHd194jCvhvahKHV4T8NT01U.roa (raw, json)
Hash identifier: yfEi/pmvrYyxnF4u5VelwV2mTjfK5yl0X4G8ysvsSgM=
Subject key identifier: 1C:3C:44:1D:DD:7D:E2:30:AF:86:F6:A1:28:75:78:4F:C3:53:D3:55
Certificate issuer: /CN=aa70fbb3db228437d605799ac4f4598d22e13e1b
Certificate serial: 0CB00929
Authority key identifier: AA:70:FB:B3:DB:22:84:37:D6:05:79:9A:C4:F4:59:8D:22:E1:3E:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qnD7s9sihDfWBXmaxPRZjSLhPhs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/d8e184-e79b-47fe-96dc-5ba4235ce619/1/HDxEHd194jCvhvahKHV4T8NT01U.roa
Signing time: Tue 10 May 2022 12:54:03 +0000
ROA not before: Tue 10 May 2022 12:54:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35223
IP address blocks: 193.168.168.0/22 maxlen: 22
82.117.0.0/19 maxlen: 19
2a03:5480::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 212863273 (0xcb00929)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa70fbb3db228437d605799ac4f4598d22e13e1b
Validity
Not Before: May 10 12:54:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1c3c441ddd7de230af86f6a12875784fc353d355
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:f1:a3:3e:a4:dd:a6:4f:c0:02:4a:0e:44:55:
10:a2:bc:24:52:40:99:84:82:fe:55:21:c8:9d:bf:
6f:c0:d9:05:f4:ca:a4:3e:ff:de:ad:b3:9f:24:4b:
29:e9:43:41:33:d4:12:b2:84:81:d5:0d:15:ff:84:
ab:71:16:e9:a7:8d:c5:01:b3:ff:5c:38:19:9e:f1:
60:92:85:63:0b:15:cf:6a:6c:cb:32:c8:22:10:09:
15:fc:63:59:75:f5:d8:e9:0a:2b:2a:b9:36:e9:e5:
70:bd:62:ff:53:91:f1:cc:ed:93:62:d8:47:90:07:
8d:f2:5f:35:6f:c1:cb:bd:20:05:61:28:47:d0:d5:
16:8c:98:08:7c:8d:d5:5d:77:ed:75:94:fb:43:f1:
bd:b8:0f:40:d0:0d:1b:6c:b1:19:65:2e:7f:ff:04:
e6:fc:68:35:86:e3:71:4d:c5:88:f6:c9:1e:5c:4a:
e0:3a:ee:1f:ee:0b:14:e8:00:52:19:e9:e6:96:e5:
4d:4f:e5:bd:a3:56:c5:3e:48:09:d1:73:59:9f:f9:
5a:d6:c9:d0:45:af:b1:1e:06:fe:0d:65:2b:6a:00:
8f:b2:dd:b2:18:ae:0a:96:32:bf:86:76:52:96:7f:
69:85:22:e5:d5:0f:a8:46:ff:89:7a:3e:8f:fb:0a:
8f:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:3C:44:1D:DD:7D:E2:30:AF:86:F6:A1:28:75:78:4F:C3:53:D3:55
X509v3 Authority Key Identifier:
keyid:AA:70:FB:B3:DB:22:84:37:D6:05:79:9A:C4:F4:59:8D:22:E1:3E:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qnD7s9sihDfWBXmaxPRZjSLhPhs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/d8e184-e79b-47fe-96dc-5ba4235ce619/1/HDxEHd194jCvhvahKHV4T8NT01U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/d8e184-e79b-47fe-96dc-5ba4235ce619/1/qnD7s9sihDfWBXmaxPRZjSLhPhs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.117.0.0/19
193.168.168.0/22
IPv6:
2a03:5480::/29
Signature Algorithm: sha256WithRSAEncryption
c3:a2:7e:c6:0f:1f:6c:c9:69:68:a8:29:e4:1f:2a:f4:c5:b7:
6b:84:8a:cd:b9:c2:7c:0c:03:51:aa:5b:40:28:32:36:42:dc:
ed:d7:4a:be:d0:7c:c0:57:60:fc:0e:57:30:4b:02:b4:c3:24:
a8:5e:a7:41:dc:9e:8b:d4:99:76:e4:ca:52:5e:21:10:76:23:
23:2b:14:4e:40:6b:c2:d0:cc:52:c1:e3:91:14:af:a6:4c:21:
29:7a:86:86:64:6f:4d:1e:7d:54:74:4a:dd:64:f9:15:ce:1e:
1d:f4:2e:76:93:69:94:88:1f:ea:5b:72:fe:53:7e:9c:03:87:
46:4f:0c:65:26:80:67:5c:f6:89:c7:81:6e:7e:cd:99:b3:00:
c2:07:fb:61:06:37:6c:82:4d:05:7e:e8:39:96:e3:75:ed:c6:
f5:a8:70:d6:d7:bb:01:32:69:45:f0:a1:5b:30:08:56:3c:56:
30:e3:2f:85:23:c9:93:ef:cc:d2:57:9c:8c:86:ff:50:8c:b7:
4e:10:06:02:47:52:53:89:1c:16:c4:09:3d:5f:96:d6:15:8b:
fc:36:81:c6:b2:74:55:8c:f3:f4:da:d7:5f:a4:3b:78:ef:6e:
b5:3d:4c:98:d7:9f:fa:c1:11:25:89:d7:b9:ab:6f:4d:d0:a6:
6f:65:1d:47
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEDLAJKTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YTcwZmJiM2RiMjI4NDM3ZDYwNTc5OWFjNGY0NTk4ZDIyZTEzZTFiMB4XDTIyMDUx
MDEyNTQwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWMzYzQ0MWRkZDdk
ZTIzMGFmODZmNmExMjg3NTc4NGZjMzUzZDM1NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIvxoz6k3aZPwAJKDkRVEKK8JFJAmYSC/lUhyJ2/b8DZBfTK
pD7/3q2znyRLKelDQTPUErKEgdUNFf+Eq3EW6aeNxQGz/1w4GZ7xYJKFYwsVz2ps
yzLIIhAJFfxjWXX12OkKKyq5NunlcL1i/1OR8cztk2LYR5AHjfJfNW/By70gBWEo
R9DVFoyYCHyN1V137XWU+0PxvbgPQNANG2yxGWUuf/8E5vxoNYbjcU3FiPbJHlxK
4DruH+4LFOgAUhnp5pblTU/lvaNWxT5ICdFzWZ/5WtbJ0EWvsR4G/g1lK2oAj7Ld
shiuCpYyv4Z2UpZ/aYUi5dUPqEb/iXo+j/sKj8sCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQcPEQd3X3iMK+G9qEodXhPw1PTVTAfBgNVHSMEGDAWgBSqcPuz2yKEN9YF
eZrE9FmNIuE+GzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FuRDdzOXNpaERmV0JYbWF4UFJaalNMaFBocy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjcvZDhlMTg0LWU3OWItNDdmZS05NmRjLTViYTQyMzVjZTYxOS8x
L0hEeEVIZDE5NGpDdmh2YWhLSFY0VDhOVDAxVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjcv
ZDhlMTg0LWU3OWItNDdmZS05NmRjLTViYTQyMzVjZTYxOS8xL3FuRDdzOXNpaERm
V0JYbWF4UFJaalNMaFBocy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEBVJ1AAMEAsGoqDANBAIAAjAHAwUD
KgNUgDANBgkqhkiG9w0BAQsFAAOCAQEAw6J+xg8fbMlpaKgp5B8q9MW3a4SKzbnC
fAwDUapbQCgyNkLc7ddKvtB8wFdg/A5XMEsCtMMkqF6nQdyei9SZduTKUl4hEHYj
IysUTkBrwtDMUsHjkRSvpkwhKXqGhmRvTR59VHRK3WT5Fc4eHfQudpNplIgf6lty
/lN+nAOHRk8MZSaAZ1z2iceBbn7NmbMAwgf7YQY3bIJNBX7oOZbjde3G9ahw1te7
ATJpRfChWzAIVjxWMOMvhSPJk+/M0lecjIb/UIy3ThAGAkdSU4kcFsQJPV+W1hWL
/DaBxrJ0VYzz9NrXX6Q7eO9utT1MmNef+sERJYnXuatvTdCmb2UdRw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:20 2023 by rpki-client on console-ams.rpki-client.org