Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/eefa72-8f4c-486c-b019-b4eaa0561fc7/1/hWpSGVoNJI3tOkl1GnNxnzNbIak.roa
File: hWpSGVoNJI3tOkl1GnNxnzNbIak.roa (raw, json)
Hash identifier: 2csHzEuOuTuxU/ZJsqoSAIj2s+fQKdbGEkARp+6jhoM=
Subject key identifier: 85:6A:52:19:5A:0D:24:8D:ED:3A:49:75:1A:73:71:9F:33:5B:21:A9
Certificate issuer: /CN=d2075c84f529c87dd85fd4afea4e0934366af54a
Certificate serial: 12D2BD56
Authority key identifier: D2:07:5C:84:F5:29:C8:7D:D8:5F:D4:AF:EA:4E:09:34:36:6A:F5:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0gdchPUpyH3YX9Sv6k4JNDZq9Uo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/eefa72-8f4c-486c-b019-b4eaa0561fc7/1/hWpSGVoNJI3tOkl1GnNxnzNbIak.roa
Signing time: Sat 01 Jan 2022 14:08:47 +0000
ROA not before: Sat 01 Jan 2022 14:08:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20751
IP address blocks: 78.40.213.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 315800918 (0x12d2bd56)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2075c84f529c87dd85fd4afea4e0934366af54a
Validity
Not Before: Jan 1 14:08:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=856a52195a0d248ded3a49751a73719f335b21a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:7e:ca:c0:5c:5b:6f:65:d7:0f:c7:1b:99:47:
85:09:73:43:a4:b4:80:c6:05:d2:8e:ca:35:e5:92:
e8:aa:3d:86:ad:a4:ba:a4:20:9d:8f:20:96:14:03:
58:0f:87:aa:45:b1:2a:bb:03:5b:96:a2:5c:08:c2:
68:6f:bd:7d:69:ef:72:27:1c:bd:83:e2:02:6e:65:
48:53:a1:b6:bf:5b:78:10:00:ab:20:1c:09:e6:3d:
b7:3e:9d:c7:18:21:b9:17:f7:bb:51:01:84:30:74:
2f:8b:d0:51:0a:22:b0:87:8b:0d:17:8b:e0:77:a8:
b8:66:e5:aa:48:91:a0:99:ae:0a:03:9b:98:05:da:
c7:5f:48:52:2e:da:2b:55:79:6d:3d:d8:f0:0d:56:
7a:07:f0:3e:24:d1:11:ca:d8:31:27:b9:68:4f:97:
01:93:1d:8e:66:43:cb:ba:4c:fa:98:8e:59:be:ea:
2e:39:c7:52:a8:8e:b9:df:94:87:d4:82:38:7f:54:
a3:43:10:2a:cd:ae:18:b6:5d:d5:41:fb:35:9a:4c:
2b:43:bb:a0:f8:34:ab:5f:1c:9c:ae:12:92:5f:ed:
3c:d9:f9:ab:ba:2f:7c:0a:43:17:f6:48:75:14:3d:
49:43:ee:1c:28:e8:12:63:f4:ab:e5:c3:d5:82:ba:
64:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:6A:52:19:5A:0D:24:8D:ED:3A:49:75:1A:73:71:9F:33:5B:21:A9
X509v3 Authority Key Identifier:
keyid:D2:07:5C:84:F5:29:C8:7D:D8:5F:D4:AF:EA:4E:09:34:36:6A:F5:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0gdchPUpyH3YX9Sv6k4JNDZq9Uo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/eefa72-8f4c-486c-b019-b4eaa0561fc7/1/hWpSGVoNJI3tOkl1GnNxnzNbIak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/eefa72-8f4c-486c-b019-b4eaa0561fc7/1/0gdchPUpyH3YX9Sv6k4JNDZq9Uo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.40.213.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:b2:6e:e5:27:37:6b:e7:72:1d:2c:db:0e:51:9b:3f:d1:a7:
ce:41:ac:04:68:16:e3:da:ec:fb:98:82:1a:a5:5d:e6:fc:2f:
94:1d:9e:32:60:b8:53:cc:ab:f8:77:d2:e5:42:ac:eb:28:36:
d3:19:92:e9:41:7f:73:f4:35:a6:de:a9:ec:31:f2:7e:d4:61:
8d:4c:c5:99:25:91:66:39:fa:76:c3:8a:83:94:14:ff:1e:11:
c1:b9:53:6a:8c:57:1d:62:36:d4:74:4c:e7:95:f0:32:99:58:
01:7a:64:4e:2e:35:3e:1f:e9:99:81:86:6b:c0:76:c1:ec:8c:
ae:c1:12:ca:a9:dc:aa:56:50:07:97:0b:cf:20:86:e3:70:b5:
f4:68:20:7d:be:9d:0d:f1:65:d4:ee:9e:30:f9:44:02:7d:da:
36:8a:30:48:d7:64:ff:9a:44:d8:89:f6:8e:d7:3a:cd:7c:e9:
dd:a6:3b:e6:c8:cb:d3:71:cd:15:d1:d8:f1:63:87:d4:a9:f7:
a7:ee:7c:ff:1a:27:07:2e:5d:de:68:dd:59:5b:41:95:44:ac:
2a:ae:02:61:26:e1:b8:d0:a8:ed:1a:6e:ba:95:5e:00:07:00:
49:28:56:1a:4a:4d:1b:5a:38:83:45:5f:77:9e:17:f6:ef:62:
70:30:ec:99
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEtK9VjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MjA3NWM4NGY1MjljODdkZDg1ZmQ0YWZlYTRlMDkzNDM2NmFmNTRhMB4XDTIyMDEw
MTE0MDg0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODU2YTUyMTk1YTBk
MjQ4ZGVkM2E0OTc1MWE3MzcxOWYzMzViMjFhOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKt+ysBcW29l1w/HG5lHhQlzQ6S0gMYF0o7KNeWS6Ko9hq2k
uqQgnY8glhQDWA+HqkWxKrsDW5aiXAjCaG+9fWnvciccvYPiAm5lSFOhtr9beBAA
qyAcCeY9tz6dxxghuRf3u1EBhDB0L4vQUQoisIeLDReL4HeouGblqkiRoJmuCgOb
mAXax19IUi7aK1V5bT3Y8A1WegfwPiTREcrYMSe5aE+XAZMdjmZDy7pM+piOWb7q
LjnHUqiOud+Uh9SCOH9Uo0MQKs2uGLZd1UH7NZpMK0O7oPg0q18cnK4Skl/tPNn5
q7ovfApDF/ZIdRQ9SUPuHCjoEmP0q+XD1YK6ZPcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSFalIZWg0kje06SXUac3GfM1shqTAfBgNVHSMEGDAWgBTSB1yE9SnIfdhf
1K/qTgk0Nmr1SjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBnZGNoUFVweUgzWVg5U3Y2azRKTkRacTlVby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2UvZWVmYTcyLThmNGMtNDg2Yy1iMDE5LWI0ZWFhMDU2MWZjNy8x
L2hXcFNHVm9OSkkzdE9rbDFHbk54bnpOYklhay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Uv
ZWVmYTcyLThmNGMtNDg2Yy1iMDE5LWI0ZWFhMDU2MWZjNy8xLzBnZGNoUFVweUgz
WVg5U3Y2azRKTkRacTlVby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAE4o1TANBgkqhkiG9w0BAQsFAAOC
AQEArrJu5Sc3a+dyHSzbDlGbP9GnzkGsBGgW49rs+5iCGqVd5vwvlB2eMmC4U8yr
+HfS5UKs6yg20xmS6UF/c/Q1pt6p7DHyftRhjUzFmSWRZjn6dsOKg5QU/x4RwblT
aoxXHWI21HRM55XwMplYAXpkTi41Ph/pmYGGa8B2weyMrsESyqncqlZQB5cLzyCG
43C19Gggfb6dDfFl1O6eMPlEAn3aNoowSNdk/5pE2In2jtc6zXzp3aY75sjL03HN
FdHY8WOH1Kn3p+58/xonBy5d3mjdWVtBlUSsKq4CYSbhuNCo7RpuupVeAAcASShW
GkpNG1o4g0Vfd54X9u9icDDsmQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:41 2023 by rpki-client on console-ams.rpki-client.org