Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/HvxBJlXHM35MIJGzr0lruLkm5QQ.roa
File: HvxBJlXHM35MIJGzr0lruLkm5QQ.roa (raw, json)
Hash identifier: 4D0ZP7yoATBB9aCiCHiqWnsoaoyOwRbFkDq5J07epNQ=
Subject key identifier: 1E:FC:41:26:55:C7:33:7E:4C:20:91:B3:AF:49:6B:B8:B9:26:E5:04
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 018807540F57FADBF9BE1CC92E4F7D0B8CBA
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/HvxBJlXHM35MIJGzr0lruLkm5QQ.roa
Signing time: Wed 10 May 2023 20:22:09 +0000
ROA not before: Wed 10 May 2023 20:22:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48944
IP address blocks: 2.188.240.0/22 maxlen: 22
2.188.244.0/22 maxlen: 22
2.188.252.0/22 maxlen: 22
2.188.248.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:07:54:0f:57:fa:db:f9:be:1c:c9:2e:4f:7d:0b:8c:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: May 10 20:22:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1efc412655c7337e4c2091b3af496bb8b926e504
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e5:90:7f:19:12:19:7e:7a:c8:2c:a0:cc:e6:
0b:56:d7:0d:e0:d9:03:2d:11:e7:6a:29:5d:47:b1:
17:3f:b7:ec:05:29:c9:c7:ae:ad:72:d1:ea:be:95:
56:38:4e:6a:46:ca:92:ff:b1:ef:d5:99:d7:b5:82:
de:28:41:f6:69:20:ab:ff:2b:ad:f6:cc:53:a4:51:
98:dd:56:0f:05:24:3c:6b:fe:da:9d:5b:39:89:3c:
7a:ac:b3:aa:10:8a:65:2b:3b:6f:8b:cb:2d:c2:22:
6e:d3:fc:4d:75:99:55:5d:bc:4e:55:72:87:76:c9:
19:0e:5e:db:b5:85:f6:3e:08:64:af:f7:ea:47:35:
f7:6f:75:59:e3:28:64:00:44:44:34:6a:ba:23:33:
fe:62:56:07:d7:15:15:df:0c:87:85:81:53:ce:6d:
7d:9d:eb:87:f8:65:8e:06:3a:79:ad:a1:ef:0f:f4:
bf:ef:7a:e4:45:0c:b1:ab:dc:7e:5e:0f:cf:a5:af:
ce:ac:9e:40:15:45:f2:d0:51:ee:27:2c:a3:e9:e2:
57:0e:ff:be:06:66:09:22:62:3d:e9:a5:94:27:6e:
ed:9c:93:cf:de:ec:c9:73:72:c4:bc:aa:27:d3:cf:
bf:6e:29:1b:96:4c:0c:4f:62:cf:49:9c:a5:81:2f:
ba:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:FC:41:26:55:C7:33:7E:4C:20:91:B3:AF:49:6B:B8:B9:26:E5:04
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/HvxBJlXHM35MIJGzr0lruLkm5QQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.188.240.0/20
Signature Algorithm: sha256WithRSAEncryption
4f:52:25:8a:3e:a6:80:46:20:74:11:c1:1c:bf:ba:bb:0f:3d:
9d:d3:01:3f:28:95:c0:41:eb:da:d2:62:42:f1:bf:f8:d8:14:
ca:cb:5e:fb:20:c8:80:54:fd:d6:74:e3:4e:2f:04:0f:38:a3:
4e:e4:63:6e:67:dd:4b:b2:c8:51:dd:73:dc:09:78:04:b8:9c:
2b:c7:ce:d2:0b:e1:ad:c6:b4:f0:87:58:01:f1:a2:1c:55:78:
b6:89:ca:70:ee:06:a9:d7:85:87:99:16:75:45:49:4c:53:88:
75:9f:b7:03:4d:3a:5d:71:99:3b:cb:fe:67:83:95:94:c9:77:
18:95:09:db:c7:74:42:d9:26:6a:45:ac:d2:da:36:71:71:5b:
f4:f1:08:4d:fc:17:39:1a:fd:43:ea:00:10:47:ff:7d:41:d0:
37:9e:74:13:2b:95:6a:6a:6d:79:6e:be:a1:72:15:39:82:5e:
c4:a8:d7:47:06:88:a8:aa:b2:11:95:7d:92:28:8f:bb:dc:99:
f0:ac:e6:ad:3d:e1:12:8b:7a:63:8c:33:18:54:fd:9b:38:1f:
da:c6:78:0a:2c:a8:66:a0:27:2d:83:a9:4c:6a:29:09:62:47:
c0:46:7c:e5:d1:bb:55:39:c0:95:48:fa:63:00:9f:0c:df:51:
1b:d5:2e:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgHVA9X+tv5vhzJLk99C4y6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjMwNTEwMjAyMjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWZjNDEyNjU1YzczMzdlNGMyMDkxYjNhZjQ5NmJiOGI5MjZlNTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAruWQfxkSGX56yCygzOYLVtcN4NkD
LRHnaildR7EXP7fsBSnJx66tctHqvpVWOE5qRsqS/7Hv1ZnXtYLeKEH2aSCr/yut
9sxTpFGY3VYPBSQ8a/7anVs5iTx6rLOqEIplKztvi8stwiJu0/xNdZlVXbxOVXKH
dskZDl7btYX2Pghkr/fqRzX3b3VZ4yhkAERENGq6IzP+YlYH1xUV3wyHhYFTzm19
neuH+GWOBjp5raHvD/S/73rkRQyxq9x+Xg/Ppa/OrJ5AFUXy0FHuJyyj6eJXDv++
BmYJImI96aWUJ27tnJPP3uzJc3LEvKon08+/bikblkwMT2LPSZylgS+66QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB78QSZVxzN+TCCRs69Ja7i5JuUEMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvSHZ4QkpsWEhNMzVNSUpHenIwbHJ1TGttNVFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEArzwMA0G
CSqGSIb3DQEBCwUAA4IBAQBPUiWKPqaARiB0EcEcv7q7Dz2d0wE/KJXAQeva0mJC
8b/42BTKy177IMiAVP3WdONOLwQPOKNO5GNuZ91LsshR3XPcCXgEuJwrx87SC+Gt
xrTwh1gB8aIcVXi2icpw7gap14WHmRZ1RUlMU4h1n7cDTTpdcZk7y/5ng5WUyXcY
lQnbx3RC2SZqRazS2jZxcVv08QhN/Bc5Gv1D6gAQR/99QdA3nnQTK5Vqam15br6h
chU5gl7EqNdHBoioqrIRlX2SKI+73JnwrOatPeESi3pjjDMYVP2bOB/axngKLKhm
oCctg6lMaikJYkfARnzl0btVOcCVSPpjAJ8M31Eb1S79
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:25:02 2025 by rpki-client