Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/hehS9BAumH9g1CvHGpIPjKWvKCY.roa
File: hehS9BAumH9g1CvHGpIPjKWvKCY.roa (raw, json)
Hash identifier: SwOAoLfWlYBqSgY8ZZoqAZkkozVSPjWRWLVF+HdcVFk=
Subject key identifier: 85:E8:52:F4:10:2E:98:7F:60:D4:2B:C7:1A:92:0F:8C:A5:AF:28:26
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 018C96B7D2EC6EF653BD7895175900350629
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/hehS9BAumH9g1CvHGpIPjKWvKCY.roa
Signing time: Sat 23 Dec 2023 12:47:58 +0000
ROA not before: Sat 23 Dec 2023 12:47:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 45.156.222.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:96:b7:d2:ec:6e:f6:53:bd:78:95:17:59:00:35:06:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: Dec 23 12:47:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85e852f4102e987f60d42bc71a920f8ca5af2826
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:51:75:c6:89:14:14:2f:4f:fd:cc:29:aa:de:
53:24:0d:84:cd:00:41:58:85:bd:72:29:08:23:9c:
4d:a3:b0:80:b8:0b:3f:60:89:42:75:fa:d3:6a:9b:
5f:6a:ba:44:12:f4:a1:9b:d9:76:2d:63:4d:59:ab:
bb:7c:08:d2:31:2b:51:f6:1a:4d:35:5f:40:ac:37:
da:e3:14:b1:53:48:28:5e:31:ef:f9:c5:46:62:2f:
46:1c:63:ad:08:61:15:e2:bf:ff:21:af:b2:a7:89:
cb:ca:a2:7c:90:d0:b3:a1:a2:50:20:af:27:60:97:
be:d1:38:48:79:76:2c:0e:41:a9:91:02:99:24:0d:
16:54:9e:b1:2d:7e:fb:68:db:dc:cf:f8:b7:5c:e0:
4a:24:a7:5a:d9:74:78:a1:69:58:65:c6:0b:d9:f9:
bf:3b:48:eb:d8:ac:fb:cc:d2:a4:58:6c:65:81:30:
79:27:ac:5f:b2:8d:b9:d0:37:78:72:c4:ff:17:1e:
68:cf:1e:6a:5f:65:ad:bd:0a:81:14:ca:4c:79:a2:
4c:3c:4c:05:f6:03:8d:9b:63:71:bf:1a:98:4d:35:
d1:51:f8:ae:72:ea:95:ae:58:04:1b:66:e4:7f:18:
53:c7:65:3a:fe:95:7c:8a:c6:a1:47:45:53:1e:c7:
dc:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:E8:52:F4:10:2E:98:7F:60:D4:2B:C7:1A:92:0F:8C:A5:AF:28:26
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/hehS9BAumH9g1CvHGpIPjKWvKCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.222.0/24
Signature Algorithm: sha256WithRSAEncryption
96:da:72:d3:0a:e1:7a:8e:9f:2a:12:8f:3d:21:4b:5c:b5:05:
d6:69:3e:e8:5c:c5:41:99:6a:1a:ad:ac:30:7e:d1:19:6e:a5:
1b:fe:08:b6:f5:b5:b0:92:c5:bf:be:5e:e5:a9:c6:50:14:d4:
66:db:44:43:e0:6c:38:43:6a:45:2f:63:34:5b:c6:4e:ac:c4:
1d:3d:a9:4b:67:b9:0c:6a:56:94:e6:fb:28:b3:b4:63:5d:74:
e1:e2:1f:e8:4e:76:f7:64:23:46:62:70:1a:5e:85:ff:c2:a6:
0e:2f:ab:6e:0a:01:70:32:87:ea:e7:70:6a:15:5b:2e:fa:98:
e9:7b:07:ef:a6:3d:59:61:87:70:a7:bf:14:f6:dd:27:8b:29:
84:8f:c2:64:f6:bc:9c:bf:88:ef:4d:41:65:f1:41:60:16:fc:
0c:cf:54:1e:97:f5:95:4d:c1:49:4a:4e:79:a1:3d:21:f6:b4:
96:8a:d3:bc:70:b4:56:c0:86:5d:93:8a:46:a8:17:67:c7:1f:
79:34:05:1b:f7:2c:8a:d9:ad:6a:63:5c:65:02:f5:cc:ac:6e:
4a:c0:e3:83:92:6e:81:b2:51:84:f5:e2:01:22:76:5e:fe:d5:
4d:6b:99:af:fb:38:b9:a0:ce:5e:a0:08:04:af:7b:cb:c5:85:
a4:0d:e3:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyWt9LsbvZTvXiVF1kANQYpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjMxMjIzMTI0NzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWU4NTJmNDEwMmU5ODdmNjBkNDJiYzcxYTkyMGY4Y2E1YWYyODI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFF1xokUFC9P/cwpqt5TJA2EzQBB
WIW9cikII5xNo7CAuAs/YIlCdfrTaptfarpEEvShm9l2LWNNWau7fAjSMStR9hpN
NV9ArDfa4xSxU0goXjHv+cVGYi9GHGOtCGEV4r//Ia+yp4nLyqJ8kNCzoaJQIK8n
YJe+0ThIeXYsDkGpkQKZJA0WVJ6xLX77aNvcz/i3XOBKJKda2XR4oWlYZcYL2fm/
O0jr2Kz7zNKkWGxlgTB5J6xfso250Dd4csT/Fx5ozx5qX2WtvQqBFMpMeaJMPEwF
9gONm2NxvxqYTTXRUfiucuqVrlgEG2bkfxhTx2U6/pV8isahR0VTHsfctwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIXoUvQQLph/YNQrxxqSD4ylrygmMB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvaGVoUzlCQXVtSDlnMUN2SEdwSVBqS1d2S0NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZzeMA0G
CSqGSIb3DQEBCwUAA4IBAQCW2nLTCuF6jp8qEo89IUtctQXWaT7oXMVBmWoaraww
ftEZbqUb/gi29bWwksW/vl7lqcZQFNRm20RD4Gw4Q2pFL2M0W8ZOrMQdPalLZ7kM
alaU5vsos7RjXXTh4h/oTnb3ZCNGYnAaXoX/wqYOL6tuCgFwMofq53BqFVsu+pjp
ewfvpj1ZYYdwp78U9t0niymEj8Jk9rycv4jvTUFl8UFgFvwMz1Qel/WVTcFJSk55
oT0h9rSWitO8cLRWwIZdk4pGqBdnxx95NAUb9yyK2a1qY1xlAvXMrG5KwOODkm6B
slGE9eIBInZe/tVNa5mv+zi5oM5eoAgEr3vLxYWkDeNq
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:19:46 2025 by rpki-client