Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/0Hg5UFppMKNRBbyMdcATtqmqmlw.roa
File: 0Hg5UFppMKNRBbyMdcATtqmqmlw.roa (raw, json)
Hash identifier: 7lOmu4lEp+a04o3brqPB71vev4Xyfm7CrBwkumDBAk0=
Subject key identifier: D0:78:39:50:5A:69:30:A3:51:05:BC:8C:75:C0:13:B6:A9:AA:9A:5C
Certificate issuer: /CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Certificate serial: 064CA0AC
Authority key identifier: 8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/0Hg5UFppMKNRBbyMdcATtqmqmlw.roa
Signing time: Tue 15 Mar 2022 13:58:05 +0000
ROA not before: Tue 15 Mar 2022 13:58:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 178.171.50.0/23 maxlen: 23
178.171.48.0/22 maxlen: 22
178.171.48.0/23 maxlen: 23
178.171.60.0/23 maxlen: 23
178.171.60.0/22 maxlen: 22
178.171.62.0/23 maxlen: 23
158.46.176.0/22 maxlen: 22
178.171.32.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 105685164 (0x64ca0ac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Validity
Not Before: Mar 15 13:58:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d07839505a6930a35105bc8c75c013b6a9aa9a5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:d1:6a:46:a2:19:ed:93:e3:c0:8a:f0:ae:2d:
91:e2:09:f2:61:9b:f1:4d:db:a4:5e:60:d3:b0:54:
a5:7c:e7:f1:ae:5e:65:46:f6:06:59:9d:42:26:5f:
bf:e7:95:5a:3b:eb:6b:af:65:d7:5a:38:e0:fa:b8:
79:ed:d4:d0:1d:1b:e7:73:74:37:df:78:1a:50:f8:
74:e7:f3:86:3b:fc:1a:3c:6a:e5:fd:75:a4:3d:3a:
3d:fa:72:a3:b8:d1:79:44:25:7e:f5:fb:da:d5:89:
bf:d3:40:43:d0:0a:dc:c1:7e:41:ce:e9:00:fc:a6:
ad:4d:1c:71:3b:f4:c1:43:d2:ee:3e:16:48:cd:9e:
f1:a3:d2:af:20:06:35:b2:37:39:49:c3:52:c2:48:
66:eb:7a:ff:5e:67:64:d0:30:22:69:30:bf:54:88:
94:d1:d4:ce:7f:61:89:16:f1:05:45:dd:8f:ce:bd:
a8:5e:0b:e6:75:29:0e:88:85:bf:c6:3c:a3:b5:03:
15:72:9e:51:60:af:b1:f3:60:1f:7f:92:be:3c:11:
6a:ab:11:d5:f2:4c:22:34:67:7c:28:13:c9:19:5a:
2e:51:b7:0f:19:e7:40:9f:5e:84:6b:79:4f:8d:a3:
0a:97:af:9c:53:6d:e3:19:57:04:cf:17:76:07:fc:
ab:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:78:39:50:5A:69:30:A3:51:05:BC:8C:75:C0:13:B6:A9:AA:9A:5C
X509v3 Authority Key Identifier:
keyid:8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/0Hg5UFppMKNRBbyMdcATtqmqmlw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.46.176.0/22
178.171.32.0/22
178.171.48.0/22
178.171.60.0/22
Signature Algorithm: sha256WithRSAEncryption
a5:c7:67:9e:a6:6e:da:b8:40:7b:d4:c9:91:99:03:8f:86:f8:
e0:6c:38:16:93:ed:43:ed:ff:9d:61:af:c9:e5:1f:51:e2:35:
50:84:5f:94:0f:8d:a4:90:a1:71:8d:f8:69:3a:fa:fa:0a:30:
ca:de:55:b1:f9:67:95:94:7d:bc:e4:21:f9:88:fd:9e:ba:5a:
53:c7:e7:cb:a4:c6:53:44:eb:56:f7:35:23:5a:94:45:59:5b:
5e:57:e9:19:6e:9f:a4:3e:df:c3:49:4e:1d:9a:31:41:73:28:
ac:bc:af:c7:bd:c7:63:ad:eb:5c:cc:9b:81:96:8b:74:c9:ea:
67:5f:b6:f1:23:90:8e:d8:9c:f6:8d:0d:ee:81:f3:49:6c:0e:
36:b1:ac:eb:5a:6a:24:eb:6b:89:77:cc:1e:bf:36:dc:da:17:
1a:85:80:13:bc:14:90:aa:8a:a3:8f:05:c1:8f:11:09:2f:4a:
18:8e:4d:39:04:99:c7:87:93:46:00:78:1c:c1:03:53:d5:aa:
ed:d4:c7:d6:d0:2b:5e:16:f8:b9:9a:19:80:34:f1:2e:70:c8:
e3:a4:2d:bd:3a:eb:85:d5:51:ba:af:15:fe:dd:6a:7f:f8:19:
45:04:96:af:7c:ad:8b:66:02:ff:bd:20:be:a7:52:69:a9:65:
b3:cf:ed:6e
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEBkygrDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZDExY2IwMTVkZjliYWFiNjEyMjhkYmJjZTE3ZGQ0ZTAwZTYzYzEzMB4XDTIyMDMx
NTEzNTgwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDA3ODM5NTA1YTY5
MzBhMzUxMDViYzhjNzVjMDEzYjZhOWFhOWE1YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKDRakaiGe2T48CK8K4tkeIJ8mGb8U3bpF5g07BUpXzn8a5e
ZUb2BlmdQiZfv+eVWjvra69l11o44Pq4ee3U0B0b53N0N994GlD4dOfzhjv8Gjxq
5f11pD06Pfpyo7jReUQlfvX72tWJv9NAQ9AK3MF+Qc7pAPymrU0ccTv0wUPS7j4W
SM2e8aPSryAGNbI3OUnDUsJIZut6/15nZNAwImkwv1SIlNHUzn9hiRbxBUXdj869
qF4L5nUpDoiFv8Y8o7UDFXKeUWCvsfNgH3+SvjwRaqsR1fJMIjRnfCgTyRlaLlG3
DxnnQJ9ehGt5T42jCpevnFNt4xlXBM8Xdgf8q6ECAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBTQeDlQWmkwo1EFvIx1wBO2qaqaXDAfBgNVHSMEGDAWgBSNEcsBXfm6q2Ei
jbvOF91OAOY8EzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2pSSExBVjM1dXF0aElvMjd6aGZkVGdEbVBCTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDYvNWQ4OTE1LWM0NDgtNDBlNy04Y2FhLWJhNzcxZmZkMjY5Yy8x
LzBIZzVVRnBwTUtOUkJieU1kY0FUdHFtcW1sdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDYv
NWQ4OTE1LWM0NDgtNDBlNy04Y2FhLWJhNzcxZmZkMjY5Yy8xL2pSSExBVjM1dXF0
aElvMjd6aGZkVGdEbVBCTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAp4usAMEArKrIAMEArKrMAMEArKr
PDANBgkqhkiG9w0BAQsFAAOCAQEApcdnnqZu2rhAe9TJkZkDj4b44Gw4FpPtQ+3/
nWGvyeUfUeI1UIRflA+NpJChcY34aTr6+gowyt5VsflnlZR9vOQh+Yj9nrpaU8fn
y6TGU0TrVvc1I1qURVlbXlfpGW6fpD7fw0lOHZoxQXMorLyvx73HY63rXMybgZaL
dMnqZ1+28SOQjtic9o0N7oHzSWwONrGs61pqJOtriXfMHr823NoXGoWAE7wUkKqK
o48FwY8RCS9KGI5NOQSZx4eTRgB4HMEDU9Wq7dTH1tArXhb4uZoZgDTxLnDI46Qt
vTrrhdVRuq8V/t1qf/gZRQSWr3yti2YC/70gvqdSaalls8/tbg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:39 2024 by rpki-client on console-fra.rpki-client.org