Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/eca327-d58f-491c-94c8-e3d045483412/1/H1skdbHE5fVptyS4a6Pv9aFitDk.roa
File: H1skdbHE5fVptyS4a6Pv9aFitDk.roa (raw, json)
Hash identifier: klV+cxmhkfairMD9rmmrKVeY83WJZTidWz1ms4XItvg=
Subject key identifier: 1F:5B:24:75:B1:C4:E5:F5:69:B7:24:B8:6B:A3:EF:F5:A1:62:B4:39
Certificate issuer: /CN=9e61403ac69e2874f5622d7ee568e8e49f064c2e
Certificate serial: 1864C3DB
Authority key identifier: 9E:61:40:3A:C6:9E:28:74:F5:62:2D:7E:E5:68:E8:E4:9F:06:4C:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nmFAOsaeKHT1Yi1-5Wjo5J8GTC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/eca327-d58f-491c-94c8-e3d045483412/1/H1skdbHE5fVptyS4a6Pv9aFitDk.roa
Signing time: Sat 01 Jan 2022 09:56:16 +0000
ROA not before: Sat 01 Jan 2022 09:56:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51038
IP address blocks: 195.254.160.0/23 maxlen: 24
2001:67c:200::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 409256923 (0x1864c3db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e61403ac69e2874f5622d7ee568e8e49f064c2e
Validity
Not Before: Jan 1 09:56:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1f5b2475b1c4e5f569b724b86ba3eff5a162b439
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f8:2c:45:56:63:97:f3:1d:2a:55:16:ae:4f:
a0:2d:d4:91:9f:b4:a7:98:ec:41:20:b0:5e:fd:21:
27:c7:bb:a5:21:32:4b:e3:66:16:be:68:c5:16:80:
99:d1:d1:8a:68:60:cc:1c:68:1f:23:af:5d:90:df:
de:cd:30:89:70:13:17:61:63:ea:89:bb:96:d4:40:
a4:9d:32:71:07:5f:6d:79:96:f5:f7:ad:fb:42:b6:
dc:0a:8e:32:0e:9c:1c:f7:45:51:9f:38:0d:d5:e7:
27:bd:6c:82:e3:9b:6d:5a:d2:1b:25:66:74:57:9c:
d2:cc:29:f2:b6:43:99:ec:6a:ba:69:56:66:9a:6b:
b2:45:14:58:5a:3b:e6:2d:45:0d:83:22:92:cd:1d:
e9:4d:e6:35:f3:d4:fa:2e:18:7c:5b:32:f9:fe:d5:
c7:23:1b:53:f4:c7:c9:3a:ee:f7:6c:65:33:23:ba:
9c:d1:8a:cb:fd:ba:2f:36:24:bf:8c:7d:3e:9b:2d:
21:06:dc:a5:6f:9f:e3:3f:dc:0f:3e:99:9c:3e:5e:
48:9a:29:84:55:d1:83:fa:c5:be:36:38:11:df:3b:
53:70:af:92:e1:16:70:97:1f:39:a6:74:22:b1:e0:
93:25:7b:83:06:53:75:01:8b:d5:94:04:c5:3d:53:
96:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:5B:24:75:B1:C4:E5:F5:69:B7:24:B8:6B:A3:EF:F5:A1:62:B4:39
X509v3 Authority Key Identifier:
keyid:9E:61:40:3A:C6:9E:28:74:F5:62:2D:7E:E5:68:E8:E4:9F:06:4C:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nmFAOsaeKHT1Yi1-5Wjo5J8GTC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/eca327-d58f-491c-94c8-e3d045483412/1/H1skdbHE5fVptyS4a6Pv9aFitDk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/eca327-d58f-491c-94c8-e3d045483412/1/nmFAOsaeKHT1Yi1-5Wjo5J8GTC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.254.160.0/23
IPv6:
2001:67c:200::/48
Signature Algorithm: sha256WithRSAEncryption
28:1f:43:c3:58:19:20:d8:cc:87:fb:27:6b:7f:2e:77:fa:8a:
ca:5b:68:c5:aa:3f:6f:da:86:ed:1b:81:02:0f:81:c3:59:94:
79:bd:72:0a:b9:40:63:e6:e6:a4:e0:1d:e5:cf:f9:b9:9d:97:
ce:b3:9f:4e:ec:17:74:e0:10:03:e9:75:d3:5f:3c:9f:c4:c2:
a1:10:e1:e6:87:af:9d:c9:5c:0c:5a:56:2a:f1:49:b4:a1:00:
d0:8c:5b:04:3d:a5:5b:25:51:95:f5:3d:ac:bf:80:4a:55:b6:
91:72:91:62:12:c0:ff:21:d8:bc:f8:01:a2:64:bf:5a:31:c8:
f9:d1:08:43:50:e1:db:ab:7b:f7:da:54:d4:78:03:1c:cf:b5:
e5:2a:5b:ef:9c:47:2b:03:7f:b7:4d:71:cf:7c:c2:08:f7:fb:
9b:e9:f6:fb:a7:cf:e1:07:d3:18:55:9b:b0:61:d9:40:3b:43:
9c:d4:63:52:9e:db:bd:3f:02:e6:76:92:6c:e4:0f:78:0d:79:
c4:d1:69:2b:a8:81:7a:1d:14:df:2b:5d:74:15:7f:fc:ca:85:
ec:02:5d:8b:37:35:32:52:9c:b5:0c:a4:a4:e9:1e:11:cc:09:
22:8c:73:5a:f4:19:62:6a:e8:73:60:1c:e8:f5:bb:62:cb:b5:
3b:20:68:02
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEGGTD2zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZTYxNDAzYWM2OWUyODc0ZjU2MjJkN2VlNTY4ZThlNDlmMDY0YzJlMB4XDTIyMDEw
MTA5NTYxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWY1YjI0NzViMWM0
ZTVmNTY5YjcyNGI4NmJhM2VmZjVhMTYyYjQzOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALT4LEVWY5fzHSpVFq5PoC3UkZ+0p5jsQSCwXv0hJ8e7pSEy
S+NmFr5oxRaAmdHRimhgzBxoHyOvXZDf3s0wiXATF2Fj6om7ltRApJ0ycQdfbXmW
9fet+0K23AqOMg6cHPdFUZ84DdXnJ71sguObbVrSGyVmdFec0swp8rZDmexqumlW
ZpprskUUWFo75i1FDYMiks0d6U3mNfPU+i4YfFsy+f7VxyMbU/THyTru92xlMyO6
nNGKy/26LzYkv4x9PpstIQbcpW+f4z/cDz6ZnD5eSJophFXRg/rFvjY4Ed87U3Cv
kuEWcJcfOaZ0IrHgkyV7gwZTdQGL1ZQExT1TlncCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQfWyR1scTl9Wm3JLhro+/1oWK0OTAfBgNVHSMEGDAWgBSeYUA6xp4odPVi
LX7laOjknwZMLjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25tRkFPc2FlS0hUMVlpMS01V2pvNUo4R1RDNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGMvZWNhMzI3LWQ1OGYtNDkxYy05NGM4LWUzZDA0NTQ4MzQxMi8x
L0gxc2tkYkhFNWZWcHR5UzRhNlB2OWFGaXREay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMv
ZWNhMzI3LWQ1OGYtNDkxYy05NGM4LWUzZDA0NTQ4MzQxMi8xL25tRkFPc2FlS0hU
MVlpMS01V2pvNUo4R1RDNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAcP+oDAPBAIAAjAJAwcAIAEGfAIA
MA0GCSqGSIb3DQEBCwUAA4IBAQAoH0PDWBkg2MyH+ydrfy53+orKW2jFqj9v2obt
G4ECD4HDWZR5vXIKuUBj5uak4B3lz/m5nZfOs59O7Bd04BAD6XXTXzyfxMKhEOHm
h6+dyVwMWlYq8Um0oQDQjFsEPaVbJVGV9T2sv4BKVbaRcpFiEsD/Idi8+AGiZL9a
Mcj50QhDUOHbq3v32lTUeAMcz7XlKlvvnEcrA3+3TXHPfMII9/ub6fb7p8/hB9MY
VZuwYdlAO0Oc1GNSntu9PwLmdpJs5A94DXnE0WkrqIF6HRTfK110FX/8yoXsAl2L
NzUyUpy1DKSk6R4RzAkijHNa9BliauhzYBzo9btiy7U7IGgC
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:29 2025 by rpki-client