Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/rhlhc64AFt2zz8bXDHWLWU7v2-A.roa
File: rhlhc64AFt2zz8bXDHWLWU7v2-A.roa (raw, json)
Hash identifier: UN5vKjX7e3v0sEYJy8nAZTT5NNOwNOS90SDOVgWPDAg=
Subject key identifier: AE:19:61:73:AE:00:16:DD:B3:CF:C6:D7:0C:75:8B:59:4E:EF:DB:E0
Certificate issuer: /CN=d07d7573aacae821c87d6d36431cfe4b2801ab41
Certificate serial: 01856B811C009F0E87EB77D156A952290DAB
Authority key identifier: D0:7D:75:73:AA:CA:E8:21:C8:7D:6D:36:43:1C:FE:4B:28:01:AB:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0H11c6rK6CHIfW02Qxz-SygBq0E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/rhlhc64AFt2zz8bXDHWLWU7v2-A.roa
Signing time: Sun 01 Jan 2023 04:05:01 +0000
ROA not before: Sun 01 Jan 2023 04:05:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48900
IP address blocks: 78.130.128.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:81:1c:00:9f:0e:87:eb:77:d1:56:a9:52:29:0d:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d07d7573aacae821c87d6d36431cfe4b2801ab41
Validity
Not Before: Jan 1 04:05:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae196173ae0016ddb3cfc6d70c758b594eefdbe0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:55:37:6d:22:29:6c:a9:10:1e:5d:fd:f0:0b:
3e:a5:ea:b4:01:8b:8d:a5:41:1d:35:f5:02:93:c1:
29:d9:f7:41:85:b3:ab:1f:73:27:c1:93:94:f7:ac:
ea:5c:d9:3e:69:12:b4:dc:26:64:be:76:36:d6:32:
4b:8d:bc:b0:20:e1:12:7d:6f:89:8c:b7:fb:2d:3b:
a9:97:3b:a5:29:8c:2e:3d:2d:92:87:12:37:a8:88:
5a:d9:15:d2:8f:70:a1:2a:17:dd:2d:f8:83:41:d1:
c6:99:82:89:3a:31:e5:75:72:df:2e:d6:18:28:32:
e2:de:9e:ed:7c:57:3c:fd:d4:4d:02:c2:fd:8c:cd:
1d:1a:88:a7:1e:c7:3a:55:80:36:89:a0:40:a8:54:
1f:49:96:de:58:ab:f2:b6:46:3c:03:28:84:c3:5b:
af:ed:2c:de:7a:2c:15:fa:19:2c:84:98:d1:2c:d3:
9f:40:07:28:1c:ce:c3:3f:22:7f:40:83:34:62:7b:
7b:9d:c8:db:e7:5f:8d:e5:85:c5:15:08:13:03:d7:
a2:ce:50:c4:42:e2:18:d3:f2:b3:6b:a9:be:d0:6f:
b9:58:23:26:0d:e0:24:e3:e4:38:e5:51:f7:47:7b:
7b:c6:8c:15:d2:89:b7:38:f8:e8:8f:d9:08:80:81:
4e:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:19:61:73:AE:00:16:DD:B3:CF:C6:D7:0C:75:8B:59:4E:EF:DB:E0
X509v3 Authority Key Identifier:
keyid:D0:7D:75:73:AA:CA:E8:21:C8:7D:6D:36:43:1C:FE:4B:28:01:AB:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0H11c6rK6CHIfW02Qxz-SygBq0E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/rhlhc64AFt2zz8bXDHWLWU7v2-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/0H11c6rK6CHIfW02Qxz-SygBq0E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.130.128.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:14:6a:7a:e7:fe:c0:a0:63:f7:9d:3c:68:f0:fd:d8:93:6f:
c3:3e:d9:3d:b0:40:b1:89:18:d2:85:f0:cb:ca:41:97:3b:e5:
29:11:53:30:b1:7a:28:47:56:43:5b:ff:91:cc:c3:83:83:25:
8c:da:02:5f:1a:45:17:7c:ab:51:70:00:99:b4:61:f3:f0:c2:
52:8f:89:01:27:95:0b:c9:34:cd:f3:3c:75:68:53:ca:8f:dd:
83:90:3e:39:58:4d:95:48:3a:53:f7:0e:27:84:35:6a:da:58:
7a:e6:e4:fc:fc:41:39:33:0d:f5:a5:fe:f5:25:af:a8:4f:ce:
c2:a2:b3:8d:c8:c3:da:4b:05:c7:0d:2a:6f:59:69:16:2c:fb:
d8:2b:8e:e5:4e:fc:f1:5c:81:c4:6a:de:78:8e:03:18:d9:ba:
16:b0:82:0b:26:c4:e7:80:d2:9d:be:11:c0:64:74:28:9f:23:
76:f2:8a:5f:43:e4:74:eb:8e:bf:1f:65:c8:45:d4:b2:10:76:
f9:7c:b2:ab:f4:e7:42:07:aa:4b:c1:af:50:d9:2a:34:1d:10:
85:51:a1:bb:23:1a:87:9d:0b:12:40:29:f9:8c:4b:a1:ce:bc:
c2:ad:bc:26:99:77:23:3a:76:2d:47:69:39:b0:0c:e8:a5:30:
a1:f7:07:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrgRwAnw6H63fRVqlSKQ2rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwN2Q3NTczYWFjYWU4MjFjODdkNmQzNjQzMWNmZTRiMjgw
MWFiNDEwHhcNMjMwMTAxMDQwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTE5NjE3M2FlMDAxNmRkYjNjZmM2ZDcwYzc1OGI1OTRlZWZkYmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolU3bSIpbKkQHl398As+peq0AYuN
pUEdNfUCk8Ep2fdBhbOrH3MnwZOU96zqXNk+aRK03CZkvnY21jJLjbywIOESfW+J
jLf7LTuplzulKYwuPS2ShxI3qIha2RXSj3ChKhfdLfiDQdHGmYKJOjHldXLfLtYY
KDLi3p7tfFc8/dRNAsL9jM0dGoinHsc6VYA2iaBAqFQfSZbeWKvytkY8AyiEw1uv
7SzeeiwV+hkshJjRLNOfQAcoHM7DPyJ/QIM0Ynt7ncjb51+N5YXFFQgTA9eizlDE
QuIY0/Kza6m+0G+5WCMmDeAk4+Q45VH3R3t7xowV0om3OPjoj9kIgIFO1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK4ZYXOuABbds8/G1wx1i1lO79vgMB8GA1UdIwQY
MBaAFNB9dXOqyughyH1tNkMc/ksoAatBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEgxMWM2cks2Q0hJZlcwMlF4ei1TeWdCcTBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi81NzI1Y2MtYWQ3MC00NmY4LWJiNjIt
Y2Y5ZGM1YmFhYTc5LzEvcmhsaGM2NEFGdDJ6ejhiWERIV0xXVTd2Mi1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi81NzI1Y2MtYWQ3MC00NmY4LWJiNjItY2Y5ZGM1YmFhYTc5
LzEvMEgxMWM2cks2Q0hJZlcwMlF4ei1TeWdCcTBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAToKAMA0G
CSqGSIb3DQEBCwUAA4IBAQC1FGp65/7AoGP3nTxo8P3Yk2/DPtk9sECxiRjShfDL
ykGXO+UpEVMwsXooR1ZDW/+RzMODgyWM2gJfGkUXfKtRcACZtGHz8MJSj4kBJ5UL
yTTN8zx1aFPKj92DkD45WE2VSDpT9w4nhDVq2lh65uT8/EE5Mw31pf71Ja+oT87C
orONyMPaSwXHDSpvWWkWLPvYK47lTvzxXIHEat54jgMY2boWsIILJsTngNKdvhHA
ZHQonyN28opfQ+R0646/H2XIRdSyEHb5fLKr9OdCB6pLwa9Q2So0HRCFUaG7IxqH
nQsSQCn5jEuhzrzCrbwmmXcjOnYtR2k5sAzopTCh9wd6
-----END CERTIFICATE-----
Generated at Thu Apr 17 00:33:59 2025 by rpki-client