Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/c1ae8d-c2cb-4fe5-9a1c-f28cd2764904/1/HH6ahM-CgaBwLTKBY-W2HEZ1KBU.roa
File: HH6ahM-CgaBwLTKBY-W2HEZ1KBU.roa (raw, json)
Hash identifier: EbH+ri/40iHetzEDuhtlX8Vn2H8lrjarygYCfbSm43c=
Subject key identifier: 1C:7E:9A:84:CF:82:81:A0:70:2D:32:81:63:E5:B6:1C:46:75:28:15
Certificate issuer: /CN=2de1203acd9b07a11ea37e82f6c241ff8402975a
Certificate serial: 01857203589EC6E40C5D30F21F69D433A167
Authority key identifier: 2D:E1:20:3A:CD:9B:07:A1:1E:A3:7E:82:F6:C2:41:FF:84:02:97:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LeEgOs2bB6Eeo36C9sJB_4QCl1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/c1ae8d-c2cb-4fe5-9a1c-f28cd2764904/1/HH6ahM-CgaBwLTKBY-W2HEZ1KBU.roa
Signing time: Mon 02 Jan 2023 10:24:59 +0000
ROA not before: Mon 02 Jan 2023 10:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5408
IP address blocks: 150.140.128.0/17 maxlen: 17
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:03:58:9e:c6:e4:0c:5d:30:f2:1f:69:d4:33:a1:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2de1203acd9b07a11ea37e82f6c241ff8402975a
Validity
Not Before: Jan 2 10:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c7e9a84cf8281a0702d328163e5b61c46752815
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:8a:d9:c8:b5:12:53:89:18:9c:a0:9d:1c:5e:
f0:85:0b:96:0a:5b:11:e5:af:f9:50:56:41:57:a9:
0d:2f:43:a1:63:a4:a9:81:6d:be:dc:4f:8f:b6:ce:
5e:c2:42:d9:a7:66:be:d3:98:54:bc:73:6f:4c:d0:
e0:db:eb:4e:04:13:12:b2:35:e7:2c:ea:43:98:e1:
de:1a:4b:3a:05:10:a1:09:e1:b2:b2:1f:da:d7:3c:
c4:dc:70:f1:8a:c3:5a:1f:3b:4d:69:17:39:3b:1c:
6e:7a:f9:a0:da:e0:df:f1:93:dd:b4:b4:a5:9a:b4:
42:8e:ad:d8:88:0f:fd:21:1d:ea:f9:65:41:b6:f5:
6f:8e:53:23:ee:b1:e1:2a:b8:81:f1:65:99:96:b6:
2e:66:d0:63:f6:b5:e1:30:9a:46:64:a0:63:03:02:
88:f1:4f:fc:a4:69:2a:da:c6:04:41:5d:5e:fd:ed:
64:27:74:0b:6c:7a:a4:a8:24:7f:d8:d0:fd:db:4e:
99:ea:d4:5b:4b:42:2b:ce:76:a4:85:d1:d0:08:db:
83:40:32:d5:03:e4:73:54:2b:d4:6e:9c:d3:7c:e8:
b5:25:78:67:7e:77:79:aa:1d:ef:6a:17:63:d9:eb:
eb:19:e1:72:cf:ed:1f:0d:23:7c:74:66:4a:88:9e:
d0:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:7E:9A:84:CF:82:81:A0:70:2D:32:81:63:E5:B6:1C:46:75:28:15
X509v3 Authority Key Identifier:
keyid:2D:E1:20:3A:CD:9B:07:A1:1E:A3:7E:82:F6:C2:41:FF:84:02:97:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LeEgOs2bB6Eeo36C9sJB_4QCl1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/c1ae8d-c2cb-4fe5-9a1c-f28cd2764904/1/HH6ahM-CgaBwLTKBY-W2HEZ1KBU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/c1ae8d-c2cb-4fe5-9a1c-f28cd2764904/1/LeEgOs2bB6Eeo36C9sJB_4QCl1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
150.140.128.0/17
Signature Algorithm: sha256WithRSAEncryption
b7:8f:2b:c7:e0:74:8f:0e:31:8a:f4:58:7a:2e:f0:9b:77:54:
e5:78:e4:a0:3f:38:4b:63:c0:7b:ad:84:98:8f:d2:54:4d:2d:
a4:60:0f:60:dd:bc:fd:5d:b6:ac:35:7a:e4:08:a5:aa:4d:0b:
1c:29:32:47:7f:67:3e:8f:c5:ee:df:c1:06:9d:28:9e:21:74:
d2:6c:78:90:d4:cc:a3:16:fd:f2:39:c3:b6:e1:7b:8a:f4:26:
c7:80:b5:e4:7b:01:0e:80:b3:a2:3b:e8:ba:9d:2e:88:f9:1d:
5d:d5:f3:67:8d:46:81:a1:96:c6:2f:fb:bc:f9:9a:91:4b:87:
ca:d8:46:84:cc:57:a2:fb:42:dc:c5:9e:b4:c1:be:0d:40:67:
92:3a:88:0a:66:e0:e9:40:f0:5f:c7:c8:0f:65:3b:6e:ef:76:
d8:4f:2c:53:77:9e:98:7a:2e:da:79:bc:91:89:1f:ae:80:34:
45:6d:ee:6d:fa:1a:9f:7b:e8:5e:3b:4c:dc:04:bf:1e:75:1d:
18:63:92:8e:bc:bf:49:ff:b2:29:3c:63:89:e3:11:54:2e:33:
89:71:dc:45:29:37:a4:9d:75:ad:6f:e3:af:d1:84:43:74:7f:
c9:4f:e3:08:c1:58:e7:2e:33:bb:1c:0c:bd:f6:a6:b5:91:cb:
a0:99:cf:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyA1iexuQMXTDyH2nUM6FnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkZTEyMDNhY2Q5YjA3YTExZWEzN2U4MmY2YzI0MWZmODQw
Mjk3NWEwHhcNMjMwMTAyMTAyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzdlOWE4NGNmODI4MWEwNzAyZDMyODE2M2U1YjYxYzQ2NzUyODE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwIrZyLUSU4kYnKCdHF7whQuWClsR
5a/5UFZBV6kNL0OhY6SpgW2+3E+Pts5ewkLZp2a+05hUvHNvTNDg2+tOBBMSsjXn
LOpDmOHeGks6BRChCeGysh/a1zzE3HDxisNaHztNaRc5Oxxuevmg2uDf8ZPdtLSl
mrRCjq3YiA/9IR3q+WVBtvVvjlMj7rHhKriB8WWZlrYuZtBj9rXhMJpGZKBjAwKI
8U/8pGkq2sYEQV1e/e1kJ3QLbHqkqCR/2ND9206Z6tRbS0IrznakhdHQCNuDQDLV
A+RzVCvUbpzTfOi1JXhnfnd5qh3vahdj2evrGeFyz+0fDSN8dGZKiJ7QcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBx+moTPgoGgcC0ygWPlthxGdSgVMB8GA1UdIwQY
MBaAFC3hIDrNmwehHqN+gvbCQf+EApdaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGVFZ09zMmJCNkVlbzM2QzlzSkJfNFFDbDFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9jMWFlOGQtYzJjYi00ZmU1LTlhMWMt
ZjI4Y2QyNzY0OTA0LzEvSEg2YWhNLUNnYUJ3TFRLQlktVzJIRVoxS0JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9jMWFlOGQtYzJjYi00ZmU1LTlhMWMtZjI4Y2QyNzY0OTA0
LzEvTGVFZ09zMmJCNkVlbzM2QzlzSkJfNFFDbDFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHloyAMA0G
CSqGSIb3DQEBCwUAA4IBAQC3jyvH4HSPDjGK9Fh6LvCbd1TleOSgPzhLY8B7rYSY
j9JUTS2kYA9g3bz9XbasNXrkCKWqTQscKTJHf2c+j8Xu38EGnSieIXTSbHiQ1Myj
Fv3yOcO24XuK9CbHgLXkewEOgLOiO+i6nS6I+R1d1fNnjUaBoZbGL/u8+ZqRS4fK
2EaEzFei+0LcxZ60wb4NQGeSOogKZuDpQPBfx8gPZTtu73bYTyxTd56Yei7aebyR
iR+ugDRFbe5t+hqfe+heO0zcBL8edR0YY5KOvL9J/7IpPGOJ4xFULjOJcdxFKTek
nXWtb+Ov0YRDdH/JT+MIwVjnLjO7HAy99qa1kcugmc9N
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:04 2025 by rpki-client