Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/9b783c-9f59-4696-82c4-48b4955f0600/1/H-trKi-N5jex4YETfk-B1s1ImdQ.roa
File: H-trKi-N5jex4YETfk-B1s1ImdQ.roa (raw, json)
Hash identifier: 7BIHLJNqCdxyMkhndWtY2OoSpu4gDvX8FuOl5rIKsEo=
Subject key identifier: 1F:EB:6B:2A:2F:8D:E6:37:B1:E1:81:13:7E:4F:81:D6:CD:48:99:D4
Certificate issuer: /CN=11d19f88b0dc1b890254db94a9b62046d6be794b
Certificate serial: 01833B0D3910ECBAC397BD923D7FC3B290CD
Authority key identifier: 11:D1:9F:88:B0:DC:1B:89:02:54:DB:94:A9:B6:20:46:D6:BE:79:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EdGfiLDcG4kCVNuUqbYgRta-eUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/9b783c-9f59-4696-82c4-48b4955f0600/1/H-trKi-N5jex4YETfk-B1s1ImdQ.roa
Signing time: Wed 14 Sep 2022 08:11:05 +0000
ROA not before: Wed 14 Sep 2022 08:11:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5598
IP address blocks: 176.101.96.0/19 maxlen: 19
176.101.104.0/23 maxlen: 23
176.101.102.0/23 maxlen: 23
176.101.110.0/24 maxlen: 24
176.101.106.0/23 maxlen: 23
176.101.108.0/23 maxlen: 23
176.101.125.0/24 maxlen: 24
176.101.127.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:3b:0d:39:10:ec:ba:c3:97:bd:92:3d:7f:c3:b2:90:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11d19f88b0dc1b890254db94a9b62046d6be794b
Validity
Not Before: Sep 14 08:11:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1feb6b2a2f8de637b1e181137e4f81d6cd4899d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:8f:b2:e7:1d:07:9e:83:81:ee:cb:4e:d4:d9:
40:7f:ed:2b:e3:0d:a2:1a:3f:0f:ac:05:6a:a9:ad:
2d:0e:37:87:94:84:41:d0:38:0d:92:22:e7:bc:3b:
20:77:52:96:10:47:19:53:40:90:23:42:25:e2:64:
5d:11:2b:9d:12:06:6a:c1:25:fb:31:57:2c:29:1d:
64:d2:23:74:4f:bb:c4:0d:5b:d9:95:6e:41:ee:82:
ed:3a:e7:2c:01:7f:c3:99:d6:db:19:c6:2d:93:c8:
fb:c9:15:e2:0e:b6:88:60:49:2c:28:6b:f7:97:76:
64:a0:87:6f:8f:5f:39:ea:0f:00:40:01:5f:09:25:
00:db:65:d5:d2:ae:34:fd:c6:4a:b1:25:74:54:01:
12:5a:6c:b1:11:27:82:76:88:13:1e:b3:a1:66:d1:
a0:ac:a8:e3:dd:51:4e:08:67:77:ca:0f:6d:04:48:
b3:98:e6:62:93:c1:12:cc:e1:1d:ba:6f:ee:2f:ae:
91:6c:28:76:9f:34:98:5e:69:a3:79:7e:69:2e:10:
65:d3:05:45:0b:ab:4c:e0:86:65:02:3d:1d:c0:fe:
7a:63:7b:e7:2a:de:e6:57:94:cf:97:44:9d:1f:af:
7b:11:6d:ff:5c:3d:35:72:57:ab:81:a0:20:fe:c2:
71:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:EB:6B:2A:2F:8D:E6:37:B1:E1:81:13:7E:4F:81:D6:CD:48:99:D4
X509v3 Authority Key Identifier:
keyid:11:D1:9F:88:B0:DC:1B:89:02:54:DB:94:A9:B6:20:46:D6:BE:79:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EdGfiLDcG4kCVNuUqbYgRta-eUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/9b783c-9f59-4696-82c4-48b4955f0600/1/H-trKi-N5jex4YETfk-B1s1ImdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/9b783c-9f59-4696-82c4-48b4955f0600/1/EdGfiLDcG4kCVNuUqbYgRta-eUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.101.96.0/19
Signature Algorithm: sha256WithRSAEncryption
a8:f2:fb:32:3b:07:5f:48:44:90:95:60:00:96:4b:df:0c:b3:
55:5a:a4:a2:16:b1:3d:e4:58:fc:ef:7b:59:88:7e:ab:e9:28:
aa:33:fd:c7:ce:18:2b:07:d6:80:38:c8:30:d8:8f:8d:6f:01:
04:ff:6e:dc:a5:5d:54:e5:39:79:6c:2a:6d:d0:70:70:74:95:
07:71:36:d9:db:71:d7:d2:2e:79:10:01:55:f8:23:a4:86:60:
e3:b8:4c:20:4d:6a:4d:7a:a0:8a:51:43:49:fa:4e:9b:94:41:
77:5e:a7:8e:78:6d:bf:32:66:2b:df:f6:79:17:a0:af:57:e1:
ed:be:71:5a:cb:2f:bd:d1:96:e5:11:06:98:90:fc:5d:26:2b:
01:fd:de:1b:b8:24:ca:01:ca:b1:06:0f:fa:67:d5:f1:ab:6c:
47:5a:27:36:30:c8:bf:db:be:db:9f:5e:ab:2e:56:19:f1:e7:
27:fc:b8:7a:c7:ac:df:1c:39:27:39:2e:cf:cb:fe:55:a1:aa:
b6:c8:8c:00:48:a1:c2:f1:cd:d7:a6:50:ec:6e:2d:15:2d:2f:
ef:9f:8b:53:dc:28:3c:18:f3:3e:3e:f4:95:71:38:41:33:71:
5f:37:6c:3a:93:88:57:52:6e:64:c6:cb:61:99:b9:ab:10:0d:
ac:f9:07:ca
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYM7DTkQ7LrDl72SPX/DspDNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExZDE5Zjg4YjBkYzFiODkwMjU0ZGI5NGE5YjYyMDQ2ZDZi
ZTc5NGIwHhcNMjIwOTE0MDgxMTA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmViNmIyYTJmOGRlNjM3YjFlMTgxMTM3ZTRmODFkNmNkNDg5OWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjo+y5x0HnoOB7stO1NlAf+0r4w2i
Gj8PrAVqqa0tDjeHlIRB0DgNkiLnvDsgd1KWEEcZU0CQI0Il4mRdESudEgZqwSX7
MVcsKR1k0iN0T7vEDVvZlW5B7oLtOucsAX/DmdbbGcYtk8j7yRXiDraIYEksKGv3
l3ZkoIdvj1856g8AQAFfCSUA22XV0q40/cZKsSV0VAESWmyxESeCdogTHrOhZtGg
rKjj3VFOCGd3yg9tBEizmOZik8ESzOEdum/uL66RbCh2nzSYXmmjeX5pLhBl0wVF
C6tM4IZlAj0dwP56Y3vnKt7mV5TPl0SdH697EW3/XD01clergaAg/sJxOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB/rayovjeY3seGBE35PgdbNSJnUMB8GA1UdIwQY
MBaAFBHRn4iw3BuJAlTblKm2IEbWvnlLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWRHZmlMRGNHNGtDVk51VXFiWWdSdGEtZVVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS85Yjc4M2MtOWY1OS00Njk2LTgyYzQt
NDhiNDk1NWYwNjAwLzEvSC10cktpLU41amV4NFlFVGZrLUIxczFJbWRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS85Yjc4M2MtOWY1OS00Njk2LTgyYzQtNDhiNDk1NWYwNjAw
LzEvRWRHZmlMRGNHNGtDVk51VXFiWWdSdGEtZVVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFsGVgMA0G
CSqGSIb3DQEBCwUAA4IBAQCo8vsyOwdfSESQlWAAlkvfDLNVWqSiFrE95Fj873tZ
iH6r6SiqM/3HzhgrB9aAOMgw2I+NbwEE/27cpV1U5Tl5bCpt0HBwdJUHcTbZ23HX
0i55EAFV+COkhmDjuEwgTWpNeqCKUUNJ+k6blEF3XqeOeG2/MmYr3/Z5F6CvV+Ht
vnFayy+90ZblEQaYkPxdJisB/d4buCTKAcqxBg/6Z9Xxq2xHWic2MMi/277bn16r
LlYZ8ecn/Lh6x6zfHDknOS7Py/5Voaq2yIwASKHC8c3XplDsbi0VLS/vn4tT3Cg8
GPM+PvSVcThBM3FfN2w6k4hXUm5kxsthmbmrEA2s+QfK
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:47 2023 by rpki-client on console-fra.rpki-client.org