Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/22f851-77ee-4d64-a95e-09afb7d6fb16/1/Ht-dGfH5ynPvNv7YfyHqYrJi3Uk.roa
File: Ht-dGfH5ynPvNv7YfyHqYrJi3Uk.roa (raw, json)
Hash identifier: N7pXXF8vEK6KYLswrRe1f0YCjGN6kC0CXbnfJ/hFkDU=
Subject key identifier: 1E:DF:9D:19:F1:F9:CA:73:EF:36:FE:D8:7F:21:EA:62:B2:62:DD:49
Certificate issuer: /CN=f341cfec38131f83ae3df6998fa02837585c91dd
Certificate serial: 01857246A87A020B83039DCA9AD23B59E3DD
Authority key identifier: F3:41:CF:EC:38:13:1F:83:AE:3D:F6:99:8F:A0:28:37:58:5C:91:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/80HP7DgTH4OuPfaZj6AoN1hckd0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/22f851-77ee-4d64-a95e-09afb7d6fb16/1/Ht-dGfH5ynPvNv7YfyHqYrJi3Uk.roa
Signing time: Mon 02 Jan 2023 11:38:31 +0000
ROA not before: Mon 02 Jan 2023 11:38:31 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205530
IP address blocks: 91.214.252.0/24 maxlen: 32
91.214.254.0/24 maxlen: 24
91.214.255.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:a8:7a:02:0b:83:03:9d:ca:9a:d2:3b:59:e3:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f341cfec38131f83ae3df6998fa02837585c91dd
Validity
Not Before: Jan 2 11:38:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1edf9d19f1f9ca73ef36fed87f21ea62b262dd49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:ce:0b:cd:0e:c8:02:20:10:79:ca:b9:29:8a:
86:83:27:f3:68:1e:e0:68:62:8c:23:a6:a6:c2:40:
d6:af:65:b3:cb:84:c4:fd:cd:b5:af:54:b0:d3:ee:
df:46:da:8e:18:c6:78:f7:97:3f:30:1c:ba:7d:75:
a0:15:cd:cc:26:17:15:ec:a5:f8:a9:a3:bb:a1:49:
a1:2b:9d:e5:c4:25:f9:cb:2c:a6:e7:b1:9e:c2:bd:
5d:d2:09:f2:da:d8:61:2e:a4:4d:ed:5a:17:98:08:
ec:eb:11:7c:8e:91:e0:28:bd:94:38:98:2c:68:72:
1d:5f:0c:c8:11:4e:50:cd:b0:37:3e:a2:4a:0a:d5:
d7:02:44:5a:ae:9d:a0:be:e4:93:9f:db:4c:11:46:
3b:f7:82:f2:f7:10:ab:67:12:3a:82:18:5f:7f:04:
fe:2f:0b:77:29:17:a2:bd:ed:d0:77:00:13:6c:1e:
55:12:80:9f:ee:d1:95:02:8b:ac:51:e6:c4:4f:30:
10:15:52:94:02:b7:80:ce:75:21:95:5b:11:d9:59:
38:71:5b:6b:7c:15:77:77:93:fd:9c:76:51:41:af:
bc:4a:52:6c:f4:14:9e:39:ff:9d:56:d0:ca:b5:71:
db:c2:90:9f:39:b3:06:cd:2b:c2:b3:86:48:49:10:
2a:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:DF:9D:19:F1:F9:CA:73:EF:36:FE:D8:7F:21:EA:62:B2:62:DD:49
X509v3 Authority Key Identifier:
keyid:F3:41:CF:EC:38:13:1F:83:AE:3D:F6:99:8F:A0:28:37:58:5C:91:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/80HP7DgTH4OuPfaZj6AoN1hckd0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/22f851-77ee-4d64-a95e-09afb7d6fb16/1/Ht-dGfH5ynPvNv7YfyHqYrJi3Uk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/22f851-77ee-4d64-a95e-09afb7d6fb16/1/80HP7DgTH4OuPfaZj6AoN1hckd0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.214.252.0/24
91.214.254.0/23
Signature Algorithm: sha256WithRSAEncryption
a5:89:9b:f5:7a:1b:f4:8f:cc:50:e5:d8:29:bd:b1:81:bd:94:
2e:13:a6:f8:d1:cb:40:e0:d1:a1:6e:42:91:d8:ba:70:68:65:
42:58:7e:b4:2f:6f:33:23:5f:8a:ae:f1:3c:c4:78:43:d8:f7:
fe:02:42:c9:63:5e:35:e3:6b:b8:8e:00:4c:46:3d:0d:16:84:
3f:f3:c0:5d:7a:04:21:03:07:5e:17:41:1f:5a:35:36:1c:84:
21:c0:03:1a:71:ce:3a:b2:ec:c7:cc:4e:f3:6c:92:de:87:58:
55:e2:cd:bf:dd:89:cd:6e:b2:63:b7:56:cb:e6:b0:fb:53:73:
56:7d:3c:27:ea:31:0b:bb:42:76:20:7a:c0:48:a9:43:a9:c1:
02:24:f9:78:0a:42:40:08:e1:92:90:c0:0f:09:a1:4d:b3:44:
c8:a6:51:b5:ca:b8:31:e9:26:ee:60:02:e1:01:40:1e:f2:b5:
e4:0c:02:46:7f:87:60:be:33:07:c5:4a:a5:5e:ea:b8:b5:8f:
60:cb:6b:f2:5c:e3:46:e0:fc:74:24:49:ce:42:cc:45:8d:32:
52:ff:22:7a:ed:c0:94:c4:c2:57:ef:6f:3d:ec:84:4a:6a:36:
b1:a6:71:6b:39:ff:20:34:cc:b3:14:4c:fa:90:8d:20:d2:75:
85:e4:76:57
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyRqh6AguDA53KmtI7WePdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzNDFjZmVjMzgxMzFmODNhZTNkZjY5OThmYTAyODM3NTg1
YzkxZGQwHhcNMjMwMTAyMTEzODMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWRmOWQxOWYxZjljYTczZWYzNmZlZDg3ZjIxZWE2MmIyNjJkZDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3s4LzQ7IAiAQecq5KYqGgyfzaB7g
aGKMI6amwkDWr2Wzy4TE/c21r1Sw0+7fRtqOGMZ495c/MBy6fXWgFc3MJhcV7KX4
qaO7oUmhK53lxCX5yyym57Gewr1d0gny2thhLqRN7VoXmAjs6xF8jpHgKL2UOJgs
aHIdXwzIEU5QzbA3PqJKCtXXAkRarp2gvuSTn9tMEUY794Ly9xCrZxI6ghhffwT+
Lwt3KReive3QdwATbB5VEoCf7tGVAousUebETzAQFVKUAreAznUhlVsR2Vk4cVtr
fBV3d5P9nHZRQa+8SlJs9BSeOf+dVtDKtXHbwpCfObMGzSvCs4ZISRAqTQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB7fnRnx+cpz7zb+2H8h6mKyYt1JMB8GA1UdIwQY
MBaAFPNBz+w4Ex+Drj32mY+gKDdYXJHdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODBIUDdEZ1RINE91UGZhWmo2QW9OMWhja2QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8yMmY4NTEtNzdlZS00ZDY0LWE5NWUt
MDlhZmI3ZDZmYjE2LzEvSHQtZEdmSDV5blB2TnY3WWZ5SHFZckppM1VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi8yMmY4NTEtNzdlZS00ZDY0LWE5NWUtMDlhZmI3ZDZmYjE2
LzEvODBIUDdEZ1RINE91UGZhWmo2QW9OMWhja2QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9b8AwQB
W9b+MA0GCSqGSIb3DQEBCwUAA4IBAQCliZv1ehv0j8xQ5dgpvbGBvZQuE6b40ctA
4NGhbkKR2LpwaGVCWH60L28zI1+KrvE8xHhD2Pf+AkLJY14142u4jgBMRj0NFoQ/
88BdegQhAwdeF0EfWjU2HIQhwAMacc46suzHzE7zbJLeh1hV4s2/3YnNbrJjt1bL
5rD7U3NWfTwn6jELu0J2IHrASKlDqcECJPl4CkJACOGSkMAPCaFNs0TIplG1yrgx
6SbuYALhAUAe8rXkDAJGf4dgvjMHxUqlXuq4tY9gy2vyXONG4Px0JEnOQsxFjTJS
/yJ67cCUxMJX72897IRKajaxpnFrOf8gNMyzFEz6kI0g0nWF5HZX
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:35 2025 by rpki-client