Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/4d9ca3-aa73-4998-ae63-832db9ebebaf/1/g9bx9ZwexDJQZjbqb_NUvFyHwMM.roa
File: g9bx9ZwexDJQZjbqb_NUvFyHwMM.roa (raw, json)
Hash identifier: QqqWQwtwshi8gp9LkvN9eN7AwYgFUGxJUcdJIH1P3jY=
Subject key identifier: 83:D6:F1:F5:9C:1E:C4:32:50:66:36:EA:6F:F3:54:BC:5C:87:C0:C3
Certificate issuer: /CN=1cc451fbdfaa12efc352a59b007b0a8823b8e65d
Certificate serial: 3819A76B
Authority key identifier: 1C:C4:51:FB:DF:AA:12:EF:C3:52:A5:9B:00:7B:0A:88:23:B8:E6:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HMRR-9-qEu_DUqWbAHsKiCO45l0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/4d9ca3-aa73-4998-ae63-832db9ebebaf/1/g9bx9ZwexDJQZjbqb_NUvFyHwMM.roa
Signing time: Sat 01 Jan 2022 14:05:41 +0000
ROA not before: Sat 01 Jan 2022 14:05:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 13041
IP address blocks: 193.242.98.0/24 maxlen: 24
192.94.163.0/24 maxlen: 24
84.88.0.0/15 maxlen: 18
2001:7f8:2a::/48 maxlen: 48
2001:40b0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 941205355 (0x3819a76b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1cc451fbdfaa12efc352a59b007b0a8823b8e65d
Validity
Not Before: Jan 1 14:05:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=83d6f1f59c1ec432506636ea6ff354bc5c87c0c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:ee:8f:a7:c6:d1:e8:ce:e8:c9:00:98:94:f1:
ff:71:c3:bf:dd:84:91:52:14:88:39:29:45:8f:f6:
e1:9f:5e:e9:7b:04:82:d8:a0:c0:b9:a6:a6:ec:c7:
bf:83:9f:14:87:aa:f8:30:c4:01:64:56:17:c1:2d:
df:5a:67:7a:d6:ea:39:6f:8e:0f:9c:ce:88:f7:67:
b4:a0:f1:d5:d0:3f:11:80:24:93:bc:e1:6e:03:bc:
d4:22:3f:aa:ba:9b:00:a6:0f:c4:f3:77:d4:76:8f:
0d:02:d5:0e:d5:de:b6:19:fa:da:32:fc:53:6a:0e:
96:a3:a2:1e:d3:df:6e:bf:4f:b6:be:43:f2:1b:65:
aa:41:04:40:79:90:7d:6a:50:90:42:94:c2:7b:38:
ad:8a:b8:c3:46:7f:76:eb:b8:55:ab:bc:8a:7e:08:
c6:34:e4:e8:7a:2e:50:da:d0:18:d0:e1:af:d1:d9:
f8:17:6d:98:40:7e:7c:02:e9:c5:c2:d5:a7:32:d5:
6d:78:7a:2b:c8:43:a5:0a:ac:27:c9:95:27:78:53:
61:9c:c2:ba:63:05:c1:e0:6f:24:e1:92:1e:cb:47:
6f:76:2c:ab:fb:94:f9:59:11:a8:c2:5b:f4:f6:06:
7b:6d:24:13:e0:89:db:a3:49:e3:dc:ce:0c:3d:1f:
19:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:D6:F1:F5:9C:1E:C4:32:50:66:36:EA:6F:F3:54:BC:5C:87:C0:C3
X509v3 Authority Key Identifier:
keyid:1C:C4:51:FB:DF:AA:12:EF:C3:52:A5:9B:00:7B:0A:88:23:B8:E6:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HMRR-9-qEu_DUqWbAHsKiCO45l0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/4d9ca3-aa73-4998-ae63-832db9ebebaf/1/g9bx9ZwexDJQZjbqb_NUvFyHwMM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/4d9ca3-aa73-4998-ae63-832db9ebebaf/1/HMRR-9-qEu_DUqWbAHsKiCO45l0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.88.0.0/15
192.94.163.0/24
193.242.98.0/24
IPv6:
2001:7f8:2a::/48
2001:40b0::/32
Signature Algorithm: sha256WithRSAEncryption
3b:46:07:01:c9:d6:ed:7c:11:18:56:a9:92:ae:75:1e:94:63:
4c:35:11:d4:d8:b2:0e:44:5a:23:34:7c:6e:ac:4d:5f:72:d3:
2e:c5:d9:c3:9e:67:3b:87:dd:66:85:9e:17:d8:ad:bd:c2:ca:
0a:99:32:ac:a6:9f:ab:ac:db:d2:4c:59:b1:7f:f7:fe:a4:c2:
78:7b:29:ef:12:87:63:8b:5b:6e:cb:ca:76:d5:f0:87:c2:be:
e4:18:48:25:10:52:43:23:a1:24:85:07:3f:99:4a:9a:71:7d:
94:4c:48:0e:6d:75:e1:84:61:83:16:be:bb:64:9e:6a:83:77:
a1:2a:75:37:fd:fd:53:bd:4a:37:b4:1f:19:da:14:55:9e:b8:
73:cb:a5:80:f2:0f:6c:a9:60:a3:1e:e8:8e:13:23:2a:e2:b4:
76:ac:2f:53:b8:8f:0c:1e:36:fc:2f:f6:78:f0:64:80:82:57:
33:f9:6e:ac:53:84:2f:18:80:e5:78:89:d9:28:88:5b:49:f3:
6c:6c:b3:e1:9a:02:30:3c:c0:46:3f:8d:fa:51:bd:f8:63:18:
7d:5b:03:38:94:1e:9c:0c:c8:75:54:45:ef:72:d7:a8:5d:e7:
4f:c1:fd:7b:65:11:f7:8c:da:74:50:e2:00:0e:2c:2c:29:49:
e9:12:00:34
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIEOBmnazANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
Y2M0NTFmYmRmYWExMmVmYzM1MmE1OWIwMDdiMGE4ODIzYjhlNjVkMB4XDTIyMDEw
MTE0MDU0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODNkNmYxZjU5YzFl
YzQzMjUwNjYzNmVhNmZmMzU0YmM1Yzg3YzBjMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPbuj6fG0ejO6MkAmJTx/3HDv92EkVIUiDkpRY/24Z9e6XsE
gtigwLmmpuzHv4OfFIeq+DDEAWRWF8Et31pnetbqOW+OD5zOiPdntKDx1dA/EYAk
k7zhbgO81CI/qrqbAKYPxPN31HaPDQLVDtXethn62jL8U2oOlqOiHtPfbr9Ptr5D
8htlqkEEQHmQfWpQkEKUwns4rYq4w0Z/duu4Vau8in4IxjTk6HouUNrQGNDhr9HZ
+BdtmEB+fALpxcLVpzLVbXh6K8hDpQqsJ8mVJ3hTYZzCumMFweBvJOGSHstHb3Ys
q/uU+VkRqMJb9PYGe20kE+CJ26NJ49zODD0fGZUCAwEAAaOCAiwwggIoMB0GA1Ud
DgQWBBSD1vH1nB7EMlBmNupv81S8XIfAwzAfBgNVHSMEGDAWgBQcxFH736oS78NS
pZsAewqII7jmXTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hNUlItOS1xRXVfRFVxV2JBSHNLaUNPNDVsMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODYvNGQ5Y2EzLWFhNzMtNDk5OC1hZTYzLTgzMmRiOWViZWJhZi8x
L2c5Yng5WndleERKUVpqYnFiX05VdkZ5SHdNTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODYv
NGQ5Y2EzLWFhNzMtNDk5OC1hZTYzLTgzMmRiOWViZWJhZi8xL0hNUlItOS1xRXVf
RFVxV2JBSHNLaUNPNDVsMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBC
BggrBgEFBQcBBwEB/wQzMDEwFwQCAAEwEQMDAVRYAwQAwF6jAwQAwfJiMBYEAgAC
MBADBwAgAQf4ACoDBQAgAUCwMA0GCSqGSIb3DQEBCwUAA4IBAQA7RgcBydbtfBEY
VqmSrnUelGNMNRHU2LIORFojNHxurE1fctMuxdnDnmc7h91mhZ4X2K29wsoKmTKs
pp+rrNvSTFmxf/f+pMJ4eynvEodji1tuy8p21fCHwr7kGEglEFJDI6EkhQc/mUqa
cX2UTEgObXXhhGGDFr67ZJ5qg3ehKnU3/f1TvUo3tB8Z2hRVnrhzy6WA8g9sqWCj
HuiOEyMq4rR2rC9TuI8MHjb8L/Z48GSAglcz+W6sU4QvGIDleInZKIhbSfNsbLPh
mgIwPMBGP436Ub34Yxh9WwM4lB6cDMh1VEXvcteoXedPwf17ZRH3jNp0UOIADiws
KUnpEgA0
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:54 2023 by rpki-client on console-fra.rpki-client.org