Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/hLJIN90GYbyMTTSoFbu6i9V_Qbc.roa
File: hLJIN90GYbyMTTSoFbu6i9V_Qbc.roa (raw, json)
Hash identifier: JIRu/b159/DMKClM8nCPOri9pfvIlP9hOajpvA/Npqo=
Subject key identifier: 84:B2:48:37:DD:06:61:BC:8C:4D:34:A8:15:BB:BA:8B:D5:7F:41:B7
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 018445F1DF11752977C8B537B49354816B54
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/hLJIN90GYbyMTTSoFbu6i9V_Qbc.roa
Signing time: Sat 05 Nov 2022 03:59:49 +0000
ROA not before: Sat 05 Nov 2022 03:59:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206499
IP address blocks: 194.36.26.0/24 maxlen: 24
45.14.68.0/24 maxlen: 32
45.14.69.0/24 maxlen: 24
193.177.223.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:45:f1:df:11:75:29:77:c8:b5:37:b4:93:54:81:6b:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Nov 5 03:59:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=84b24837dd0661bc8c4d34a815bbba8bd57f41b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:b5:8e:87:0c:ec:e7:c2:a4:6d:ce:e8:49:06:
a5:49:c4:65:cb:cf:49:dc:8b:48:3a:31:bf:b8:d0:
6d:a4:63:24:5a:17:97:a1:e1:75:34:18:61:9e:f7:
56:1a:21:bc:97:55:0a:ac:22:78:e5:0d:3d:07:b9:
73:ec:c2:b4:d9:fd:b1:5c:cc:4d:ee:6b:bf:45:5a:
64:8a:7d:ff:5f:8b:9c:0f:17:84:48:51:14:b6:4d:
46:c5:66:4d:ed:99:87:5f:b9:1c:18:0e:d2:1b:75:
24:3d:78:17:11:e3:f1:e9:a6:3f:4a:fe:53:28:d3:
26:c3:c6:0e:df:6f:74:50:c0:44:85:6b:8d:f7:8e:
95:aa:31:04:a4:4e:b4:e8:54:32:99:52:6f:48:3f:
81:55:32:ed:04:7d:57:52:f6:a4:26:88:b9:b3:04:
23:f5:50:f8:72:87:37:ea:71:be:a4:ff:f1:c6:f7:
da:dc:6e:c1:8a:23:27:27:70:63:b9:55:f5:62:24:
f7:e6:9a:45:11:42:41:60:4f:41:2e:b1:96:ce:f4:
1b:7f:c8:66:72:fe:91:08:07:87:17:01:93:ad:f8:
94:f9:8f:28:5b:a7:a9:8f:7b:1b:09:27:b0:75:20:
cb:90:f9:bc:a8:9a:c4:ba:64:c1:c9:17:ef:ad:59:
0b:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:B2:48:37:DD:06:61:BC:8C:4D:34:A8:15:BB:BA:8B:D5:7F:41:B7
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/hLJIN90GYbyMTTSoFbu6i9V_Qbc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.68.0/23
193.177.223.0/24
194.36.26.0/24
Signature Algorithm: sha256WithRSAEncryption
01:ac:f6:5b:94:49:c8:6f:bf:2d:12:4a:a9:af:dc:c4:3d:cd:
50:54:30:7a:72:1c:d7:6b:13:d5:05:67:b3:ec:7f:e2:eb:38:
72:d5:2b:30:b8:8a:b0:7e:26:ce:17:e9:0a:fd:bd:fe:9d:45:
79:c8:62:2a:83:b7:cf:f9:3a:0a:e9:ff:4d:c4:6f:56:74:74:
ba:3b:89:d8:f0:da:5e:58:41:a1:64:af:1e:a6:1e:a4:f4:c9:
45:d8:0c:b7:d1:3f:b2:e0:ca:fa:80:53:3b:e6:a1:66:bf:69:
a4:86:47:83:25:bb:b1:cd:e3:e5:f9:19:f7:51:94:b3:05:36:
f2:ae:59:f9:f8:7a:5d:74:20:d5:72:41:40:a0:87:bb:a7:2d:
f9:1b:9a:e5:0d:a5:fc:e0:0d:c0:ea:d8:33:96:59:a5:79:95:
ba:b4:47:b5:fd:e8:aa:f3:52:e7:94:30:72:2d:6b:1f:48:7d:
5e:bc:e8:f3:d2:f9:88:6b:16:cf:13:3d:18:7c:03:5e:49:b1:
62:b3:86:1d:51:68:c2:17:8d:02:01:5e:d4:f3:b2:41:ea:1d:
52:eb:99:58:17:55:c9:cc:c7:a8:bc:45:2f:5c:85:3d:97:fe:
21:74:43:32:42:c8:41:d7:5c:cc:04:9a:13:f8:c5:05:ac:a4:
6c:5d:a5:88
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYRF8d8RdSl3yLU3tJNUgWtUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjIxMTA1MDM1OTQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGIyNDgzN2RkMDY2MWJjOGM0ZDM0YTgxNWJiYmE4YmQ1N2Y0MWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlrWOhwzs58Kkbc7oSQalScRly89J
3ItIOjG/uNBtpGMkWheXoeF1NBhhnvdWGiG8l1UKrCJ45Q09B7lz7MK02f2xXMxN
7mu/RVpkin3/X4ucDxeESFEUtk1GxWZN7ZmHX7kcGA7SG3UkPXgXEePx6aY/Sv5T
KNMmw8YO3290UMBEhWuN946VqjEEpE606FQymVJvSD+BVTLtBH1XUvakJoi5swQj
9VD4coc36nG+pP/xxvfa3G7BiiMnJ3BjuVX1YiT35ppFEUJBYE9BLrGWzvQbf8hm
cv6RCAeHFwGTrfiU+Y8oW6epj3sbCSewdSDLkPm8qJrEumTByRfvrVkLmQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFISySDfdBmG8jE00qBW7uovVf0G3MB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvaExKSU45MEdZYnlNVFRTb0ZidTZpOVZfUWJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLQ5EAwQA
wbHfAwQAwiQaMA0GCSqGSIb3DQEBCwUAA4IBAQABrPZblEnIb78tEkqpr9zEPc1Q
VDB6chzXaxPVBWez7H/i6zhy1SswuIqwfibOF+kK/b3+nUV5yGIqg7fP+ToK6f9N
xG9WdHS6O4nY8NpeWEGhZK8eph6k9MlF2Ay30T+y4Mr6gFM75qFmv2mkhkeDJbux
zePl+Rn3UZSzBTbyrln5+HpddCDVckFAoIe7py35G5rlDaX84A3A6tgzllmleZW6
tEe1/eiq81LnlDByLWsfSH1evOjz0vmIaxbPEz0YfANeSbFis4YdUWjCF40CAV7U
87JB6h1S65lYF1XJzMeovEUvXIU9l/4hdEMyQshB11zMBJoT+MUFrKRsXaWI
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:36 2023 by rpki-client on console-ams.rpki-client.org