Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/8e4e68-bd2a-4dc2-aae6-a0560ac82ba7/1/Hkj1vC5YUH0warfKEV_D5e9kgbg.roa
File: Hkj1vC5YUH0warfKEV_D5e9kgbg.roa (raw, json)
Hash identifier: C4Bacm8sImzXNLIJ8kte9l+ANampK4iy9Zla2Y5evxw=
Subject key identifier: 1E:48:F5:BC:2E:58:50:7D:30:6A:B7:CA:11:5F:C3:E5:EF:64:81:B8
Certificate issuer: /CN=1c6c48cccce321ec18702957b396381a1f1a0410
Certificate serial: 0183845507FDEB7D130E22CFE67A018F6309
Authority key identifier: 1C:6C:48:CC:CC:E3:21:EC:18:70:29:57:B3:96:38:1A:1F:1A:04:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HGxIzMzjIewYcClXs5Y4Gh8aBBA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/8e4e68-bd2a-4dc2-aae6-a0560ac82ba7/1/Hkj1vC5YUH0warfKEV_D5e9kgbg.roa
Signing time: Wed 28 Sep 2022 13:41:48 +0000
ROA not before: Wed 28 Sep 2022 13:41:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198826
IP address blocks: 185.253.138.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:84:55:07:fd:eb:7d:13:0e:22:cf:e6:7a:01:8f:63:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c6c48cccce321ec18702957b396381a1f1a0410
Validity
Not Before: Sep 28 13:41:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1e48f5bc2e58507d306ab7ca115fc3e5ef6481b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:1a:f1:42:b2:63:46:c2:bb:e0:02:bc:4a:ae:
11:88:fb:91:2b:0e:e6:9f:13:43:36:b9:ad:47:0e:
ee:b6:8e:8e:cd:d2:d6:25:5a:b5:44:ad:0c:0f:e7:
f3:32:fe:f5:9f:fa:64:33:76:bd:eb:6c:87:61:72:
f6:d0:5d:5f:97:ba:6b:ce:8f:a5:0a:38:b5:f2:eb:
7f:fd:7a:30:9b:5f:b3:bb:50:bc:f0:9a:21:3d:c6:
ee:d5:45:22:9b:6d:8b:6a:da:e8:d4:06:1f:23:2f:
df:ba:0e:00:3f:d8:b5:b1:04:9d:34:78:9c:d2:c8:
d9:ec:e3:d9:46:6e:49:53:eb:a9:c0:04:0a:d6:a1:
2d:34:6f:39:6c:c5:7c:4d:82:ad:40:89:0b:37:6a:
91:61:3e:58:5b:35:c9:3c:ad:bb:11:36:06:4d:69:
e7:d5:73:01:92:f0:cc:ce:9a:32:73:03:6f:d3:10:
13:d9:8a:6e:94:59:b3:0e:8c:3d:5a:1d:91:5a:42:
34:a8:29:b2:92:cb:7c:d3:78:bd:15:fa:08:9b:75:
1b:d6:87:42:47:0d:b8:69:fb:19:1b:61:29:a4:da:
3b:8a:7e:87:5b:ea:76:98:30:23:2a:9c:c6:6b:32:
9c:d9:77:e0:91:9d:eb:a9:d4:f3:c1:6f:c5:81:c8:
c8:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:48:F5:BC:2E:58:50:7D:30:6A:B7:CA:11:5F:C3:E5:EF:64:81:B8
X509v3 Authority Key Identifier:
keyid:1C:6C:48:CC:CC:E3:21:EC:18:70:29:57:B3:96:38:1A:1F:1A:04:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HGxIzMzjIewYcClXs5Y4Gh8aBBA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/8e4e68-bd2a-4dc2-aae6-a0560ac82ba7/1/Hkj1vC5YUH0warfKEV_D5e9kgbg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/8e4e68-bd2a-4dc2-aae6-a0560ac82ba7/1/HGxIzMzjIewYcClXs5Y4Gh8aBBA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.253.138.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:bc:09:16:98:d8:a0:44:cf:94:93:72:ca:9d:0a:2c:03:c2:
a9:d1:96:a7:63:f1:77:3c:b1:69:3d:4e:18:25:a1:90:68:f1:
6c:ca:48:bd:21:2d:5a:e7:85:f9:a0:65:86:4b:4c:c6:9b:2f:
87:27:05:83:0f:51:af:26:bc:c9:62:3b:5b:ab:5b:25:b6:53:
c9:0a:e6:2e:95:c3:2a:7b:d2:de:64:f1:96:67:0c:e3:de:b1:
42:90:b5:1a:8c:fd:36:2a:02:12:e5:a3:cb:40:ba:17:52:89:
5b:21:2c:a2:21:84:26:9b:1d:03:b8:8e:8d:42:69:1e:18:17:
5e:d0:11:d3:9f:56:ec:00:71:3e:e2:4b:2c:1e:db:20:6c:44:
a7:7e:49:d3:67:09:85:6f:44:93:e6:68:d2:a6:f0:0f:80:b8:
05:10:99:d3:56:42:7c:f1:14:5b:bd:d8:e2:62:af:6c:54:33:
c2:7d:28:c2:fa:33:0a:4b:27:c2:b8:b2:87:a2:e4:49:c9:6a:
2a:f0:8a:d8:1b:7c:92:68:12:9a:c7:66:01:78:bc:b0:a7:72:
09:52:16:1f:e3:1a:8b:e2:be:a5:d1:55:cf:d5:8a:42:e4:44:
cf:f8:1f:7e:e5:97:a1:c2:da:48:ae:76:12:86:0c:af:ab:0f:
d5:db:fd:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYOEVQf9630TDiLP5noBj2MJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNmM0OGNjY2NlMzIxZWMxODcwMjk1N2IzOTYzODFhMWYx
YTA0MTAwHhcNMjIwOTI4MTM0MTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTQ4ZjViYzJlNTg1MDdkMzA2YWI3Y2ExMTVmYzNlNWVmNjQ4MWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgRrxQrJjRsK74AK8Sq4RiPuRKw7m
nxNDNrmtRw7uto6OzdLWJVq1RK0MD+fzMv71n/pkM3a962yHYXL20F1fl7przo+l
Cji18ut//Xowm1+zu1C88JohPcbu1UUim22Latro1AYfIy/fug4AP9i1sQSdNHic
0sjZ7OPZRm5JU+upwAQK1qEtNG85bMV8TYKtQIkLN2qRYT5YWzXJPK27ETYGTWnn
1XMBkvDMzpoycwNv0xAT2YpulFmzDow9Wh2RWkI0qCmykst803i9FfoIm3Ub1odC
Rw24afsZG2EppNo7in6HW+p2mDAjKpzGazKc2XfgkZ3rqdTzwW/FgcjIDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB5I9bwuWFB9MGq3yhFfw+XvZIG4MB8GA1UdIwQY
MBaAFBxsSMzM4yHsGHApV7OWOBofGgQQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEd4SXpNempJZXdZY0NsWHM1WTRHaDhhQkJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS84ZTRlNjgtYmQyYS00ZGMyLWFhZTYt
YTA1NjBhYzgyYmE3LzEvSGtqMXZDNVlVSDB3YXJmS0VWX0Q1ZTlrZ2JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS84ZTRlNjgtYmQyYS00ZGMyLWFhZTYtYTA1NjBhYzgyYmE3
LzEvSEd4SXpNempJZXdZY0NsWHM1WTRHaDhhQkJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuf2KMA0G
CSqGSIb3DQEBCwUAA4IBAQChvAkWmNigRM+Uk3LKnQosA8Kp0ZanY/F3PLFpPU4Y
JaGQaPFsyki9IS1a54X5oGWGS0zGmy+HJwWDD1GvJrzJYjtbq1sltlPJCuYulcMq
e9LeZPGWZwzj3rFCkLUajP02KgIS5aPLQLoXUolbISyiIYQmmx0DuI6NQmkeGBde
0BHTn1bsAHE+4kssHtsgbESnfknTZwmFb0ST5mjSpvAPgLgFEJnTVkJ88RRbvdji
Yq9sVDPCfSjC+jMKSyfCuLKHouRJyWoq8IrYG3ySaBKax2YBeLywp3IJUhYf4xqL
4r6l0VXP1YpC5ETP+B9+5ZehwtpIrnYShgyvqw/V2/08
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:18 2023 by rpki-client on console-fra.rpki-client.org