Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/db0b0e-97f1-48bd-ac2b-7e89f41b266b/1/HgHcnYLG_lCx7oBsyVPLY3NbbsI.roa
File: HgHcnYLG_lCx7oBsyVPLY3NbbsI.roa (raw, json)
Hash identifier: Px9H3VIYSGhovvnavRE/u9bkeRYn4LsxI0E9UkGpULI=
Subject key identifier: 1E:01:DC:9D:82:C6:FE:50:B1:EE:80:6C:C9:53:CB:63:73:5B:6E:C2
Certificate issuer: /CN=aa00ca862956f19d4dc95468aa616f9b167d9b39
Certificate serial: 018630216C883BE6AD7700B715965E130D14
Authority key identifier: AA:00:CA:86:29:56:F1:9D:4D:C9:54:68:AA:61:6F:9B:16:7D:9B:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qgDKhilW8Z1NyVRoqmFvmxZ9mzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/db0b0e-97f1-48bd-ac2b-7e89f41b266b/1/HgHcnYLG_lCx7oBsyVPLY3NbbsI.roa
Signing time: Wed 08 Feb 2023 08:25:42 +0000
ROA not before: Wed 08 Feb 2023 08:25:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48012
IP address blocks: 91.208.234.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:30:21:6c:88:3b:e6:ad:77:00:b7:15:96:5e:13:0d:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa00ca862956f19d4dc95468aa616f9b167d9b39
Validity
Not Before: Feb 8 08:25:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e01dc9d82c6fe50b1ee806cc953cb63735b6ec2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:23:cd:a7:54:f0:7f:be:ad:c8:fe:26:7b:f1:
d8:3c:36:fc:27:27:71:94:66:64:c2:7b:c8:e8:82:
a8:33:17:f3:93:5c:47:b1:48:30:d0:4e:ac:fc:cf:
3e:51:7c:f2:af:9e:9e:95:f0:ec:b7:4c:ab:77:60:
db:8f:df:da:cc:d2:22:98:92:a8:53:3c:b6:a4:4a:
5a:fd:2d:da:ef:aa:63:33:12:1c:e5:09:40:fc:b5:
bc:8a:8d:8c:8a:79:4d:82:00:bc:5e:76:37:97:49:
8d:0c:2b:f4:dc:c0:68:7d:c5:2d:51:a5:cf:9e:56:
32:e9:c3:90:1e:b4:2d:a1:51:81:86:de:6d:60:e9:
9c:b2:6c:d3:3f:65:5f:5c:d6:e4:80:89:76:f5:2e:
1c:63:0a:e6:cb:73:eb:1a:ba:99:16:98:05:8f:72:
f3:b4:5b:09:c6:be:af:3f:af:4d:e7:0b:ac:bf:70:
62:e4:2b:c1:cc:77:d7:ad:a1:a6:fd:17:35:7f:b2:
7e:db:16:04:e9:74:f6:21:3f:18:5f:e5:a0:bb:55:
24:f3:03:2f:4e:bd:a0:74:82:32:ad:af:8a:03:df:
99:fd:24:ae:6f:81:e3:68:de:cf:7c:e3:e4:ae:45:
1e:2b:5f:17:7c:e2:2c:b3:d8:82:1d:5b:51:3b:04:
a0:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:01:DC:9D:82:C6:FE:50:B1:EE:80:6C:C9:53:CB:63:73:5B:6E:C2
X509v3 Authority Key Identifier:
keyid:AA:00:CA:86:29:56:F1:9D:4D:C9:54:68:AA:61:6F:9B:16:7D:9B:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qgDKhilW8Z1NyVRoqmFvmxZ9mzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/db0b0e-97f1-48bd-ac2b-7e89f41b266b/1/HgHcnYLG_lCx7oBsyVPLY3NbbsI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/db0b0e-97f1-48bd-ac2b-7e89f41b266b/1/qgDKhilW8Z1NyVRoqmFvmxZ9mzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.234.0/24
Signature Algorithm: sha256WithRSAEncryption
63:46:64:2f:d3:2c:e2:bb:29:4d:c5:6d:a1:6a:1c:bb:6d:2d:
a4:ff:57:7d:4e:68:e1:c6:ab:04:d2:5a:35:bc:3e:35:a3:6f:
50:53:a5:16:ef:88:73:21:25:0b:b7:83:f4:bf:d2:a0:0a:a8:
7b:aa:d2:81:09:a3:e5:6a:89:21:b9:52:24:23:e1:04:e2:eb:
ab:36:3c:95:1a:67:79:25:d1:40:8d:c2:fd:6f:ef:4e:b6:01:
7f:61:08:66:02:d6:1d:db:33:c6:37:9b:9d:62:8e:84:06:8e:
f2:4f:13:7d:7e:4c:db:fd:20:a0:f1:42:60:50:c1:20:0e:58:
e3:e1:51:b6:11:d6:69:bd:cf:3c:a8:ab:76:f2:e6:42:78:20:
a7:53:3b:ce:e0:ac:d3:8c:3f:97:01:9b:5f:bf:ac:1d:1d:0a:
c8:cd:1d:2f:9c:63:19:f0:6b:5a:94:24:83:e9:ae:7e:d4:b0:
92:ae:5f:dc:f8:cb:b1:49:94:a6:02:2e:91:9b:b6:40:ca:dc:
92:c9:2f:2b:e6:cf:91:90:8b:c6:28:0f:d3:5d:b3:a1:9c:08:
c8:aa:dc:f5:c0:47:89:c7:b5:9f:96:db:e0:72:99:7a:b1:b7:
3e:1e:ea:52:6a:bf:51:9a:4b:04:81:be:e9:54:e7:c7:6a:24:
74:f3:46:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYwIWyIO+atdwC3FZZeEw0UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMDBjYTg2Mjk1NmYxOWQ0ZGM5NTQ2OGFhNjE2ZjliMTY3
ZDliMzkwHhcNMjMwMjA4MDgyNTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTAxZGM5ZDgyYzZmZTUwYjFlZTgwNmNjOTUzY2I2MzczNWI2ZWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjSPNp1Twf76tyP4me/HYPDb8Jydx
lGZkwnvI6IKoMxfzk1xHsUgw0E6s/M8+UXzyr56elfDst0yrd2Dbj9/azNIimJKo
Uzy2pEpa/S3a76pjMxIc5QlA/LW8io2MinlNggC8XnY3l0mNDCv03MBofcUtUaXP
nlYy6cOQHrQtoVGBht5tYOmcsmzTP2VfXNbkgIl29S4cYwrmy3PrGrqZFpgFj3Lz
tFsJxr6vP69N5wusv3Bi5CvBzHfXraGm/Rc1f7J+2xYE6XT2IT8YX+Wgu1Uk8wMv
Tr2gdIIyra+KA9+Z/SSub4HjaN7PfOPkrkUeK18XfOIss9iCHVtROwSgcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB4B3J2Cxv5Qse6AbMlTy2NzW27CMB8GA1UdIwQY
MBaAFKoAyoYpVvGdTclUaKphb5sWfZs5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWdES2hpbFc4WjFOeVZSb3FtRnZteFo5bXprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9kYjBiMGUtOTdmMS00OGJkLWFjMmIt
N2U4OWY0MWIyNjZiLzEvSGdIY25ZTEdfbEN4N29Cc3lWUExZM05iYnNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9kYjBiMGUtOTdmMS00OGJkLWFjMmItN2U4OWY0MWIyNjZi
LzEvcWdES2hpbFc4WjFOeVZSb3FtRnZteFo5bXprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9DqMA0G
CSqGSIb3DQEBCwUAA4IBAQBjRmQv0yziuylNxW2hahy7bS2k/1d9TmjhxqsE0lo1
vD41o29QU6UW74hzISULt4P0v9KgCqh7qtKBCaPlaokhuVIkI+EE4uurNjyVGmd5
JdFAjcL9b+9OtgF/YQhmAtYd2zPGN5udYo6EBo7yTxN9fkzb/SCg8UJgUMEgDljj
4VG2EdZpvc88qKt28uZCeCCnUzvO4KzTjD+XAZtfv6wdHQrIzR0vnGMZ8GtalCSD
6a5+1LCSrl/c+MuxSZSmAi6Rm7ZAytySyS8r5s+RkIvGKA/TXbOhnAjIqtz1wEeJ
x7Wfltvgcpl6sbc+HupSar9RmksEgb7pVOfHaiR080bJ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:02 2025 by rpki-client