Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/b207d1-8b7b-4e27-8370-a796501e77a1/1/H-hhTV1l-k1Wg9BTF7yljm-OzYA.roa
File: H-hhTV1l-k1Wg9BTF7yljm-OzYA.roa (raw, json)
Hash identifier: Q1Bk8r9u837lyOqUxHnP+12/s76cPoT4bsA4RskgkwQ=
Subject key identifier: 1F:E8:61:4D:5D:65:FA:4D:56:83:D0:53:17:BC:A5:8E:6F:8E:CD:80
Certificate issuer: /CN=d2fa2a70003880d7561612a3c0a12602ce3541a4
Certificate serial: 0831BDCE
Authority key identifier: D2:FA:2A:70:00:38:80:D7:56:16:12:A3:C0:A1:26:02:CE:35:41:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0voqcAA4gNdWFhKjwKEmAs41QaQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/b207d1-8b7b-4e27-8370-a796501e77a1/1/H-hhTV1l-k1Wg9BTF7yljm-OzYA.roa
Signing time: Sat 01 Jan 2022 13:03:46 +0000
ROA not before: Sat 01 Jan 2022 13:03:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51088
IP address blocks: 46.235.40.0/21 maxlen: 21
83.150.232.0/22 maxlen: 22
2a00:d640::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 137477582 (0x831bdce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2fa2a70003880d7561612a3c0a12602ce3541a4
Validity
Not Before: Jan 1 13:03:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1fe8614d5d65fa4d5683d05317bca58e6f8ecd80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:81:3c:7d:dd:9e:d8:f2:d8:34:5e:57:e5:40:
35:28:77:94:88:a5:ac:3f:25:94:25:4c:6c:d0:cb:
8f:89:48:64:5c:b6:51:f7:4b:72:be:b2:5f:1c:d8:
11:82:73:87:b9:34:f9:6d:e1:a1:9d:d0:7d:d2:2c:
db:85:0b:15:cd:1f:54:d6:59:87:66:bf:74:56:af:
3c:6e:ff:d8:d2:5b:2c:e7:14:b1:7b:ba:2c:2d:b5:
32:33:b8:3d:56:8e:3f:92:ea:17:00:e1:58:91:d9:
22:f8:ad:8e:a6:38:6c:51:fa:0f:e5:85:5f:ce:cf:
8a:8c:51:dc:a6:d5:7c:23:a5:98:56:03:13:fd:25:
7c:f8:5c:a3:b8:44:77:8e:01:e0:d0:79:a9:eb:95:
3f:82:e0:2c:c5:e6:bc:20:2f:fa:ef:de:b3:df:1a:
6a:5a:2d:12:1e:8d:c1:4f:e0:65:c7:65:c3:a1:5c:
36:dc:f1:21:01:22:c0:44:11:59:c6:68:aa:0a:74:
a4:9c:55:b5:2d:e8:a3:5e:81:7c:e5:db:f6:91:f3:
cc:eb:7e:e2:60:aa:04:41:e1:9c:56:1d:11:c3:23:
0a:32:8f:76:b3:5a:dc:81:d4:37:f6:d8:8f:f4:30:
42:e6:fd:d7:40:23:ed:62:13:a1:7c:02:bd:9b:8a:
07:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:E8:61:4D:5D:65:FA:4D:56:83:D0:53:17:BC:A5:8E:6F:8E:CD:80
X509v3 Authority Key Identifier:
keyid:D2:FA:2A:70:00:38:80:D7:56:16:12:A3:C0:A1:26:02:CE:35:41:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0voqcAA4gNdWFhKjwKEmAs41QaQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/b207d1-8b7b-4e27-8370-a796501e77a1/1/H-hhTV1l-k1Wg9BTF7yljm-OzYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/b207d1-8b7b-4e27-8370-a796501e77a1/1/0voqcAA4gNdWFhKjwKEmAs41QaQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.40.0/21
83.150.232.0/22
IPv6:
2a00:d640::/32
Signature Algorithm: sha256WithRSAEncryption
a5:11:33:94:cf:1c:f6:d5:85:49:6a:56:97:af:96:f2:b9:fe:
eb:63:de:4f:44:38:78:ff:ad:1c:8b:bd:86:6a:9e:74:9a:a3:
8c:8c:ee:9c:1f:3a:54:b1:65:8a:2d:ae:fc:20:12:fa:c9:b9:
de:21:6c:34:bc:52:97:75:a6:fd:f6:22:69:35:7b:d0:5d:e4:
90:91:63:07:9e:fa:1e:9a:83:1f:8f:e3:c3:55:cc:ba:76:19:
00:55:db:b5:82:38:9c:de:58:99:43:43:2f:d1:46:30:37:3c:
03:65:22:04:f1:a6:47:d3:e7:ff:7c:58:61:ed:d6:dc:86:4a:
31:43:df:eb:17:cb:c0:e8:2a:37:5d:a1:73:ae:76:e8:0c:e3:
53:e7:04:5b:6b:de:87:bc:f0:ec:8a:56:32:1f:ee:ab:e1:2a:
84:3d:49:c6:c1:68:5e:2c:84:bd:a1:03:f0:35:b9:a6:2b:b0:
bd:26:69:1e:d1:2e:21:a1:82:9e:06:c1:d4:79:a4:d0:8a:b7:
4b:8d:62:0d:b4:7e:c4:83:05:b6:04:e9:91:e3:86:da:80:c7:
32:8c:a0:17:28:a1:d0:8f:e3:5b:9e:ac:1a:d5:34:bf:78:aa:
63:22:cd:06:b8:74:03:66:31:0c:96:b3:71:dc:64:6d:79:a0:
57:3f:a1:c6
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIECDG9zjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MmZhMmE3MDAwMzg4MGQ3NTYxNjEyYTNjMGExMjYwMmNlMzU0MWE0MB4XDTIyMDEw
MTEzMDM0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWZlODYxNGQ1ZDY1
ZmE0ZDU2ODNkMDUzMTdiY2E1OGU2ZjhlY2Q4MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN2BPH3dntjy2DReV+VANSh3lIilrD8llCVMbNDLj4lIZFy2
UfdLcr6yXxzYEYJzh7k0+W3hoZ3QfdIs24ULFc0fVNZZh2a/dFavPG7/2NJbLOcU
sXu6LC21MjO4PVaOP5LqFwDhWJHZIvitjqY4bFH6D+WFX87PioxR3KbVfCOlmFYD
E/0lfPhco7hEd44B4NB5qeuVP4LgLMXmvCAv+u/es98aalotEh6NwU/gZcdlw6Fc
NtzxIQEiwEQRWcZoqgp0pJxVtS3oo16BfOXb9pHzzOt+4mCqBEHhnFYdEcMjCjKP
drNa3IHUN/bYj/QwQub910Aj7WIToXwCvZuKBwUCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQf6GFNXWX6TVaD0FMXvKWOb47NgDAfBgNVHSMEGDAWgBTS+ipwADiA11YW
EqPAoSYCzjVBpDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzB2b3FjQUE0Z05kV0ZoS2p3S0VtQXM0MVFhUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTkvYjIwN2QxLThiN2ItNGUyNy04MzcwLWE3OTY1MDFlNzdhMS8x
L0gtaGhUVjFsLWsxV2c5QlRGN3lsam0tT3pZQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTkv
YjIwN2QxLThiN2ItNGUyNy04MzcwLWE3OTY1MDFlNzdhMS8xLzB2b3FjQUE0Z05k
V0ZoS2p3S0VtQXM0MVFhUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAy7rKAMEAlOW6DANBAIAAjAHAwUA
KgDWQDANBgkqhkiG9w0BAQsFAAOCAQEApREzlM8c9tWFSWpWl6+W8rn+62PeT0Q4
eP+tHIu9hmqedJqjjIzunB86VLFlii2u/CAS+sm53iFsNLxSl3Wm/fYiaTV70F3k
kJFjB576HpqDH4/jw1XMunYZAFXbtYI4nN5YmUNDL9FGMDc8A2UiBPGmR9Pn/3xY
Ye3W3IZKMUPf6xfLwOgqN12hc6526AzjU+cEW2veh7zw7IpWMh/uq+EqhD1JxsFo
XiyEvaED8DW5piuwvSZpHtEuIaGCngbB1Hmk0Iq3S41iDbR+xIMFtgTpkeOG2oDH
MoygFyih0I/jW56sGtU0v3iqYyLNBrh0A2YxDJazcdxkbXmgVz+hxg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:02 2025 by rpki-client