Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/fc2815-d293-40af-bf3c-1c8afd19fdbb/1/HaAdABSG-89_YcUc44A5tpr3H0U.roa
File: HaAdABSG-89_YcUc44A5tpr3H0U.roa (raw, json)
Hash identifier: 3jJq5v/XWEI4XTc+gRR6rwjcmzJL518BJ+COawLLom4=
Subject key identifier: 1D:A0:1D:00:14:86:FB:CF:7F:61:C5:1C:E3:80:39:B6:9A:F7:1F:45
Certificate issuer: /CN=c6c58ed1af964a7668e44397619ee1985a2491c5
Certificate serial: 01856FCB9D4B6F89D61300C8A5B33821BF14
Authority key identifier: C6:C5:8E:D1:AF:96:4A:76:68:E4:43:97:61:9E:E1:98:5A:24:91:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xsWO0a-WSnZo5EOXYZ7hmFokkcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/fc2815-d293-40af-bf3c-1c8afd19fdbb/1/HaAdABSG-89_YcUc44A5tpr3H0U.roa
Signing time: Mon 02 Jan 2023 00:04:53 +0000
ROA not before: Mon 02 Jan 2023 00:04:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42864
IP address blocks: 185.198.168.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:9d:4b:6f:89:d6:13:00:c8:a5:b3:38:21:bf:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6c58ed1af964a7668e44397619ee1985a2491c5
Validity
Not Before: Jan 2 00:04:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1da01d001486fbcf7f61c51ce38039b69af71f45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:29:8b:4e:6d:d3:82:a3:90:91:e3:f2:9d:63:
6d:97:a3:3f:de:62:2e:ed:34:74:8f:4f:db:0b:80:
fe:25:93:0f:7c:55:c2:6e:3f:b9:f8:7b:15:8a:8d:
58:b7:a0:7f:07:1f:cb:c2:00:70:dd:62:c4:d5:60:
0b:ea:a5:2f:f3:62:ec:82:79:02:75:38:c3:3e:0c:
98:27:e1:d9:1f:ed:b7:29:16:be:7e:f8:14:f6:5c:
b7:12:68:ee:64:73:82:37:de:e6:b8:83:68:c5:3d:
20:e4:d9:8d:fc:ed:ae:6b:77:dc:41:d4:a5:85:ab:
88:0d:c7:64:0a:cb:46:15:a2:5f:8c:60:a6:46:a5:
7a:90:d7:ec:45:0d:b9:e9:1b:83:8c:93:57:fe:70:
50:18:16:b0:16:75:7f:c0:60:07:6a:32:5c:87:c2:
8c:79:d3:e4:86:da:c9:ac:5e:34:54:43:78:0e:c5:
7d:60:d1:f2:2d:c7:59:ed:77:45:81:11:77:28:9c:
59:36:e9:2c:18:5a:3f:d3:65:ff:7e:8e:fa:bd:56:
2d:97:8e:fe:66:25:b4:d3:2f:52:9c:22:42:ff:a5:
e5:dc:60:ec:b4:a9:06:b5:b6:4d:33:25:3c:12:75:
c8:cf:6f:b5:6f:20:8c:3b:63:f3:cf:47:1a:60:e4:
af:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:A0:1D:00:14:86:FB:CF:7F:61:C5:1C:E3:80:39:B6:9A:F7:1F:45
X509v3 Authority Key Identifier:
keyid:C6:C5:8E:D1:AF:96:4A:76:68:E4:43:97:61:9E:E1:98:5A:24:91:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xsWO0a-WSnZo5EOXYZ7hmFokkcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/fc2815-d293-40af-bf3c-1c8afd19fdbb/1/HaAdABSG-89_YcUc44A5tpr3H0U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/fc2815-d293-40af-bf3c-1c8afd19fdbb/1/xsWO0a-WSnZo5EOXYZ7hmFokkcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.198.168.0/22
Signature Algorithm: sha256WithRSAEncryption
12:66:6b:d0:e4:d2:2b:41:ec:99:b5:7c:a1:22:4a:00:e4:73:
55:7e:fd:7b:07:4f:71:16:fb:44:8f:71:d0:22:b2:fb:48:62:
82:8c:ea:e9:0c:63:43:04:37:c1:c5:36:73:8e:da:5b:4b:65:
fd:49:19:e1:4e:27:79:10:c8:36:d5:48:a7:86:49:66:f8:3d:
43:aa:70:b6:30:ad:4d:7f:ff:5c:85:3f:cc:ae:58:ec:29:a5:
8d:23:00:da:0a:d1:11:19:ab:31:f0:52:3a:ff:9b:29:82:06:
5f:67:3d:f1:51:7a:fc:c9:47:74:c1:ab:ef:06:c3:de:26:8b:
f4:82:b5:1d:7d:58:96:e6:2a:2a:ac:96:d3:ec:3e:f0:68:02:
ae:10:90:7d:f8:f4:4a:fe:3c:3f:32:ea:ef:f2:19:95:24:8e:
7e:ec:67:77:ff:ef:d6:02:10:8e:5b:15:42:1c:dd:77:d2:2e:
d9:3a:e2:99:40:17:78:8d:26:53:1d:df:ec:70:8e:3a:53:37:
cf:fa:3c:13:fb:01:aa:82:3f:ea:9d:e8:eb:94:d5:9a:6c:40:
6e:90:17:b3:bd:1f:b1:f6:9e:3a:7e:4c:76:b7:b3:20:b0:3c:
a2:ea:8d:c2:db:b6:68:00:30:e2:6f:05:3a:c0:11:e8:a7:a8:
1c:ae:8f:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvy51Lb4nWEwDIpbM4Ib8UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YzU4ZWQxYWY5NjRhNzY2OGU0NDM5NzYxOWVlMTk4NWEy
NDkxYzUwHhcNMjMwMTAyMDAwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGEwMWQwMDE0ODZmYmNmN2Y2MWM1MWNlMzgwMzliNjlhZjcxZjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlSmLTm3TgqOQkePynWNtl6M/3mIu
7TR0j0/bC4D+JZMPfFXCbj+5+HsVio1Yt6B/Bx/LwgBw3WLE1WAL6qUv82LsgnkC
dTjDPgyYJ+HZH+23KRa+fvgU9ly3EmjuZHOCN97muINoxT0g5NmN/O2ua3fcQdSl
hauIDcdkCstGFaJfjGCmRqV6kNfsRQ256RuDjJNX/nBQGBawFnV/wGAHajJch8KM
edPkhtrJrF40VEN4DsV9YNHyLcdZ7XdFgRF3KJxZNuksGFo/02X/fo76vVYtl47+
ZiW00y9SnCJC/6Xl3GDstKkGtbZNMyU8EnXIz2+1byCMO2Pzz0caYOSviwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB2gHQAUhvvPf2HFHOOAObaa9x9FMB8GA1UdIwQY
MBaAFMbFjtGvlkp2aORDl2Ge4ZhaJJHFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHNXTzBhLVdTblpvNUVPWFlaN2htRm9ra2NVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9mYzI4MTUtZDI5My00MGFmLWJmM2Mt
MWM4YWZkMTlmZGJiLzEvSGFBZEFCU0ctODlfWWNVYzQ0QTV0cHIzSDBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9mYzI4MTUtZDI5My00MGFmLWJmM2MtMWM4YWZkMTlmZGJi
LzEveHNXTzBhLVdTblpvNUVPWFlaN2htRm9ra2NVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucaoMA0G
CSqGSIb3DQEBCwUAA4IBAQASZmvQ5NIrQeyZtXyhIkoA5HNVfv17B09xFvtEj3HQ
IrL7SGKCjOrpDGNDBDfBxTZzjtpbS2X9SRnhTid5EMg21Uinhklm+D1DqnC2MK1N
f/9chT/MrljsKaWNIwDaCtERGasx8FI6/5spggZfZz3xUXr8yUd0wavvBsPeJov0
grUdfViW5ioqrJbT7D7waAKuEJB9+PRK/jw/Murv8hmVJI5+7Gd3/+/WAhCOWxVC
HN130i7ZOuKZQBd4jSZTHd/scI46UzfP+jwT+wGqgj/qnejrlNWabEBukBezvR+x
9p46fkx2t7MgsDyi6o3C27ZoADDibwU6wBHop6gcro/G
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:46 2025 by rpki-client