Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/091e11-ee0c-49ec-95d7-6dbad31dbc41/1/HXrLm-a2QzTdCtJ3kxAgxKYWn9c.roa
File: HXrLm-a2QzTdCtJ3kxAgxKYWn9c.roa (raw, json)
Hash identifier: 3ZFMIkOr2pz2umL3jGgUkO6FciaGXl5vluzQ1N+iY/g=
Subject key identifier: 1D:7A:CB:9B:E6:B6:43:34:DD:0A:D2:77:93:10:20:C4:A6:16:9F:D7
Certificate issuer: /CN=53f6b36867238aa718be17e6e73ce40a989578a0
Certificate serial: 03A236CB
Authority key identifier: 53:F6:B3:68:67:23:8A:A7:18:BE:17:E6:E7:3C:E4:0A:98:95:78:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U_azaGcjiqcYvhfm5zzkCpiVeKA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/091e11-ee0c-49ec-95d7-6dbad31dbc41/1/HXrLm-a2QzTdCtJ3kxAgxKYWn9c.roa
Signing time: Sat 01 Jan 2022 12:03:14 +0000
ROA not before: Sat 01 Jan 2022 12:03:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31098
IP address blocks: 194.39.140.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60962507 (0x3a236cb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53f6b36867238aa718be17e6e73ce40a989578a0
Validity
Not Before: Jan 1 12:03:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1d7acb9be6b64334dd0ad277931020c4a6169fd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:c7:d6:25:89:df:ab:cb:9f:b5:1a:ef:f1:10:
5f:5c:fb:46:a1:64:7c:7b:4c:4e:50:50:80:db:77:
c8:fe:55:be:cc:12:2a:32:eb:53:ac:d3:32:1d:18:
41:85:91:2a:f3:d1:1b:a7:19:bc:54:9f:b2:4c:34:
d3:19:01:02:45:47:74:96:1a:33:bd:19:47:74:dc:
9e:ce:ff:35:a2:7e:a6:f6:e6:9e:4f:31:07:a4:50:
db:0d:cc:17:9b:37:10:16:96:21:5a:ed:7e:47:3c:
ad:05:ff:67:38:2b:ab:ac:6b:a0:18:36:4b:79:c7:
5b:4d:bc:5c:ac:95:59:d0:eb:74:1d:d1:26:d2:62:
a9:55:d0:52:2e:45:3b:8d:6e:62:1c:05:92:fb:f0:
53:4c:6c:b4:ef:78:c7:d8:f6:a2:b1:82:c2:4d:c0:
d7:c2:57:56:44:78:05:84:65:40:7e:cd:49:7c:db:
8d:5e:be:02:95:11:eb:1f:96:b3:87:1c:a7:97:cf:
3b:0d:5e:b9:5a:d5:9a:b8:4e:74:00:af:11:a4:bf:
36:48:de:71:32:30:e2:7d:2e:a7:a8:74:61:87:c5:
df:a6:ed:1a:91:1c:bd:37:2f:1f:e2:76:1e:0c:11:
cc:f1:8b:40:d8:5b:27:26:c7:dc:57:e9:17:52:e1:
1a:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:7A:CB:9B:E6:B6:43:34:DD:0A:D2:77:93:10:20:C4:A6:16:9F:D7
X509v3 Authority Key Identifier:
keyid:53:F6:B3:68:67:23:8A:A7:18:BE:17:E6:E7:3C:E4:0A:98:95:78:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U_azaGcjiqcYvhfm5zzkCpiVeKA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/091e11-ee0c-49ec-95d7-6dbad31dbc41/1/HXrLm-a2QzTdCtJ3kxAgxKYWn9c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/091e11-ee0c-49ec-95d7-6dbad31dbc41/1/U_azaGcjiqcYvhfm5zzkCpiVeKA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.39.140.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:07:4b:c3:3f:11:2f:c2:0a:99:ef:3c:3d:81:28:5b:3c:21:
9c:3b:b7:b9:5c:79:5a:2b:2e:57:98:1e:ca:cb:1c:4b:89:88:
a1:f4:82:b6:77:39:2a:18:c2:6d:3b:6f:d4:d0:90:c2:89:d2:
80:2d:59:92:2a:56:e2:77:4b:a9:0b:ed:6d:49:81:4d:e8:45:
b0:1f:f5:07:25:f2:ed:13:67:91:6d:82:18:76:44:b5:24:48:
53:32:a4:30:fc:37:ed:3c:64:49:38:0f:03:7b:f9:72:5e:06:
be:a4:42:22:45:a6:52:bc:59:81:06:39:7c:49:3b:fd:fd:db:
a1:94:71:ed:28:e9:0a:97:20:4c:a8:ba:30:93:dd:a3:e1:ff:
c8:42:49:c2:bf:a1:07:d9:d0:01:e1:f9:2f:b9:95:d4:ff:34:
ac:18:e5:6e:d0:48:37:2c:98:c5:44:24:6d:8b:43:33:e5:ba:
c3:57:0e:c0:4b:ac:1e:5f:de:ab:f9:1a:0c:49:66:35:51:58:
ed:4c:d0:64:e3:a3:41:24:ef:f4:16:b4:9b:54:6c:b6:05:e5:
3b:cd:04:46:4f:6c:45:ad:4c:18:f8:9c:92:9a:6d:7d:80:00:
74:5b:a4:20:7f:a6:e4:b4:30:49:6d:e8:cd:51:59:91:b8:50:
8f:0e:05:c2
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA6I2yzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
M2Y2YjM2ODY3MjM4YWE3MThiZTE3ZTZlNzNjZTQwYTk4OTU3OGEwMB4XDTIyMDEw
MTEyMDMxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWQ3YWNiOWJlNmI2
NDMzNGRkMGFkMjc3OTMxMDIwYzRhNjE2OWZkNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO/H1iWJ36vLn7Ua7/EQX1z7RqFkfHtMTlBQgNt3yP5VvswS
KjLrU6zTMh0YQYWRKvPRG6cZvFSfskw00xkBAkVHdJYaM70ZR3Tcns7/NaJ+pvbm
nk8xB6RQ2w3MF5s3EBaWIVrtfkc8rQX/Zzgrq6xroBg2S3nHW028XKyVWdDrdB3R
JtJiqVXQUi5FO41uYhwFkvvwU0xstO94x9j2orGCwk3A18JXVkR4BYRlQH7NSXzb
jV6+ApUR6x+Ws4ccp5fPOw1euVrVmrhOdACvEaS/NkjecTIw4n0up6h0YYfF36bt
GpEcvTcvH+J2HgwRzPGLQNhbJybH3FfpF1LhGusCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQdesub5rZDNN0K0neTECDEphaf1zAfBgNVHSMEGDAWgBRT9rNoZyOKpxi+
F+bnPOQKmJV4oDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VfYXphR2NqaXFjWXZoZm01enprQ3BpVmVLQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWMvMDkxZTExLWVlMGMtNDllYy05NWQ3LTZkYmFkMzFkYmM0MS8x
L0hYckxtLWEyUXpUZEN0SjNreEFneEtZV245Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWMv
MDkxZTExLWVlMGMtNDllYy05NWQ3LTZkYmFkMzFkYmM0MS8xL1VfYXphR2NqaXFj
WXZoZm01enprQ3BpVmVLQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMInjDANBgkqhkiG9w0BAQsFAAOC
AQEAbgdLwz8RL8IKme88PYEoWzwhnDu3uVx5WisuV5geysscS4mIofSCtnc5KhjC
bTtv1NCQwonSgC1ZkipW4ndLqQvtbUmBTehFsB/1ByXy7RNnkW2CGHZEtSRIUzKk
MPw37TxkSTgPA3v5cl4GvqRCIkWmUrxZgQY5fEk7/f3boZRx7SjpCpcgTKi6MJPd
o+H/yEJJwr+hB9nQAeH5L7mV1P80rBjlbtBINyyYxUQkbYtDM+W6w1cOwEusHl/e
q/kaDElmNVFY7UzQZOOjQSTv9Ba0m1RstgXlO80ERk9sRa1MGPickpptfYAAdFuk
IH+m5LQwSW3ozVFZkbhQjw4Fwg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:05 2023 by rpki-client on console-fra.rpki-client.org