Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/HYvTU98WYJSjGb2lDRl6KTlIBxU.roa
File: HYvTU98WYJSjGb2lDRl6KTlIBxU.roa (raw, json)
Hash identifier: 8fqB7bzG7t2euxS1dZpRuuJUDhVimZ+bgEomQ0JVxa8=
Subject key identifier: 1D:8B:D3:53:DF:16:60:94:A3:19:BD:A5:0D:19:7A:29:39:48:07:15
Certificate issuer: /CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Certificate serial: 01821A64B5AED1B273D86ADC39A4E45C39A9
Authority key identifier: 87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/HYvTU98WYJSjGb2lDRl6KTlIBxU.roa
Signing time: Wed 20 Jul 2022 06:56:23 +0000
ROA not before: Wed 20 Jul 2022 06:56:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8562
IP address blocks: 193.154.144.0/20 maxlen: 20
2001:890:c000::/34 maxlen: 34
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:1a:64:b5:ae:d1:b2:73:d8:6a:dc:39:a4:e4:5c:39:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Validity
Not Before: Jul 20 06:56:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1d8bd353df166094a319bda50d197a2939480715
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:78:c1:60:31:62:ab:06:fe:92:aa:86:f2:cf:
63:5d:67:e9:3e:01:0a:96:92:56:1c:0a:ea:b5:53:
d7:db:55:8f:77:b2:60:e0:51:e5:e0:64:cc:f3:48:
b8:62:33:dc:9b:8d:34:38:4e:f4:78:57:82:da:76:
d9:d6:c2:7d:5b:2f:d4:b8:64:15:ba:66:08:c9:59:
0c:98:8c:f7:16:df:fe:cf:a0:fc:d0:dd:e7:ce:91:
17:63:e9:85:bc:bb:96:8a:cd:6d:95:0e:7f:a8:5a:
a3:2e:8b:ec:fc:c3:99:46:3a:59:0a:23:97:db:5c:
ac:bc:f8:9c:bc:23:70:71:cb:b0:48:b7:b5:e3:40:
d7:ee:07:35:56:7f:32:33:2e:4e:57:b8:c7:d2:20:
4f:d9:fa:54:da:08:42:e4:a5:3a:b9:78:74:e1:03:
f0:29:8b:f6:10:11:50:91:49:59:10:28:1a:bb:e5:
de:44:da:4c:cc:6c:a1:61:a5:ee:d3:91:6c:20:a0:
99:72:0e:52:8d:f2:bc:0a:50:0d:b2:c5:a4:25:86:
c7:81:be:81:10:12:e9:f3:bc:df:93:70:9f:1f:26:
54:05:21:89:a9:ec:d8:8b:bc:48:9f:0a:8c:9e:78:
9b:72:8b:3c:68:d0:b8:6c:13:9a:1c:36:4a:f9:4d:
48:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:8B:D3:53:DF:16:60:94:A3:19:BD:A5:0D:19:7A:29:39:48:07:15
X509v3 Authority Key Identifier:
keyid:87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/HYvTU98WYJSjGb2lDRl6KTlIBxU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.154.144.0/20
IPv6:
2001:890:c000::/34
Signature Algorithm: sha256WithRSAEncryption
6d:ab:de:73:03:d4:16:51:74:a6:6b:74:3c:19:8a:19:78:07:
7b:96:8e:b6:7b:24:df:dc:28:b2:b4:33:55:e1:c8:19:63:04:
68:77:1b:fc:8a:57:ca:1f:9c:3c:1c:5d:dd:41:b9:44:59:bc:
f9:a0:3b:a2:ea:16:84:c2:89:75:ae:2e:7b:94:01:98:d9:4a:
55:63:1a:14:cf:95:3b:e4:24:98:ba:14:22:64:a6:51:4f:ba:
c1:71:f8:6f:d4:74:32:4b:86:fa:35:69:2a:76:c1:11:1b:b8:
e7:ad:79:eb:ac:06:f4:88:8a:48:9d:23:2e:0d:b5:5d:99:6d:
a6:51:c1:3b:26:c9:d7:42:21:07:dc:ba:c8:8f:d5:5e:bc:8b:
2a:6f:c3:13:82:dc:4b:df:c1:10:e7:b9:ed:33:cf:60:2e:19:
99:32:cd:d1:f8:6a:ca:cd:29:2c:4b:46:ff:4f:c3:55:a5:0f:
50:f4:e2:38:c5:1f:af:9b:e7:0b:b0:d7:82:a9:5a:22:ad:09:
0e:24:32:90:7d:d8:6f:5a:5e:11:50:6f:2c:93:c7:88:24:6e:
40:42:b6:48:62:b0:1d:67:79:f3:2d:96:18:4e:b6:68:87:a9:
a2:7f:02:29:a1:a5:b6:bc:2a:7b:26:e7:3c:b8:12:50:96:14:
e1:ce:63:e7
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYIaZLWu0bJz2GrcOaTkXDmpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MGM1ODlhNGYyMmE5Y2EyZmY5OWI0YzQ4ZjhiZGY0OTI4
NzE3MjUwHhcNMjIwNzIwMDY1NjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDhiZDM1M2RmMTY2MDk0YTMxOWJkYTUwZDE5N2EyOTM5NDgwNzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnjBYDFiqwb+kqqG8s9jXWfpPgEK
lpJWHArqtVPX21WPd7Jg4FHl4GTM80i4YjPcm400OE70eFeC2nbZ1sJ9Wy/UuGQV
umYIyVkMmIz3Ft/+z6D80N3nzpEXY+mFvLuWis1tlQ5/qFqjLovs/MOZRjpZCiOX
21ysvPicvCNwccuwSLe140DX7gc1Vn8yMy5OV7jH0iBP2fpU2ghC5KU6uXh04QPw
KYv2EBFQkUlZECgau+XeRNpMzGyhYaXu05FsIKCZcg5SjfK8ClANssWkJYbHgb6B
EBLp87zfk3CfHyZUBSGJqezYi7xInwqMnnibcos8aNC4bBOaHDZK+U1IhQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFB2L01PfFmCUoxm9pQ0Zeik5SAcVMB8GA1UdIwQY
MBaAFIcMWJpPIqnKL/mbTEj4vfSShxclMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWIt
ODQ5ZDNhNmI5YzJkLzEvSFl2VFU5OFdZSlNqR2IybERSbDZLVGxJQnhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWItODQ5ZDNhNmI5YzJk
LzEvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQEwZqQMA4E
AgACMAgDBgYgAQiQwDANBgkqhkiG9w0BAQsFAAOCAQEAbavecwPUFlF0pmt0PBmK
GXgHe5aOtnsk39wosrQzVeHIGWMEaHcb/IpXyh+cPBxd3UG5RFm8+aA7ouoWhMKJ
da4ue5QBmNlKVWMaFM+VO+QkmLoUImSmUU+6wXH4b9R0MkuG+jVpKnbBERu45615
66wG9IiKSJ0jLg21XZltplHBOybJ10IhB9y6yI/VXryLKm/DE4LcS9/BEOe57TPP
YC4ZmTLN0fhqys0pLEtG/0/DVaUPUPTiOMUfr5vnC7DXgqlaIq0JDiQykH3Yb1pe
EVBvLJPHiCRuQEK2SGKwHWd58y2WGE62aIepon8CKaGltrwqeybnPLgSUJYU4c5j
5w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:16 2024 by rpki-client on console-ams.rpki-client.org