Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/766e12-9a09-4553-8f62-2294cdda6a40/1/HH59cTuERqIcyX7LN_dNKgUC5qI.roa
File: HH59cTuERqIcyX7LN_dNKgUC5qI.roa (raw, json)
Hash identifier: GmFQDY9iCv1LsfMOYJn9gN5u2K3EIEbpkmEj4iLVnmE=
Subject key identifier: 1C:7E:7D:71:3B:84:46:A2:1C:C9:7E:CB:37:F7:4D:2A:05:02:E6:A2
Certificate issuer: /CN=7153b0294d3c8db15306ab109d506da74ae70979
Certificate serial: 154742B1
Authority key identifier: 71:53:B0:29:4D:3C:8D:B1:53:06:AB:10:9D:50:6D:A7:4A:E7:09:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cVOwKU08jbFTBqsQnVBtp0rnCXk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/766e12-9a09-4553-8f62-2294cdda6a40/1/HH59cTuERqIcyX7LN_dNKgUC5qI.roa
Signing time: Sat 01 Jan 2022 16:02:38 +0000
ROA not before: Sat 01 Jan 2022 16:02:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5470
IP address blocks: 155.207.0.0/16 maxlen: 16
192.104.147.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 356991665 (0x154742b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7153b0294d3c8db15306ab109d506da74ae70979
Validity
Not Before: Jan 1 16:02:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1c7e7d713b8446a21cc97ecb37f74d2a0502e6a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:67:3a:16:61:23:e0:97:ae:57:35:af:61:4e:
e4:40:2e:80:a2:35:7a:a6:ae:6a:65:95:3b:8e:de:
4b:94:77:43:19:b2:b6:c6:82:b4:63:ba:2d:3d:03:
6d:16:ff:51:5a:41:11:97:9c:bb:18:87:4b:c0:7b:
b5:81:99:35:f8:e7:cf:1c:21:8f:5f:7c:31:a9:b1:
8d:9b:cd:28:be:a3:ef:e8:5b:97:45:9e:d3:47:bd:
49:6e:4f:7c:97:7b:99:97:47:47:e8:ca:f4:9b:7f:
cd:f9:9e:21:0c:85:d8:f9:37:2b:f2:cc:6d:23:dd:
41:15:0b:ec:5f:a8:1d:18:90:66:ea:fd:20:86:12:
c7:7b:fd:14:37:f0:cc:51:fc:21:4e:07:d6:42:95:
12:38:f6:00:24:7e:1f:25:37:cf:06:50:3d:08:88:
dc:53:79:13:0e:af:20:2c:01:3f:3a:fc:78:d0:62:
42:a6:cc:a5:04:6f:a2:f7:12:b9:5e:0e:33:c3:de:
2a:d8:38:fb:45:9b:d2:21:f6:8d:7b:05:e3:27:e5:
7c:d0:0d:34:a7:d3:a0:7f:f3:5c:dd:4b:46:45:a4:
f5:18:36:f1:1f:f8:0b:d8:24:a6:93:c6:0a:df:81:
32:61:88:3f:3e:a4:53:6d:3e:79:7e:66:fb:ea:68:
3c:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:7E:7D:71:3B:84:46:A2:1C:C9:7E:CB:37:F7:4D:2A:05:02:E6:A2
X509v3 Authority Key Identifier:
keyid:71:53:B0:29:4D:3C:8D:B1:53:06:AB:10:9D:50:6D:A7:4A:E7:09:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cVOwKU08jbFTBqsQnVBtp0rnCXk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/766e12-9a09-4553-8f62-2294cdda6a40/1/HH59cTuERqIcyX7LN_dNKgUC5qI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/766e12-9a09-4553-8f62-2294cdda6a40/1/cVOwKU08jbFTBqsQnVBtp0rnCXk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.207.0.0/16
192.104.147.0/24
Signature Algorithm: sha256WithRSAEncryption
36:da:f3:7b:57:3f:03:3a:04:1e:f7:57:be:5d:dc:4f:89:33:
88:82:82:7d:63:da:98:d2:85:f8:cd:b6:78:d9:25:1e:80:8f:
72:13:a4:12:a0:d3:d8:ae:d3:59:08:9b:ad:e8:c9:12:19:c8:
b6:e6:b0:7a:56:6b:05:2a:ba:86:ff:a6:a9:f8:31:3a:42:f3:
e1:6b:69:2e:59:02:98:73:e9:86:10:10:63:60:bc:f2:95:b6:
cf:c0:62:74:74:6e:05:60:81:b7:0f:04:22:32:ae:4e:50:ea:
c0:66:ba:1a:0d:69:a2:df:52:ee:2c:46:20:51:09:38:bc:f9:
96:1d:25:80:15:6c:3f:85:41:73:09:94:c7:0d:f3:81:44:74:
0a:c4:78:35:e7:31:da:29:1e:d9:b5:46:b1:5e:ff:4a:51:97:
fd:1a:2b:7b:63:92:cc:d0:5c:9f:91:b2:9d:ad:07:c1:b9:59:
4c:4b:19:81:63:b1:d4:f2:7b:27:a0:44:f0:77:7b:b7:e8:13:
9c:d5:12:38:33:72:75:e4:8f:97:46:35:0b:0f:85:a9:0e:ee:
2e:b4:05:f4:fe:87:b7:43:a6:cb:53:a9:38:6c:2a:05:2f:3c:
5d:fb:44:59:3b:d0:d5:5f:2c:71:64:cd:7e:c7:70:c4:61:dc:
c9:c3:97:dc
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIEFUdCsTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MTUzYjAyOTRkM2M4ZGIxNTMwNmFiMTA5ZDUwNmRhNzRhZTcwOTc5MB4XDTIyMDEw
MTE2MDIzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWM3ZTdkNzEzYjg0
NDZhMjFjYzk3ZWNiMzdmNzRkMmEwNTAyZTZhMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMdnOhZhI+CXrlc1r2FO5EAugKI1eqauamWVO47eS5R3Qxmy
tsaCtGO6LT0DbRb/UVpBEZecuxiHS8B7tYGZNfjnzxwhj198MamxjZvNKL6j7+hb
l0We00e9SW5PfJd7mZdHR+jK9Jt/zfmeIQyF2Pk3K/LMbSPdQRUL7F+oHRiQZur9
IIYSx3v9FDfwzFH8IU4H1kKVEjj2ACR+HyU3zwZQPQiI3FN5Ew6vICwBPzr8eNBi
QqbMpQRvovcSuV4OM8PeKtg4+0Wb0iH2jXsF4yflfNANNKfToH/zXN1LRkWk9Rg2
8R/4C9gkppPGCt+BMmGIPz6kU20+eX5m++poPL0CAwEAAaOCAg4wggIKMB0GA1Ud
DgQWBBQcfn1xO4RGohzJfss3900qBQLmojAfBgNVHSMEGDAWgBRxU7ApTTyNsVMG
qxCdUG2nSucJeTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NWT3dLVTA4amJGVEJxc1FuVkJ0cDBybkNYay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWYvNzY2ZTEyLTlhMDktNDU1My04ZjYyLTIyOTRjZGRhNmE0MC8x
L0hINTljVHVFUnFJY3lYN0xOX2ROS2dVQzVxSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWYv
NzY2ZTEyLTlhMDktNDU1My04ZjYyLTIyOTRjZGRhNmE0MC8xL2NWT3dLVTA4amJG
VEJxc1FuVkJ0cDBybkNYay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAk
BggrBgEFBQcBBwEB/wQVMBMwEQQCAAEwCwMDAJvPAwQAwGiTMA0GCSqGSIb3DQEB
CwUAA4IBAQA22vN7Vz8DOgQe91e+XdxPiTOIgoJ9Y9qY0oX4zbZ42SUegI9yE6QS
oNPYrtNZCJut6MkSGci25rB6VmsFKrqG/6ap+DE6QvPha2kuWQKYc+mGEBBjYLzy
lbbPwGJ0dG4FYIG3DwQiMq5OUOrAZroaDWmi31LuLEYgUQk4vPmWHSWAFWw/hUFz
CZTHDfOBRHQKxHg15zHaKR7ZtUaxXv9KUZf9Git7Y5LM0FyfkbKdrQfBuVlMSxmB
Y7HU8nsnoETwd3u36BOc1RI4M3J15I+XRjULD4WpDu4utAX0/oe3Q6bLU6k4bCoF
Lzxd+0RZO9DVXyxxZM1+x3DEYdzJw5fc
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:13 2023 by rpki-client on console-fra.rpki-client.org