Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/2ac8a2-f1cc-4f85-90c9-4ebec011a288/1/HLf_sEpGVGxh-e6c2Ol-5jo5fLs.roa
File: HLf_sEpGVGxh-e6c2Ol-5jo5fLs.roa (raw, json)
Hash identifier: itRIucqHDNsQSWG5uckm80qmthzwVLGy5ZBQwgADZqE=
Subject key identifier: 1C:B7:FF:B0:4A:46:54:6C:61:F9:EE:9C:D8:E9:7E:E6:3A:39:7C:BB
Certificate issuer: /CN=fb11bd5c444c239c198776f360e0f100c9b5d802
Certificate serial: 9EC9B9
Authority key identifier: FB:11:BD:5C:44:4C:23:9C:19:87:76:F3:60:E0:F1:00:C9:B5:D8:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-xG9XERMI5wZh3bzYODxAMm12AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/2ac8a2-f1cc-4f85-90c9-4ebec011a288/1/HLf_sEpGVGxh-e6c2Ol-5jo5fLs.roa
Signing time: Sat 01 Jan 2022 01:53:48 +0000
ROA not before: Sat 01 Jan 2022 01:53:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 176.97.211.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10406329 (0x9ec9b9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb11bd5c444c239c198776f360e0f100c9b5d802
Validity
Not Before: Jan 1 01:53:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1cb7ffb04a46546c61f9ee9cd8e97ee63a397cbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:26:78:89:e6:c0:9b:97:a9:18:ef:f1:ce:59:
da:f6:d5:4a:ff:aa:8f:e2:f7:b3:8d:5f:53:f6:0d:
7b:e4:cd:f5:d3:69:32:5a:1c:75:a2:eb:cd:43:95:
42:ac:68:e3:e4:ec:76:74:fe:88:c3:0d:bd:a3:58:
d6:eb:48:99:4a:f8:82:0c:51:7d:34:c0:6e:c0:63:
49:ac:60:e3:6d:2a:02:d7:07:ab:4b:e4:6a:5d:64:
9e:62:a9:7d:74:9e:79:41:57:92:6b:14:78:8d:02:
b2:4a:4a:8f:55:97:a8:31:bd:26:6c:73:00:14:d8:
8c:31:24:c0:62:d9:ed:ac:2a:80:df:83:96:01:93:
91:be:87:81:4c:3e:47:08:7f:a5:46:8b:e2:3b:94:
82:23:76:1c:be:86:15:54:60:1a:5e:f5:59:ef:64:
8f:cc:ef:71:1f:fb:96:04:44:99:df:80:a2:cd:54:
3a:bd:d9:7c:25:2c:bd:30:28:0a:c6:05:68:c5:b1:
b8:80:fc:0f:af:a8:74:fb:f8:f5:f4:34:e9:b6:85:
4c:13:7a:8f:d9:2d:ee:fe:eb:6e:19:8a:6d:9e:25:
44:a8:d3:61:df:2c:7f:e3:e7:06:c0:8d:d7:66:b3:
a8:2a:17:a7:47:70:4b:f4:96:27:2c:5d:50:1e:98:
19:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:B7:FF:B0:4A:46:54:6C:61:F9:EE:9C:D8:E9:7E:E6:3A:39:7C:BB
X509v3 Authority Key Identifier:
keyid:FB:11:BD:5C:44:4C:23:9C:19:87:76:F3:60:E0:F1:00:C9:B5:D8:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-xG9XERMI5wZh3bzYODxAMm12AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/2ac8a2-f1cc-4f85-90c9-4ebec011a288/1/HLf_sEpGVGxh-e6c2Ol-5jo5fLs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/2ac8a2-f1cc-4f85-90c9-4ebec011a288/1/1-xG9XERMI5wZh3bzYODxAMm12AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.97.211.0/24
Signature Algorithm: sha256WithRSAEncryption
87:f7:f9:33:b9:09:df:2c:8a:7a:c3:50:43:f2:6a:e8:5d:91:
44:46:b0:a9:f0:6e:4d:46:d0:5b:9b:af:11:f6:fb:db:c4:11:
0d:20:bb:f4:f2:4d:37:f6:f6:1f:22:ea:26:59:fb:eb:e8:91:
ec:08:7d:6b:ec:c0:96:4e:24:42:cc:0e:01:63:3f:d0:c7:3d:
f4:9f:63:69:a5:91:f5:01:0f:ef:43:6e:87:b5:d1:76:3d:94:
11:0a:20:1b:c0:44:ef:c4:0d:db:90:d8:87:df:70:cc:43:13:
4c:c5:d1:1c:60:b7:b1:27:29:08:38:40:b6:65:73:46:d0:99:
8e:ab:f6:05:53:05:3c:a4:07:b9:63:e3:bd:c7:a9:4b:fc:ad:
c4:c7:3d:15:a0:73:71:0d:42:86:a0:b0:88:90:e5:88:9a:4d:
31:3d:af:a2:ca:7b:93:7c:08:6f:27:91:a8:fd:51:85:4b:4c:
6e:fa:ad:19:90:32:52:10:89:8c:28:32:71:6b:e7:91:d3:c3:
ca:a8:41:7b:bc:d0:7c:59:82:2e:77:1f:68:6a:6c:f9:86:79:
fd:4a:99:22:a5:53:fb:da:4b:66:ad:a2:40:01:66:09:c2:f5:
76:31:c2:f4:d1:6f:98:07:4f:71:82:ee:24:98:96:0d:ed:e3:
70:c1:72:68
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEAJ7JuTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YjExYmQ1YzQ0NGMyMzljMTk4Nzc2ZjM2MGUwZjEwMGM5YjVkODAyMB4XDTIyMDEw
MTAxNTM0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWNiN2ZmYjA0YTQ2
NTQ2YzYxZjllZTljZDhlOTdlZTYzYTM5N2NiYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL0meInmwJuXqRjv8c5Z2vbVSv+qj+L3s41fU/YNe+TN9dNp
MlocdaLrzUOVQqxo4+TsdnT+iMMNvaNY1utImUr4ggxRfTTAbsBjSaxg420qAtcH
q0vkal1knmKpfXSeeUFXkmsUeI0CskpKj1WXqDG9JmxzABTYjDEkwGLZ7awqgN+D
lgGTkb6HgUw+Rwh/pUaL4juUgiN2HL6GFVRgGl71We9kj8zvcR/7lgREmd+Aos1U
Or3ZfCUsvTAoCsYFaMWxuID8D6+odPv49fQ06baFTBN6j9kt7v7rbhmKbZ4lRKjT
Yd8sf+PnBsCN12azqCoXp0dwS/SWJyxdUB6YGVECAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBQct/+wSkZUbGH57pzY6X7mOjl8uzAfBgNVHSMEGDAWgBT7Eb1cREwjnBmH
dvNg4PEAybXYAjAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEteEc5WEVSTUk1d1poM2J6WU9EeEFNbTEyQUkuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL2IzLzJhYzhhMi1mMWNjLTRmODUtOTBjOS00ZWJlYzAxMWEyODgv
MS9ITGZfc0VwR1ZHeGgtZTZjMk9sLTVqbzVmTHMucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Iz
LzJhYzhhMi1mMWNjLTRmODUtOTBjOS00ZWJlYzAxMWEyODgvMS8xLXhHOVhFUk1J
NXdaaDNiellPRHhBTW0xMkFJLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsGHTMA0GCSqGSIb3DQEBCwUA
A4IBAQCH9/kzuQnfLIp6w1BD8mroXZFERrCp8G5NRtBbm68R9vvbxBENILv08k03
9vYfIuomWfvr6JHsCH1r7MCWTiRCzA4BYz/Qxz30n2NppZH1AQ/vQ26HtdF2PZQR
CiAbwETvxA3bkNiH33DMQxNMxdEcYLexJykIOEC2ZXNG0JmOq/YFUwU8pAe5Y+O9
x6lL/K3Exz0VoHNxDUKGoLCIkOWImk0xPa+iynuTfAhvJ5Go/VGFS0xu+q0ZkDJS
EImMKDJxa+eR08PKqEF7vNB8WYIudx9oamz5hnn9SpkipVP72ktmraJAAWYJwvV2
McL00W+YB09xgu4kmJYN7eNwwXJo
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:30 2023 by rpki-client on console-fra.rpki-client.org